summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* fix "tail 800 lines: journald" flakePaul Holzinger2022-06-01
| | | | | | | | | | | | The test calls podman run -d followed by podman logs. There is no guarantee the the container or conmon has written all its output. Adding an extra podman wait should fix this. Do not remove the -d to not print 1000 unnecessary lines in the logs. Fixes #14362 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* fix podman container restore without CreateNetNSPaul Holzinger2022-05-31
| | | | | | | | | | | | | | | | When a container does not use the default podman netns, for example --network none or --network ns:/path a restore would fail because the specgen check validates that c.config.StaticMAC is nil but the unmarshaller sets it to an empty slice. While we could make the check use len() > 0 I feel like it is more common to check with != nil for ip and mac addresses. Adding omitempty tag makes the json marshal/unmarshal work correctly. This should not cause any issues. Fixes #14389 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14419 from Luap99/volume-importOpenShift Merge Robot2022-05-31
|\ | | | | podman volume export/import: give better error
| * podman volume export/import: give better errorPaul Holzinger2022-05-30
| | | | | | | | | | | | | | | | | | When the volume does not exist we should output an error stating so and not some generic one. Fixes #14411 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Podman no-new-privileges formatNiall Crowe2022-05-30
|/ | | | | | | | | | | | In docker, the format of no-new-privileges is "no-new-privileges:true". However, for Podman all that's required is "no-new-privileges", leading to issues when attempting to use features desgined for docker in podman. Adding support for the ":" format to be used along with the "=" format, depedning on which one is entered by the user. fixes #14133 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* vendor: bump buildah to v1.26.1-0.20220524184833-5500333c2e06Aditya R2022-05-26
| | | | | | Bump buildah to v1.26.1-0.20220524184833-5500333c2e06 Signed-off-by: Aditya R <arajan@redhat.com>
* build: allow using cache explicitly with --squash-all using --layersAditya R2022-05-26
| | | | | | | | | | | | | | Buildah already supports using `--layers` with `--squash` after https://github.com/containers/buildah/pull/3674 if user wants to do so hence podman must honor similar configuration in `--squash-all` behaviour if user wants to using cache. PS: We cannot alter behaviour of `podman build --squash` for docker-compat reasons hence this feature can be easily supported by `--squash-all`. Closes: https://github.com/containers/buildah/issues/4011 Signed-off-by: Aditya R <arajan@redhat.com>
* First batch of resolutions to FIXMEsMatthew Heon2022-05-25
| | | | | | | | | Most of these are no longer relevant, just drop the comments. Most notable change: allow `podman kill` on paused containers. Works just fine when I test it. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #14361 from Luap99/netflakeOpenShift Merge Robot2022-05-25
|\ | | | | fix f35 integration test network flake
| * fix f35 integration test network flakePaul Holzinger2022-05-25
| | | | | | | | | | | | | | | | | | | | | | I am not 100% sure if this is actually causing the problem but I was able to reproduce locally and this change fixed it there. Without the `-n` option iptables tries to reverse lookup the ips to domain names. This is extremely slow for unknown reasons. Given the large amount of iptables entries due parallel test runs it will not succeed in the default 90 sec timeout. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14358 from vrothberg/todo-part-2OpenShift Merge Robot2022-05-25
|\ \ | | | | | | Todo part 2
| * | test/system/250-systemd.bats: clean up outdated TODOValentin Rothberg2022-05-25
| |/ | | | | | | | | | | | | `podman auto-update` is now properly exercised in the system tests, so we can safely remove the outdated TODO. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14333 from rhatdan/podOpenShift Merge Robot2022-05-25
|\ \ | |/ |/| Allow podman pod create --share +pid
| * Allow podman pod create --share +pidDaniel J Walsh2022-05-24
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13422 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14334 from rhatdan/pod1OpenShift Merge Robot2022-05-24
|\ \ | | | | | | Allow podman pod create to accept name argument
| * | Allow podman pod create to accept name argumentDaniel J Walsh2022-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I am constantly attempting to add the podname to the last argument to podman pod create. Allowing this makes it match podman volume create and podman network create. It does not match podman container create, since podman container create arguments specify the arguments to run with the container. Still need to support the --name option for backwards compatibility. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #14346 from edsantiago/helpmsg_testsOpenShift Merge Robot2022-05-24
