aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
...
| * remote manifest push: show copy progressNaoto Kobayashi2022-08-11
| | | | | | | | | | | | | | | | | | | | `podman-remote manifest push` has shown absolutely no progress at all. Fix that by doing the same as the remote-push code does. Like remote-push, `quiet` parameter is true by default for backwards compatibility. Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* | kube play: sd-notify integrationValentin Rothberg2022-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integrate sd-notify policies into `kube play`. The policies can be configured for all contianers via the `io.containers.sdnotify` annotation or for indidivual containers via the `io.containers.sdnotify/$name` annotation. The `kube play` process will wait for all containers to be ready by waiting for the individual `READY=1` messages which are received via the `pkg/systemd/notifyproxy` proxy mechanism. Also update the simple "container" sd-notify test as it did not fully test the expected behavior which became obvious when adding the new tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | libpod: allow the notify socket to be passed programaticallyValentin Rothberg2022-08-10
|/ | | | | | | | | The notify socket can now either be specified via an environment variable or programatically (where the env is ignored). The notify mode and the socket are now also displayed in `container inspect` which comes in handy for debugging and allows for propper testing. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #12865 from rhatdan/crunOpenShift Merge Robot2022-08-10
|\ | | | | I believe that these tests will now run with crun.
| * I believe that these tests will now run with crun.Daniel J Walsh2022-08-09
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14926 from cdoern/generateSpecOpenShift Merge Robot2022-08-10
|\ \ | | | | | | podman generate spec
| * | podman generate specCharlie Doern2022-08-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implement a new command `podman generate spec` which can formulate a json specgen to be consumed by both the pod and container creation API. supported flags are --verbose (default true) print output to the terminal --compact print the json output in a single line format to be piped to the API --filename put the output in a file --clone rename the pod/ctr in the spec so it won't conflict w/ an existing entity Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | podman ssh work, using new c/common interfaceCharlie Doern2022-08-09
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implement new ssh interface into podman this completely redesigns the entire functionality of podman image scp, podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh have been moved to common as have native ssh/scp execs and the new usage of the sftp package. this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default. Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production. The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used. podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls. My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #15225 from unknowndevQwQ/update_logoOpenShift Merge Robot2022-08-09
|\ \ | | | | | | [CI:DOCS]: update the podman logo
| * | docs: update the podman logounknowndevQwQ2022-08-07
| | | | | | | | | | | | | | | | | | for podman/#15222 Signed-off-by: unknowndevQwQ <unknowndevQwQ@pm.me>
* | | Merge pull request #15246 from TomSweeneyRedHat/dev/tsweeney/buildah1.27.0OpenShift Merge Robot2022-08-09
|\ \ \ | | | | | | | | Bump to Buildah v1.27.0
| * | | test: update apply-podman-deltas for new testsAditya R2022-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Skip some newly added test for remote and modify error output of a test case which is reporter early in case of podman. [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #15134 from sstosh/improve-outputOpenShift Merge Robot2022-08-09
|\ \ \ \ | |/ / / |/| | | Output messages display rawInput
| * | | Output messages display rawInputToshiki Sonoda2022-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `init`, `checkpint/restore` and `cleanup` command now display output messages which is rawInput instead of a container ID. Example: ``` $ podman init <container name> <container name> $ podman init <short container ID> <short container ID> ``` Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | cmd: refuse --userns if a mapping is specifiedGiuseppe Scrivano2022-08-08
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | if an explicit mapping is specified, do not accept `--userns` since it overriden to "private". Closes: https://github.com/containers/podman/issues/15233 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #15205 from sstosh/ci-run-cleanup-rootlessopenshift-ci[bot]2022-08-06
|\ \ \ | | | | | | | | e2e: Add rootless mount cleanup test
| * | | e2e: Add rootless mount cleanup testToshiki Sonoda2022-08-05
