aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* test/system/255-auto-update.bats: add an SELinux commentValentin Rothberg2022-08-04
| | | | | | | | Drop a comment on using `chcon` to let the local rollback test pass. It took me a while to understand why the test failed and future souls may appreciated the extra breadcrumb. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* add omitempty to Secret in k8s VolumeSourceCharlie Doern2022-08-03
| | | | | | | | | Secret was populating a generated kube as `null`. Add omitempty so that when the volume source is not a secret, we do not print unnecessary info resolves #15156 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Merge pull request #15084 from sstosh/rm-filteropenshift-ci[bot]2022-08-03
|\ | | | | Add rm --filter option
| * Add rm --filter optionToshiki Sonoda2022-07-30
| | | | | | | | | | | | --filter : remove the filtered container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | Merge pull request #15161 from lsm5/switch-to-dnfopenshift-ci[bot]2022-08-03
|\ \ | | | | | | Cirrus: use dnf instead of rpm to install packages
| * | skip pod resource limits test on aarch64Lokesh Mandvekar2022-08-03
| | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #15166 from sstosh/ci-mount-rootlessopenshift-ci[bot]2022-08-03
|\ \ \ | | | | | | | | Cirrus: Fix e2e tests for "mount_rootless_test"
| * | | Cirrus: Fix e2e tests for "mount_rootless_test"Toshiki Sonoda2022-08-03
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e2e `mount_rootless_test` did not load `podman binary path` successfully. This PR fix this problem. [It] podman unshare podman mount: ``` [+1596s] Running: ... unshare mount <cid> [+1596s] Error: exec: no command [+1596s] output: ``` [It] podman unshare image podman mount: ``` [+1599s] Running: ... unshare image mount quay.io/libpod/alpine:latest [+1599s] Error: exec: no command [+1599s] output: ``` Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* / / add "podman kube down" commandNiall Crowe2022-08-02
|/ / | | | | | | | | | | | | | | | | | | The "podman kube down" reads in a structured file of Kubernetes YAML and removes pods based on the Kubernetes kind described in the YAML, similiar to "podman play kube --down". Users will still be able to use "podman play kube --down" and "podman kube play --down" to perform the same function. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | test: verify manifest inspect must contain OCI annotationsAditya R2022-08-01
| | | | | | | | Signed-off-by: Aditya R <arajan@redhat.com>
* | fix e2e sign testsValentin Rothberg2022-08-01
| | | | | | | | | | | | | | The key used in the tests has expired. Remove the expiration date to turn CI happy and green. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #15108 from mtrmac/sigstore-signOpenShift Merge Robot2022-08-01
|\ \ | | | | | | Sigstore sign
| * | Add support for creating sigstore signatures, and providing passphrasesMiloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Allow creating sigstore signatures via --sign-by-sigstore-private-key . Like existing --sign-by, it does not work remote (in this case because we would have to copy the private key to the server). - Allow passing a passphrase (which is mandatory for sigstore private keys) via --sign-passphrase-file; if it is not provided, prompt interactively. - Also, use that passphrase for --sign-by as well, allowing non-interactive GPG use. (But --sign-passphrase-file can only be used with _one of_ --sign-by and --sign-by-sigstore-private-key.) Note that unlike the existing code, (podman build) does not yet implement sigstore (I'm not sure why it needs to, it seems not to push images?) because Buildah does not expose the feature yet. Also, (podman image sign) was not extended to support sigstore. The test for this follows existing (podman image sign) tests and doesn't work rootless; that could be improved by exposing a registries.d override option. The test for push is getting large; I didn't want to start yet another registry container, but that would be an alternative. In the future, Ginkgo's Ordered/BeforeAll would allow starting a registry once and using it for two tests. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | Update the registry server we test against from 2.6 to 2.8Miloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... primarily so that it can support OCI artifacts. 2.8 already seems to exist in the repo. This requires changing WaitContainerReady to also check stderr (ultimately because docker/distribution was updated to a more recent sirupsen/logrus, which logs by default to stderr instead of stdout). Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | Use existing REGISTRY_IMAGE variables in more placesMiloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | ... instead of hard-coding a copy of the value. Notably this makes hack/podman_registry actually support the documented -i option. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | Use httpasswd from the surrouding OS instead of the registry imageMiloslav Trmač2022-07-30
