aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* libpod: enforce noexec,nosuid,nodev for /dev/shmGiuseppe Scrivano2022-02-02
| | | | | | | these mount flags are already used for the /dev/shm mount on the host, but they are not set for the bind mount itself. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #13085 from ydayagi/mainOpenShift Merge Robot2022-02-01
|\ | | | | play kube envVar.valueFrom.fieldRef
| * play kube envVar.valueFrom.fieldRefYaron Dayagi2022-01-31
| | | | | | | | | | | | | | | | | | add support for env vars values from pod spec fields see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core relates to issue https://github.com/containers/podman/issues/12756 Signed-off-by: Yaron Dayagi <ydayagi@redhat.com>
* | libpod: report slirp4netns network statsGiuseppe Scrivano2022-02-01
| | | | | | | | | | | | | | | | | | by default slirp4netns uses the tap0 device. When slirp4netns is used, use that device by default instead of eth0. Closes: https://github.com/containers/podman/issues/11695 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Fix use of infra image to clarify defaultDaniel J Walsh2022-01-31
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12712 from flouthoc/volume_overlay_advancedOpenShift Merge Robot2022-01-28
|\ \ | | | | | | volume: add support for non-volatile `upperdir`,`workdir` for overlay volumes
| * | volume: add support for non-volatile upperdir,workdir for overlay volumesAditya Rajan2022-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Often users want their overlayed volumes to be `non-volatile` in nature that means that same `upper` dir can be re-used by one or more containers but overall of nature of volumes still have to be `overlay` so work done is still on a overlay not on the actual volume. Following PR adds support for more advanced options i.e custom `workdir` and `upperdir` for overlayed volumes. So that users can re-use `workdir` and `upperdir` across new containers as well. Usage ```console $ podman run -it -v myvol:/data:O,upperdir=/path/persistant/upper,workdir=/path/persistant/work alpine sh ``` Signed-off-by: Aditya R <arajan@redhat.com>
* | | Merge pull request #13049 from edsantiago/batsDaniel J Walsh2022-01-27
|\ \ \ | | | | | | | | System tests: emergency skip of checkpoint tests
| * | | System tests: emergency skip of checkpoint testsEd Santiago2022-01-27
| |/ / | | | | | | | | | | | | | | | ...on kernel 5.17, because it's broken Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #13042 from Luap99/subnetsOpenShift Merge Robot2022-01-27
|\ \ \ | |/ / |/| | network create: allow multiple subnets
| * | network create: allow multiple subnetsPaul Holzinger2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman network create --subnet, --gateway and --ip-range can now be specified multiple times to join the network to more than one subnet. This is very useful if you want to use a dual stack network and assign a fixed ipv4 and ipv6 subnet. The order of the options is important here, the first --gateway/--ip-range will be assigned to the first subnet and so on. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #13029 from TomSweeneyRedHat/dev/tsweeney/mergepull2OpenShift Merge Robot2022-01-27
|\ \ \ | |/ / |/| | Bump Buildah to v1.24.0
| * | Bump Buildah to v1.24.0tomsweeneyredhat2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps Buildah to v1.24.0 and adopts the new values for pull: true, false, never, and always. The pull-never and pull-always options for the build command are still usable, but they have been removed from the man page documentation with this change. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* | | switch podman image scp from depending on machinectl to just os/execcdoern2022-01-26
|/ / | | | | | | | | | | | | | | | | machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM, and use the given UID and GID to execute the command properly. machinectl is still used to create a user session. Ubuntu support is limited by this. Signed-off-by: cdoern <cdoern@redhat.com>
* | CI: enable rootless-remote system testsEd Santiago2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | Minimal: only test Fedora.Latest. Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests: https://github.com/containers/podman/issues/12989 Requires skipping two recently-added tests that use 'podman unshare', which doesn't work on remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #12982 from rhatdan/defaultOpenShift Merge Robot2022-01-24
|\ \ | | | | | | Show correct default values or show none
| * | Show correct default values or show noneDaniel J Walsh2022-01-24
| |/ | | | | | | | | | | | | | | | | Before this PR, the podman --help command shows the defaults as runc and overlay even if the storage.conf and containers.conf files do not match. This PR changes them to show the actual defaults and in the case of storage driver, does not show the default at all. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / container create: do not check for network dns supportPaul Holzinger2022-01-24
|/ | | | | | | | | | | We should not check if the network supports dns when we create a container with network aliases. This could be the case for containers created by docker-compose for example if the dnsname plugin is not installed or the user uses a macvlan config where we do not support dns. Fixes #12972 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #12961 from rhatdan/codespellOpenShift Merge Robot2022-01-21
