| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
Always add the default gateway to the cni config file
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`podman network create` should always add a gateway to the cni config.
If no gateway is given use the first ip in the subnet. CNI does not require
the gateway field but we need it because of network inspect.
This worked with previous version but was dropped in Commit(e7a72d72fd59).
Fixes #8748
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |/
|
|
|
|
|
|
|
|
| |
Tracking down a CI failure earlier today, I was slightly
delayed by the absence of context information in a test
failure. This PR adds full command context to each
subtest, making it much easier for the developer to
narrow down the cause of a failure.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Cirrus: Update VM Images; Both Fedora and Ubuntu "prior" flavors run with CGroupsV1 & runc
|
| | |
| |
| |
| |
| |
| | |
Thanks Ed Santiago <santiago@redhat.com> for the fix.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These tests simply will not work under these conditions.
Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04
(prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and
Ubuntu 20.10 were updated to always use CGroupsV2 with crun.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When running as rootless, on a CgroupV1 host these tests all report:
`Error: pod stats is not supported in rootless mode without cgroups v2`
Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04
(prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and
Ubuntu 20.10 were updated to always use CGroupsV2 with crun.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This should be addressed by PR
https://github.com/containers/podman/pull/8685
Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04
(prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and
Ubuntu 20.10 were updated to always use CGroupsV2 with crun.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Nearly/all of the 'podman stats' tests fail on Fedora when
executing testing inside a container, and CGroupsV1 is used on the
host. The typical failure message is of the form `Error: unable to
load cgroup at /machine.slice/.../: cgroup deleted`.
Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04
(prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and
Ubuntu 20.10 were updated to always use CGroupsV2 with crun.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These tests fail with `Error: opening file `io.bfq.weight` for writing:
Permission denied: OCI permission denied`. Upon examination of the
VMs, it was found the kernel and OS lacks support for the `BFQ`
scheduler (which supplies the `weight` option). The only available
schedulers are `none` and `mq-deadline`.
Note: Recently updated F32 (prior-fedora) and Ubuntu 20.04
(prior-ubuntu) VMs always use CGroupsV1 with runc. F33 and
Ubuntu 20.10 were updated to always use CGroupsV2 with crun.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \
| | |
| | | |
Add LogSize to container inspect
|
| | |/
| |
| |
| |
| |
| |
| | |
Other log options are available so we need to add ability to look
up LogSize.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- run test: minor cleanup to .containerenv test. Basically,
make it do only two podman-runs (they're expensive) and
tighten up the results checks
- ps test: add ps -a --storage. Requires small tweak to
run_podman helper, so we can have "timeout" be an expected
result
- sdnotify test: workaround for #8718 (seeing MAINPID=xxx as
last output line instead of READY=1). As found by the
newly-added debugging echos, what we are seeing is:
MAINPID=103530
READY=1
MAINPID=103530
It's not supposed to be that way; it's supposed to be just
the first two. But when faced with reality, we must bend
to accommodate it, so let's accept READY=1 anywhere in
the output stream, not just as the last line.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
RHEL gating tests: more journald exceptions
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Followup to #8284, due to my not having noticed #8096.
RHEL gating tests are failing again due to rhbz#1895105, the
one where we can't run journalctl rootless on RHEL. #8284 fixed
this for some RHEL builds of older podman, but I missed #8096
which added yet another logs test.
This brings us to three journalctl exceptions, which means
it gets complicated because I have to refactor it all.
**THIS IS NOT SUSTAINABLE**. We need some way to have a similar
setup in CI, with a permission-less rootless login, so we don't
add yet another logs test some day and discover, months later,
that it doesn't work on RHEL and then have to go into crisis
mode.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | | |
podman events allow future time for --until
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The podman events aren't read until the given timestamp if the
timestamp is in the future. It just reads all events until now
and exits afterwards.
This does not make sense and does not match docker. The correct
behavior is to read all events until the given time is reached.
This fixes a bug where the wrong event log file path was used
when running first time with a new storage location.
Fixes #8694
This also fixes the events api endpoint which only exited when
an error occurred. Otherwise it just hung after reading all events.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \ \
| |_|/
|/| | |
Add volume prune --filter support
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change adds support for the `--filter` / `?filters` arguments on
the `podman volume prune` subcommand.
