From 9688a462e996ac5d2bebf24f7ffdfaca9dc0ff05 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Wed, 5 Jan 2022 13:10:56 -0600 Subject: netavark e2e tests enabled e2e tests for netavark Signed-off-by: Brent Baude --- Makefile | 2 +- cmd/podman/networks/list.go | 1 - test/e2e/common_test.go | 127 +++++++++++++++++++++++++--- test/e2e/create_staticip_test.go | 6 +- test/e2e/create_staticmac_test.go | 2 +- test/e2e/create_test.go | 2 +- test/e2e/libpod_suite_remote_test.go | 3 +- test/e2e/login_logout_test.go | 4 +- test/e2e/network_connect_disconnect_test.go | 34 ++++---- test/e2e/network_create_test.go | 37 ++++---- test/e2e/network_test.go | 62 ++++++++------ test/e2e/play_kube_test.go | 6 +- test/e2e/pod_create_test.go | 14 ++- test/e2e/pod_ps_test.go | 6 +- test/e2e/ps_test.go | 6 +- test/e2e/run_networking_test.go | 73 +++++++++------- test/e2e/run_staticip_test.go | 2 +- test/e2e/search_test.go | 93 +++++++++----------- test/utils/utils.go | 39 +++++++-- 19 files changed, 327 insertions(+), 192 deletions(-) diff --git a/Makefile b/Makefile index fd1928ddb..9e9b3676e 100644 --- a/Makefile +++ b/Makefile @@ -535,7 +535,7 @@ run-docker-py-tests: .PHONY: localunit localunit: test/goecho/goecho test/version/version rm -rf ${COVERAGE_PATH} && mkdir -p ${COVERAGE_PATH} - $(GOBIN)/ginkgo \ + UNIT=1 $(GOBIN)/ginkgo \ -r \ $(TESTFLAGS) \ --skipPackage test/e2e,pkg/apparmor,pkg/bindings,hack \ diff --git a/cmd/podman/networks/list.go b/cmd/podman/networks/list.go index 092cc6424..f14e0ed0f 100644 --- a/cmd/podman/networks/list.go +++ b/cmd/podman/networks/list.go @@ -71,7 +71,6 @@ func networkList(cmd *cobra.Command, args []string) error { if err != nil { return err } - // sort the networks to make sure the order is deterministic sort.Slice(responses, func(i, j int) bool { return responses[i].Name < responses[j].Name diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index 796ae8141..f843a8984 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -5,6 +5,7 @@ import ( "fmt" "io/ioutil" "math/rand" + "net" "os" "os/exec" "path/filepath" @@ -46,7 +47,7 @@ type PodmanTestIntegration struct { PodmanTest ConmonBinary string Root string - CNIConfigDir string + NetworkConfigDir string OCIRuntime string RunRoot string StorageOptions string @@ -199,6 +200,7 @@ func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration { host := GetHostDistributionInfo() cwd, _ := os.Getwd() + root := filepath.Join(tempDir, "root") podmanBinary := filepath.Join(cwd, "../../bin/podman") if os.Getenv("PODMAN_BINARY") != "" { podmanBinary = os.Getenv("PODMAN_BINARY") @@ -235,11 +237,26 @@ func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration { ociRuntime = "crun" } os.Setenv("DISABLE_HC_SYSTEMD", "true") - CNIConfigDir := "/etc/cni/net.d" + + networkBackend := CNI + networkConfigDir := "/etc/cni/net.d" if rootless.IsRootless() { - CNIConfigDir = filepath.Join(os.Getenv("HOME"), ".config/cni/net.d") + networkConfigDir = filepath.Join(os.Getenv("HOME"), ".config/cni/net.d") } - if err := os.MkdirAll(CNIConfigDir, 0755); err != nil { + + if strings.ToLower(os.Getenv("NETWORK_BACKEND")) == "netavark" { + networkBackend = Netavark + networkConfigDir = "/etc/containers/networks" + if rootless.IsRootless() { + networkConfigDir = filepath.Join(root, "etc", "networks") + } + } + + if err := os.MkdirAll(root, 0755); err != nil { + panic(err) + } + + if err := os.MkdirAll(networkConfigDir, 0755); err != nil { panic(err) } @@ -251,7 +268,6 @@ func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration { storageFs = os.Getenv("STORAGE_FS") storageOptions = "--storage-driver " + storageFs } - p := &PodmanTestIntegration{ PodmanTest: PodmanTest{ PodmanBinary: podmanBinary, @@ -260,11 +276,12 @@ func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration { RemoteTest: remote, ImageCacheFS: storageFs, ImageCacheDir: