aboutsummaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAge
* health checks: make on-failure action retry awareValentin Rothberg2022-10-07
| | | | | | | | Make sure that the on-failure actions only kick in once the health check has passed its retries. Also fix race conditions on reading/writing the log. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #16067 from tyler92/fix-directory-or-createOpenShift Merge Robot2022-10-06
|\ | | | | Create a full path to a directory when DirectoryOrCreate is used
| * Create full path to a directory when DirectoryOrCreate is used with play kubeMikhail Khachayants2022-10-06
| | | | | | | | Signed-off-by: Mikhail Khachayants <tyler92@inbox.ru>
* | Return error in podman system service if URI scheme is not unix/tcpBoaz Shuster2022-10-06
|/ | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* Add pods created by kube play to a default networkAndrei Natanael Cosma2022-10-04
| | | | | | | | | | In order to allow pods to reach other pods (as in Kubernetes) they all need to be added to the same network. A network is created (if it doesn't exist) and pods created by play-kube are added to that network. When network options are passed to kube command the pods are not attached to the default kube network. Signed-off-by: Andrei Natanael Cosma <andrei@intersect.ro>
* Merge pull request #15846 from jakecorrenti/pod-logs-latestOpenShift Merge Robot2022-10-03
|\ | | | | `podman pod logs -l` no longer panics
| * `podman pod logs -l` no longer panicsJake Correnti2022-09-29
| | | | | | | | | | | | | | Fixed issue where executing the command `podman pod logs -l` would panic because it was indexing into an empty arguments array. Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | container inspect: include image digestValentin Rothberg2022-09-30
| | | | | | | | | | | | | | | | | | Include the digest of the image in `podman container inspect`. The image digest is a key information for auditing as it defines the identify of an image. This way, it can be determined whether a container used an image with a given CVE etc. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #16005 from sstosh/fix-typoOpenShift Merge Robot2022-09-30
|\ \ | | | | | | Fix typo about e2e tests name
| * | Fix typo about e2e tests nameToshiki Sonoda2022-09-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * podman stop --all -> podman kill --all * podman pause --filter -> podman restart --filter [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #15868 from rst0git/podman-run-checkpoint-imgOpenShift Merge Robot2022-09-30
|\ \ \ | |/ / |/| | cmd/podman: add support for checkpoint images
| * | Add test for podman run with checkpoint imageRadostin Stoyanov2022-09-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | The `podman run` command has been extended with support for checkpoint images. A checkpoint image contains image files generated by criu that allow to restore the runtime state of containerized applications. This patch adds a test case for this functionality. Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
* | | Merge pull request #15909 from cdoern/restoreOpenShift Merge Robot2022-09-29
|\ \ \ | | | | | | | | fix restore API endpoint
| * | | fix restore API endpointcdoern2022-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | restore endpoint was totally ignoring --pod, it was missing from the schema and from query handling on the api handlers side. add support for it here. resolves #15018 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | Merge pull request #15998 from Luap99/play-kube-hostnetOpenShift Merge Robot2022-09-29
|\ \ \ \ | | | | | | | | | | podman kube play allow --network host
| * | | | podman kube play allow --network hostPaul Holzinger2022-09-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I see no reason to block --network host with kube play and force users to have to set it in the yaml file. This is just confusing when compared to the other podman create/run --network options, see discussion in #15945. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #15994 from Luap99/flake-15990OpenShift Merge Robot2022-09-29
|\ \ \ \ \ | |/ / / / |/| | | | fix "podman system prune networks" flake
| * | | | fix "podman system prune networks" flakePaul Holzinger2022-09-29
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since by default the network config dir is shared in the e2e tests any other parallel running test could remove a network and cause this test to fail. Fixes #15990 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / | | Revert "remote: fix manifest add --annotation"Paul Holzinger2022-09-29
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 32f54a81ed797597827123b671b6e73194354327. `pkg/bindings` is supported outside of podman and we have to keep it stable. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #15988 from sstosh/manifest-annotate-remoteOpenShift Merge Robot2022-09-29
|\ \ \ | | | | | | | | remote: fix manifest add --annotation
| * | | remote: fix manifest add --annotationToshiki Sonoda2022-09-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * `manifest add --annotation option` adds annotations field on remote environment. * `manifest inspect` prints annotations field on remote environment. Fixes: #15952 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | System tests: stop deep-checking log-levelEd Santiago2022-09-28
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I was testing --log-level by --storage-opt=mount_program=/bin/false Stop doing that. It's just constantly breaking everything (#15698 and #15977). I am violently of the opinion that a command-line option must not destroy a user's system (except for --set-something, --config, something that makes it very very clear that it is a lasting change). I seem to be in the minority on this opinion. So, I give up. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #15946 from rhatdan/kubeOpenShift Merge Robot2022-09-27
|\ \ \ | | | | | | | | Default missing hostPort to containerPort is defined in kube.yaml
| * | | Default missing hostPort to containerPort is defined in kube.yamlDaniel J Walsh2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If user does not specify hostPort in a kube.yml file but does specify a containerPort, then the hostPort should default to the containerPort. Fixes: https://github.com/containers/podman/issues/15942 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | System tests: light cleanupEd Santiago2022-09-27
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #15895: - add a normal-case test, to ensure that --privileged without systemd continues to pass through /dev/ttyN devices - explain why we die() if host has no ttyN devices - I find grep -vx slightly easier to read than sed backslash-slash - run cleanup with '-t 0', to shave ten seconds from CI run Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #15933 from vrothberg/fix-15879OpenShift Merge Robot2022-09-26
|\ \ \ | | | | | | | | auto-update: validate container image
