summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Add host.serviceIsRemote to podman info resultsJhon Honce2021-05-10
| | | | | | | | | | | | | | | | Developers asked for a deterministic field to verify if podman is running via API or linked directly to libpod library. $ podman info --format '{{.Host.ServiceIsRemote}}' false $ podman-remote info --format '{{.Host.ServiceIsRemote}}' true $ podman --remote info --format '{{.Host.ServiceIsRemote}}' true * docs/conf.py formatted via black Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #10236 from Luap99/generate-systemd-envOpenShift Merge Robot2021-05-10
|\ | | | | Add envars to the generated systemd unit
| * Add envars to the generated systemd unitPaul Holzinger2021-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The with --new generated systemd unit loses the environment variables when the create command only contains the key without the value. Since podman tries to lookup those values from the environment the unit can fail. This commits ensures that we will add the environment variables to the unit file when this is the case. The container environment variables are looked up in the container spec. Fixes #10101 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #10268 from flouthoc/kube-default-shared-namespaceOpenShift Merge Robot2021-05-10
|\ \ | | | | | | Kube like pods should share ipc,net,uts by default
| * | Kube like pods should share ipc,net,uts by defaultflouthoc2021-05-10
| |/ | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* / fix: use UTC Time Stamps in response JSONMatej Vasek2021-05-10
|/ | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* fix: compat API "images/get" for multiple imagesMatej Vasek2021-05-07
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* Merge pull request #10230 from matejvasek/fix-compat-img-getOpenShift Merge Robot2021-05-07
|\ | | | | fix: docker APIv2 `images/get`
| * fix per review requestMatej Vasek2021-05-06
| | | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
| * fix pre review requestMatej Vasek2021-05-06
| | | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
| * fix: docker APIv2 `images/get`Matej Vasek2021-05-05
| | | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | Merge pull request #10202 from EduardoVega/9763-kube-auto-updateOpenShift Merge Robot2021-05-07
|\ \ | | | | | | Add support to preserve auto-update labels in play / generate kube
| * | Adds support to preserve auto update labels in generate and play kubeEduardo Vega2021-05-06
| | | | | | | | | | | | | | | | | | In the case of generate kube the auto-update labels will be converted into kube annotations and for play kube they will be converted back to labels since that's what podman understands Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | | Merge pull request #10221 from ashley-cui/envsecOpenShift Merge Robot2021-05-07
|\ \ \ | | | | | | | | Add support for environment variable secrets
| * | | Add support for environment variable secretsAshley Cui2021-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Env var secrets are env vars that are set inside the container but not commited to and image. Also support reading from env var when creating a secret. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #10238 from bacher09/fix-inf-loopOpenShift Merge Robot2021-05-07
|\ \ \ \ | | | | | | | | | | Fix infinite loop in isPathOnVolume
| * | | | Fix infinite loop in isPathOnVolumeSlava Bacherikov2021-05-06
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filepath.Dir in some cases returns `.` symbol and calling this function again returns same result. In such cases this function never returns and causes some operations to stuck forever. Closes #10216 Signed-off-by: Slava Bacherikov <slava@bacher09.org>
* | | | Merge pull request #10237 from edsantiago/ci_rootless_add_ubuntuOpenShift Merge Robot2021-05-07
|\ \ \ \ | | | | | | | | | | CI: run rootless tests under ubuntu
| * | | | CI: run rootless tests under ubuntuEd Santiago2021-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reason: to catch errors before they surface in RHEL. One of the Ubuntus is specially crafted to run with cgroups v1 and runc. Although this isn't quite the same as RHEL, it's as close as we can come in our CI environment, and I suspect it would have caught #10234 (a regression). Sorry, team. Also: play kube limits test: skip on all rootless, not just rootless+fedora. There was a complicated and unnecessary check in there for Fedora. Also: workaround for bug #10248, a spurious error message on the first invocation of rootless podman on Ubuntu.Old Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Revert Patch to relabel if selinux not enabledDaniel J Walsh2021-05-06