ImageCacheDir, + NetworkBackend: networkBackend, }, ConmonBinary: conmonBinary, - Root: filepath.Join(tempDir, "root"), + Root: root, TmpDir: tempDir, - CNIConfigDir: CNIConfigDir, + NetworkConfigDir: networkConfigDir, OCIRuntime: ociRuntime, RunRoot: filepath.Join(tempDir, "runroot"), StorageOptions: storageOptions, @@ -754,6 +771,18 @@ func SkipIfNotActive(unit string, reason string) { } } +func SkipIfNetavark(p *PodmanTestIntegration) { + if p.NetworkBackend == Netavark { + Skip("This test is not compatible with the netavark network backend") + } +} + +func SkipUntilAardvark(p *PodmanTestIntegration) { + if p.NetworkBackend == Netavark { + Skip("Re-enable when aardvark is functional") + } +} + // PodmanAsUser is the exec call to podman on the filesystem with the specified uid/gid and environment func (p *PodmanTestIntegration) PodmanAsUser(args []string, uid, gid uint32, cwd string, env []string) *PodmanSessionIntegration { podmanSession := p.PodmanAsUserBase(args, uid, gid, cwd, env, false, false, nil, nil) @@ -815,7 +844,9 @@ func (p *PodmanTestIntegration) makeOptions(args []string, noEvents, noCache boo if p.RemoteTest { return args } - var debug string + var ( + debug string + ) if _, ok := os.LookupEnv("DEBUG"); ok { debug = "--log-level=debug --syslog=true " } @@ -825,12 +856,19 @@ func (p *PodmanTestIntegration) makeOptions(args []string, noEvents, noCache boo eventsType = "none" } + networkBackend := p.NetworkBackend.ToString() + networkDir := p.NetworkConfigDir + if p.NetworkBackend == Netavark { + networkDir = p.NetworkConfigDir + } podmanOptions := strings.Split(fmt.Sprintf("%s--root %s --runroot %s --runtime %s --conmon %s --network-config-dir %s --cgroup-manager %s --tmpdir %s --events-backend %s", - debug, p.Root, p.RunRoot, p.OCIRuntime, p.ConmonBinary, p.CNIConfigDir, p.CgroupManager, p.TmpDir, eventsType), " ") + debug, p.Root, p.RunRoot, p.OCIRuntime, p.ConmonBinary, networkDir, p.CgroupManager, p.TmpDir, eventsType), " ") if os.Getenv("HOOK_OPTION") != "" { podmanOptions = append(podmanOptions, os.Getenv("HOOK_OPTION")) } + podmanOptions = append(podmanOptions, "--network-backend", networkBackend) + podmanOptions = append(podmanOptions, strings.Split(p.StorageOptions, " ")...) if !noCache { cacheOptions := []string{"--storage-opt", @@ -842,6 +880,11 @@ func (p *PodmanTestIntegration) makeOptions(args []string, noEvents, noCache boo } func writeConf(conf []byte, confPath string) { + if _, err := os.Stat(filepath.Dir(confPath)); os.IsNotExist(err) { + if err := os.MkdirAll(filepath.Dir(confPath), 777); err != nil { + fmt.Println(err) + } + } if err := ioutil.WriteFile(confPath, conf, 777); err != nil { fmt.Println(err) } @@ -856,10 +899,15 @@ func removeConf(confPath string) { // generateNetworkConfig generates a cni config with a random name // it returns the network name and the filepath func generateNetworkConfig(p *PodmanTestIntegration) (string, string) { + var ( + path string + conf string + ) // generate a random name to prevent conflicts with other tests name := "net" + stringid.GenerateNonCryptoID() - path := filepath.Join(p.CNIConfigDir, fmt.Sprintf("%s.conflist", name)) - conf := fmt.Sprintf(`{ + if p.NetworkBackend != Netavark { + path = filepath.Join(p.NetworkConfigDir, fmt.Sprintf("%s.conflist", name)) + conf = fmt.Sprintf(`{ "cniVersion": "0.3.0", "name": "%s", "plugins": [ @@ -884,12 +932,35 @@ func generateNetworkConfig(p *PodmanTestIntegration) (string, string) { } ] }`, name) + } else { + path = filepath.Join(p.NetworkConfigDir, fmt.Sprintf("%s.json", name)) + conf = fmt.Sprintf(` +{ + "name": "%s", + "id": "e1ef2749024b88f5663ca693a9118e036d6bfc48bcfe460faf45e9614a513e5c", + "driver": "bridge", + "network_interface": "netavark1", + "created": "2022-01-05T14:15:10.975493521-06:00", + "subnets": [ + { + "subnet": "10.100.0.0/16", + "gateway": "10.100.0.1" + } + ], + "ipv6_enabled": false, + "internal": false, + "dns_enabled": true, + "ipam_options": { + "driver": "host-local" + } +} +`, name) + } writeConf([]byte(conf), path) - return name, path } -func (p *PodmanTestIntegration) removeCNINetwork(name string) { +func (p *PodmanTestIntegration) removeNetwork(name string) { session := p.Podman([]string{"network", "rm", "-f", name}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(BeNumerically("<=", 1), "Exit code must be 0 or 1") @@ -937,3 +1008,33 @@ func writeYaml(content string, fileName string) error { return nil } + +// GetPort finds an unused port on the system +func GetPort() int { + a, err := net.ResolveTCPAddr("tcp", "localhost:0") + if err != nil { + Fail(fmt.Sprintf("unable to get free port: %v", err)) + } + + l, err := net.ListenTCP("tcp", a) + if err != nil { + Fail(fmt.Sprintf("unable to get free port: %v", err)) + } + defer l.Close() + return l.Addr().(*net.TCPAddr).Port +} + +func ncz(port int) bool { + timeout := 500 * time.Millisecond + for i := 0; i < 5; i++ { + ncCmd := []string{"-z", "localhost", fmt.Sprintf("%d", port)} + fmt.Printf("Running: nc %s\n", strings.Join(ncCmd, " ")) + check := SystemExec("nc", ncCmd) + if check.ExitCode() == 0 { + return true + } + time.Sleep(timeout) + timeout++ + } + return false +} diff --git a/test/e2e/create_staticip_test.go b/test/e2e/create_staticip_test.go index 5d234d717..4a1d926e0 100644 --- a/test/e2e/create_staticip_test.go +++ b/test/e2e/create_staticip_test.go @@ -106,6 +106,10 @@ var _ = Describe("Podman create with --ip flag", func() { result = podmanTest.Podman([]string{"start", "test2"}) result.WaitWithDefaultTimeout() Expect(result).To(ExitWithError()) - Expect(result.ErrorToString()).To(ContainSubstring("requested IP address " + ip + " is not available")) + if podmanTest.NetworkBackend == CNI { + Expect(result.ErrorToString()).To(ContainSubstring("requested IP address " + ip + " is not available")) + } else if podmanTest.NetworkBackend == Netavark { + Expect(result.ErrorToString()).To(ContainSubstring("requested ip address %s is already allocated", ip)) + } }) }) diff --git a/test/e2e/create_staticmac_test.go b/test/e2e/create_staticmac_test.go index c6694ff7f..5fd8e3bd6 100644 --- a/test/e2e/create_staticmac_test.go +++ b/test/e2e/create_staticmac_test.go @@ -52,7 +52,7 @@ var _ = Describe("Podman run with --mac-address flag", func() { net := "n1" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) result := podmanTest.Podman([]string{"run", "--network", net, "--mac-address", "92:d0:c6:00:29:34", ALPINE, "ip", "addr"}) diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index addf0ded0..6a4a394ef 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -598,7 +598,7 @@ var _ = Describe("Podman create", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) session = podmanTest.Podman([]string{"create", "--pod", name, "--network", netName, ALPINE, "top"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/libpod_suite_remote_test.go b/test/e2e/libpod_suite_remote_test.go index 4c5e9955f..b4a59c54d 100644 --- a/test/e2e/libpod_suite_remote_test.go +++ b/test/e2e/libpod_suite_remote_test.go @@ -153,8 +153,9 @@ func (p *PodmanTestIntegration) StopRemoteService() { // MakeOptions assembles all the podman main options func getRemoteOptions(p *PodmanTestIntegration, args []string) []string { + networkDir := p.NetworkConfigDir podmanOptions := strings.Split(fmt.Sprintf("--root %s --runroot %s --runtime %s --conmon %s --network-config-dir %s --cgroup-manager %s", - p.Root, p.RunRoot, p.OCIRuntime, p.ConmonBinary, p.CNIConfigDir, p.CgroupManager), " ") + p.Root, p.RunRoot, p.OCIRuntime, p.ConmonBinary, networkDir, p.CgroupManager), " ") if os.Getenv("HOOK_OPTION") != "" { podmanOptions = append(podmanOptions, os.Getenv("HOOK_OPTION")) } diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go index 