| * | | auto-update: validate container imageValentin Rothberg2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Auto updates using the "registry" policy require container to be created with a fully-qualified image reference. Short names are not supported due the ambiguity of their source registry. Initially, container creation errored out for non FQN images but it seems that Podman has regressed. Fixes: #15879 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | compat API: network inspect do not show isolate optionPaul Holzinger2022-09-25
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We force the isolate option on new newtworks because that is the docker behavior. However when we inspect them they should not be displayed to the caller since they have no idea about it and docker-compose throws an error because of that. Fixes #15580 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #15900 from rhatdan/VENDOROpenShift Merge Robot2022-09-23
|\ \ \ | | | | | | | | Update vendor of containers(image, common, buildah, storage)
| * | | Fixup Buildah mergeEd Santiago2022-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes since 2022-09-09: - man page: add --skip-unused-stages (buildah 4249) - man page: bring in new Note for --cache-ttl (4248) - system tests: de-stutter (4205) - (internal): in skip() applier: escape asterisk, otherwise the "bud with --dns* flags" sed expression never applies. Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #15873 from ashley-cui/prettysecretsOpenShift Merge Robot2022-09-23
|\ \ \ \ | | | | | | | | | | Add --pretty to podman secret inspect
| * | | | Add --pretty to podman secret inspectAshley Cui2022-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pretty-print podman secret inspect output in a human-readable format Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | Merge pull request #15463 from mheon/fix_15408OpenShift Merge Robot2022-09-23
|\ \ \ \ \ | |_|/ / / |/| | | | Events for containers in pods now include the pod's ID
| * | | | Events for containers in pods now include the pod's IDMatthew Heon2022-09-22
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows tools like Cockpit to know that the pod in question has also been updated, so they can refresh the list of containers in the pod. Fixes #15408 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / | | Add support for 'image' volume driverMatthew Heon2022-09-22
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We added the concept of image volumes in 2.2.0, to support inspecting an image from within a container. However, this is a strictly read-only mount, with no modification allowed. By contrast, the new `image` volume driver creates a c/storage container as its underlying storage, so we have a read/write layer. This, in and of itself, is not especially interesting, but what it will enable in the future is. If we add a new command to allow these image volumes to be committed, we can now distribute volumes - and changes to them - via a standard OCI image registry (which is rather new and quite exciting). Future work in this area: - Add support for `podman volume push` (commit volume changes and push resulting image to OCI registry). - Add support for `podman volume pull` (currently, we require that the image a volume is created from be already pulled; it would be simpler if we had a dedicated command that did the pull and made a volume from it) - Add support for scratch images (make an empty image on demand to use as the base of the volume) - Add UOR support to `podman volume push` and `podman volume pull` to enable both with non-image volume drivers Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #15895 from dcermak/don-expose-dev-for-privilegedOpenShift Merge Robot2022-09-22
|\ \ \ | | | | | | | | Don't mount /dev/ inside privileged containers running systemd
| * | | Don't mount /dev/tty* inside privileged containers running systemdDan Čermák2022-09-22
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to https://systemd.io/CONTAINER_INTERFACE/, systemd will try take control over /dev/ttyN if exported, which can cause conflicts with the host's tty in privileged containers. Thus we will not expose these to privileged containers in systemd mode, as this is a bad idea according to systemd's maintainers. Additionally, this commit adds a bats regression test to check that no /dev/ttyN are present in a privileged container in systemd mode This fixes https://github.com/containers/podman/issues/15878 Signed-off-by: Dan Čermák <dcermak@suse.com>
* | | Merge pull request #15131 from boaz0/closes_14707OpenShift Merge Robot2022-09-22
|\ \ \ | |/ / |/| | Add support to sig-proxy for podman-remote
| * | Add support to sig-proxy for podman-remoteBoaz Shuster2022-09-20
| | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Merge pull request #15870 from idleroamer/podman-saveOpenShift Merge Robot2022-09-22
|\ \ \ | | | | | | | | podman-save: Add signature-policy flag
| * | | cli: Add signature-policy flag to podman save😎Mostafa Emami2022-09-21
| |/ / | | | | | | | | | | | | | | | | | | | | | Allow overwrite of the signature-policy file by passing signature-policy flag to podman save command Closes: https://github.com/containers/podman/issues/15869 Signed-off-by: 😎Mostafa Emami <mustafaemami@gmail.com>
* | | System tests: reenable some skipped aarch64 testsEd Santiago2022-09-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Background: in order to add aarch64 tests, we had to add emergency skips to a lot of failing tests. No attempt was ever made to understand why they were failing. Fast forward to today, I filed #15888 just to see if tests are still failing. Looks like a number of them are fixed. (Yes, magically). Remove those skips. See: #15074, #15277 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Fix a few missed io/ioutil -> os updatesChris Evich2022-09-21
| | | | | | | | | | | | | | | | | | Ref: https://github.com/containers/podman/pull/15871 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #15871 from cevich/replace_ioutilOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Replace deprecated ioutil
| * | | Replace deprecated ioutilChris Evich2022-09-20
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Package `io/ioutil` was deprecated in golang 1.16, preventing podman from building under Fedora 37. Fortunately, functionality identical replacements are provided by the packages `io` and `os`. Replace all usage of all `io/ioutil` symbols with appropriate substitutions according to the golang docs. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #15837 from rhatdan/formatOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Improve generate systemd format
| * | | Improve generate systemd formatDaniel J Walsh2022-09-21
| |/ / | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/14897 Followup to #13814 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #15842 from ashley-cui/seclabelsOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Add labels to secrets
| * | | Add labels to secretsAshley Cui2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add --label/-l label flag to secret create, and show labels when inspecting secrets. Also allow labeling secrets via libpod/compat API. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #15866 from boaz0/closes_15746OpenShift Merge Robot2022-09-21
|\ \ \ \ | |_|/ / |/| | | Fix podman-remote run --attach stdin to show container ID