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Revert : https://github.com/containers/podman/pull/9895 Turns out that if Docker is in --selinux-enabeled, it still relabels if the user tells the system to, even if running a --privileged container or if the selinux separation is disabled --security-opt label=disable. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #9689 from boaz0/boaz-1OpenShift Merge Robot2021-05-06
|\ \ \ \ | |/ / / |/| | | add restart-policy to container filters & --filter to podman start
| * | | Add restart-policy to container filters & --filter to podman startBoaz Shuster2021-05-06
| | | | | | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | | Merge pull request #10246 from zhangguanzhang/compose-static-ipOpenShift Merge Robot2021-05-06
|\ \ \ \ | |/ / / |/| | | Fixes docker-compose cannot set static ip when use ipam
| * | | Fixes docker-compose cannot set static ip when use ipamzhangguanzhang2021-05-06
| |/ / | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* / / codespell cleanupDaniel J Walsh2021-05-05
|/ / | | | | | | | | | | [NO TESTS NEEDED] This is just running codespell on podman Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10185 from rhatdan/volumeOpenShift Merge Robot2021-05-05
|\ \ | | | | | | Add filepath glob support to --security-opt unmask
| * | Add filepath glob support to --security-opt unmaskDaniel J Walsh2021-05-04
| | | | | | | | | | | | | | | | | | | | | | | | Want to allow users to specify --security-opt unmask=/proc/*. This allows us to run podman within podman more securely, then specifing umask=all, also gives the user more flexibilty. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10208 from Luap99/play-kube-macOpenShift Merge Robot2021-05-05
|\ \ \ | | | | | | | | add --mac-address to podman play kube
| * | | add --mac-address to podman play kubePaul Holzinger2021-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new --mac-address flag to podman play kube. This is used to specify a static MAC address which should be used for the pod. This option can be specified several times because play kube can create more than one pod. Fixes #9731 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | migrate Podman to containers/common/libimageValentin Rothberg2021-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Migrate the Podman code base over to `common/libimage` which replaces `libpod/image` and a lot of glue code entirely. Note that I tried to leave bread crumbs for changed tests. Miscellaneous changes: * Some errors yield different messages which required to alter some tests. * I fixed some pre-existing issues in the code. Others were marked as `//TODO`s to prevent the PR from exploding. * The `NamesHistory` of an image is returned as is from the storage. Previously, we did some filtering which I think is undesirable. Instead we should return the data as stored in the storage. * Touched handlers use the ABI interfaces where possible. * Local image resolution: previously Podman would match "foo" on "myfoo". This behaviour has been changed and Podman will now only match on repository boundaries such that "foo" would match "my/foo" but not "myfoo". I consider the old behaviour to be a bug, at the very least an exotic corner case. * Futhermore, "foo:none" does *not* resolve to a local image "foo" without tag anymore. It's a hill I am (almost) willing to die on. * `image prune` prints the IDs of pruned images. Previously, in some cases, the names were printed instead. The API clearly states ID, so we should stick to it. * Compat endpoint image removal with _force_ deletes the entire not only the specified tag. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #10199 from edsantiago/system_tests_with_runc_overrideOpenShift Merge Robot2021-05-04
|\ \ \ \ | |_|/ / |/| | | System tests: honor $OCI_RUNTIME (for CI)
| * | | System tests: honor $OCI_RUNTIME (for CI)Ed Santiago2021-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some CI systems set $OCI_RUNTIME as a way to override the default crun. Integration (e2e) tests honor this, but system tests were not aware of the convention; this means we haven't been testing system tests with runc, which means RHEL gating tests are now failing. The proper solution would be to edit containers.conf on CI systems. Sorry, that would involve too much CI-VM work. Instead, this PR detects $OCI_RUNTIME and creates a dummy containers.conf file using that runtime. Add: various skips for tests that don't work with runc. Refactor: add a helper function so we don't need to do the complicated 'podman info blah blah .OCIRuntime.blah' thing in many places. BUG: we leave a tmp file behind on exit. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #8828 from boaz0/closes_8779OpenShift Merge Robot2021-05-04
