summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Merge pull request #14654 from cdoern/cgroupopenshift-ci[bot]2022-06-27
|\ | | | | podman cgroup enhancement
| * podman cgroup enhancementcdoern2022-06-24
| | | | | | | | | | | | | | | | | | | | | | currently, setting any sort of resource limit in a pod does nothing. With the newly refactored creation process in c/common, podman ca now set resources at a pod level meaning that resource related flags can now be exposed to podman pod create. cgroupfs and systemd are both supported with varying completion. cgroupfs is a much simpler process and one that is virtually complete for all resource types, the flags now just need to be added. systemd on the other hand has to be handeled via the dbus api meaning that the limits need to be passed as recognized properties to systemd. The properties added so far are the ones that podman pod create supports as well as `cpuset-mems` as this will be the next flag I work on. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #14725 from Luap99/port-range-flakeopenshift-ci[bot]2022-06-27
|\ \ | | | | | | Fix "podman run port forward range" flake
| * | Fix "podman run port forward range" flakePaul Holzinger2022-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The test must ensure that all ports in the range are free not just the first. This flakes often because port 5355 is always in use by systemd-resolved on fedora. Fixes #14716 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14687 from cdoern/volsopenshift-ci[bot]2022-06-27
|\ \ \ | |/ / |/| | podman run/create -v relative filepath support
| * | podman run/create -v relative filepath supportCharlie Doern2022-06-22
| | | | | | | | | | | | | | | | | | | | | podman currently does not support relative volume paths. Add parsing for relative paths in specgen, converting whatever volume was given to an absolute path. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #14685 from mheon/gitlabopenshift-ci[bot]2022-06-27
|\ \ \ | | | | | | | | Followon to #14559
| * | | conmon: silence json-file errorValentin Rothberg2022-06-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We should just silently fall through. The log was flooding the system-service logs when running Gitlab runner. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | Merge pull request #14703 from cdoern/connectionopenshift-ci[bot]2022-06-25
|\ \ \ \ | |_|_|/ |/| | | fix system connection and scp testing
| * | | fix system connection and scp testingCharlie Doern2022-06-23
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman image scp and podman system connection tests were querying an existing website during testing. Change to a URL that will never exist given an improper domain extension also just generally clean up a few things in both scp and connection testing resolves #14699 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* / / Workaround for bug 14653 (checkpoint flake)Ed Santiago2022-06-23
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Since it may be a while before we get a true fix: add a workaround for podman-remote checkpoint tests, in which we pause until the 'run --rm' container is truly truly gone. I've tried to make it as easy as possible to clean up the workaround code once the bug is fixed. Oh, also, remove "-it" from a podman-run. It makes no sense and only results in nasty orange warning messages. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / Fix spelling "setup" -> "set up" and similarErik Sjölund2022-06-22
|/ | | | | | | | | | * Replace "setup", "lookup", "cleanup", "backup" with "set up", "look up", "clean up", "back up" when used as verbs. Replace also variations of those. * Improve language in a few places. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Merge pull request #13384 from flouthoc/podman-remote-add-with-annotateopenshift-ci[bot]2022-06-21
|\ | | | | bindings: manifest should follow `es_model` naming convention while marshalling `OSVersion` and `OSFeatures`
| * bindings: add manifest should follow es_model while marshalling OSVersion ↵Aditya R2022-06-02
| | | | | | | | | | | | | | | | | | | | | | | | and OSFeatures It seems API needs json names for OSVersion and OSFeatures in es_model ref: https://github.com/containers/podman/blob/main/pkg/domain/entities/manifest.go#L42 So at bindings end ensure that we honor es_model naming convention when we perform marshalling otherwise API will ignore these fields Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #14643 from clobrano/feature/network/list/dangling/devopenshift-ci[bot]2022-06-21
|\ \ | | | | | | allow filter networks by dangling status
| * | allow filter networks by dangling statusCarlo Lobrano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to filter networks by their dangling status via: `network ls --filter dangling=true/false` Fixes: #14595 Signed-off-by: Carlo Lobrano <c.lobrano@gmail.com>
* | | Merge pull request #14625 from cdoern/podShmopenshift-ci[bot]2022-06-21
|\ \ \ | | | | | | | | podman pod create --shm-size
| * | | podman pod create --shm-sizecdoern2022-06-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | expose the --shm-size flag to podman pod create and add proper handling and inheritance for the option. resolves #14609 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Merge pull request #14662 from Luap99/api-jsonopenshift-ci[bot]2022-06-21
|\ \ \ \ | | | | | | | | | | API: containers/json always set application/json content type
| * | | | API: containers/json always set application/json content typePaul Holzinger2022-06-20
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we return no containers we just return `[]` but we still have to keep the content type header `application/json` so external tools can correctly parse the output. Fixes #14647 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | api: show the memory limit specified for the containerGiuseppe Scrivano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use the memory limit specified for the container instead of reading it from the cgroup. It is not reliable to read it from the cgroup since the container could have been moved to a different cgroup and in general the OCI runtime might create a sub-cgroup (like crun does). Closes: https://github.com/containers/podman/issues/14676 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #14556 from sstosh/system-prune-networkopenshift-ci[bot]2022-06-20
