aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* Add parameter verification for api creation networkzhangguanzhang2020-08-12
| | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* Merge pull request #7269 from openSUSE/seccompOpenShift Merge Robot2020-08-11
|\ | | | | Allow specifying seccomp profiles for privileged containers
| * Allow specifying seccomp profiles for privileged containersSascha Grunert2020-08-11
| | | | | | | | | | | | | | To sync the behavior between AppArmor and seccomp it is now possible to also specify seccomp profiles for privileged containers. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #7239 from rhatdan/workingOpenShift Merge Robot2020-08-11
|\ \ | | | | | | Fix handling of working dir
| * | Fix handling of working dirDaniel J Walsh2020-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Buildah and podman build can create images without a working dir. FROM fedora WORKDIR /test If you build this image with caching twice, the second time the image will not have a working dir. Similarly if you execute podman run --workdir /foobar fedora It blows up since the workingdir is not created automatically. Finally there was duplicated code for getting the workingdir out of an image, that this PR removes. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Add the Status field in the ps --format=jsonzhangguanzhang2020-08-11
| | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Merge pull request #7256 from mheon/fix_cmd_with_entrypointOpenShift Merge Robot2020-08-10
|\ \ \ | | | | | | | | Do not use image CMD if user gave ENTRYPOINT
| * | | Do not use image CMD if user gave ENTRYPOINTMatthew Heon2020-08-10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This matches Docker behavior, and seems to make sense - the CMD may have been specific to the original entrypoint and probably does not make sense if it was changed. While we're in here, greatly simplify the logic for populating the SpecGen's Command. We create the full command when making the OCI spec, so the client should not be doing any more than setting it to the Command the user passed in, and completely ignoring ENTRYPOINT. Fixes #7115 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #7240 from jwhonce/issues/7123OpenShift Merge Robot2020-08-10
|\ \ \ | |_|/ |/| | Default .Repository and .Tag values to <none>
| * | Default .Repository and .Tag values to <none>Jhon Honce2020-08-10
| |/ | | | | | | | | | | | | | | | | | | Refactor the processing of Repository and Tag fields to default to <none> when printing via --format flag. Previously, the default format would print <none> but --format {{.Tag}} would not in some cases. Fixes #7123 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / generate systemd: fix error handlingValentin Rothberg2020-08-10
|/ | | | | | | | | Fix a bug in the error handling which returned nil instead of an error and ultimately lead to nil dereferences in the client. To prevent future regressions, add a test and check for the error message. Fixes: #7271 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* system tests: podman-remote, image treeEd Santiago2020-08-10
| | | | | | | | | | | | | | | | | | | | | - new sanity checks for podman-remote: - first, confirm that when PODMAN is "-remote", we actually talk to a server (validated by presence of "Server:" string in "podman version"). - second, add test for #7212, in which we run "podman --remote" (podman with --remote flag, not podman-remote command) and make sure --remote is allowed both as the first option and also with other flag options preceding. - new test for "podman image tree" (piggybacking on top of a "podman build" test, because that gives us lots of layers). - skip "podman exec - basic test" when remote. It is consistently causing CI failures, breaking all of CI, due to #7241. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7216 from 5eraph/masterOpenShift Merge Robot2020-08-09
|\ | | | | support outbound-addr
| * changes to support outbound-addr5eraph2020-08-07
| | | | | | | | | | | | Fixes #6064 Signed-off-by: Bohumil Cervenka <5eraph@protonmail.com>
* | Merge pull request #7232 from Luap99/podman-logs-tailOpenShift Merge Robot2020-08-07
|\ \ | | | | | | fix podman logs --tail when log is bigger than pagesize
| * | fix podman logs --tail when log is bigger than pagesizePaul Holzinger2020-08-06
| | | | | | | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #7220 from baude/issue7124OpenShift Merge Robot2020-08-05
|\ \ \ | | | | | | | | podman-remote send name and tag
| * | | podman-remote send name and tagBrent Baude2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when loading an image with podman-remote load, we need to send a name and a tag to the endpoint Fixes: #7124 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #7212 from jwhonce/issues/7211OpenShift Merge Robot2020-08-05
|\ \ \ \ | | | | | | | | | | Refactor parsing to not require --remote to be first flag
| * | | | Refactor parsing to not require --remote to be firstJhon Honce2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use cobra.Command.FParseErrWhitelist to no longer require --remote to be the first argument in flags when using CLI Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #7236 from mheon/write_error_to_inspectOpenShift Merge Robot2020-08-05
|\ \ \ \ \ | |/ / / / |/| | | | Ensure that exec errors write exit codes to the DB
| * | | | Ensure that exec errors write exit codes to the DBMatthew Heon2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In local Podman, the frontend interprets the error and exit code given by the Exec API to determine the appropriate exit code to set for Podman itself; special cases like a missing executable receive special exit codes. Exec for the remote API, however, has to do this inside Libpod itself, as Libpod will be directly queried (via the Inspect API for exec sessions) to get the exit code. This was done correctly when the exec session started properly, but we did not properly handle cases where the OCI runtime fails before the exec session can properly start. Making two error returns that would otherwise not set exit code actually do so should resolve the issue. Fixes #6893 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #7176 from mheon/make_entrypointOpenShift Merge Robot2020-08-05
|\ \ \ \ \ | |_|_|/ / |/| | | | Ensure WORKDIR from images is created
| * | | | HACK HACK try debugging buildMatthew Heon2020-08-04
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Ensure WORKDIR from images is createdMatthew Heon2020-08-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A recent crun change stopped the creation of the container's working directory if it does not exist. This is arguably correct for user-specified directories, to protect against typos; it is definitely not correct for image WORKDIR, where the image author definitely intended for the directory to be used. This makes Podman create the working directory and chown it to container root, if it does not already exist, and only if it was specified by an image, not the user. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #7125 from QiWang19/fd-validateOpenShift Merge Robot2020-08-05