|\ \ \ | |_|/ |/| | help-message system test: catch more cases
| * | help-message system test: catch more casesEd Santiago2022-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Look for and prevent lower-case arg descriptions: podman cmd [arg] - Look for and prevent optional-mandatory misordering: podman cmd [ARG] ARG - Tighter whitespace checks (and fix podman pod ps) - simplify a no-longer-necessary mess! #8635 fixed the horrible "CONTAINER | IMAGE" strings (with spaces), so there's no longer a need to special-case those. The one-extra-arg check is now much cleaner. Minor refactoring. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14319 from flouthoc/suppress-aux-on-quietOpenShift Merge Robot2022-05-24
|\ \ \ | |_|/ |/| | compat, build: suppress `step` errors when `quiet=1` is set
| * | compat, build: suppress step errors when quiet is setAditya R2022-05-24
| | | | | | | | | | | | | | | | | | | | | | | | Match with docker API and suppress step errors when field quiet is set. Closes: https://github.com/containers/podman/issues/14315 Signed-off-by: Aditya R <arajan@redhat.com>
* | | Merge pull request #14341 from vrothberg/todo-part-1OpenShift Merge Robot2022-05-24
|\ \ \ | |_|/ |/| | TODO's and FIXME's [PART 1]
| * | test/e2e/search_test.go: re-enable registry.redhat.io testValentin Rothberg2022-05-24
| | | | | | | | | | | | | | | | | | The search endpoint is working again. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | podman image mount: print pretty tableValentin Rothberg2022-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that `podman image mount` prints a pretty table unless there is only argument passed and without a custom format. Fixing a TODO item brought me to the specific code location and revealed the fart in the logic. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | system tests: fix flake waiting for container to runValentin Rothberg2022-05-24
|/ / | | | | | | | | | | | | | | | | | | | | I have seen some system tests flake waiting for a container to transition into a specific running state. My theory is that the waiting time was not sufficient on nodes under high load. Hence, increase the waiting time. Also replace the break with a return to spare some cycles to redundantly compare with the already checked state. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14294 from vrothberg/fix-14291OpenShift Merge Robot2022-05-24
|\ \ | | | | | | fix compat image resolution
| * | fix compat image resolutionValentin Rothberg2022-05-23
| |/ | | | | | | | | | | | | | | | | | | | | | | Fix a bug in the resolution of images in the Docker compat API. When looking up an image by a short name, the name may match an image that does not live on Docker Hub. The resolved name should be used for normalization instead of the input name to make sure that `busybox` can resolve to `registry.com/busybox` if present in the local storage. Fixes: #14291 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14281 from vrothberg/fix-14251OpenShift Merge Robot2022-05-23
|\ \ | | | | | | fix --init with /dev bind mount
| * | fix --init with /dev bind mountValentin Rothberg2022-05-23
| |/ | | | | | | | | | | | | | | | | | | The init binary until now has been bind-mounted to /dev/init which breaks when bind-mounting to /dev. Instead mount the init to /run/podman-init. The reasoning for using /run is that it is already used for other runtime data such as secrets. Fixes: #14251 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14292 from vrothberg/fix-14283OpenShift Merge Robot2022-05-23
|\ \ | | | | | | auto update: create an event
| * | auto update: create an eventValentin Rothberg2022-05-23
| |/ | | | | | | | | | | | | | | | | Create an auto-update event for each invocation, independent if images and containers are updated or not. Those events will be indicated in the events already but users will now know why. Fixes: #14283 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14266 from tupyy/add-blockdevice-play-kubeOpenShift Merge Robot2022-05-23
|\ \ | |/ |/| Expose block and character devices with play kube
| * fix tests by randomize the device folder nameCosmin Tupangiu2022-05-23
| | | | | | | | | | | | | | e2e tests tends to fail when running with multiple nodes because the same device folder name is used accross all nodes Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
| * add tests and fix bug when char device pass the test as block deviceCosmin Tupangiu2022-05-18
| | | | | | | | | | | | | | | | | | | | | | - add test - fix bug when a character device set in a volume as a block device is seen as block device in _pkg/specgen/generate/kube/volume.go_. At this stage the type does not matter much because the devices are recreated at lower layer but the bug allowed a CharDevice volume to be passed to lower layer as a BlockDevice. Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
