aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Merge pull request #4329 from mheon/no_noexec_image_volumeOpenShift Merge Robot2019-10-24
|\ | | | | Image volumes should not be mounted noexec
| * Image volumes should not be mounted noexecMatthew Heon2019-10-23
| | | | | | | | | | | | | | | | | | This matches Docker more closely, but retains the more important protections of nosuid/nodev. Fixes #4318 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #4298 from mheon/uid_gid_optionsOpenShift Merge Robot2019-10-24
|\ \ | |/ |/| Add parsing for UID, GID in volume "o" option
| * Add parsing for UID, GID in volume "o" optionMatthew Heon2019-10-22
| | | | | | | | | | | | | | Everything else is a flag to mount, but "uid" and "gid" are not. We need to parse them out of "o" and handle them separately. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | stats: list all running containers unless specified otherwiseValentin Rothberg2019-10-23
|/ | | | | | | | | | Unless specified otherwise by --all, --latest or via arguments, list all running containers. This matches the behaviour of Docker and is also illustrated in the man pages where containers and options are marked to be optional. Fixes: #4274 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #4287 from mheon/anonymous_volumesOpenShift Merge Robot2019-10-22
|\ | | | | Add support for anonymous volumes to `podman run -v`
| * Add support for anonymous volumes to `podman run -v`Matthew Heon2019-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, when `podman run` encountered a volume mount without separate source and destination (e.g. `-v /run`) we would assume that both were the same - a bind mount of `/run` on the host to `/run` in the container. However, this does not match Docker's behavior - in Docker, this makes an anonymous named volume that will be mounted at `/run`. We already have (more limited) support for these anonymous volumes in the form of image volumes. Extend this support to allow it to be used with user-created volumes coming in from the `-v` flag. This change also affects how named volumes created by the container but given names are treated by `podman run --rm` and `podman rm -v`. Previously, they would be removed with the container in these cases, but this did not match Docker's behaviour. Docker only removed anonymous volumes. With this patch we move to that model as well; `podman run -v testvol:/test` will not have `testvol` survive the container being removed by `podman rm -v`. The sum total of these changes let us turn on volume removal in `--rm` by default. Fixes: #4276 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #4284 from mheon/fix_vol_inspectOpenShift Merge Robot2019-10-21
|\ \ | | | | | | Show volume options in 'volume inspect'
| * | Show volume options in 'volume inspect'Matthew Heon2019-10-18
| | | | | | | | | | | | | | | | | | | | | We initialized the map to show them, but didn't actually copy them in, so they weren't being displayed. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #4241 from haircommander/kube-test-refactorOpenShift Merge Robot2019-10-18
|\ \ \ | | | | | | | | play kube: refactor test suite
| * | | play kube: Container->CtrPeter Hunt2019-10-11
| | | | | | | | | | | | | | | | | | | | | | | | for berevity Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * | | play kube: refactor test suitePeter Hunt2019-10-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The play kube test suite has many different cases to cover, and should only grow in coverage over time The old design was difficult to extend, and there was lots of duplicated code. The largest pain point was the Container struct needed to be changed often, and doing so caused changes every test case Instead, adopt the `withOption` idiom. Now, adding a new option for customizing just involves adding a new withOption function, and changing the struct definition and initialization in one place. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | System tests: make sure exec pid hash w/o leakingAlex Jia2019-10-18
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | podman exec leaks an exec_pid_<hash> file for every exec in tmpfs, it's known rhbz#1731117, this case makes sure leakage issue has been fixed. rhbz: https://bugzilla.redhat.com/show_bug.cgi?id=1731117 Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
* | | Refactor tests when checking for error exit codesJhon Honce2019-10-16
| |/ |/| | | | | | | | | | | Rather than checking for non-zero, we need to check for >0 to distinguish between timeouts and error exit codes. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Add a MissingRuntime implementationMatthew Heon2019-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a container is created with a given OCI runtime, but then it is uninstalled or removed from the configuration file, Libpod presently reacts very poorly. The EvictContainer code can potentially remove these containers, but we still can't see them in `podman ps` (aside from the massive logrus.Errorf messages they create). Providing a minimal OCI runtime implementation for missing runtimes allows us to behave better. We'll be able to retrieve containers from the database, though we still pop up an error for each missing runtime. For containers which are stopped, we can remove them as normal. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | inspect: rename ImageID go field to ImageValentin Rothberg2019-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The json field is called `Image` while the go field is called `ImageID`, tricking users into filtering for `Image` which ultimately results in an error. Hence, rename the field to `Image` to align json and go. To prevent podman users from regressing, rename `Image` to `ImageID` in the specified filters. Add tests to prevent us from regressing. Note that consumers of the go API that are using `ImageID` are regressing; ultimately we consider it to be a bug fix. Fixes: #4193 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | images: empty list is valid json with --format=jsonGiuseppe Scrivano2019-10-11
