| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Ignore containers.conf sysctl when namespaces set to host
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If user sets namespace to host, then default sysctls need to be ignored
that are specific to that namespace.
--net=host ignore sysctls that begin with net.
--ipc=host ignore fs.mqueue
--uts=host ignore kernel.domainname and kernel.hostname
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
System tests: reenable some skipped tests
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- pause test: enable when rootless + cgroups v2
(was previously disabled for all rootless)
- run --pull: now works with podman-remote
(in #7647, thank you @jwhonce)
- various other run/volumes tests: try reenabling
It looks like #7195 was fixed (by #7451? I'm not
sure if I'm reading the conversation correctly).
Anyway, remove all the skip()s on 7195. Only time
will tell if it's really fixed)
Also:
- new test for podman image tree --whatrequires
(because TIL). Doesn't work with podman-remote.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
Journald log driver test
|
| |
| |
| |
| |
| |
| |
| | |
Test that the journald log driver writes to journald and
that we can read it with journalctl.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| | |
| | | |
Remove SkipIfRootless if possible, document other calls
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Properly handle podman run --pull command
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the --pull missing|always|never is ignored
This PR implements this for local API. For remote we
need to default to pullpolicy specified in the containers.conf
file.
Also fixed an issue when images were matching other images names
based on prefix, causing images to always be pulled.
I had named an image myfedora and when ever I pulled fedora, the system
thought that it there were two images named fedora since it was checking
for the name fedora as well as the prefix fedora. I changed it to check
for fedora and the prefix /fedora, to prefent failures like I had.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
The podman remote client ignored the force option due a typo.
If an error occured the remote client would panic with an
index out of range error.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|/
|
|
|
|
| |
I added a test to prevent a future regression.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\
| |
| | |
system tests: new tests
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- podman network create: new test
- podman pull by-sha + podman images -a (#7651)
- podman image mount: new test
- podman pod: --infra-image and --infra-command (#7167)
For convenience and robustness, build a new testimage
containing a custom file /home/podman/testimage-id
with contents YYYYMMDD (same as image tag). The
image-mount test checks that this file exists and
has the desired content. New testimage also includes
a dummy 'pause' executable, for testing pod infra.
Updates from testimage:20200902 to :20200917
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
We need to get more tests running in rootless mode. Since cgroupsV2 allows
management of cgroups in rootless environments a lot of more tests can be run.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
system tests: new test for run --log-driver
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Tests all (current) values for --log-driver=X, and one test
for invalid value. For those drivers that write a local
file (json-file, k8s-file), test that the file exists and
contains results of the expected form (timestamp, stdout,
'F' for 'F'ull line, and the expected string output.
For json-file, confirm that podman issues a "Choosing k8s-file"
warning (only on local. On podman-remote, the warning goes only
to the server's stderr).
Written in response to #7754 in which driver=json-file was
falling through to 'none' instead of 'k8s-file'.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
remote load: check if input is directory
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The remote client does not support loading directories yet. To prevent
confusing error messages and to make the behaviour more explicit, check
if the input points to a directory and throw an error if needed.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
remote stats
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add a new endpoint for container stats allowing for batch operations on
more than one container. The new endpoint deprecates the
single-container endpoint which will eventually be removed with the next
major release.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
system tests: helpers: safer parse_table
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The parse_table() helper has until now dumbly split lines
on every single '|' character. This prevents us from running
simple tests such as 'cgroupManager: (systemd|cgroupfs)'.
We now use an ugly but robust sed expression to split
on '|' but *only* when surrounded by spaces and/or beginning
or end of line. This is safe because, for readability, all
tables already keep the '|' symbols well separated from
table content.
Add tests. And, the whole reason behind this, add
an actual real test for cgroupManager and cgroupVersion.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
apiv2 /containers/json limit differ from docker-api
|
| | |/ /
| |/| |
| | | |
| | | | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|\ \ \ \
| | | | |
| | | | | |
Allow filtering on pod label values
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Before this change, filters of the form `podman pod ps --filter
label=app=myapp` were not working. The results would include all pods
that contained the app label with any value. Looking at the code, this
makes sense. It appears that the second = and everything after it were
getting truncated.
Even though there was already a passing test that tested `podman pod ps
--filter label=io.podman.test.label=value1`, the test failed with the
above example with a label `app=myapp`. The new code works in both
cases.
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Most have been fixed, others I replaced with SkipIfRemote
Fix ContainerStart on tunnel, it needs to wait for the exit status
before returning.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Systemd should be able to run as rootless
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
Turn on most of the systemd tests for rootless.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now that Dan has added helpful comments to each SkipIfRemote,
let's take the next step and include those messages in the
Skip() output so someone viewing test results can easily
see if a remote test is skipped for a real reason or for
a FIXME.
This commit is the result of a simple:
perl -pi -e 's;(SkipIfRemote)\(\)(\s+//\s+(.*))?;$1("$3");' *.go
in the test/e2e directory, with a few minor (manual) changes
in wording.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Examine all SkipIfRemote functions
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove ones that are not needed.
Document those that should be there.
Document those that should be fixed.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Include cgroup manager in `podman info` output
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is very useful for debugging cgroups v2, especially on
rootless - we need to ensure people are correctly using systemd
cgroups in these cases.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
podman save: fix redirect of multi-images
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix a bug when saving multi-image archives where the progress bars from
copying images was accidentally written to the archive and hence
corrupted it.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix up attach tests for podman remote
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we execute podman-remote attach, we were not checking if the
container was in the correct state, this is leading to timeouts and
we had turned off remote testing.
Also added an IfRemote() function so we can turn on more tests when
using the "-l" flag for local, but use container name for remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Fix podman image unmount to only report images unmounted
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently `podman image unmount` report every image that is mounted
when it unmounts them. We should only report unmounted actually mounted images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
id is the last image id from the set of id's returned via the images
stanza.
id may be deprecated in a future version of the API
Created test_rest_v2_0_0.py to reflect the bump in the API Version.
Fixes #7686
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
Fix handling of podman-remote stop --ignore
|
| | |
| | |
| | |
| | |
| | |
| | | |
This patch simplifies the hanlding of rhe --ignore flag, for podman stop, rm
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Refactor version handling in cmd tree
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
* Move from simple string to semver objects
* Change client API Version from '1' to 2.0.0
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Add a bunch of tests to ensure that --volumes-from
works as expected.
Also align the podman create and run man page.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| |/
|/| |
Preserve groups in exec sessions in ctrs with --user
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman wants to guarantee that exec sessions retain the groups of
the container they are started in, unless explicitly overridden
by the user. This guarantee was broken for containers where the
`--user` flag was specified; this patch resolves that.
Somewhere in the Exec rewrite for APIv2, I changed the location
where the container's User is passed into the exec session
(similar to groups, we also want to preserve user unless
overridden). The lower-level Exec APIs already handled setting
user and group appropriately if not specified when the exec
session was created, but I added duplicate code to handle this
higher in the stack - and that code only handled setting user,
not supplemental groups, breaking support in that specific case.
Two things conspired to make this one hard to track down: first,
things were only broken if the container explicitly set a user;
otherwise, the container user would still appear to be unset to
the lower-level code, which would properly set supplemental
groups (this tricked our existing test into passing). Also, the
`crun` OCI runtime will add the groups without prompting, which
further masked the problem there. I debated making `runc` do the
same, but in the end it's better to fix this in Podman - it's
better to be explicit about what we want done so we will work
with all OCI runtimes.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
enable --iidfile for podman-remote build
|