* Adds ParseFilterArgumentsIntoFilters helper for consistent
Filter string slice handling
* Adds `--filter` support to podman volume prune cli
* Adds `?filters...` support to podman volume prune api
* Updates apiv2 / e2e tests
Closes #8672
Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
|
| |\ \ \
| | | |
| | | | |
add compose regression to ci
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
adding compose test descriptions and validations.
Signed-off-by: baude <bbaude@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
...in which we use all-local tests
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
to prevent any regressions, we should be running regression tests using
compose.
Signed-off-by: baude <bbaude@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
git-fetch a set of docker-compose examples
Add a mechanism for 'curl'ing to verify that service is up.
For each docker-compose directory:
1) test that it comes up
2) use 'curl' to confirm that the service is up
3) bring it back down
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Sign multi-arch images
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
podman image sign handles muti-arch images.
--all option to create signature for each manifest from the image manifest list.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
Handle --rm when starting a container
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman start should follow the same behaviour as podman run when removing a
container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
podman logs honor stderr correctly
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make the ContainerLogsOptions support two io.Writers,
one for stdout and the other for stderr. The logline already
includes the information to which Writer it has to be written.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \ \
| | | |
| | | | |
Fix Wrong img name used when creating a container from an image which had multi names
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
multiple tags
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Network create could panic when used with a json body like this:
`{"Name":"net","IPAM":{"Config":[]}}`
The network scope for list and inspect should not be empty. It can
be swarm, global or local. We only support local networks so
hardcode this field to local.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| | |
The libpod images exists endpoint panics when called with
a non existing image and therefore returns 500 as status
code instead of the expected 404.
A test is added to ensure it is working.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \
| | |
| | | |
Properly handle --cap-add all when running with a --user flag
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Handle the ALL Flag when running with an account as a user.
Currently we throw an error when the user specifies
podman run --user bin --cap-add all fedora echo hello
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
security: honor systempaths=unconfined for ro paths
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
we must honor systempaths=unconfined also for read-only paths, as
Docker does:
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
Honor the --layers flag
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the --layers flag set by the user is ignored, and only the BUILDAH_LAYERS
environment variable being set is observed.
Fixes: https://github.com/containers/podman/issues/8643
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
Add system test for shell completion
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There exists a unit test to ensure that shell completion functions are
defined. However there was no check about the quality of the provided
shell completions. Lets change that.
The idea is to create a general test that makes sure we are suggesting
containers,pods,images... for the correct commands. This works by
reading the command use line and checking for each arg if we provide
the correct suggestions for this arg.
It includes the following tests:
- flag suggestions if [options] is set
- container, pod, image, network, volume, registry completion
- path completion for the appropriate arg KEYWORDS (`PATH`,`CONTEXT`,etc.)
- no completion if there are no args
- completion for more than one arg if it ends with `...]`
The test does not cover completion values for flags and not every arg KEYWORD
is supported. This is still a huge improvement and covers most use cases.
This test spotted several inconsistencies between the completion and the
command use line. All of them have been adjusted to make the test pass.
The biggest advantage is that the completions always match the latest
command changes. So if someone changes the arguments for a command this
ensures that the completions must be adjusted.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
The existing logic (Range > 0) always triggered, because range is
guaranteed to be at least 1 (a single port has a range of 1, a
two port range (e.g. 80-81) has a range of 2, and so on). As such
this could cause ports that had a host port assigned to them by
the user to randomly assign one instead.
Fixes #8650
Fixes #8651
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
Restore json format for fields as well as whole structs
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add template func to inspect template processing
* Added test using repro from #8444
Fixes #8444
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| | |
| | | |
Make `podman stats` slirp check more robust
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Just checking for `rootless.IsRootless()` does not catch all the
cases where slirp4netns is in use - we actually allow it to be
used as root as well. Fortify the conditional here so we don't
fail in the root + slirp case.
Fixes #7883
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \
| |/ /
|/| | |
Add systempaths=unconfined option
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add the systempaths=unconfined option to --security-opt
to match the docker options for unmasking all the paths
that are masked by default.
Add the mask and unmask options to the podman create doc.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Implement pod-network-reload
|