| |/ | | | | | | | | | | | | | | | | | | | | htpasswd is no longer included in docker.io/library/distribution after 2.7.0, per https://github.com/docker/distribution-library-image/issues/107 , and we want to upgrade to a recent version. At least system tests currently execute htpasswd from the OS, so it seems that it is likely to be available. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* / Add flag "--compression-format" to "podman manifest push" both in ↵Romain Geissler2022-07-30
|/ | | | | | | | | local/remote mode. Also Fix usage of flag "--compression-format" for remote "podman image push". Fix usage of flags "--format", "--remove-signatures" in remote "podman manifest push". Closes #15109. Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* Merge pull request #15060 from rhatdan/rm1OpenShift Merge Robot2022-07-28
|\ | | | | With --rm option remove container if podman run fails
| * With --rm option remove container if podman run failsDaniel J Walsh2022-07-28
| | | | | | | | | | | | Fixes https://github.com/containers/podman/issues/15049 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Bump golang.org/x/tools from 0.1.11 to 0.1.12 in /test/toolsdependabot[bot]2022-07-28
|/ | | | | | | | | | | | | | Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.11 to 0.1.12. - [Release notes](https://github.com/golang/tools/releases) - [Commits](https://github.com/golang/tools/compare/v0.1.11...v0.1.12) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #14801 from lsm5/ec2-aarch64OpenShift Merge Robot2022-07-28
|\ | | | | Cirrus: enable Fedora 36 aarch64 tasks on EC2
| * Cirrus: enable Fedora 36 aarch64 tasks on EC2Lokesh Mandvekar2022-07-27
| | | | | | | | | | | | | | | | | | | | | | new file: test/e2e/config_arm64.go Tests that fail on aarch64 have been skipped with `skip_if_aarch64`. Co-authored-by: Chris Evich <cevich@redhat.com> Co-authored-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #15034 from sstosh/manifest-push-rmOpenShift Merge Robot2022-07-27
|\ \ | | | | | | Fix: manifest push --rm removes a correct manifest list
| * | Fix: manifest push --rm removes a correct manifest listToshiki Sonoda2022-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This bug is reproduced when we execute the following command: 1. podman manifest add <manifest list> <images exist on local storage> 2. podman manifest push --rm <manifest list> dir:<directory> If pushing succeeds, it is expected to remove only a manifest list. However, manifest list remains on local storage and images are removed. This commit fixes `podman manifest push --rm` to remove only a manifest list. And, supports `manifest push --rm option` in remote environment, like host environment. Fixes: https://github.com/containers/podman/issues/15033 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #15066 from sstosh/checkpoint-samenameOpenShift Merge Robot2022-07-27
|\ \ \ | |_|/ |/| | Fix: Restore a container which name is equal to a image name
| * | Fix: Restore a container which name is equal to a image nameToshiki Sonoda2022-07-27
| | | | | | | | | | | | | | | | | | | | | | | | If there is a match for both container and image, we restore the container. Fixes: https://github.com/containers/podman/issues/15055 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #14959 from rhatdan/rmOpenShift Merge Robot2022-07-27
|\ \ \ | | | | | | | | When removing objects specifying --force,podman should exit with 0
| * | | When removing objects specifying --force,podman should exit with 0Daniel J Walsh2022-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This Patch will cause podman COMMAND rm --force bogus not fail This is how Docker works, so Podman should follow this to allow existing scripts to convert from Docker to Podman. Fixes: #14612 Oprignal version of this patch came from wufan 1991849113@qq.com Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14997 from cdoern/pruneOpenShift Merge Robot2022-07-27
|\ \ \ \ | |/ / / |/| | | prune filter handling
| * | | prune filter handlingCharlie Doern2022-07-25
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | network and container prune could not handle the label!=... filter. vendor in c/common to fix this and add some podman level handling to make everything run smoothly resolves #14182 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15059 from cdoern/infraOpenShift Merge Robot2022-07-26
|\ \ \ | | | | | | | | pod create --share none should not create infra
| * | | pod create --share none should not create infraCharlie Doern2022-07-25