| | | | | | | | | | | | | | | | | | | | | | | | `podman run -d mount cleanup test` adapt to rootless environment. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | Merge pull request #15093 from karthikelango137/rmiNoPrune1openshift-ci[bot]2022-08-05
|\ \ \ \ | | | | | | | | | | remove image podman no prune
| * | | | remove image podman no pruneKarthik Elango2022-08-04
| |/ / / | | | | | | | | | | | | Signed-off-by: Karthik Elango <kelango@redhat.com>
* | | | Merge pull request #15092 from karthikelango137/startFilteropenshift-ci[bot]2022-08-05
|\ \ \ \ | |/ / / |/| | | start --filter flag changes
| * | | start filter flag changesKarthik Elango2022-08-04
| | | | | | | | | | | | | | | | | | | | | | | | Tying filtering logic for podman stop and start to same place in getContainersAndInputByContext() to reduce code redundancy Signed-off-by: Karthik Elango <kelango@redhat.com>
* | | | Merge pull request #15197 from vrothberg/fix-15006openshift-ci[bot]2022-08-04
|\ \ \ \ | |_|_|/ |/| | | podman rmi: improve error message for build containers
| * | | podman rmi: improve error message for build containersValentin Rothberg2022-08-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve the error message when attempting to remove an image that is in use by an external/build container. Prior, the error only indicated that the image was in use but did not aid in resolving the issue. Fixes: #15006 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | test/system/255-auto-update.bats: add an SELinux commentValentin Rothberg2022-08-04
|/ / / | | | | | | | | | | | | | | | | | | | | | Drop a comment on using `chcon` to let the local rollback test pass. It took me a while to understand why the test failed and future souls may appreciated the extra breadcrumb. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | add omitempty to Secret in k8s VolumeSourceCharlie Doern2022-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | Secret was populating a generated kube as `null`. Add omitempty so that when the volume source is not a secret, we do not print unnecessary info resolves #15156 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15084 from sstosh/rm-filteropenshift-ci[bot]2022-08-03
|\ \ \ | | | | | | | | Add rm --filter option
| * | | Add rm --filter optionToshiki Sonoda2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | --filter : remove the filtered container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | Merge pull request #15161 from lsm5/switch-to-dnfopenshift-ci[bot]2022-08-03
|\ \ \ \ | | | | | | | | | | Cirrus: use dnf instead of rpm to install packages
| * | | | skip pod resource limits test on aarch64Lokesh Mandvekar2022-08-03
| | |/ / | |/| | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | Merge pull request #15166 from sstosh/ci-mount-rootlessopenshift-ci[bot]2022-08-03
|\ \ \ \ | | | | | | | | | | Cirrus: Fix e2e tests for "mount_rootless_test"
| * | | | Cirrus: Fix e2e tests for "mount_rootless_test"Toshiki Sonoda2022-08-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e2e `mount_rootless_test` did not load `podman binary path` successfully. This PR fix this problem. [It] podman unshare podman mount: ``` [+1596s] Running: ... unshare mount <cid> [+1596s] Error: exec: no command [+1596s] output: ``` [It] podman unshare image podman mount: ``` [+1599s] Running: ... unshare image mount quay.io/libpod/alpine:latest [+1599s] Error: exec: no command [+1599s] output: ``` Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* / / / add "podman kube down" commandNiall Crowe2022-08-02
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | The "podman kube down" reads in a structured file of Kubernetes YAML and removes pods based on the Kubernetes kind described in the YAML, similiar to "podman play kube --down". Users will still be able to use "podman play kube --down" and "podman kube play --down" to perform the same function. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | / test: verify manifest inspect must contain OCI annotationsAditya R2022-08-01
| |/ |/| | | | | Signed-off-by: Aditya R <arajan@redhat.com>
* | fix e2e sign testsValentin Rothberg2022-08-01
| | | | | | | | | | | | | | The key used in the tests has expired. Remove the expiration date to turn CI happy and green. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #15108 from mtrmac/sigstore-signOpenShift Merge Robot2022-08-01
|\ \ | | | | | | Sigstore sign
