From a0fb08100391f27c283e0bf62e5663222066b6bf Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 4 Aug 2020 16:24:34 -0400 Subject: Handle podman-remote run --rm We need to remove the container after it has exited for podman-remote run --rm commands. If we don't remove this container at this step, we open ourselves up to race conditions. Signed-off-by: Daniel J Walsh --- pkg/domain/infra/tunnel/containers.go | 14 +++++++++++--- test/system/030-run.bats | 6 ------ test/system/070-build.bats | 1 - test/system/160-volumes.bats | 4 ---- test/system/200-pod.bats | 3 --- test/system/300-cli-parsing.bats | 2 -- test/system/400-unprivileged-access.bats | 2 -- test/system/410-selinux.bats | 1 - 8 files changed, 11 insertions(+), 22 deletions(-) diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go index 1fad67b86..d2221ab7b 100644 --- a/pkg/domain/infra/tunnel/containers.go +++ b/pkg/domain/infra/tunnel/containers.go @@ -500,9 +500,6 @@ func (ic *ContainerEngine) ContainerList(ctx context.Context, options entities.C } func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) { - if opts.Rm { - logrus.Info("the remote client does not support --rm yet") - } con, err := containers.CreateWithSpec(ic.ClientCxt, opts.Spec) if err != nil { return nil, err @@ -526,6 +523,17 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta if err != nil { report.ExitCode = define.ExitCode(err) } + if opts.Rm { + if err := containers.Remove(ic.ClientCxt, con.ID, bindings.PFalse, bindings.PTrue); err != nil { + if errors.Cause(err) == define.ErrNoSuchCtr || + errors.Cause(err) == define.ErrCtrRemoved { + logrus.Warnf("Container %s does not exist: %v", con.ID, err) + } else { + logrus.Errorf("Error removing container %s: %v", con.ID, err) + } + } + } + return &report, err } diff --git a/test/system/030-run.bats b/test/system/030-run.bats index e93a2efe2..43b41a0bd 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -96,8 +96,6 @@ echo $rand | 0 | $rand # Believe it or not, 'sh -c' resulted in different behavior run_podman 0 run --rm $IMAGE sh -c /bin/true run_podman 1 run --rm $IMAGE sh -c /bin/false - - if is_remote; then sleep 2;fi # FIXME: pending #7119 } @test "podman run --name" { @@ -266,8 +264,6 @@ echo $rand | 0 | $rand done done done - - if is_remote; then sleep 2;fi # FIXME: pending #7119 } # #6829 : add username to /etc/passwd inside container if --userns=keep-id @@ -292,8 +288,6 @@ echo $rand | 0 | $rand run_podman run --rm --privileged --userns=keep-id --user=0 $IMAGE id -un remove_same_dev_warning # grumble is "$output" "root" "--user=0 overrides keep-id" - - if is_remote; then sleep 2;fi # FIXME: pending #7119 } # #6991 : /etc/passwd is modifiable diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 481e1759b..d2ef9f0f9 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -91,7 +91,6 @@ ADD https://github.com/containers/podman/blob/master/README.md /tmp/ EOF run_podman build -t add_url $tmpdir run_podman run --rm add_url stat /tmp/README.md - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman rmi -f add_url # Now test COPY. That should fail. diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats index e2aefed43..3f50bd3c4 100644 --- a/test/system/160-volumes.bats +++ b/test/system/160-volumes.bats @@ -93,7 +93,6 @@ Labels.l | $mylabel is "$(<$mountpoint/myfile)" "$rand" "we see content created in container" # Clean up - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman volume rm $myvolume } @@ -135,7 +134,6 @@ EOF is "$output" "got here -$rand-" "script in volume is runnable with default (exec)" # Clean up - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman volume rm $myvolume } @@ -173,7 +171,6 @@ EOF run_podman run --rm -v $myvol:/myvol:z $IMAGE \ sh -c "cp /myvol/myfile /myvol/myfile2" - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman volume rm $myvol # Autocreated volumes should also work with keep-id @@ -182,7 +179,6 @@ EOF run_podman run --rm -v $myvol:/myvol:z --userns=keep-id $IMAGE \ touch /myvol/myfile - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman volume rm $myvol } diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index cbfd7fe03..f3ec8a67c 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -93,7 +93,6 @@ function teardown() { is "$output" "$message" "message sent from one container to another" # Clean up. First the nc -l container... - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman rm $cid1 # ...then, from pause container, find the image ID of the pause image... @@ -104,7 +103,6 @@ function teardown() { pause_iid="$output" # ...then rm the pod, then rmi the pause image so we don't leave strays. - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman pod rm $podname run_podman rmi $pause_iid @@ -215,7 +213,6 @@ function random_ip() { is "$output" ".*options $dns_opt" "--dns-opt was added" # pod inspect - if is_remote; then sleep 2;fi # FIXME: pending #7119 run_podman pod inspect --format '{{.Name}}: {{.ID}} : {{.NumContainers}} : {{.Labels}}' mypod is "$output" "mypod: $pod_id : 1 : map\[${labelname}:${labelvalue}]" \ "pod inspect --format ..." diff --git a/test/system/300-cli-parsing.bats b/test/system/300-cli-parsing.bats index 2abc01bb7..92c073102 100644 --- a/test/system/300-cli-parsing.bats +++ b/test/system/300-cli-parsing.bats @@ -10,8 +10,6 @@ load helpers # Error: invalid argument "true=\"false\"" for "-l, --label" \ # flag: parse error on line 1, column 5: bare " in non-quoted-field run_podman run --rm --label 'true="false"' $IMAGE true - - if is_remote; then sleep 2;fi # FIXME: pending #7119 } # vim: filetype=sh diff --git a/test/system/400-unprivileged-access.bats b/test/system/400-unprivileged-access.bats index ebca75f13..1b2d14554 100644 --- a/test/system/400-unprivileged-access.bats +++ b/test/system/400-unprivileged-access.bats @@ -165,8 +165,6 @@ EOF die "$path: Unknown file type '$type'" fi done - - if is_remote; then sleep 2;fi # FIXME: pending #7119 } # vim: filetype=sh diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index c85fb2563..497e29b3e 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -16,7 +16,6 @@ function check_label() { # FIXME: it'd be nice to specify the command to run, e.g. 'ls -dZ /', # but alpine ls (from busybox) doesn't support -Z run_podman run --rm $args $IMAGE cat -v /proc/self/attr/current - if is_remote; then sleep 2;fi # FIXME: pending #7119 # FIXME: on some CI systems, 'run --privileged' emits a spurious # warning line about dup devices. Ignore it. -- cgit v1.2.3-54-g00ecf