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for podman pod create, when we are not sharing any namespaces there is no point for the infra container. This is especially true since resources have also been decoupled from the container recently. handle this on the cmd level so that we can still create infra if set explicitly resolves #15048 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15057 from marshall-lee/tls-verify-default-trueOpenShift Merge Robot2022-07-26
|\ \ \ | |_|/ |/| | Set TLSVerify=true by default for API endpoints
| * | Set TLSVerify=true by default for API endpointsVladimir Kochnev2022-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* | | Semiperiodoc cleanup of obsolete FIXMEsEd Santiago2022-07-25
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some refer to issues that are closed. Remove them. Some are runc bugs that will never be fixed. Say so, and remove the FIXME. One (bps/iops) should probably be fixed. File an issue for it, and update comment to include the issue# so my find-obsolete-skips script can track it. And one (rootless mount with a "kernel bug?" comment) is still not fixed. Leave the skip, but add a comment documenting the symptom. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / benchmarks: fix create testValentin Rothberg2022-07-25
|/ | | | | | And a new one for `run --detach`. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #15035 from cdoern/cgroupOpenShift Merge Robot2022-07-23
|\ | | | | fix container create/run throttle devices
| * fix container create/run throttle devicesCharlie Doern2022-07-22
| | | | | | | | | | | | pod resource limits introduced a regression where `FinishThrottleDevices` was not called for create/run Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #15042 from Luap99/int-remote-netbackendOpenShift Merge Robot2022-07-22
|\ \ | | | | | | integration test: fix network backend option with remote
| * | integration test: fix network backend option with remotePaul Holzinger2022-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I honestly do not understand all this extra option parsing here but there is really no reason to exclude the option for remote, all the other global options are also set there. This fixes a problem with mixed cni/netavark use because the option was unset. Fixes #15017 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14967 from sstosh/pause-optionOpenShift Merge Robot2022-07-22
|\ \ \ | | | | | | | | Add pause/unpause --latest, --cidfile, --filter
| * | | Add pause/unpause --latest, --cidfile, --filterToshiki Sonoda2022-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --latest : pause/unpause the latest container. --filter : pause/unpause the filtered container. --cidfile : Read container ID from the specified file and pause/unpause the container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | Merge pull request #15040 from Luap99/api-umaskOpenShift Merge Robot2022-07-22
|\ \ \ \ | | | | | | | | | | API: libpod/create use correct default umask
| * | | | API: libpod/create use correct default umaskPaul Holzinger2022-07-22
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure containers created via API have the correct umask from containers.conf set. Fixes #15036 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #14567 from cdoern/secretsOpenShift Merge Robot2022-07-22
|\ \ \ \ | |_|_|/ |/| | | Implement kubernetes secret handling for podman play kube
| * | | kube secret handling for podman play kubecdoern2022-07-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for both creating a secret using yaml and mounting a secret as a volume given a yaml file. Kubernetes secrets have a different structure than podman and therefore have to be handeled differently. In this PR, I have introduced the basic usecases of kube secrets with more implementations like env secrets to come! resolves #12396 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15016 from Luap99/compat-netnameOpenShift Merge Robot2022-07-22
|\ \ \ | |_|/ |/| | compat api: allow default bridge name for networks
| * | compose test: remove cni config copyPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | | | | | | | The network backend always has default config in memory so there is no need to copy it. Also netavark cannot use it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | compat api: allow default bridge name for networksPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker uses "bridge" as default network name so some tools expect this to work with network list or inspect. To fix this we change "bridge" to the podman default ("podman") name. Fixes #14983 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14972 from edsantiago/ubuntu_cgroups_v1OpenShift Merge Robot2022-07-22
|\ \ \ | | | | | | | | Bump VMs, to Ubuntu 2204 with cgroups v1
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-17 19:15:35 +0000