|\ \ \ \ | |_|/ / |/| | | Add --all to podman start
| * | | Add --all to podman startBoaz Shuster2021-05-03
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com> Co-authored-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #10206 from Luap99/fix-9837OpenShift Merge Robot2021-05-04
|\ \ \ \ | | | | | | | | | | compat api: Networks must be empty instead of null
| * | | | compat api: Networks must be empty instead of nullPaul Holzinger2021-05-04
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The compat endpoint for container inspect must return {} instead of null for NetworkSettings.Networks. Fixes #9837 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* / | | system test image: add arm64v8 imageEd Santiago2021-05-03
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The RHEL multi-arch team informed me that we were missing aarch64; add it, using the new name (arm64v8). (This is from last week, so the image date tag does not match today's date. I was waiting for confirmation that things were working). Signed-off-by: Ed Santiago <santiago@redhat.com>
* / / cgroup: always honor --cgroup-parent with cgroupfsGiuseppe Scrivano2021-05-03
|/ / | | | | | | | | | | | | | | | | if --cgroup-parent is specified, always honor it without doing any detection whether cgroups are supported or not. Closes: https://github.com/containers/podman/issues/10173 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #10063 from ParkerVR/autoupdate-localOpenShift Merge Robot2021-04-29
|\ \ | | | | | | Autoupdate Local
| * | TODO completeParker Van Roy2021-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | changed struct to policyMapper change "image" to "registry" in multiple locations Updated documentation with registry alias & autoupdate local Added relevant test Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | | Merge pull request #10155 from pablofsf/fix-default-seccompOpenShift Merge Robot2021-04-28
|\ \ \ | | | | | | | | Use seccomp_profile as default profile if defined in containers.conf
| * | | Use seccomp_profile as default profile if defined in containers.confPablo Correa Gómez2021-04-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Edits `podman info` to provide the default seccomp profile detected in the output Signed-off-by: Pablo Correa Gómez <ablocorrea@hotmail.com>
* | | | system tests: networking: fix another race conditionEd Santiago2021-04-28
|/ / / | | | | | | | | | | | | | | | | | | Our current #1 flake; this is a simple one: we can't run 'logs' on a container run with '-d --rm'. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #10157 from edsantiago/batsOpenShift Merge Robot2021-04-28
|\ \ \ | |/ / |/| | System tests: fix two race conditions
| * | System tests: fix two race conditionsEd Santiago2021-04-27
| | | | | | | | | | | | | | | | | | | | | Basically, add 'podman wait' before 'podman rm'. See if this fixes gating tests run on ppc64le (possibly very very slow hosts) Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #10119 from rhatdan/timeoutOpenShift Merge Robot2021-04-27
|\ \ \ | | | | | | | | Add podman run --timeout option
| * | | Add podman run --timeout optionDaniel J Walsh2021-04-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This option allows users to specify the maximum amount of time to run before conmon sends the kill signal to the container. Fixes: https://github.com/containers/podman/issues/6412 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #10137 from cevich/update_ubuntu_2104OpenShift Merge Robot2021-04-27
|\ \ \ \ | |_|/ / |/| | | Cirrus: Update Ubuntu images to 21.04
| * | | Skip blkio-weight test when no kernel BFQ supportChris Evich2021-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Namely the Ubuntu 21.04 Kernel does not support BFQ. Regardless of the distro. skip this test if the required cgroup node doesn't exist. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Allow docker volume create API to pass without nameDaniel J Walsh2021-04-27
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | The Docker API does not require Volume name to be specified when creating a volume. Fixes: https://github.com/containers/podman/issues/9803 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>