3d0f44dc1..1280b3e83 100644 --- a/test/e2e/login_logout_test.go +++ b/test/e2e/login_logout_test.go @@ -11,7 +11,6 @@ import ( . "github.com/containers/podman/v4/test/utils" . "github.com/onsi/ginkgo" - "github.com/onsi/ginkgo/config" . "github.com/onsi/gomega" . "github.com/onsi/gomega/gexec" ) @@ -24,7 +23,6 @@ var _ = Describe("Podman login and logout", func() { authPath string certPath string certDirPath string - port int server string testImg string registriesConfWithSearch []byte @@ -62,7 +60,7 @@ var _ = Describe("Podman login and logout", func() { f.WriteString(session.OutputToString()) f.Sync() - port = 4999 + config.GinkgoConfig.ParallelNode + port := GetPort() server = strings.Join([]string{"localhost", strconv.Itoa(port)}, ":") registriesConfWithSearch = []byte(fmt.Sprintf("[registries.search]\nregistries = ['%s']", server)) diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go index 82b9dcd09..baef142ba 100644 --- a/test/e2e/network_connect_disconnect_test.go +++ b/test/e2e/network_connect_disconnect_test.go @@ -45,7 +45,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) dis := podmanTest.Podman([]string{"network", "disconnect", netName, "foobar"}) dis.WaitWithDefaultTimeout() @@ -57,12 +57,12 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) session = podmanTest.Podman([]string{"create", "--name", "test", "--network", "slirp4netns", ALPINE}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) con := podmanTest.Podman([]string{"network", "disconnect", netName, "test"}) con.WaitWithDefaultTimeout() @@ -75,7 +75,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) ctr := podmanTest.Podman([]string{"run", "-dt", "--name", "test", "--network", netName, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() @@ -111,7 +111,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) dis := podmanTest.Podman([]string{"network", "connect", netName, "foobar"}) dis.WaitWithDefaultTimeout() @@ -123,12 +123,12 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) session = podmanTest.Podman([]string{"create", "--name", "test", "--network", "slirp4netns", ALPINE}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) con := podmanTest.Podman([]string{"network", "connect", netName, "test"}) con.WaitWithDefaultTimeout() @@ -141,7 +141,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) ctr := podmanTest.Podman([]string{"create", "--name", "test", "--network", netName, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() @@ -164,7 +164,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) ctr := podmanTest.Podman([]string{"run", "-dt", "--name", "test", "--network", netName, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() @@ -180,7 +180,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session = podmanTest.Podman([]string{"network", "create", newNetName, "--subnet", "10.11.100.0/24"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(newNetName) + defer podmanTest.removeNetwork(newNetName) ip := "10.11.100.99" mac := "44:11:44:11:44:11" @@ -218,13 +218,13 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName1}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) netName2 := "connect2" + stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", netName2}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) ctr := podmanTest.Podman([]string{"create", "--name", "test", "--network", netName1, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() @@ -257,7 +257,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) session = podmanTest.Podman([]string{"network", "ls", "--format", "{{.ID}}", "--filter", "name=" + netName}) session.WaitWithDefaultTimeout() @@ -277,7 +277,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session = podmanTest.Podman([]string{"network", "create", newNetName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(newNetName) + defer podmanTest.removeNetwork(newNetName) session = podmanTest.Podman([]string{"network", "ls", "--format", "{{.ID}}", "--filter", "name=" + newNetName}) session.WaitWithDefaultTimeout() @@ -304,13 +304,13 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName1}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) netName2 := "aliasTest" + stringid.GenerateNonCryptoID() session2 := podmanTest.Podman([]string{"network", "create", netName2}) session2.WaitWithDefaultTimeout() Expect(session2).