aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
...
* | | test: use private instead of slave for the mountGiuseppe Scrivano2022-08-24
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | using "slave" means that every mount operation on the host that happens between the mount creation for `/host` and running `findmnt` will be propagated to the container mount. To prevent new mounts on the host to appear in the container thus invalidating the test we have, just create the mount as private and use `/sys` as source as it has multiple mounts on the top but less likely to get new mounts once it is configured. Closes: https://github.com/containers/podman/issues/15241 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #15454 from vrothberg/bump-psgoDaniel J Walsh2022-08-24
|\ \ | | | | | | vendor containers/psgo@v1.7.3
| * | vendor containers/psgo@v1.7.3Valentin Rothberg2022-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add three new capabilities that would otherwise be reported as unknown. Also add an e2e test making sure that `podman top` knows all capabilities of the current kernel. I refrained from adding a system test since this may blow up in gating tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #15434 from rhatdan/manifest1OpenShift Merge Robot2022-08-24
|\ \ \ | | | | | | | | Allow podman to run in an environment with keys containing spaces
| * | | Allow podman to run in an environment with keys containing spacesDaniel J Walsh2022-08-23
| | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/15251 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | test: fix commentGiuseppe Scrivano2022-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it is not a kernel bug. Rootless users are not allowed to use non recursive bind mounts, otherwise they would be able to uncover mounts that were not visible before to them. [CI:DOCS] it is just a comment fix. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #15439 from rhatdan/serviceOpenShift Merge Robot2022-08-24
|\ \ \ \ | |_|/ / |/| | | Fix documentation of use of tcp connections
| * | | Fix documentation of use of tcp connectionsDaniel J Walsh2022-08-23
| |/ / | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/15430 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #15437 from mheon/default_volume_timeoutOpenShift Merge Robot2022-08-24
|\ \ \ | | | | | | | | Add support for containers.conf volume timeouts
| * | | Add support for containers.conf volume timeoutsMatthew Heon2022-08-23
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, do a general cleanup of all the timeout code. Changes include: - Convert from int to *uint where possible. Timeouts cannot be negative, hence the uint change; and a timeout of 0 is valid, so we need a new way to detect that the user set a timeout (hence, pointer). - Change name in the database to avoid conflicts between new data type and old one. This will cause timeouts set with 4.2.0 to be lost, but considering nobody is using the feature at present (and the lack of validation means we could have invalid, negative timeouts in the DB) this feels safe. - Ensure volume plugin timeouts can only be used with volumes created using a plugin. Timeouts on the local driver are nonsensical. - Remove the existing test, as it did not use a volume plugin. Write a new test that does. The actual plumbing of the containers.conf timeout in is one line in volume_api.go; the remainder are the above-described cleanups. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #15443 from flouthoc/env-merge-supportOpenShift Merge Robot2022-08-24
|\ \ \ | | | | | | | | run,create: add support for `--env-merge` for preprocessing default environment variables
| * | | run,create: add support for --env-merge for preprocessing varsAditya R2022-08-24
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow end users to preprocess default environment variables before injecting them into container using `--env-merge` Usage ``` podman run -it --rm --env-merge some=${some}-edit --env-merge some2=${some2}-edit2 myimage sh ``` Closes: https://github.com/containers/podman/issues/15288 Signed-off-by: Aditya R <arajan@redhat.com>
* | | Merge pull request #15447 from sstosh/e2e-memswapOpenShift Merge Robot2022-08-24
|\ \ \ | | | | | | | | e2e: Add run --memory-swap test
| * | | e2e: Add run --memory-swap testToshiki Sonoda2022-08-24
| |/ / | | | | | | | | | | | | | | | There is not e2e/system test of --memory-swap option. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #15351 from marshall-lee/images-pull-simpleOpenShift Merge Robot2022-08-24
|\ \ \ | |/ / |/| | Simplify ImagesPull for when Quiet flag is on
| * | Add ProgressWriter to PullOptionsVladimir Kochnev2022-08-19
| | | | | | | | | | | | Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* | | Merge pull request #15426 from nicrowe00/14955OpenShift Merge Robot2022-08-23
|\ \ \ | | | | | | | | podman kube play/down --read from URL
