aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Set default rule at the head of device configurationHironori Shiina2022-03-07
| | | | | | | | The default rule should be set at the head of device configuration. Otherwise, rules for user devices are overridden by the default rule so that any access to the user devices are denied. Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
* Merge pull request #13406 from jwhonce/wip/docker-pyOpenShift Merge Robot2022-03-07
|\ | | | | Move all python tests to pytest
| * Move all python tests to pytestJhon Honce2022-03-04
| | | | | | | | | | | | | | * Add configuration to add report header for python client used in tests * Move report headers into the individual test runners vs runner.sh Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Throw an error if kube yaml has duplicate ctr namesUrvashi Mohnani2022-03-04
| | | | | | | | | | | | | | Error out if the kube yaml passed to play kube has more than one container or init container with the same name. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | Merge pull request #13413 from giuseppe/pod-no-use-cgroups-if-disabledOpenShift Merge Robot2022-03-04
|\ \ | | | | | | libpod: pods do not use cgroups if --cgroups=disabled
| * | libpod: pods do not use cgroups if --cgroups=disabledGiuseppe Scrivano2022-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | do not attempt to use cgroups with pods if the cgroups are disabled. A similar check is already in place for containers. Closes: https://github.com/containers/podman/issues/13411 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #13404 from flouthoc/bump-to-race-free-depsOpenShift Merge Robot2022-03-03
|\ \ \ | |_|/ |/| | deps: bump to race-free `c/image` and `c/storage` along with test to verify `concurrent/parallel` builds
| * | test: add a test to verify race free concurrent/parallel buildsAditya R2022-03-03
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Invoking parallel/concurrent builds from podman race against each other following behviour was fixed in https://github.com/containers/storage/pull/1153 and https://github.com/containers/image/pull/1480 Test verifies if following bug is fixed in new race-free API or not. Read more about this issue, see bz 2055487 for more details. More details here: https://github.com/containers/buildah/pull/3794 and https://github.com/containers/podman/pull/13339 Co-authored-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Aditya R <arajan@redhat.com>
* / container: workdir resolution must consider symlink if explicitly configuredAditya R2022-03-02
|/ | | | | | | | | | | | | | | | | | | | | | | While resolving `workdir` we mostly create a `workdir` when `stat` fails with `ENOENT` or `ErrNotExist` however following cases are not true when user explicitly specifies a `workdir` while `running` using `--workdir` which tells `podman` to only use workdir if its exists on the container. Following configuration is implicity set with other `run` mechanism like `podman play kube` Problem with explicit `--workdir` or similar implicit config in `podman play kube` is that currently podman ignores the fact that workdir can also be a `symlink` and actual `link` could be valid. Hence following commit ensures that in such scenarios when a `workdir` is not found and we cannot create a `workdir` podman must perform a check to ensure that if `workdir` is a `symlink` and `link` is resolved successfully and resolved link is present on the container then we return as it is. Docker performs a similar behviour. Signed-off-by: Aditya R <arajan@redhat.com>
* Merge pull request #13380 from jwhonce/wip/docker-pyOpenShift Merge Robot2022-03-01
|\ | | | | Refactor docker-py compatibility tests
| * Refactor docker-py compatibility testsJhon Honce2022-03-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add which python client is being used to run tests, see "python client" below. * Remove redundate code from test classes * Update/Add comments to modules and classes ======================================================= test session starts ======================================================== platform linux -- Python 3.10.0, pytest-6.2.4, py-1.10.0, pluggy-0.13.1 python client -- DockerClient rootdir: /home/jhonce/Projects/go/src/github.com/containers/podman plugins: requests-mock-1.8.0 collected 33 items test/python/docker/compat/test_containers.py ...s.............. [ 54%] test/python/docker/compat/test_images.py ............ [ 90%] test/python/docker/compat/test_system.py ... [100%] Note: Follow-up PRs will verify the test results and expand the tests. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #13362 from keonchennl/pod-logs-add-flagOpenShift Merge Robot2022-03-01
|\ \ | | | | | | Add the names flag for pod logs
| * | Add the names flag for pod logsXueyuan Chen2022-03-01
| |/ | | | | | | | | | | Fixes containers#13261 Signed-off-by: Xueyuan Chen <X.Chen-47@student.tudelft.nl>
* / Add podman volume mount supportDaniel J Walsh2022-02-28
|/ | | | | | Fixes: https://github.com/containers/podman/issues/12768 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13314 from flouthoc/container-commit-squashOpenShift Merge Robot2022-02-23
|\ | | | | container-commit: support `--squash` to squash layers into one if users want.