|\ \ \ \ | | | | | | | | | | validate fds --preserve-fds
| * | | | validate fds --preserve-fdsQi Wang2020-08-04
| | |/ / | |/| | | | | | | | | | | | | | | | | | validate file descriptors passed from podman run and podman exec --preserve-fds. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #7224 from rhatdan/removeOpenShift Merge Robot2020-08-05
|\ \ \ \ | | | | | | | | | | Handle podman-remote run --rm
| * | | | Handle podman-remote run --rmDaniel J Walsh2020-08-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to remove the container after it has exited for podman-remote run --rm commands. If we don't remove this container at this step, we open ourselves up to race conditions. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7081 from QiWang19/sigature-storeOpenShift Merge Robot2020-08-05
|\ \ \ \ \ | |/ / / / |/| | | | fix bug podman sign storage path
| * | | | fix bug podman sign storage pathQi Wang2020-08-04
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - fix the bud podman not using specified --directory as signature storage. - use manifest and image referce to set repo@digest. close #6994 close #6993 Signed-off-by: Qi Wang <qiwan@redhat.com>
* / / / correct go-binding key for volumesBrent Baude2020-08-04
|/ / / | | | | | | | | | | | | | | | | | | | | | the go binding for remove container was using 'vols' for a key to remove volumes associated to the container. the correct key should be "v" and is documented as such. Fixes: #7128 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #7111 from edsantiago/reenable_remote_system_testsOpenShift Merge Robot2020-08-04
|\ \ \ | | | | | | | | Reenable remote system tests
| * | | Reenable remote system testsEd Santiago2020-08-03
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman-remote is in better shape now. Let's see what needs to be done to reenable remote system tests. - logs test: skip multilog, it doesn't work remote - diff test: use -l only when local, not with remote - many other tests: skip_if_remote, with 'FIXME: pending #xxxx' where xxxx is a filed issue. Unrelated: added new helper to skip_if_remote and _if_rootless, where we check if the source message includes "remote"/"rootless" and insert it if missing. This is a minor usability enhancement to make it easier to understand at-a-glance why a skip triggers. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #7209 from giuseppe/support-mount-devptsOpenShift Merge Robot2020-08-04
|\ \ \ | | | | | | | | podman: support --mount type=devpts
| * | | podman: support --mount type=devptsGiuseppe Scrivano2020-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow to create a devpts mount. This is useful for containers that bind mount /dev/ from the host but at the same time want to create a terminal. It can be used as: podman run -v /dev:/dev --mount type=devpts,target=/dev/pts ... Closes: https://github.com/containers/podman/issues/6804 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Do not set host IP on ports when 0.0.0.0 requestedMatthew Heon2020-08-03
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker and CNI have very different ideas of what 0.0.0.0 means. Docker takes it to be 0.0.0.0/0 - that is, bind to every IPv4 address on the host. CNI (and, thus, root Podman) take it to mean the literal IP 0.0.0.0. Instead, CNI interprets the empty string ("") as "bind to all IPs". We could ask CNI to change, but given this is established behavior, that's unlikely. Instead, let's just catch 0.0.0.0 and turn it into "" when we parse ports. Fixes #7014 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #7182 from zhangguanzhang/fix-exitCode-for-startOpenShift Merge Robot2020-08-03
|\ \ \ | |/ / |/| | implement the exitcode when start a container with attach
| * | implement the exitcode when start a container with attachzhangguanzhang2020-08-03
| | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Merge pull request #7188 from zhangguanzhang/network-404OpenShift Merge Robot2020-08-03
|\ \ \ | | | | | | | | API returns 500 in case network is not found instead of 404
| * | | API returns 500 in case network is not found instead of 404zhangguanzhang2020-08-02
| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | Merge pull request #7191 from openSUSE/printfOpenShift Merge Robot2020-08-03
|\ \ \ \ | | | | | | | | | | Remove some unnecessary []byte to string conversions
| * | | | Remove some unnecessary []byte to string conversionsSascha Grunert2020-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some calls to `Sprintf("%s")` can be avoided by using direct string type assertions. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | Merge pull request #7158 from rhatdan/commitOpenShift Merge Robot2020-08-03
|\ \ \ \ \ | |/ / / / |/| | | | Handle single character images
| * | | | Handle single character imagesDaniel J Walsh2020-07-30
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently you can only specify multiple character for image names when executing podman-remote commit podman-remote commit a b Will complete, but will save the image without a name. podman-remote commit a bb Works. This PR fixes and now returns an error if the user doees not specify an image name to commit to. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #7141 from rhafer/image_descr_testOpenShift Merge Robot2020-08-03
|\ \ \ \ | |_|/ / |/| | | Add test case for description being present in search result
| * | | Add test case for description being present in search resultRalf Haferkamp2020-07-31
| | |/ | |/| | | | | | | | | | | | | | | | Test for a specific static image and match the description to avoid regression like https://github.com/containers/podman/pull/7131 Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
* | | Merge pull request #7165 from jwhonce/issues/7008OpenShift Merge Robot2020-08-01
|\ \ \ | | | | | | | | Add versioned _ping endpoint
| * | | Add versioned _ping endpointJhon Honce2020-07-31
| |/ / | | | | | | | | | | | | | | | Fixes #7008 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / / fix pod creation with "new:" syntaxPaul Holzinger2020-07-31
|/ / | | | | | | | | | | | | | | | | | | | | When you execute podman create/run with the --pod new:<name> syntax the pod was created but the namespaces where not shared and therefore containers could not communicate over localhost. Add the default namespaces and pass the network options to the pod create options. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>