| * | Add support for creating sigstore signatures, and providing passphrasesMiloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Allow creating sigstore signatures via --sign-by-sigstore-private-key . Like existing --sign-by, it does not work remote (in this case because we would have to copy the private key to the server). - Allow passing a passphrase (which is mandatory for sigstore private keys) via --sign-passphrase-file; if it is not provided, prompt interactively. - Also, use that passphrase for --sign-by as well, allowing non-interactive GPG use. (But --sign-passphrase-file can only be used with _one of_ --sign-by and --sign-by-sigstore-private-key.) Note that unlike the existing code, (podman build) does not yet implement sigstore (I'm not sure why it needs to, it seems not to push images?) because Buildah does not expose the feature yet. Also, (podman image sign) was not extended to support sigstore. The test for this follows existing (podman image sign) tests and doesn't work rootless; that could be improved by exposing a registries.d override option. The test for push is getting large; I didn't want to start yet another registry container, but that would be an alternative. In the future, Ginkgo's Ordered/BeforeAll would allow starting a registry once and using it for two tests. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | Update the registry server we test against from 2.6 to 2.8Miloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... primarily so that it can support OCI artifacts. 2.8 already seems to exist in the repo. This requires changing WaitContainerReady to also check stderr (ultimately because docker/distribution was updated to a more recent sirupsen/logrus, which logs by default to stderr instead of stdout). Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | Use existing REGISTRY_IMAGE variables in more placesMiloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | ... instead of hard-coding a copy of the value. Notably this makes hack/podman_registry actually support the documented -i option. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | Use httpasswd from the surrouding OS instead of the registry imageMiloslav Trmač2022-07-30
| |/ | | | | | | | | | | | | | | | | | | | | htpasswd is no longer included in docker.io/library/distribution after 2.7.0, per https://github.com/docker/distribution-library-image/issues/107 , and we want to upgrade to a recent version. At least system tests currently execute htpasswd from the OS, so it seems that it is likely to be available. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* / Add flag "--compression-format" to "podman manifest push" both in ↵Romain Geissler2022-07-30
|/ | | | | | | | | local/remote mode. Also Fix usage of flag "--compression-format" for remote "podman image push". Fix usage of flags "--format", "--remove-signatures" in remote "podman manifest push". Closes #15109. Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* Merge pull request #15060 from rhatdan/rm1OpenShift Merge Robot2022-07-28
|\ | | | | With --rm option remove container if podman run fails
| * With --rm option remove container if podman run failsDaniel J Walsh2022-07-28
| | | | | | | | | | | | Fixes https://github.com/containers/podman/issues/15049 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Bump golang.org/x/tools from 0.1.11 to 0.1.12 in /test/toolsdependabot[bot]2022-07-28
|/ | | | | | | | | | | | | | Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.11 to 0.1.12. - [Release notes](https://github.com/golang/tools/releases) - [Commits](https://github.com/golang/tools/compare/v0.1.11...v0.1.12) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #14801 from lsm5/ec2-aarch64OpenShift Merge Robot2022-07-28
|\ | | | | Cirrus: enable Fedora 36 aarch64 tasks on EC2
| * Cirrus: enable Fedora 36 aarch64 tasks on EC2Lokesh Mandvekar2022-07-27
| | | | | | | | | | | | | | | | | | | | | | new file: test/e2e/config_arm64.go Tests that fail on aarch64 have been skipped with `skip_if_aarch64`. Co-authored-by: Chris Evich <cevich@redhat.com> Co-authored-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #15034 from sstosh/manifest-push-rmOpenShift Merge Robot2022-07-27
|\ \ | | | | | | Fix: manifest push --rm removes a correct manifest list
| * | Fix: manifest push --rm removes a correct manifest listToshiki Sonoda2022-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This bug is reproduced when we execute the following command: 1. podman manifest add <manifest list> <images exist on local storage> 2. podman manifest push --rm <manifest list> dir:<directory> If pushing succeeds, it is expected to remove only a manifest list. However, manifest list remains on local storage and images are removed. This commit fixes `podman manifest push --rm` to remove only a manifest list. And, supports `manifest push --rm option` in remote environment, like host environment. Fixes: https://github.com/containers/podman/issues/15033 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #15066 from sstosh/checkpoint-samenameOpenShift Merge Robot2022-07-27
|\ \ \ | |_|/ |/| | Fix: Restore a container which name is equal to a image name
| * | Fix: Restore a container which name is equal to a image nameToshiki Sonoda2022-07-27
| | | | | | | | | | | | | | | | | | | | | | | | If there is a match for both container and image, we restore the container. Fixes: https://github.com/containers/podman/issues/15055 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #14959 from rhatdan/rmOpenShift Merge Robot2022-07-27
|\ \ \ | | | | | | | | When removing objects specifying --force,podman should exit with 0