summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Support podman image trust commandQi Wang2018-12-19
| | | | | | Display the trust policy of the host system. The trust policy is stored in the /etc/containers/policy.json file and defines a scope of registries or repositories. Signed-off-by: Qi Wang <qiwan@redhat.com>
* Show image only once with images -qTomSweeneyRedHat2018-12-17
| | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Cirrus: Migrate PAPR testing of F28 to CirrusChris Evich2018-12-14
| | | | | | | | | | | Since the most recent TWO versions of Fedora are officially supported upstream, both need to be tested. Implement the concept of a 'prior' Fedora release in both base-image and cache-image production. Utilize the produced cache-image to test libpod. Remove F28 testing from PAPR. Much thanks to @baude @giuseppe for help with this. Signed-off-by: Chris Evich <cevich@redhat.com>
* Skip checkpoint tests on Fedora <30Chris Evich2018-12-14
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1988 from mheon/use_dependency_resolvOpenShift Merge Robot2018-12-13
|\ | | | | Containers sharing a netns should share resolv/hosts
| * Add test for sharing resolv and hosts with netnsMatthew Heon2018-12-12
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #1989 from baude/deletecontainerfailstartOpenShift Merge Robot2018-12-13
|\ \ | | | | | | failed containers with --rm should remove themselves
| * | failed containers with --rm should remove themselvesbaude2018-12-12
| |/ | | | | | | | | | | | | | | | | | | when starting or running a container that has --rm, if the starting container fails (like due to an invalid command), the container should get removed. Resolves: #1985 Signed-off-by: baude <bbaude@redhat.com>
* / e2e: add tests for systemdEmilien Macchi2018-12-12
|/ | | | | | | | | | | | | Add functional tests to start a container from systemd. This patch will: - create a systemd unit file to start redis container - create the container with `podman create` - enable the service - start the container with systemd - check that the service is actually running Signed-off-by: Emilien Macchi <emilien@redhat.com>
* Merge pull request #1975 from giuseppe/fix-rootless-restartOpenShift Merge Robot2018-12-11
|\ | | | | rootless: fix restart when using fuse-overlayfs
| * rootless: fix restart when using fuse-overlayfsGiuseppe Scrivano2018-12-11
| | | | | | | | | | | | | | | | | | | | With rootless containers we cannot really restart an existing container as we would need to join the mount namespace as well to be able to reuse the storage, so ensure the container is stopped first. Closes: https://github.com/containers/libpod/issues/1965 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Update for API changeMiloslav Trmač2018-12-08
|/ | | | Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Merge pull request #1928 from baude/podtokubeOpenShift Merge Robot2018-12-07
|\ | | | | generate kube
| * generate kubebaude2018-12-04
| | | | | | | | | | | | | | add the ability to generate kubernetes pod and service yaml representations of libpod containers and pods. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #1904 from umohnani8/volumeOpenShift Merge Robot2018-12-06
|\ \ | | | | | | Add "podman volume" command
| * | Tests for podman volume commandsUrvashi Mohnani2018-12-06
| | | | | | | | | | | | Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | Add ability to prune containers and imagesbaude2018-12-05
|/ / | | | | | | | | | | | | | | | | | | | | Allow user to prune unused/unnamed images, the layer images from building, via podman rmi --prune. Allow user to prune stopped/exiuted containers via podman rm --prune. This should resolve #1910 Signed-off-by: baude <bbaude@redhat.com>
* | test for rmi with childrenbaude2018-12-04
| | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #1920 from wking/explicit-hooks-dirsOpenShift Merge Robot2018-12-04
|\ \ | | | | | | libpod/container_internal: Deprecate implicit hook directories
| * | libpod/container_internal: Deprecate implicit hook directoriesW. Trevor King2018-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Part of the motivation for 800eb863 (Hooks supports two directories, process default and override, 2018-09-17, #1487) was [1]: > We only use this for override. The reason this was caught is people > are trying to get hooks to work with CoreOS. You are not allowed to > write to /usr/share... on CoreOS, so they wanted podman to also look > at /etc, where users and third parties can write. But we'd also been disabling hooks completely for rootless users. And even for root users, the override logic was tricky when folks actually had content in both directories. For example, if you wanted to disable a hook from the default directory, you'd have to add a no-op hook to the override directory. Also, the previous implementation failed to handle the case where there hooks defined in the override directory but the default directory did not exist: $ podman version Version: 0.11.2-dev Go Version: go1.10.3 Git Commit: "6df7409cb5a41c710164c42ed35e33b28f3f7214" Built: Sun Dec 2 21:30:06 2018 OS/Arch: linux/amd64 $ ls -l /etc/containers/oci/hooks.d/test.json -rw-r--r--. 