summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* kube: honor pod security context IDsGiuseppe Scrivano2022-05-10
| | | | | | | | If the RunAsUser, RunAsGroup, SupplementalGroups settings are not overriden in the container security context, then take the value from the pod security context. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* fix broken CI testPaul Holzinger2022-05-09
| | | | | | | | | | Commit b58e7e7f11 was not fully rebased before merging and is now breaking CI because commit 69c479b16e19 made the underlying error visible. Using journald inside the container tests is not supported. Fixes #14162 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14152 from giuseppe/fix-ci-search-jsonOpenShift Merge Robot2022-05-09
|\ | | | | test: fix "podman search format json"
| * test: fix "podman search format json"Giuseppe Scrivano2022-05-08
| | | | | | | | | | | | | | | | | | | | the alpine image used previously returns a description that contains '...': $ podman search --format json alpine | fgrep ...\"\, "Description": "alpine 3.7 with bash, perl, gzip, wget...", Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #14121 from cdoern/kubeOpenShift Merge Robot2022-05-09
|\ \ | |/ |/| play kube log tag handling
| * play kube log tag handlingcdoern2022-05-06
| | | | | | | | | | | | | | | | | | currently tags cause a panic due to an uninitialized map. Initialize the map and add parsing to make sure we are only tagging with journald resolves #13356 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #14124 from vrothberg/e2e-cleanupsOpenShift Merge Robot2022-05-05
|\ \ | | | | | | e2e cleanups
| * | e2e: pull_test: speed up --all-tagsValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulling the K8s pause image seems unnecessarily expensive to me. Let's use the testgitest_v2s2 one which is under our control and weighs only a couple of KB. This cut the execution time in less than half on my machine. Since it's network bound and I am running on fibre, I expect more significant speed ups in slower networks. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: pull_test: squash --quiet testValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | Squash the --quiet test into another one. The test was more complex than necessary and can easily be squashed into another one to avoid one more expensive pull. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: pull_test: move tests aroundValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | Let's keep simple tests at the top and complex ones at the bottom. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: pull_test: remove redundant testsValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | Once upon a time, the tests actually pulled from Docker Hub. This has changed with the rate limits, so we can safely remove the redundant tests to speed up CI. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: manifest_test: use cached registryValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | Used the cached registry archive instead of pulling down the image from Quay. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14118 from rhatdan/VENDOROpenShift Merge Robot2022-05-05
|\ \ \ | | | | | | | | Vendor in containers/buildah@v1.26.1
| * | | Vendor in containers/buildah@v1.26.1Daniel J Walsh2022-05-05
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14098 from Luap99/test-toolsOpenShift Merge Robot2022-05-05
|\ \ \ \ | | | | | | | | | | vendor test dependencies instead of installing via network
| * | | | exclude new tools vendor dir from validatePaul Holzinger2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have no control over the code in the vendored files. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | vendor test tools in submodulePaul Holzinger2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of using the main module we should vendor the test tools in a different directory. That way we do not add extra dependencies to the main module which can be problemetic for packages or other users. This is already done in buildah so this makes us more consitent. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | vendor test dependencies instead of installing via networkPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can vendor the test dependencies such as go-md2man, git-validation and goimports. This allows us to always install the same version as specified in go.mod. Also we do not rely on a network connection for this. The advantage with this method is that dependabot will also update the dependencies for us and we do not have to hardcode versions in the Makefile. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #14059 from cdoern/cloneOpenShift Merge Robot2022-05-05
|\ \ \ \ \ | |_|_|/ / |/| | | | pass networks to container clone
| * | | | pass networks to container clonecdoern2022-05-03
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since the network config is a string map, json.unmarshal does not recognize the config and spec as the same entity, need to map this option manually resolves #13713 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | Merge pull request #14092 from vrothberg/benchmarksOpenShift Merge Robot2022-05-05
|\ \ \ \ | |_|_|/ |/| | | benchmarks: push/pull
| * | | benchmarks: push/pullValentin Rothberg2022-05-04
| | |/ | |/| | | | | | | | | | | | | | | | | | | Polish the push and pull benchmarks. In particular, make sure to not be network bound during these benchmarks by running a local registry and pushing a local image that can later on be pulled. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14037 from rhatdan/remoteuriOpenShift Merge Robot2022-05-04
|\ \ \ | | | | | | | | Report correct RemoteURI
| * | | Report correct RemoteURIDaniel J Walsh2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than assuming a filesystem path, the API service URI is recorded in the libpod runtime configuration and then reported as requested. Note: All schemes other than "unix" are hard-coded to report URI exists. Fixes #12023 Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14066 from ashley-cui/sysresOpenShift Merge Robot2022-05-04
|\ \ \ \ | |/ / / |/| | | podman system reset removed machines incorrectly
| * | | podman system reset removed machines incorrectlyAshley Cui2022-05-04
| |/ / | | | | | | | | | | | | | | | | | | podman system reset did not clean up machines fully, leaving some config files, and breaking machines. Now it removes all machines files fully. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | play kube default log driverNiall Crowe2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | The default log driver is not used when using play kube without --log-driver. The LogDriver function needs to be called in order to use the default log driver. fixes #13781 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | | Add podman machine eventsJhon Honce2022-05-03
