aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
...
* | | Merge pull request #15059 from cdoern/infraOpenShift Merge Robot2022-07-26
|\ \ \ | | | | | | | | pod create --share none should not create infra
| * | | pod create --share none should not create infraCharlie Doern2022-07-25
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for podman pod create, when we are not sharing any namespaces there is no point for the infra container. This is especially true since resources have also been decoupled from the container recently. handle this on the cmd level so that we can still create infra if set explicitly resolves #15048 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15057 from marshall-lee/tls-verify-default-trueOpenShift Merge Robot2022-07-26
|\ \ \ | |_|/ |/| | Set TLSVerify=true by default for API endpoints
| * | Set TLSVerify=true by default for API endpointsVladimir Kochnev2022-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* | | Semiperiodoc cleanup of obsolete FIXMEsEd Santiago2022-07-25
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some refer to issues that are closed. Remove them. Some are runc bugs that will never be fixed. Say so, and remove the FIXME. One (bps/iops) should probably be fixed. File an issue for it, and update comment to include the issue# so my find-obsolete-skips script can track it. And one (rootless mount with a "kernel bug?" comment) is still not fixed. Leave the skip, but add a comment documenting the symptom. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / benchmarks: fix create testValentin Rothberg2022-07-25
|/ | | | | | And a new one for `run --detach`. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #15035 from cdoern/cgroupOpenShift Merge Robot2022-07-23
|\ | | | | fix container create/run throttle devices
| * fix container create/run throttle devicesCharlie Doern2022-07-22
| | | | | | | | | | | | pod resource limits introduced a regression where `FinishThrottleDevices` was not called for create/run Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #15042 from Luap99/int-remote-netbackendOpenShift Merge Robot2022-07-22
|\ \ | | | | | | integration test: fix network backend option with remote
| * | integration test: fix network backend option with remotePaul Holzinger2022-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I honestly do not understand all this extra option parsing here but there is really no reason to exclude the option for remote, all the other global options are also set there. This fixes a problem with mixed cni/netavark use because the option was unset. Fixes #15017 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14967 from sstosh/pause-optionOpenShift Merge Robot2022-07-22
|\ \ \ | | | | | | | | Add pause/unpause --latest, --cidfile, --filter
| * | | Add pause/unpause --latest, --cidfile, --filterToshiki Sonoda2022-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --latest : pause/unpause the latest container. --filter : pause/unpause the filtered container. --cidfile : Read container ID from the specified file and pause/unpause the container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | Merge pull request #15040 from Luap99/api-umaskOpenShift Merge Robot2022-07-22
|\ \ \ \ | | | | | | | | | | API: libpod/create use correct default umask
| * | | | API: libpod/create use correct default umaskPaul Holzinger2022-07-22
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure containers created via API have the correct umask from containers.conf set. Fixes #15036 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #14567 from cdoern/secretsOpenShift Merge Robot2022-07-22
|\ \ \ \ | |_|_|/ |/| | | Implement kubernetes secret handling for podman play kube
| * | | kube secret handling for podman play kubecdoern2022-07-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for both creating a secret using yaml and mounting a secret as a volume given a yaml file. Kubernetes secrets have a different structure than podman and therefore have to be handeled differently. In this PR, I have introduced the basic usecases of kube secrets with more implementations like env secrets to come! resolves #12396 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15016 from Luap99/compat-netnameOpenShift Merge Robot2022-07-22
|\ \ \ | |_|/ |/| | compat api: allow default bridge name for networks
| * | compose test: remove cni config copyPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | | | | | | | The network backend always has default config in memory so there is no need to copy it. Also netavark cannot use it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | compat api: allow default bridge name for networksPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker uses "bridge" as default network name so some tools expect this to work with network list or inspect. To fix this we change "bridge" to the podman default ("podman") name. Fixes #14983 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14972 from edsantiago/ubuntu_cgroups_v1OpenShift Merge Robot2022-07-22