|\ \ \ \ | |/ / / |/| | | podman system prune support prune unused networks
| * | | podman system prune support prune unused networksToshiki Sonoda2022-06-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an enhancement for the podman system prune feature. In this issue, it is mentioned that 'network prune' should be wired into 'podman system prune' https://github.com/containers/podman/issues/8673 Therefore, I add the function to remove unused networks. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | Merge pull request #14299 from cdoern/podCloneopenshift-ci[bot]2022-06-16
|\ \ \ \ | | | | | | | | | | implement podman pod clone
| * | | | podman pod clonecdoern2022-06-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implement podman pod clone, a command to create an exact copy of a pod while changing certain config elements current supported flags are: --name change the pod name --destroy remove the original pod --start run the new pod on creation and all infra-container related flags from podman pod create (namespaces etc) resolves #12843 Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | Merge pull request #14619 from Luap99/helpopenshift-ci[bot]2022-06-16
|\ \ \ \ \ | | | | | | | | | | | | fix "podman -h" help output
| * | | | | fix "podman -h" help outputPaul Holzinger2022-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman -h` currently returns an error: `Error: pflag: help requested` This bug was introduced in 44d037898ebc, the problem is that we wrap the error and cobra lib checks with `==` for this one and not errors.Is(). I have a PR upstream to fix this but for now this also works. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #14600 from edsantiago/arghopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | system tests: avoid rmi -a ... plus cleanup
| * | | | | | system tests: avoid rmi -a ... plus cleanupEd Santiago2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I noticed 'rmi -a' in a test. I tried to fix it. Hilarity ensued. 'rmi -a' is evil: it forces a fresh pull of our test image, which in turn almost guarantees a flake some day. We avoid it, but once in a while it slips in. While fixing it, I noticed a bevy of other problems that needed cleanup. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | Merge pull request #14613 from kolyshkin/fix-410-selinuxopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | test/system/410-selinux: fix for newer runc
| * | | | | | test/system/410-selinux: fix for newer runcKir Kolyshkin2022-06-15
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With runc 1.1, we have the following failure: # #| FAIL: podman emits useful diagnostic on failure # #| expected: 'Error.*: OCI runtime error: .*: failed to set /proc/self/attr/keycreate on procfs' (using expr) # #| actual: 'Error: OCI runtime error: runc: runc create failed: unable to start container process: error during container init: write /proc/self/attr/keycreate: invalid argument' which is caused by the fact that runc 1.1 uses newer opencontainers/selinux package, which changes custom errors to standard os.PathError instances (so that they can be unwrapped if needed). Fix the test case accordingly. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | | | | | Merge pull request #14605 from Luap99/update-golangci-lintopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | golangci-lint: update to v1.46.2
| * | | | | | golangci-lint: update to v1.46.2Paul Holzinger2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update to the latest golangci-lint version. v1.46 added new linters. I disabled nonamedreturns and exhaustruct since they enforce a certain code style and using them would require big changes to the code base. The nosprintfhostport is new and I fixed one problem in the tests. While the test itself is fine because it uses ipv4 only the linter still looks good because the sprintf use will fail for ipv6 addresses. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | system test image: bump to 20220615Ed Santiago2022-06-15
| |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: - use --timestamp option to produce 'created' stamps that can be reliably tested in the image-history test - podman now supports manifest & multiarch run, so we no longer need buildah - bump up base alpine & busybox images This turned out to be WAY more complicated than it should've been, because: - alpine 3.14 fixed 'date -Iseconds' to include a colon in the TZ offset ("-07:00", was "-0700"). This is now consistent with GNU date's --iso-8601 format, yay, so we can eliminate a minor workaround. - with --timestamp, all ADDed files are set to that timestamp, including the custom-reference-timestamp file that many tests rely on. So we need to split the build into two steps. But: - ...with a two-step build I need to use --squash-all, not --squash, but: - ... (deep sigh) --squash-all doesn't work with --timestamp (#14536) so we need to alter existing tests to deal with new image layers. - And, long and sordid story relating to --rootfs. TL;DR that option only worked by a miracle relating to something special in one specific test image; it doesn't work with any other images. Fix seems to be complicated, so we're bypassing with a FIXME (#14505). And, unrelated: - remove obsolete skip and workaround in run-basic test (dating back to varlink days) - add a pause-image cleanup to avoid icky red warnings in logs Fixes: #14456 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #14596 from ↵openshift-ci[bot]2022-06-15
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | | | | | | | giuseppe/move-conmon-different-cgroup-system-service libpod: improve check to create conmon cgroup