|\ | | | | Run codespell
| * Run codespell on codeDaniel J Walsh2022-01-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12951 from rhatdan/commitOpenShift Merge Robot2022-01-21
|\ \ | |/ |/| Fix #2 for compat commit handling of --changes
| * Fix #2 for compat commit handling of --changesDaniel J Walsh2022-01-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12943 from machacekondra/nil_fixOpenShift Merge Robot2022-01-21
|\ \ | |/ |/| Fix nil pointer dereference for configmap optional
| * Fix nil pointer dereference for configmap optionalOndra Machacek2022-01-21
| | | | | | | | | | | | | | | | This PR fixes nil pointer dereference for configmap optional parameter. When optional parameter is not passed, the code tried to acces the parameter which caused nil pointer dereference. Signed-off-by: Ondra Machacek <omachace@redhat.com>
* | Make error message matching in 030-run.bats less fragileDavid Gibson2022-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Amongst other things 030-run.bats checks for sensible error messages when attempting a "podman run" with a non-existent or inaccessible path. It checks for these messages, which come from the low-level runtime, in a lot of detail, including separate versions for runc and crun. This is fragile in several ways: * It's likely to fail if using a runtime other than crun or runc * It relies on detecting whether the runtime is crun vs. runc using the path, which could fail if the binary has been named something unusual * It will break if crun or runc ever alter their error message (even if it's just changing case) This replaces the checked versions with a much more accepting regex which will work for both the runc and crun messages, while still looking for the essential pieces. This isn't guaranteed to work with other runtimes, but it's much more likely to. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | Don't explicitly check for crun|runc in package informationDavid Gibson2022-01-21
| | | | | | | | | | | | | | | | | | | | | | | | Amongst other things 005-info.bats tests that the host.ociRuntime.package field in the output from "podman info" reports something containing "crun" or "runc". While those are obviously the dominant runtimes in practice, it seems undesirable to explicitly exclude them in testing. So, remove this specific test. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | Merge pull request #12942 from flouthoc/compat-load-tar-with-multiple-imagesOpenShift Merge Robot2022-01-20
|\ \ | | | | | | compat: `images/load` must be able to load tar with multiple images
| * | compat: images/load must be able to load tar with multiple imagesAditya R2022-01-21
| |/ | | | | | | | | | | | | | | `http:/host:port/images/load` fails to accept tar with more than one images however manual load works as expected. Remove explicit check for `1` image and only fail if result set has value less than `1`. Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #12950 from edsantiago/systemd_250OpenShift Merge Robot2022-01-20
|\ \ | | | | | | System tests: fix for new systemd on rawhide
| * | System tests: fix for new systemd on rawhideEd Santiago2022-01-20
| |/ | | | | | | | | | | | | | | systemd 250 on f36 has changed the output format of a message our tests rely on. This breaks bodhi gating tests. Fix test so it accepts a continually-growing set of systemd outputs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* / Engine.Remote from containers.confJhon Honce2022-01-20
|/ | | | | | | | | | | | | | | Heuristic to initialize TunnelMode/remote podman: - Podman built with remote tag - Podman running on darwin or windows GOOS - CONTAINER_HOST or CONTAINER_CONNECTION set in environment - --remote flag given on command line - From containers.conf, Engine.Remote == true and GOOS == linux Otherwise, podman will run in ABIMode/linked against libpod library. Fixes #12866 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #12887 from esendjer/mainOpenShift Merge Robot2022-01-19
|\ | | | | Add custom defined dependencies to podman generate systemd
| * Handlers for `generate systemd` with custom dependenciesesendjer2022-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit includes: * Handlers for generate systemd unit with manually defined dependencies such as: Wants=, After= and Requires= * The new unit and e2e tests for checking generated systemd units for container and pod with custom dependencies * Documented descriptions for custom dependencies options Signed-off-by: Eugene (Evgenii) Shubin <esendjer@gmail.com>
* | Merge pull request #12914 from rhatdan/commitOpenShift Merge Robot2022-01-19
|\ \ | | | | | | Handle changes in docker compat mode
| * | Handle changes in docker compat modeDaniel J Walsh2022-01-19
| | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/12830 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | APIv2 tests: followup to recent log testEd Santiago2022-01-19