|\ \ \ | | | | | | | | Bump VMs, to Ubuntu 2204 with cgroups v1
| * | | Bump VMs, to Ubuntu 2204 with cgroups v1Ed Santiago2022-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...and enable the at-test-time confirmation, the one that double-checks that if CI requests runc we actually use runc. This exposed a nasty surprise in our setup: there are steps to define $OCI_RUNTIME, but that's actually a total fakeout! OCI_RUNTIME is used only in e2e tests, it has no effect whatsoever on actual podman itself as invoked via command line such as in system tests. Solution: use containers.conf Given how fragile all this runtime stuff is, I've also added new tests (e2e and system) that will check $CI_DESIRED_RUNTIME. Image source: https://github.com/containers/automation_images/pull/146 Since we haven't actually been testing with runc, we need to fix a few tests: - handle an error-message change (make it work in both crun and runc) - skip one system test, "survive service stop", that doesn't work with runc and I don't think we care. ...and skip a bunch, filing issues for each: - #15013 pod create --share-parent - #15014 timeout in dd - #15015 checkpoint tests time out under $CONTAINER - #15017 networking timeout with registry - #15018 restore --pod gripes about missing --pod - #15025 run --uidmap broken - #15027 pod inspect cgrouppath broken - ...and a bunch more ("podman pause") that probably don't even merit filing an issue. Also, use /dev/urandom in one test (was: /dev/random) because the test is timing out and /dev/urandom does not block. (But the test is still timing out anyway, even with this change) Also, as part of the VM switch we are now using go 1.18 (up from 1.17) and this broke the gitlab tests. Thanks to @Luap99 for a quick fix. Also, slight tweak to #15021: include the timeout value, and reword message so command string is at end. Also, fixed a misspelling in a test name. Fixes: #14833 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #15022 from vrothberg/fix-14971OpenShift Merge Robot2022-07-22
|\ \ \ \ | |/ / / |/| | | remote push: show copy progress
| * | | remote push: show copy progressValentin Rothberg2022-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman-remote push` has shown absolutely no progress at all. Fix that by doing essentially the same as the remote-pull code does. The get-free-out-of-jail-card for backwards compatibility is to let the `quiet` parameter default to true. Since the --quioet flag wasn't working before either, older Podman clients do not set it. Also add regression tests to make sure we won't regress again. Fixes: #11554 Fixes: #14971 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | resource limits for podsCharlie Doern2022-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | added the following flags and handling for podman pod create --memory-swap --cpuset-mems --device-read-bps --device-write-bps --blkio-weight --blkio-weight-device --cpu-shares given the new backend for systemd in c/common, all of these can now be exposed to pod create. most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here as well! Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Merge pull request #15003 from giuseppe/create-etc-passwdOpenShift Merge Robot2022-07-21
|\ \ \ \ | |/ / / |/| | | libpod: create /etc/passwd if missing
| * | | libpod: create /etc/passwd if missingGiuseppe Scrivano2022-07-21
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | create the /etc/passwd and /etc/group files if they are missing in the image. Closes: https://github.com/containers/podman/issues/14966 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #15021 from Luap99/e2e-timeout-outputOpenShift Merge Robot2022-07-21
|\ \ \ | | | | | | | | e2e: show command and output when a timeout happens
| * | | e2e: show command and output when a timeout happensPaul Holzinger2022-07-21
| |/ / | | | | | | | | | | | | | | | | | | To make debugging easier we should see the command and its output when a failure happens. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / / podman-remote pull: fix duplicate progress outputsValentin Rothberg2022-07-21
|/ / | | | | | | | | | | | | By vendoring the fixes from containers/image. Also add a test (thanks @edsantiago) to make sure we won't regress in the future again. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14977 from umohnani8/initOpenShift Merge Robot2022-07-20
|\ \ | |/ |/| Update init ctr default for play kube
| * Update init ctr default for play kubeUrvashi Mohnani2022-07-20
| | | | | | | | | | | | | | | | | | Update the init container type default to once instead of always to match k8s behavior. Add a new annotation that can be used to change the init ctr type in the kube yaml. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | system tests: new system-service bats fileEd Santiago2022-07-18
|/ | | | | | | | | | | | | Followup to #14957, which added a new test that doesn't actually belong in the 250-systemd.bats file. It was copy-pasted from another test that doesn't belong there. Move both tests to a new .bats file, because (1) they need a custom cleanup, and (2) one of the tests should very definitely run under podman-remote, and the 250 bats file has a global skip_if_remote(). Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #14890 from rhatdan/VENDORopenshift-ci[bot]2022-07-18
