summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Merge pull request #14232 from vrothberg/bz-2083997OpenShift Merge Robot2022-05-16
|\ | | | | [BZ #2083997] pod: build pause image in custom user NS
| * [BZ #2083997] pod: build pause image in custom user NSValentin Rothberg2022-05-13
| | | | | | | | | | | | | | | | | | | | | | Use the host UID and host GID mapping when building the local pause image for a Pod with a custom mapping. Otherwise, the mappings are off and the build fails. Propagating the mapping to the build container is not needed since the pause image ships merely a copied `catatonit` from the host. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14205 from rhatdan/VENDOROpenShift Merge Robot2022-05-13
|\ \ | | | | | | Vendor in latest containers/common
| * | Vendor in latest containers/commonDaniel J Walsh2022-05-12
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / Make sure tests are cleaned up when they completeDaniel J Walsh2022-05-12
|/ | | | | | Fixes: https://github.com/containers/podman/issues/13789 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #14159 from vrothberg/service-containerDaniel J Walsh2022-05-12
|\ | | | | play kube: service container
| * play kube: service containerValentin Rothberg2022-05-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the notion of a "service container" to play kube. A service container is started before the pods in play kube and is (reverse) linked to them. The service container is stopped/removed *after* all pods it is associated with are stopped/removed. In other words, a service container tracks the entire life cycle of a service started via `podman play kube`. This is required to enable `play kube` in a systemd unit file. The service container is only used when the `--service-container` flag is set on the CLI. This flag has been marked as hidden as it is not meant to be used outside the context of `play kube`. It is further not supported on the remote client. The wiring with systemd will be done in a later commit. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * vendor c/common@mainValentin Rothberg2022-05-12
| | | | | | | | | | | | In hope to fix a CI flake. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | sdnotify: send MAINPID only onceValentin Rothberg2022-05-12
|/ | | | | | | | | Send the main PID only once. Previously, `(*Container).start()` and the conmon handler sent them ~simultaneously and went into a race. I noticed the issue while debugging a WIP PR. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* test: update fedora toolbox imageGiuseppe Scrivano2022-05-11
| | | | | | f32 is already EOL. Let's use the latest version. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #14176 from giuseppe/test-parallel-rm-cleanupOpenShift Merge Robot2022-05-11
|\ | | | | test: simplify cleanup code
| * test: simplify cleanup codeGiuseppe Scrivano2022-05-10
| | | | | | | | | | | | | | do not try to first stop and then rm but combine the two operations in a single command. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | kube: add support for --userns=Giuseppe Scrivano2022-05-10
| | | | | | | | | | | | | | | | add support to override the user namespace to use for the pod. Closes: https://github.com/containers/podman/issues/7504 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | kube: honor pod security context IDsGiuseppe Scrivano2022-05-10
|/ | | | | | | | If the RunAsUser, RunAsGroup, SupplementalGroups settings are not overriden in the container security context, then take the value from the pod security context. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* fix broken CI testPaul Holzinger2022-05-09
| | | | | | | | | | Commit b58e7e7f11 was not fully rebased before merging and is now breaking CI because commit 69c479b16e19 made the underlying error visible. Using journald inside the container tests is not supported. Fixes #14162 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14152 from giuseppe/fix-ci-search-jsonOpenShift Merge Robot2022-05-09
|\ | | | | test: fix "podman search format json"
| * test: fix "podman search format json"Giuseppe Scrivano2022-05-08
| | | | | | | | | | | | | | | | | | | | the alpine image used previously returns a description that contains '...': $ podman search --format json alpine | fgrep ...\"\, "Description": "alpine 3.7 with bash, perl, gzip, wget...", Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #14121 from cdoern/kubeOpenShift Merge Robot2022-05-09
|\ \ | |/ |/| play kube log tag handling
| * play kube log tag handlingcdoern2022-05-06
| | | | | | | | | | | | | | | | | | currently tags cause a panic due to an uninitialized map. Initialize the map and add parsing to make sure we are only tagging with journald resolves #13356 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #14124 from vrothberg/e2e-cleanupsOpenShift Merge Robot2022-05-05
|\ \ | | | | | | e2e cleanups
| * | e2e: pull_test: speed up --all-tagsValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulling the K8s pause image seems unnecessarily expensive to me. Let's use the testgitest_v2s2 one which is under our control and weighs only a couple of KB. This cut the execution time in less than half on my machine. Since it's network bound and I am running on fibre, I expect more significant speed ups in slower networks. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: pull_test: squash --quiet testValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | Squash the --quiet test into another one. The test was more complex than necessary and can easily be squashed into another one to avoid one more expensive pull. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: pull_test: move tests aroundValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | Let's keep simple tests at the top and complex ones at the bottom. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: pull_test: remove redundant testsValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | Once upon a time, the tests actually pulled from Docker Hub. This has changed with the rate limits, so we can safely remove the redundant tests to speed up CI. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | e2e: manifest_test: use cached registryValentin Rothberg2022-05-05
| | | | | | | | | | | | | | | | | | | | | Used the cached registry archive instead of pulling down the image from Quay. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14118 from rhatdan/VENDOROpenShift Merge Robot2022-05-05
|\ \ \ | | | | | | | | Vendor in containers/buildah@v1.26.1
| * | | Vendor in containers/buildah@v1.26.1Daniel J Walsh2022-05-05