| * container-commit: support --squash to squash layers into oneAditya R2022-02-23
| | | | | | | | | | | | | | | | | | | | | | Allow users to commit containers into a single layer. Usage ```bash podman container commit --squash <name> ``` Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #13232 from rhatdan/volumesOpenShift Merge Robot2022-02-23
|\ \ | | | | | | Don't log errors on removing volumes inuse, if container --volumes-from
| * | Don't log errors on removing volumes inuse, if container --volumes-fromDaniel J Walsh2022-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When removing a container created with a --volumes-from a container created with a built in volume, we complain if the original container still exists. Since this is an expected state, we should not complain about it. Fixes: https://github.com/containers/podman/issues/12808 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Cleanup display of trust with transportsDaniel J Walsh2022-02-22
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #13059 from cdoern/cloneOpenShift Merge Robot2022-02-22
|\ \ \ | |_|/ |/| | Implement Podman Container Clone
| * | Implement Podman Container Clonecdoern2022-02-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman container clone takes the id of an existing continer and creates a specgen from the given container's config recreating all proper namespaces and overriding spec options like resource limits and the container name if given in the cli options this command utilizes the common function DefineCreateFlags meaning that we can funnel as many create options as we want into clone over time allowing the user to clone with as much or as little of the original config as they want. container clone takes a second argument which is a new name and a third argument which is an image name to use instead of the original container's the current supported flags are: --destroy (remove the original container) --name (new ctr name) --cpus (sets cpu period and quota) --cpuset-cpus --cpu-period --cpu-rt-period --cpu-rt-runtime --cpu-shares --cpuset-mems --memory --run resolves #10875 Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | | system tests: cleanup networks on teardownPaul Holzinger2022-02-21
| |/ |/| | | | | | | | | | | | | When a test which creates a network fail it will not remove the network. The teardown logic should remove the networks. Since there is no --all option for network rm we use network prune --force. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13286 from flouthoc/kube-build-false-defaultOpenShift Merge Robot2022-02-21
|\ \ | | | | | | kube: honor `--build=false` if specified.
| * | kube: honor --build=false and make --build=true by defaultAditya R2022-02-21
| | | | | | | | | | | | | | | | | | | | | | | | `podman play kube` tries to build images even if `--build` is set to false so lets honor that and make `--build` , `true` by default so it matches the original behviour. Signed-off-by: Aditya R <arajan@redhat.com>
* | | Merge pull request #13296 from ↵OpenShift Merge Robot2022-02-21
|\ \ \ | | | | | | | | | | | | | | | | Romain-Geissler-1A/url-and-connection-implies-remote Option --url and --connection should imply --remote.
| * | | Option --url and --connection should imply --remote.Romain Geissler2022-02-19
| |/ / | | | | | | | | | | | | | | | Closes #13242 Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* | | Merge pull request #13306 from Luap99/flag-errorOpenShift Merge Robot2022-02-21
|\ \ \ | | | | | | | | provide better error on invalid flag
| * | | provide better error on invalid flagPaul Holzinger2022-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a extra `See 'podman command --help'` to the error output. With this patch you now get: ``` $ podman run -h Error: flag needs an argument: 'h' in -h See 'podman run --help' ``` Fixes #13082 Fixes #13002 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | System tests: show one-line config overviewEd Santiago2022-02-21
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're running into problems that are impossible to diagnose because we have no idea if the SUT is using netavark or CNI. We've previously run into similar problems with runc/crun, or cgroups 1/2. This adds a one-line 'echo' with important system info. Now, when viewing a full test log, it will be possible to view system settings in one glance. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Propagate $CONTAINERS_CONF to conmonDavid Gibson2022-02-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CONTAINERS_CONF environment variable can be used to override the configuration file, which is useful for testing. However, at the moment this variable is not propagated to conmon. That means in particular, that conmon can't propagate it back to podman when invoking its --exit-command. The mismatch in configuration between the starting and cleaning up podman instances can cause a variety of errors. This patch also adds two related test cases. One checks explicitly that the correct CONTAINERS_CONF value appears in conmon's environment. The other checks for a possible specific impact of this bug: if we use a nonstandard name for the runtime (even if its path is just a regular crun), then the podman container cleanup invoked at container exit will fail. That has the effect of meaning that a container started with -d --rm won't be correctly removed once complete. Fixes #12917 Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* | | tests: Remove inaccurate commentDavid Gibson2022-02-18