1 root root 184 Dec 2 16:27 /etc/containers/oci/hooks.d/test.json $ podman --log-level=debug run --rm docker.io/library/alpine echo 'successful container' 2>&1 | grep -i hook time="2018-12-02T21:31:19-08:00" level=debug msg="reading hooks from /usr/share/containers/oci/hooks.d" time="2018-12-02T21:31:19-08:00" level=warning msg="failed to load hooks: {}%!(EXTRA *os.PathError=open /usr/share/containers/oci/hooks.d: no such file or directory)" With this commit: $ podman --log-level=debug run --rm docker.io/library/alpine echo 'successful container' 2>&1 | grep -i hook time="2018-12-02T21:33:07-08:00" level=debug msg="reading hooks from /usr/share/containers/oci/hooks.d" time="2018-12-02T21:33:07-08:00" level=debug msg="reading hooks from /etc/containers/oci/hooks.d" time="2018-12-02T21:33:07-08:00" level=debug msg="added hook /etc/containers/oci/hooks.d/test.json" time="2018-12-02T21:33:07-08:00" level=debug msg="hook test.json matched; adding to stages [prestart]" time="2018-12-02T21:33:07-08:00" level=warning msg="implicit hook directories are deprecated; set --hooks-dir="/etc/containers/oci/hooks.d" explicitly to continue to load hooks from this directory" time="2018-12-02T21:33:07-08:00" level=error msg="container create failed: container_linux.go:336: starting container process caused "process_linux.go:399: container init caused \"process_linux.go:382: running prestart hook 0 caused \\\"error running hook: exit status 1, stdout: , stderr: oh, noes!\\\\n\\\"\"" (I'd setup the hook to error out). You can see that it's silenly ignoring the ENOENT for /usr/share/containers/oci/hooks.d and continuing on to load hooks from /etc/containers/oci/hooks.d. When it loads the hook, it also logs a warning-level message suggesting that callers explicitly configure their hook directories. That will help consumers migrate, so we can drop the implicit hook directories in some future release. When folks *do* explicitly configure hook directories (via the newly-public --hooks-dir and hooks_dir options), we error out if they're missing: $ podman --hooks-dir /does/not/exist run --rm docker.io/library/alpine echo 'successful container' error setting up OCI Hooks: open /does/not/exist: no such file or directory I've dropped the trailing "path" from the old, hidden --hooks-dir-path and hooks_dir_path because I think "dir(ectory)" is already enough context for "we expect a path argument". I consider this name change non-breaking because the old forms were undocumented. Coming back to rootless users, I've enabled hooks now. I expect they were previously disabled because users had no way to avoid /usr/share/containers/oci/hooks.d which might contain hooks that required root permissions. But now rootless users will have to explicitly configure hook directories, and since their default config is from ~/.config/containers/libpod.conf, it's a misconfiguration if it contains hooks_dir entries which point at directories with hooks that require root access. We error out so they can fix their libpod.conf. [1]: https://github.com/containers/libpod/pull/1487#discussion_r218149355 Signed-off-by: W. Trevor King <wking@tremily.us>
* | | create pod on the flybaude2018-12-03
| |/ |/| | | | | | | | | | | | | | | | | when a user specifies --pod to podman create|run, we should create that pod automatically. the port bindings from the container are then inherited by the infra container. this signicantly improves the workflow of running containers inside pods with podman. the user is still encouraged to use podman pod create to have more granular control of the pod create options. Signed-off-by: baude <bbaude@redhat.com>
* | podman pod existsbaude2018-12-03
|/ | | | | | | | | like containers and images, users would benefit from being able to check if a pod exists in local storage. if the pod exists, the return code is 0. if the pod does not exists, the return code is 1. Any other return code indicates a real errors, such as permissions or runtime. Signed-off-by: baude <bbaude@redhat.com>
* Add create test with --mount flagYiqiao Pu2018-11-29
| | | | Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* Merge pull request #1890 from baude/disablecheckpointtestsOpenShift Merge Robot2018-11-28
|\ | | | | disable checkpoint tests on f29
| * disable checkpoint tests on f29baude2018-11-28
| | | | | | | | | | | | temporarily disabling checkpoint tests on f29 as they don't currently pass. Signed-off-by: baude <bbaude@redhat.com>
* | test, rootless: specify USER env variableGiuseppe Scrivano2018-11-28
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #1798 from giuseppe/fix-notify-socketOpenShift Merge Robot2018-11-28
|\ | | | | systemd: fix NOTIFY_SOCKET with patched runc
| * tests: fix NOTIFY_SOCKET testGiuseppe Scrivano2018-11-28
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * test: fix test for NOTIFY_SOCKETGiuseppe Scrivano2018-11-28
| | | | | | | | | | | | do not make any assumption on the path inside of the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #1879 from mheon/stop_stopped_is_validOpenShift Merge Robot2018-11-28