| | | | | | | | | | | | | | | | | | similar change to f7d55d64e7040cdad149684234ea150b0a90cf0e with images --format=json, be sure the output is valid json also when it is an empty list. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4238 from giuseppe/rootless-enable-ps-size-testsOpenShift Merge Robot2019-10-11
|\ \ | | | | | | tests: enable ps --size tests for rootless
| * | tests: enable ps --size tests for rootlessGiuseppe Scrivano2019-10-11
| | | | | | | | | | | | | | | | | | | | | rootless podman is using a single user namespace for all the containers so it can safely access the storage for all of them. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #4237 from giuseppe/ps-not-nullOpenShift Merge Robot2019-10-11
|\ \ \ | |/ / |/| | container: initialize results list
| * | container: initialize results listGiuseppe Scrivano2019-10-11
| |/ | | | | | | | | | | | | | | | | it solves: $ podman ps --format=json null Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4206 from giuseppe/systemd-mode-look-full-pathOpenShift Merge Robot2019-10-10
|\ \ | | | | | | systemd: expect full path /usr/sbin/init
| * | systemd: expect full path /usr/sbin/initGiuseppe Scrivano2019-10-09
| |/ | | | | | | | | | | | | | | | | | | | | | | "init" is a quite common name for the command executed in a container image and Podman ends up using the systemd mode also when not required. Be stricter on enabling the systemd mode and not enable it automatically when the basename is "init" but expect the full path "/usr/sbin/init". Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4181 from cevich/start_test_slower_pollOpenShift Merge Robot2019-10-10
|\ \ | |/ |/| Raise start_test polling interval
| * Raise start_test polling intervalChris Evich2019-10-03
| | | | | | | | | | | | | | | | | | | | | | | | | | According to the documentation https://onsi.github.io/gomega/#eventually > the default value for the polling interval is 10 milliseconds That is excessively fast given the observed failures in issue #4021 are always using podman-remote. Lower the interval to 3-seconds, which should be plenty long enough for container removal. Signed-off-by: Chris Evich <cevich@redhat.com>
* | podman network create: validate user inputMrigank Krishan2019-10-04
| | | | | | | | | | | | | | Disallow invalid/confusing names such as '../bar' or 'foo ' Closes #4184 Signed-off-by: Mrigank Krishan <mrigankkrishan@gmail.com>
* | Merge pull request #4174 from cevich/use_bash_not_shOpenShift Merge Robot2019-10-03
|\ \ | | | | | | System-tests: Use bash explicitly
| * | System-tests: Use bash explicitlyChris Evich2019-10-02
| |/ | | | | | | | | | | | | On Ubuntu, /bin/sh != /bin/bash. Update system-tests to only use bash for testing consistency across platforms. Signed-off-by: Chris Evich <cevich@redhat.com>
* / system tests: info: deal with hyphen in usernameEd Santiago2019-10-03
|/ | | | | | | | ...e.g. cloud-user. 9822f54ac was intended to fix this, but it doesn't. Simple and standard solution is to move the dash to the end of the character class. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: reenable skipped testsEd Santiago2019-10-02
| | | | | | | | | Issue #3829 (cp symlinks) has been fixed: enable tests for it And, it looks like podman-remote is now handling exit status of a force-rm'ed container. Enable that test too. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #4001 from kunalkushwaha/podman-import-fixOpenShift Merge Robot2019-09-30
|\ | | | | podman import syntax fix
| * new testcase for podman import --change addedKunal Kushwaha2019-09-27
| | | | | | | | Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | Merge pull request #4118 from cevich/fix_sig_proxyOpenShift Merge Robot2019-09-27
|\ \ | | | | | | Move noCache logic lower in stack
| * | Move noCache logic lower in stackChris Evich2019-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | One or more tests are not taking advantage of the local image cache. This has been observed to cause a testing flake in at least one `--sigproxy` test which uses `PodmanTestIntegration.PodmanPID()`. It has a rather short timeout of 15-seconds, which isn't always enough time to pull down a remote image. Fix this by reloacing the `noCache` logic from `PodmanTest.PodmanAsUserBase()` down the stack into `PodmanTestIntegration.makeOptions()`. This also eliminates the need to also check if a remote-client is being used - since it uses a different function. Also reverse the parameter order in `PodmanTest.PodmanBase` so that everywhere is consistently `noEvents` then `noCache`. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #4121 from jwhonce/issue/4021OpenShift Merge Robot2019-09-27
|\ \ \ | | | | | | | | Change ginkgo Wait() to Eventually() test