|/ / | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | pod: add exit policiesValentin Rothberg2022-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the notion of an "exit policy" to a pod. This policy controls the behaviour when the last container of pod exits. Initially, there are two policies: - "continue" : the pod continues running. This is the default policy when creating a pod. - "stop" : stop the pod when the last container exits. This is the default behaviour for `play kube`. In order to implement the deferred stop of a pod, add a worker queue to the libpod runtime. The queue will pick up work items and in this case helps resolve dead locks that would otherwise occur if we attempted to stop a pod during container cleanup. Note that the default restart policy of `play kube` is "Always". Hence, in order to really solve #13464, the YAML files must set a custom restart policy; the tests use "OnFailure". Fixes: #13464 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14062 from Luap99/resolv.confOpenShift Merge Robot2022-04-29
|\ \ | | | | | | libpod: host netns keep same /etc/resolv.conf
| * | libpod: host netns keep same /etc/resolv.confPaul Holzinger2022-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a container is run in the host network namespace we have to keep the same resolv.conf content and not use the systemd-resolve detection logic. But also make sure we still allow --dns options. Fixes #14055 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | fix incorrect permissions for /etc/resolv.conf in usernsPaul Holzinger2022-04-29
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always be owned by the root user in the container. This worked correct for /etc/hostname and /etc/hosts but not for /etc/resolv.conf. A container run with --userns keep-id would have the reolv.conf file owned by the current container user which is wrong. Consolidate some common code in a new helper function to make the code more cleaner. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | fix broken hooks-dir testPaul Holzinger2022-04-29
| | | | | | | | | | | | | | The test has been broken since it was added 4 years ago. Instead of using hardcoded paths we should use tmp files. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | enable errcheck linterPaul Holzinger2022-04-29
|/ | | | | | | | The errcheck linter makes sure that errors are always check and not ignored by accident. It spotted a lot of unchecked errors, mostly in the tests but also some real problem in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Report properly whether pod shares host networkDaniel J Walsh2022-04-28
| | | | | | Fixes: https://github.com/containers/podman/issues/14028 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #14040 from edsantiago/gomega_havefieldOpenShift Merge Robot2022-04-28
|\ | | | | e2e tests: use HaveField() for better error checking
| * Three manual fixesEd Santiago2022-04-28
| | | | | | | | | | | | | | | | | | | | Two for this error: invalid indirect of pod.Spec.DNSConfig.Options[0] ...and one for a gofmt error (spaces). Signed-off-by: Ed Santiago <santiago@redhat.com>
| * Ginkgo: use HaveField() for better error checkingEd Santiago2022-04-28
| | | | | | | | | | | | | | | | | | | | | | | | | | This is a very late followup to my ginkgo-improving work of 2021. It has been stuck since December because it requires gomega 1.17, which we've just enabled. This commit is simply a copy-paste of a command I saved in my TODO list many months ago: sed -i -e 's/Expect(\([^ ]\+\)\.\([a-zA-Z0-9]\+\))\.To(Equal(/Expect(\1).To(HaveField(\"\2\", /' test/e2e/*_test.go Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #14051 from giuseppe/volume-create-noquota-optionOpenShift Merge Robot2022-04-28
|\ \ | |/ |/| volume: add new option -o o=noquota
| * volume: add new option -o o=noquotaGiuseppe Scrivano2022-04-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add a new option to completely disable xfs quota usage for a volume. xfs quota set on a volume, even just for tracking disk usage, can cause weird errors if the volume is later re-used by a container with a different quota projid. More specifically, link(2) and rename(2) might fail with EXDEV if the source file has a projid that is different from the parent directory. To prevent such kind of issues, the volume should be created beforehand with `podman volume create -o o=noquota $ID` Closes: https://github.com/containers/podman/issues/14049 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #14034 from rhatdan/historyOpenShift Merge Robot2022-04-27
|\ \ | | | | | | Add CreatedSince & CreatedAt format fields to podman image history
| * | Add CreatedSince & CreatedAt format fields to podman image historyDaniel J Walsh2022-04-27
| | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/14012 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Temporarily skip netavark/aardvark e2e testChris Evich2022-04-27
| |/ |/| | | | | | | | | Ref: https://github.com/containers/podman/issues/13931 Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #13698 from Luap99/versionOpenShift Merge Robot2022-04-27
|\ \ | |/ |/| Bump version to v4.1.0-dev
| * Bump version to v4.1.0-devPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | I think we forgot to bump the version in the main branch. It should be v4.1.0-dev now. Also set the min api version to 4.0.0 as on the podman 4.0 branch. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14023 from rhatdan/kubeOpenShift Merge Robot2022-04-27
|\ \ | | | | | | Truncate annotations when generating kubernetes yaml files
| * | Truncate annotations when generating kubernetes yaml filesDaniel J Walsh2022-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kubernetes only allows 63 characters in an annotation. Make sure that we only add 63 or less charaters when generating kube. Warn if containers or pods have longer length and truncate. Discussion: https://github.com/containers/podman/discussions/13901 Fixes: https://github.com/containers/podman/issues/13962 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | play kube respect hostNetworkPaul Holzinger2022-04-27
| |/ |/| | | | | | | | | | | | | | | | | | | We need to use the host network when it is set in the config and --network was not used. This regression was added in 3e9af2029f1f. Fixes #14015 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13997 from Luap99/gocriticOpenShift Merge Robot2022-04-27
|\ \ | |/ |/| enable gocritic linter
| * play kube: do not skip containers by namePaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | We should not exclude contianers by name. If a users has a container with the name "inf" it is currently skipped. This is wrong. The k8s yaml does not contain infra containers so we do not have to skip them. Signed-off-by: Paul Holzinger <pholzing@redhat.com>