|\ \ | |/ |/| Stopping a stopped container is not an error for Podman
| * Add test to ensure stopping a stopped container worksMatthew Heon2018-11-28
| | | | | | | | | | | | | | We regressed on this at some point. Adding a new test should help ensure that doesn't happen again. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Merge pull request #1848 from adrianreber/masterOpenShift Merge Robot2018-11-28
|\ \ | |/ |/| Add tcp-established to checkpoint/restore
| * Added more checkpoint/restore test casesAdrian Reber2018-11-28
| | | | | | | | | | | | | | | | | | | | This adds checkpoint/restore test cases for the newly added options * --leave-running * --tcp-established * --all * --latest Signed-off-by: Adrian Reber <areber@redhat.com>
* | Merge pull request #1849 from giuseppe/report-rootless-netmodeOpenShift Merge Robot2018-11-28
|\ \ | | | | | | rootless: add new netmode "slirp4netns"
| * | rootless: add new netmode "slirp4netns"Giuseppe Scrivano2018-11-27
| | | | | | | | | | | | | | | | | | | | | | | | so that inspect reports the correct network configuration. Closes: https://github.com/containers/libpod/issues/1453 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | tests: change return type for PodmanAsUser to PodmanTestIntegrationGiuseppe Scrivano2018-11-27
| |/ | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / rootless: fix cleanupGiuseppe Scrivano2018-11-28
|/ | | | | | | | | | | | | The conmon exit command is running inside of a namespace where the process is running with uid=0. When it launches again podman for the cleanup, podman is not running in rootless mode as the uid=0. Export some more env variables to tell podman we are in rootless mode. Closes: https://github.com/containers/libpod/issues/1859 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* test: cleanup CNI network used by the testsGiuseppe Scrivano2018-11-27
| | | | | | | | issue introduced with: https://github.com/containers/libpod/pull/1871 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #1874 from ypu/mount-testOpenShift Merge Robot2018-11-27
|\ | | | | Improve podman run --mount test
| * Remove mount options relatime from podman run --mount with sharedYiqiao Pu2018-11-27
| | | | | | | | | | | | | | In some test env, mount with shared options is not included relatime in the mountinfo file. So remove this from the test case. Signed-off-by: Yiqiao Pu <ypu@redhat.com>
| * Update test case name to podman run with --mount flagYiqiao Pu2018-11-27
| | | | | | | | | | | | | | Update the test case name to make it easier to filter --mount related test cases with -ginkgo.focus. Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* | Merge pull request #1871 from ypu/ip-testOpenShift Merge Robot2018-11-27
|\ \ | | | | | | Add some tests for --ip flag with run and create command
| * | Add some tests for --ip flag with run and create commandYiqiao Pu2018-11-27
| |/ | | | | | | Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* | Merge pull request #1850 from vrothberg/mount-propagationOpenShift Merge Robot2018-11-27
|\ \ | |/ |/| set root propagation based on volume properties
| * set root propagation based on volume propertiesValentin Rothberg2018-11-26
| | | | | | | | | | | | | | | | | | | | | | | | Set the root propagation based on the properties of volumes and default mounts. To remain compatibility, follow the semantics of Docker. If a volume is shared, keep the root propagation shared which works for slave and private volumes too. For slave volumes, it can either be shared or rshared. Do not change the root propagation for private volumes and stick with the default. Fixes: #1834 Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* | add podman container|image existsbaude2018-11-26
|/ | | | | | | | | | Add an exists subcommand to podman container and podman image that allows users to verify the existence of a container or image by ID or name. The return code can be 0 (success), 1 (failed to find), or 125 (failed to work with runtime). Issue #1845 Signed-off-by: baude <bbaude@redhat.com>
* Allow users to expose ports from the pod to the hostbaude2018-11-20
| | | | | | | | | | we need to allow users to expose ports to the host for the purposes of networking, like a webserver. the port exposure must be done at the time the pod is created. strictly speaking, the port exposure occurs on the infra container. Signed-off-by: baude <bbaude@redhat.com>
* Fix no-new-privileges testYiqiao Pu2018-11-16
| | | | | | Update the test to compare the output from different containers. Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* The system test write with ginkgoYiqiao Pu2018-11-16
| | | | | | | | The tests can be filter by --focus and --skip to fit different test target. Also be able to set global options and cmd options by export it to ENV to fit different test matrix. Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* Separate common used test functions and structs to test/utilsYiqiao Pu2018-11-16
| | | | | | | Put common used test functions and structs to a separated package. So we can use them for more testsuites. Signed-off-by: Yiqiao Pu <ypu@redhat.com>