| * | | podman kube play/down --read from URLNiall Crowe2022-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman kube play` can create pods and containers from YAML read from a URL poiniting to a YAML file. For example: `podman kube play https://example.com/demo.yml`. `podman kube down` can also teardown pods and containers created from that YAML file by also reading YAML from a URL, provided the YAML file the URL points to has not been changed or altered since it was used to create pods and containers Closes #14955 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | | | Merge pull request #15415 from cdoern/cloneOpenShift Merge Robot2022-08-23
|\ \ \ \ | | | | | | | | | | pass environment variables to container clone
| * | | | pass environment variables to container cloneCharlie Doern2022-08-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the env vars are held in the spec rather than the config, so they need to be mapped manually. They are also of a different format so special handling needed to be added. All env from the parent container will now be passed to the clone. resolves #15242 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | | Merge pull request #15384 from sstosh/options-cgroupsv1-rootlessOpenShift Merge Robot2022-08-23
|\ \ \ \ \ | | | | | | | | | | | | Warning messages are printed and ignored if we use an unsupported option on cgroups V1 rootless systems
| * | | | | Warning messages are printed and ignored if we use an unsupported optionToshiki Sonoda2022-08-23
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When an unsupported limit on cgroups V1 rootless systems is requested, podman prints an warning message and ignores the option/flag. ``` Target options/flags: --cpu-period, --cpu-quota, --cpu-rt-period, --cpu-rt-runtime, --cpus, --cpu-shares, --cpuset-cpus, --cpuset-mems, --memory, --memory-reservation, --memory-swap, --memory-swappiness, --blkio-weight, --device-read-bps, --device-write-bps, --device-read-iops, --device-write-iops, --blkio-weight-device ``` Related to https://github.com/containers/podman/discussions/10152 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* / | | | inspect, image: alias .Config.HealthCheck to .HealthCheck for compatibilityAditya R2022-08-23
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support inspecting image healthcheck using docker supported `.Config.HealthCheck` by aliasing field to `.HealthCheck` Now supports ```Console podman image inspect -f "{{.Config.Healthcheck}}" imagename ``` Closes: https://github.com/containers/podman/issues/14661 Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #15392 from ashley-cui/quietOpenShift Merge Robot2022-08-22
|\ \ \ \ | |/ / / |/| | | Add quiet/q flag to podman secret ls
| * | | Add quiet/q flag to podman secret lsAshley Cui2022-08-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add quiet/q flag to podman secret ls, which will print only the secret ID. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #15363 from rhatdan/secretOpenShift Merge Robot2022-08-22
|\ \ \ \ | |/ / / |/| | | podman secret create -d alias --driver, inspect -f alias --format: Docker compatibity
| * | | Add podman secret inspect -f alias for --format: Docker compatibilityDaniel J Walsh2022-08-17
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | Add podman secret create -d as alias for --driver for Docker compatibilityDaniel J Walsh2022-08-17
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | fix CI: remove hardcodeded alpine versionValentin Rothberg2022-08-22
| |/ / |/| | | | | | | | | | | | | | | | | | | | The apiv2 test hardcoded the tag of the alpine image. Remove it to unblock CI. Fixes: #15388 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | podman generate kube - add actual testsEd Santiago2022-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This exposed a nasty bug in our system-test setup: Ubuntu (runc) was writing a scratch containers.conf file, and setting CONTAINERS_CONF to point to it. This was well-intentionedly introduced in #10199 as part of our long sad history of not testing runc. What I did not understand at that time is that CONTAINERS_CONF is **dangerous**: it does not mean "I will read standard containers.conf and then override", it means "I will **IGNORE** standard containers.conf and use only the settings in this file"! So on Ubuntu we were losing all the default settings: capabilities, sysctls, all. Yes, this is documented in containers.conf(5) but it is such a huge violation of POLA that I need to repeat it. In #14972, as yet another attempt to fix our runc crisis, I introduced a new runc-override mechanism: create a custom /etc/containers/containers.conf when OCI_RUNTIME=runc. Unlike the CONTAINERS_CONF envariable, the /etc file actually means what you think it means: "read the default file first, then override with the /etc file contents". I.e., we get the desired defaults. But I didn't remember this helpers.bash workaround, so our runc testing has actually been flawed: we have not been testing with the system containers.conf. This commit removes the no-longer-needed and never-actually-wanted workaround, and by virtue of testing the cap-drops in kube generate, we add a regression test to make sure this never happens again. It's a little scary that we haven't been testing capabilities. Also scary: this PR requires python, for converting yaml to json. I think that should be safe: python3 'import yaml' and 'json' works fine on a RHEL8.7 VM from 1minutetip. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #15364 from rhatdan/statsOpenShift Merge Robot2022-08-17