| * | | | | libpod: improve check to create conmon cgroupGiuseppe Scrivano2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit 1951ff168a63157fa2f4711fde283edfc4981ed3 introduced a check so that conmon is not moved to a new cgroup when podman is running inside of a systemd service. This is helpful to integrate podman in systemd so that the spawned conmon lives in the same cgroup as the service that created it. Unfortunately this breaks when podman daemon is running in a systemd service since the same check is in place thus all the conmon processes end up in the same cgroup as the podman daemon. When the podman daemon systemd service stops the conmon processes are also terminated as well as the containers they monitor. Improve the check to exclude podman running as a daemon. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2052697 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | systemd socker activation: check listener to prevent panicPaul Holzinger2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 5fa6f686db added a regression which was fixed in eb71712626f9. Apply the same fix again to prevent a panic and return a proper error instead. To not regress again I added a e2e test which makes sure we do not panic. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #14585 from Luap99/nolintopenshift-ci[bot]2022-06-14
|\ \ \ \ \ \ | | | | | | | | | | | | | | golangci-lint: enable nolintlint
| * | | | | | golangci-lint: enable nolintlintPaul Holzinger2022-06-14
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The nolintlint linter does not deny the use of `//nolint` Instead it allows us to enforce a common nolint style: - force that a linter name must be specified - do not add a space between `//` and `nolint` - make sure nolint is only used when there is actually a problem Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #14582 from giuseppe/no-create-containerenv-if-run-volumeopenshift-ci[bot]2022-06-14
|\ \ \ \ \ \ | | | | | | | | | | | | | | container: do not create .containerenv with -v SRC:/run
| * | | | | | container: do not create .containerenv with -v SRC:/runGiuseppe Scrivano2022-06-14
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if /run is on a volume do not create the file /run/.containerenv as it would leak outside of the container. Closes: https://github.com/containers/podman/issues/14577 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #14551 from edsantiago/apiv2_tests_rootlessopenshift-ci[bot]2022-06-14
|\ \ \ \ \ \ | | | | | | | | | | | | | | CI: APIv2 tests: add rootless
| * | | | | | CI: APIv2 tests: add rootlessEd Santiago2022-06-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This would've caught a regression that #14549 had to fix. Let's try to prevent the next regression. This requires some hackery to get namespaces initialized before the service is started; otherwise the service itself initializes namespaces, which basically ends up with a server process that runs forever. Also: in stop_service(), reset service_pid, because that's the correct thing to do. Also: add some debug statements to try to figure out a CI failure. (And leave them in place, because they might be useful for future problems). Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | Merge pull request #14588 from edsantiago/eek_buildah_bud_coverageopenshift-ci[bot]2022-06-14
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | buildah-bud tests: reenable skipped 'bud' tests
| * | | | | | | buildah-bud tests: reenable skipped 'bud' testsEd Santiago2022-06-14
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sigh. Buildah PR https://github.com/containers/buildah/pull/3368 changed 'bud' to 'build' in tests. Podman #11585 well-intentionedly did the same for run-buildah-bud tests ... but did so by *replacing* 'bud' with 'build', not by *adding* 'build' to the list of commands handled by podman-build. Hence, all tests invoking 'run_buildah bud' have been completely untested since then. This remedies that, and deals with all the fallout. Principal among which is the discovery that our exit-code changes are no longer necessary: that thing we did where buildah exit status 1 or 2 became podman exit status 125? That no longer applies. podman now exits with the same status as buildah. This simplifies our diffs, and lets us enable a bunch more tests. Also: - in run-buildah-bud-tests script, run 'sudo --validate' early on. Reason: otherwise, the sudo step happens a few minutes after the script starts (after the git-pull), by which time the user may have stepped away to get coffee, then comes back ten or twenty minutes later to find a stupid sudo prompt and no tests run. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / / / / / / buildah-bud tests: add arg sanity checkEd Santiago2022-06-14
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix bad design decision (mine) by adding a simple usage check to 'skip' and 'skip_if_remote' functions: if invoked without test-name args, fail loudly and immediately. Background: yeah, their usage is not intuitive. Making the first arg be a comment helps with _reading_ the code, but not _writing_ new additions. A developer in a hurry could write "skip this-test" and, until now, that would be a silent NOP. Tested by adding broken skip/skip_if_remote calls inline; I confirm that the line number and funcname usage is correct. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #14561 from rhatdan/VENDORopenshift-ci[bot]2022-06-14
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Update vendor of containers/buildah
| * | | | | Update vendor of containers/buildahDaniel J Walsh2022-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes since 2022-05-31: - add --omit-history option (buildah PR 4028) Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #14580 from jakecorrenti/stats-on-non-running-containeropenshift-ci[bot]2022-06-14
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Non-running containers now report statistics via the `podman stats`
| * | | | | Non-running containers now report statistics via the `podman stats`Jake Correnti2022-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | command Previously, if a container was not running, and the user ran the `podman stats` command, an error would be reported: `Error: container state improper`. Podman now reports stats as the fields' default values for their respective type if the container is not running: ``` $ podman stats --no-stream demo ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU % 4b4bf8ce84ed demo 0.00% 0B / 0B 0.00% 0B / 0B 0B / 0B 0 0s 0.00% ``` Closes: #14498 Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>