|/ / | | | | | | | | | | | | | | | | | | | | | | | | Followup to #12919, which merged while I was writing review feedback. This actually confirms log output. This required a minor change to the 't' helper: stripping NUL chars from the http result. And, while I'm at it, a bunch of cleanup for running rootless: - set $CONTAINERS_HELPER_BINARY_DIR, so we can find rootlessport - add a few conditionals for different expectations Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #12862 from matejvasek/fix-info-epOpenShift Merge Robot2022-01-19
|\ \ | | | | | | Add IndexConfigs info to compat /info endpoint
| * | Add IndexConfigs to compat /info endpointMatej Vasek2022-01-19
| | | | | | | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | apiv2 test: add regression test for #12904Valentin Rothberg2022-01-19
| |/ |/| | | | | | | | | | | | | | | Add a regression test for issue #12904 to make sure that attaching with logs=true to the compact endpoint does not blow up. Note that I did not find a way to test the output (i.e., '123'); logs are sent in a binary format and I did not find a way to compare the control characters. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #12908 from Luap99/network-conf-dirOpenShift Merge Robot2022-01-18
|\ \ | | | | | | rename --cni-config-dir to --network-config-dir
| * | rename --cni-config-dir to --network-config-dirPaul Holzinger2022-01-18
| | | | | | | | | | | | | | | | | | | | | | | | Since this option will also be used for netavark we should rename it to something more generic. It is important that --cni-config-dir still works otherwise we could break existing container cleanup commands. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | compat attach: fix write on closed channelValentin Rothberg2022-01-18
| |/ |/| | | | | | | | | | | | | | | Waiting on an initialized sync.WaitGroup returns immediately. Hence, move the goroutine to wait and close *after* reading the logs. Fixes: #12904 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #12797 from edsantiago/test_image_scp_sudoOpenShift Merge Robot2022-01-18
|\ \ | |/ |/| Tests for podman image scp (the sudo form)
| * CI: rootless user: also create in some root testsEd Santiago2022-01-17
| | | | | | | | | | | | | | | | | | | | | | | | viz, rootful system tests. The rootless account will be used by image-scp tests. Unfortunately, having ssh available means the system-connection tests will start running, which is very bad because they will fail, because system connection doesn't actually work (long story). Add a few more checks to prevent this test from running. Signed-off-by: Ed Santiago <santiago@redhat.com>
| * [WIP] Tests for podman image scp (the sudo form)Ed Santiago2022-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Start inching our way back to having tests for the sudo form of podman image scp. Basically, copy an image to another user and then back, using a pseudorandom name. Confirm that the image makes it to the remote end, and that when we copy it back, the original image digest is preserved. When scp'ing as root, we identify the destination rootless user account via the $PODMAN_ROOTLESS_USER envariable. Setting this and creating the account is left as an exercise for the CI framework (be it github, or Fedora/CentOS/RHEL gating, or other). Also: amend hack/bats to set and relay $PODMAN_ROOTLESS_USER, so developers can test locally. Also: remove what I'm 99% sure is a debugging printf. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | bump go module to version 4Valentin Rothberg2022-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | Automated for .go files via gomove [1]: `gomove github.com/containers/podman/v3 github.com/containers/podman/v4` Remaining files via vgrep [2]: `vgrep github.com/containers/podman/v3` [1] https://github.com/KSubedi/gomove [2] https://github.com/vrothberg/vgrep Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #12684 from mheon/remap_statesOpenShift Merge Robot2022-01-18
|\ \ | | | | | | Revamp Libpod state strings for Docker compat
| * | Revamp Libpod state strings for Docker compatMatthew Heon2022-01-17
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve our compatibility with Docker by better handling the state strings that we print in `podman ps`. Docker capitalizes all states in `ps` (we do not) - fix this in our PS code. Also, stop normalizing ContainerStateConfigured to the "Created" state, and instead make it always be Created, with the existing Created state becoming Initialized. I didn't rename the actual states because I'm somewhat reticent to make such a large change a day before we leave for break. It's somewhat confusing that ContainerStateConfigured now returns Created, but internally and externally we're still consistent. [NO NEW TESTS NEEDED] existing tests should catch anything that broke. I also consider this a breaking change. I will flag appropriately on Github. Fixes RHBZ#2010432 and RHBZ#2032561 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #12870 from rhatdan/userns1OpenShift Merge Robot2022-01-18
|\ \ | |/ |/| Use PODMAN_USERNS environment variable when running as a service
| * Use PODMAN_USERNS environment variable when running as a serviceDaniel J Walsh2022-01-17
| | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/11350#issuecomment-1011562526 Also add inspect information about the idmappings if they exists. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>