|\ | | | | Vendor in containers/(storage,image, common, buildah)
| * buildah vendor treadmillEd Santiago2022-07-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As you run --sync, please update this commit message with your actual changes. Changes since 2022-06-14: - apply-podman-deltas: (minor) buildah 4057 changed the name of a test; make corresponding change here - apply-podman-deltas: buildah 4071 adds a new OCI-hook test that's failing in remote. Skip it. - apply-podman-deltas: buildah 4096 changed an error message - apply-podman-deltas: buildah 4097 added a test that doesn't work with podman-remote - run-buildah-bud-tests: only run 'sudo --validate' if we need to sudo later (for running tests). Otherwise, same thing: I run the treadmill script, step away, and come back to an unnecessary sudo prompt. - system tests: the new containers-storage changes some error messages; fix tests to reflect that. (And, unrelated, fix a red cleanup warning) Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Run codespellDaniel J Walsh2022-07-18
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add --host and -H as equivalent options to --urlDaniel J Walsh2022-07-18
|/ | | | | | | | | | Docker supports -H and --host for specify the listening socket. Podman should support them also in order to match the CLI. These will not be documented since Podman defaults to using the --url option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #14932 from jakecorrenti/pull-all-tags-shorthandopenshift-ci[bot]2022-07-15
|\ | | | | Podman pull --all-tags shorthand option
| * Podman pull --all-tags shorthand optionJake Correnti2022-07-14
| | | | | | | | | | | | | | I added the shorthand option for `podman pull --all-tags`. Like Docker, Podman can now do `podman pull -a`. Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | Merge pull request #14832 from karthikelango137/filterFlagStopopenshift-ci[bot]2022-07-14
|\ \ | | | | | | Podman stop --filter flag
| * | Podman stop --filter flagKarthik Elango2022-07-14
| | | | | | | | | | | | | | | | | | | | | Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy. Signed-off-by: Karthik Elango <kelango@redhat.com>
* | | fix tests for "podman kube play"Niall Crowe2022-07-14
|/ / | | | | | | | | | | | | | | This is a follow up to fix some of the apiv2 tests related to "podman kube play" while also removing reduntant system tests. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | Merge pull request #14923 from rhatdan/eventsopenshift-ci[bot]2022-07-14
|\ \ | |/ |/| Add podman events -f to be alias for --filter
| * Add podman events -f to be alias for --filterDaniel J Walsh2022-07-13
| | | | | | | | | | | | Needed for Docker compatibility. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add "podman kube play" cmdNiall Crowe2022-07-13
|/ | | | | | | | | | | The "podman kube play" command is designed to be a replacement for the "podman play kube" command. It performs the same function as "play kube" while also still working with the same flags and options. The "podman play kube" command is still functional as an alias of "kube play". Closes #12475 Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #14916 from rhatdan/dockeropenshift-ci[bot]2022-07-13
|\ | | | | Docker uses "-c" to mean "--cpu-shares" in create and run
| * Docker uses "-c" to mean "--cpu-shares" in create and runDaniel J Walsh2022-07-12
| | | | | | | | | | | | | | Add support for -c as an alias for --cpu-shares to be compatible with Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | test,manifest-run: declare TARGETPLATFORM before using itAditya R2022-07-12
|/ | | | | | | | | | | | | | | As part of fix for https://github.com/openshift/imagebuilder/issues/231 `FROM` does not expands `ARGS` which are not declared so `TARGETPLATFORM` Note: I think a patch should be added at imagebuilder to allow using inbuilt ARGS in FROM without declaring it as well but it is something to be discussed so lets declare it manually in our tests [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* [CI:DOCS] Improve language. Fix spelling and typos.Erik Sjölund2022-07-11
| | | | | | | | | * Correct spelling and typos. * Improve language. Co-authored-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Merge pull request #14181 from umohnani8/kube-hostnameopenshift-ci[bot]2022-07-11
|\ | | | | Add ports and hostname correctly in kube yaml
| * Add ports and hostname correctly in kube yamlUrvashi Mohnani2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | If a pod is created without net sharing, allow adding separate ports for each container to the kube yaml and also set the pod level hostname correctly if the uts namespace is not being shared. Add a warning if the default namespace sharing options have been modified by the user. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>