|\ \ \ | | | | | | | | Add podman stats --no-trunc option
| * | | Add podman stats --no-trunc optionDaniel J Walsh2022-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is for compatibility with Docker. Partial fix for https://github.com/containers/podman/issues/14917 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Add podman manifest create -a. Alias for --amend:Docker compatibilityDaniel J Walsh2022-08-17
|/ / / | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #15341 from rhatdan/kubeOpenShift Merge Robot2022-08-17
|\ \ \ | |/ / |/| | Fix podman kube generate --help to show correct help message
| * | Fix podman kube generate --help to show correct help messageDaniel J Walsh2022-08-16
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Cirrus: add podman_machine_aarch64Lokesh Mandvekar2022-08-17
| | | | | | | | | | | | | | | | | | Run machine tests on every PR as label-driven machine test triggering is currently hard to predict and debug. Co-authored-by: Ed Santiago <santiago@redhat.com> Co-authored-by: Miloslav Trmač <mitr@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #14999 from sstosh/restart-optionOpenShift Merge Robot2022-08-17
|\ \ | | | | | | Add restart --cidfile, --filter
| * | Add restart --cidfile, --filterToshiki Sonoda2022-08-12
| | | | | | | | | | | | | | | | | | | | | --cidfile : Read container ID from the specified file and restart the container. --filter : restart the filtered container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | podman manifest create: accept --amend and --insecure flagsNalin Dahyabhai2022-08-16
| |/ |/| | | | | | | | | | | | | Accept a --amend flag in `podman manifest create`, and treat `--insecure` as we would `--tls-verify=false` in `podman manifest`'s "add", "create", and "push" subcommands. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | system tests: fix broken runc testEd Santiago2022-08-16
| | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #14613, which was never actually tested until this week in RHEL8 gating tests (see issue #15337). * add missing backslash in '|' expression * allow extra text after error (e.g., "invalid argument") No way to test this until it makes its way into RHEL8, so, fingers crossed. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #15317 from rhatdan/debugOpenShift Merge Robot2022-08-16
|\ \ | | | | | | Add compatibility support for --debug flag from docker
| * | Add compatibility support for --debug -D flag from dockerDaniel J Walsh2022-08-15
| |/ | | | | | | | | | | This is another fix for https://github.com/containers/podman/issues/14917 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #15270 from nicrowe00/kubegenerateOpenShift Merge Robot2022-08-16
|\ \ | | | | | | Add "podman kube generate" command
| * | Add "podman kube generate" commandNiall Crowe2022-08-11
| | | | | | | | | | | | | | | | | | | | | | | | "podman kube generate" creates Kubernetes YAML from Podman containers, pods or volumes. Users will still be able to use "podman generate kube" as an alias of "kube generate". Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | | Add Docker compatibility for --dns-option to --dns-optDaniel J Walsh2022-08-15
| |/ |/| | | | | | | Fixes one of the issues found in https://github.com/containers/podman/issues/14917 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #15285 from YoitoFes/fix-15210OpenShift Merge Robot2022-08-11
|\ \ | |/ |/| remote manifest push: show copy progress
| * remote manifest push: show copy progressNaoto Kobayashi2022-08-11
| | | | | | | | | | | | | | | | | | | | `podman-remote manifest push` has shown absolutely no progress at all. Fix that by doing the same as the remote-push code does. Like remote-push, `quiet` parameter is true by default for backwards compatibility. Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* | kube play: sd-notify integrationValentin Rothberg2022-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integrate sd-notify policies into `kube play`. The policies can be configured for all contianers via the `io.containers.sdnotify` annotation or for indidivual containers via the `io.containers.sdnotify/$name` annotation. The `kube play` process will wait for all containers to be ready by waiting for the individual `READY=1` messages which are received via the `pkg/systemd/notifyproxy` proxy mechanism. Also update the simple "container" sd-notify test as it did not fully test the expected behavior which became obvious when adding the new tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | libpod: allow the notify socket to be passed programaticallyValentin Rothberg2022-08-10
|/ | | | | | | | | The notify socket can now either be specified via an environment variable or programatically (where the env is ignored). The notify mode and the socket are now also displayed in `container inspect` which comes in handy for debugging and allows for propper testing. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #12865 from rhatdan/crunOpenShift Merge Robot2022-08-10
|\ | | | | I believe that these tests will now run with crun.