* | Swagger refactor/cleanupJhon Honce2022-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove duplicate or unused types and constants * Move all documetation-only models and responses into swagger package * Remove all unecessary names, go-swagger will determine names from struct declarations * Use Libpod suffix to differentiate between compat and libpod models and responses. Taken from swagger:operation declarations. * Models and responses that start with lowercase are for swagger use only while uppercase are used "as is" in the code and swagger comments * Used gofumpt on new code ```release-note ``` Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | linter: enable unconvert linterValentin Rothberg2022-05-19
| | | | | | | | | | | | | | Detects unneccessary type conversions and helps in keeping the code base cleaner. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14228 from rhatdan/apiOpenShift Merge Robot2022-05-18
|\ \ | | | | | | Deleting an n use image should return conflict not system error
| * | Deleting an n use image should return conflict not system errorDaniel J Walsh2022-05-16
| |/ | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/14208 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14256 from vrothberg/run-1287OpenShift Merge Robot2022-05-18
|\ \ | | | | | | k8systemd: run k8s workloads in systemd
| * | k8systemd: run k8s workloads in systemdValentin Rothberg2022-05-17
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support running `podman play kube` in systemd by exploiting the previously added "service containers". During `play kube`, a service container is started before all the pods and containers, and is stopped last. The service container communicates its conmon PID via sdnotify. Add a new systemd template to dispatch such k8s workloads. The argument of the template is the path to the k8s file. Note that the path must be escaped for systemd not to bark: Let's assume we have a `top.yaml` file in the home directory: ``` $ escaped=$(systemd-escape ~/top.yaml) $ systemctl --user start podman-play-kube@$escaped.service ``` Closes: https://issues.redhat.com/browse/RUN-1287 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14254 from flouthoc/api-allow-remoteOpenShift Merge Robot2022-05-17
|\ \ | |/ |/| api: make no-op `remote` functional in `/libpod/build`
| * api: make no-op remote functional in /libpod/buildAditya R2022-05-16
| | | | | | | | | | | | | | | | | | | | | | Podman API `libpod/build` accepts paramemter `remote` which overrides `dockerfile` but currently parameter is no-op. Following commit adds support for `remote` parameter in libpod API. See: https://docs.podman.io/en/v3.2.3/_static/api.html#operation/ImageBuildLibpod Closes: https://github.com/containers/podman/issues/13831 Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #14232 from vrothberg/bz-2083997OpenShift Merge Robot2022-05-16
|\ \ | |/ |/| [BZ #2083997] pod: build pause image in custom user NS
| * [BZ #2083997] pod: build pause image in custom user NSValentin Rothberg2022-05-13
| | | | | | | | | | | | | | | | | | | | | | Use the host UID and host GID mapping when building the local pause image for a Pod with a custom mapping. Otherwise, the mappings are off and the build fails. Propagating the mapping to the build container is not needed since the pause image ships merely a copied `catatonit` from the host. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14205 from rhatdan/VENDOROpenShift Merge Robot2022-05-13
|\ \ | | | | | | Vendor in latest containers/common
| * | Vendor in latest containers/commonDaniel J Walsh2022-05-12
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / Make sure tests are cleaned up when they completeDaniel J Walsh2022-05-12
|/ | | | | | Fixes: https://github.com/containers/podman/issues/13789 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #14159 from vrothberg/service-containerDaniel J Walsh2022-05-12
|\ | | | | play kube: service container
| * play kube: service containerValentin Rothberg2022-05-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the notion of a "service container" to play kube. A service container is started before the pods in play kube and is (reverse) linked to them. The service container is stopped/removed *after* all pods it is associated with are stopped/removed. In other words, a service container tracks the entire life cycle of a service started via `podman play kube`. This is required to enable `play kube` in a systemd unit file. The service container is only used when the `--service-container` flag is set on the CLI. This flag has been marked as hidden as it is not meant to be used outside the context of `play kube`. It is further not supported on the remote client. The wiring with systemd will be done in a later commit. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * vendor c/common@mainValentin Rothberg2022-05-12
| | | | | | | | | | | | In hope to fix a CI flake. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | sdnotify: send MAINPID only onceValentin Rothberg2022-05-12
|/ | | | | | | | | Send the main PID only once. Previously, `(*Container).start()` and the conmon handler sent them ~simultaneously and went into a race. I noticed the issue while debugging a WIP PR. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>