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14098 from Luap99/test-toolsOpenShift Merge Robot2022-05-05
|\ \ \ \ | | | | | | | | | | vendor test dependencies instead of installing via network
| * | | | exclude new tools vendor dir from validatePaul Holzinger2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have no control over the code in the vendored files. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | vendor test tools in submodulePaul Holzinger2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of using the main module we should vendor the test tools in a different directory. That way we do not add extra dependencies to the main module which can be problemetic for packages or other users. This is already done in buildah so this makes us more consitent. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | vendor test dependencies instead of installing via networkPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can vendor the test dependencies such as go-md2man, git-validation and goimports. This allows us to always install the same version as specified in go.mod. Also we do not rely on a network connection for this. The advantage with this method is that dependabot will also update the dependencies for us and we do not have to hardcode versions in the Makefile. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #14059 from cdoern/cloneOpenShift Merge Robot2022-05-05
|\ \ \ \ \ | |_|_|/ / |/| | | | pass networks to container clone
| * | | | pass networks to container clonecdoern2022-05-03
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since the network config is a string map, json.unmarshal does not recognize the config and spec as the same entity, need to map this option manually resolves #13713 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | Merge pull request #14092 from vrothberg/benchmarksOpenShift Merge Robot2022-05-05
|\ \ \ \ | |_|_|/ |/| | | benchmarks: push/pull
| * | | benchmarks: push/pullValentin Rothberg2022-05-04
| | |/ | |/| | | | | | | | | | | | | | | | | | | Polish the push and pull benchmarks. In particular, make sure to not be network bound during these benchmarks by running a local registry and pushing a local image that can later on be pulled. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14037 from rhatdan/remoteuriOpenShift Merge Robot2022-05-04
|\ \ \ | | | | | | | | Report correct RemoteURI
| * | | Report correct RemoteURIDaniel J Walsh2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than assuming a filesystem path, the API service URI is recorded in the libpod runtime configuration and then reported as requested. Note: All schemes other than "unix" are hard-coded to report URI exists. Fixes #12023 Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14066 from ashley-cui/sysresOpenShift Merge Robot2022-05-04
|\ \ \ \ | |/ / / |/| | | podman system reset removed machines incorrectly
| * | | podman system reset removed machines incorrectlyAshley Cui2022-05-04
| |/ / | | | | | | | | | | | | | | | | | | podman system reset did not clean up machines fully, leaving some config files, and breaking machines. Now it removes all machines files fully. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | play kube default log driverNiall Crowe2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | The default log driver is not used when using play kube without --log-driver. The LogDriver function needs to be called in order to use the default log driver. fixes #13781 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | | Add podman machine eventsJhon Honce2022-05-03
|/ / | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | pod: add exit policiesValentin Rothberg2022-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the notion of an "exit policy" to a pod. This policy controls the behaviour when the last container of pod exits. Initially, there are two policies: - "continue" : the pod continues running. This is the default policy when creating a pod. - "stop" : stop the pod when the last container exits. This is the default behaviour for `play kube`. In order to implement the deferred stop of a pod, add a worker queue to the libpod runtime. The queue will pick up work items and in this case helps resolve dead locks that would otherwise occur if we attempted to stop a pod during container cleanup. Note that the default restart policy of `play kube` is "Always". Hence, in order to really solve #13464, the YAML files must set a custom restart policy; the tests use "OnFailure". Fixes: #13464 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14062 from Luap99/resolv.confOpenShift Merge Robot2022-04-29
|\ \ | | | | | | libpod: host netns keep same /etc/resolv.conf
| * | libpod: host netns keep same /etc/resolv.confPaul Holzinger2022-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a container is run in the host network namespace we have to keep the same resolv.conf content and not use the systemd-resolve detection logic. But also make sure we still allow --dns options. Fixes #14055 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | fix incorrect permissions for /etc/resolv.conf in usernsPaul Holzinger2022-04-29
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always be owned by the root user in the container. This worked correct for /etc/hostname and /etc/hosts but not for /etc/resolv.conf. A container run with --userns keep-id would have the reolv.conf file owned by the current container user which is wrong. Consolidate some common code in a new helper function to make the code more cleaner. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | fix broken hooks-dir testPaul Holzinger2022-04-29
| | | | | | | | | | | | | | The test has been broken since it was added 4 years ago. Instead of using hardcoded paths we should use tmp files. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | enable errcheck linterPaul Holzinger2022-04-29
|/ | | | | | | | The errcheck linter makes sure that errors are always check and not ignored by accident. It spotted a lot of unchecked errors, mostly in the tests but also some real problem in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Report properly whether pod shares host networkDaniel J Walsh2022-04-28
| | | | | | Fixes: https://github.com/containers/podman/issues/14028 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #14040 from edsantiago/gomega_havefieldOpenShift Merge Robot2022-04-28
|\ | | | | e2e tests: use HaveField() for better error checking
| * Three manual fixesEd Santiago2022-04-28
| | | | | | | | | | | | | | | | | | | | Two for this error: invalid indirect of pod.Spec.DNSConfig.Options[0] ...and one for a gofmt error (spaces). Signed-off-by: Ed Santiago <santiago@redhat.com>