| * | | Change ginkgo Wait() to Eventually() testJhon Honce2019-09-26
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Changing the test in WaitWithDefaultTimeout() to use Eventually() and gexec.Exit(). Using ExitCode() before command has really exited returns a -1, which can cause issues for tests testing for podman to return non-zero values. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / / Correct use of reexec.Init()Nalin Dahyabhai2019-09-26
|/ / | | | | | | | | | | | | A true result from reexec.Init() isn't an error, but it indicates that main() should exit with a success exit status. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | fix cp none exists dest path ends with '/'Qi Wang2019-09-25
| | | | | | | | | | | | | | close #3894 This patch let podman cp return 'no such file or directory' error if DEST_PATH does not exist and ends with / when copying file. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Handle conflict between volumes and --read-only-tmpfsMatthew Heon2019-09-24
| | | | | | | | | | | | | | | | | | | | When a named volume is mounted on any of the tmpfs filesystems created by read-only tmpfs, it caused a conflict that was not resolved prior to this. Fixes BZ1755119 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3756 from gabibeyer/rootlessOrderingOpenShift Merge Robot2019-09-24
|\ \ | | | | | | rootless: Rearrange setup of rootless containers
| * | add list mount testsgabi beyer2019-09-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add two unit tests to determine whether mounts are being listed correctly. One tests that a created container is not listed until mounted. The second checks that running containers are mounted, and then no longer listed as mounted when they stop running. The final test creates three containers, mounts two, and checks that mount correctly only lists the two mounted. Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
* | | system tests: run test: reenable and fixEd Santiago2019-09-24
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Test had incorrectly been disabled for all podman; it should've been disabled only for podman-remote. Fixed that, and fixed the problem that was causing failures: podman-remote is gobbling up stdin (#4095), so no tests were actually being run at all, or only one. Fixed by redirecting input on the run_podman invocation. Added, as backup, a confirmation mechanism to ensure that all expected tests are being run. Note that test is reenabled, but the output check is disabled for podman-remote due to #4096; this at least lets us check exit status. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | execuser: look at the source for /etc/{passwd,group} overridesGiuseppe Scrivano2019-09-21
| | | | | | | | | | | | | | | | | | look if there are bind mounts that can shadow the /etc/passwd and /etc/group files. In that case, look at the bind mount source. Closes: https://github.com/containers/libpod/pull/4068#issuecomment-533782941 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | container: make sure $HOME is always setGiuseppe Scrivano2019-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | If the HOME environment variable is not set, make sure it is set to the configuration found in the container /etc/passwd file. It was previously depending on a runc behavior that always set HOME when it is not set. The OCI runtime specifications do not require HOME to be set so move the logic to libpod. Closes: https://github.com/debarshiray/toolbox/issues/266 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | System-test: Temporarily disable 030-runChris Evich2019-09-17
| | | | | | | | | | | | | | | | | | | | While investigating issue https://github.com/containers/libpod/issues/4044 there is no sense subjecting forward progress elsewhere. Skip the test with a note temporarily, until a resolution to 4044 and any other related issues is found and fix implemented. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Fix exit code failureDaniel J Walsh2019-09-17
| | | | | | | | | | | | Be less precise on the exit code and lot the exit code to the journal when it fails. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4043 from haircommander/preserve-fd-fixOpenShift Merge Robot2019-09-16
|\ \ | | | | | | exec: fix --preserve-fds
| * | exec: fix --preserve-fdsPeter Hunt2019-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were two problems with preserve fds. libpod didn't open the fds before passing _OCI*PIPE to conmon. This caused libpod to talk on the preserved fds, rather than the pipes, with conmon talking on the pipes. This caused a hang. Libpod also didn't convert an int to string correctly, so it would further fail. Fix these and add a unit test to make sure we don't regress in the future Note: this test will not pass on crun until crun supports --preserve-fds Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | Merge pull request #3941 from gabibeyer/fix_unit_testOpenShift Merge Robot2019-09-16
|\ \ \ | |/ / |/| | fix unit test using strings.Contains
| * | fix unit test to use Expectgabi beyer2019-09-12
| |/ | | | | | | | | | | | | | | The Expect function does not return a result of True or False depending on the value of the first instance, but instead requires a comparison using ".To(", so change to use ".To(ContainSubstring(" Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>