|/ / | | | | | | | | | | | | | | This comment refers to overiding $PODMAN although the code below does nothing of the sort. Presumbly the comment has been outdated by altering the containers.conf / $CONTAINERS_CONF instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* / Fix a potential flake in volume plugins testsMatthew Heon2022-02-17
|/ | | | | | | | | We could remove the container running the volume plugins, before the containers using the volume plugins; this could cause unmounting the volumes to fail because the plugin could not be contacted. Signed-off-by: Matthew Heon <mheon@redhat.com>
* e2e: merge after/since image-filter testsValentin Rothberg2022-02-16
| | | | | | | Merge the two tests to speed up testing. Both built the exact same images. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Changes of docker descriptionsBrent Baude2022-02-15
| | | | | | | | | It looks like some descriptions have changed on the docker registry where we had been searching for images that include 'alpine'. We are now seeing an image in the initial list that has 'alpine' in its description. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Fix images since/after testsBrent Baude2022-02-15
| | | | | | | | For the since and after imagve filter tests, instead of using the read-only cache of images, we just use the empty r/w store. We then build three images that are strictly predictable. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #13144 from lsm5/e2e-netavarkOpenShift Merge Robot2022-02-11
|\ | | | | enable netavark specific tests
| * enable netavark specific testsLokesh Mandvekar2022-02-11
| | | | | | | | | | | | | | These are copies of the CNI tests with modifications wherever neccessary. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #13214 from adrianreber/2022-02-11-fix-testsOpenShift Merge Robot2022-02-11
|\ \ | |/ |/| Fix checkpoint/restore pod tests
| * Fix checkpoint/restore pod testsAdrian Reber2022-02-11
| | | | | | | | | | | | | | | | | | Checkpoint/restore pod tests are not running with an older runc and now that runc 1.1.0 appears in the repositories it was detected that the tests were failing. This was not detected in CI as CI was not using runc 1.1.0 yet. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Make sure building with relative paths work correctly.Daniel J Walsh2022-02-10
|/ | | | | | Fixes: https://github.com/containers/podman/issues/12763 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13191 from mheon/resolvconf_fixesOpenShift Merge Robot2022-02-10
|\ | | | | Modify /etc/resolv.conf when connecting/disconnecting
| * Modify /etc/resolv.conf when connecting/disconnectingMatthew Heon2022-02-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `podman network connect` and `podman network disconnect` commands give containers access to different networks than the ones they were created with; these networks can also have DNS servers associated with them. Until now, however, we did not modify resolv.conf as network membership changed. With this PR, `podman network connect` will add any new nameservers supported by the new network to the container's /etc/resolv.conf, and `podman network disconnect` command will do the opposite, removing the network's nameservers from `/etc/resolv.conf`. Fixes #9603 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Add version guard to libpod API endpointsJhon Honce2022-02-09
|/ | | | | | | | | * Ensure meaningful behaviour when called with /v3.x.x semantics * Change return code to 409 from 500 when client attempts to use an existing network name * Update API bats test runner to support /v4.0.0 endpoints by default Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #13159 from Luap99/slirp4-scopeOpenShift Merge Robot2022-02-08
|\ | | | | move rootless netns slirp4netns process to systemd user.slice
| * move rootless netns slirp4netns process to systemd user.slicePaul Holzinger2022-02-07
| | | | | | | | | | | | | | | | | | | | | | | | | | When running podman inside systemd user units, it is possible that systemd kills the rootless netns slirp4netns process because it was started in the default unit cgroup. When the unit is stopped all processes in that cgroup are killed. Since the slirp4netns process is run once for all containers it should not be killed. To make sure systemd will not kill the process we move it to the user.slice. Fixes #13153 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13156 from flouthoc/fix-compat-build-response-headerOpenShift Merge Robot2022-02-07
|\ \ | | | | | | compat: endpoint `/build` must set header `content type` as `application/json` in response header.
| * | compat: endpoint /build must set header content type as application/json in ↵Aditya R2022-02-07
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | reponse Lot of clients are expecting proper `Content-type: application/json` configured in response headers of `/build` compat api. Following commit fixes that. Fixes issues where code is setting header field after writing header which is wrong. We must set `content-type` before we write and flush http header. Signed-off-by: Aditya R <arajan@redhat.com>
* | Cleanup: remove obsolete/misleading bug workaroundEd Santiago2022-02-07
| | | | | | | | | | | | | | Followup to #13129: remove a no-longer-necessary workaround for a healthcheck bug. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #13129 from flouthoc/healthcheck-session-read-from-pipeOpenShift Merge Robot2022-02-07
|\ \ | |/ |/| healthcheck, libpod: Read healthcheck event output from os pipe
| * tests: retrofit healthcheck system testsAditya R2022-02-04
| | | | | | | | | | | | | | | | | | All the healthcheck return output now but systems tests is written to expect empty output which seems wrong. Modify jq output to contain newline character rather than actual newline Signed-off-by: Aditya R <arajan@redhat.com>