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) ctr := podmanTest.Podman([]string{"create", "--name", "test", "--network", netName1 + "," + netName2, ALPINE, "top"}) ctr.WaitWithDefaultTimeout() @@ -349,7 +349,7 @@ var _ = Describe("Podman network connect and disconnect", func() { session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) session = podmanTest.Podman([]string{"network", "ls", "--format", "{{.ID}}", "--filter", "name=" + netName}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go index 4a8a24ad7..7589adaab 100644 --- a/test/e2e/network_create_test.go +++ b/test/e2e/network_create_test.go @@ -45,7 +45,7 @@ var _ = Describe("Podman network create", func() { netName := "subnet-" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "--ip-range", "10.11.12.0/26", netName}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(nc).Should(Exit(0)) // Inspect the network configuration @@ -88,7 +88,7 @@ var _ = Describe("Podman network create", func() { netName := "ipv6-" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:1:2:3:4::/64", netName}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(nc).Should(Exit(0)) // Inspect the network configuration @@ -127,7 +127,7 @@ var _ = Describe("Podman network create", func() { netName := "dual-" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:3:2::/64", "--ipv6", netName}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(nc).Should(Exit(0)) // Inspect the network configuration @@ -160,7 +160,7 @@ var _ = Describe("Podman network create", func() { netName2 := "dual-" + stringid.GenerateNonCryptoID() nc = podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:10:3:2::/64", "--ipv6", netName2}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) Expect(nc).Should(Exit(0)) // Inspect the network configuration @@ -215,7 +215,7 @@ var _ = Describe("Podman network create", func() { nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.12.0/24", "--ipv6", name}) nc.WaitWithDefaultTimeout() Expect(nc).To(Exit(0)) - defer podmanTest.removeCNINetwork(name) + defer podmanTest.removeNetwork(name) nc = podmanTest.Podman([]string{"network", "inspect", name}) nc.WaitWithDefaultTimeout() @@ -229,7 +229,7 @@ var _ = Describe("Podman network create", func() { nc := podmanTest.Podman([]string{"network", "create", "--ipv6", name}) nc.WaitWithDefaultTimeout() Expect(nc).To(Exit(0)) - defer podmanTest.removeCNINetwork(name) + defer podmanTest.removeNetwork(name) nc = podmanTest.Podman([]string{"network", "inspect", name}) nc.WaitWithDefaultTimeout() @@ -254,7 +254,7 @@ var _ = Describe("Podman network create", func() { netName := "same-" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", netName}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(nc).Should(Exit(0)) ncFail := podmanTest.Podman([]string{"network", "create", netName}) @@ -266,13 +266,13 @@ var _ = Describe("Podman network create", func() { netName1 := "sub1-" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.13.0/24", netName1}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) Expect(nc).Should(Exit(0)) netName2 := "sub2-" + stringid.GenerateNonCryptoID() ncFail := podmanTest.Podman([]string{"network", "create", "--subnet", "10.11.13.0/24", netName2}) ncFail.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) Expect(ncFail).To(ExitWithError()) }) @@ -280,13 +280,13 @@ var _ = Describe("Podman network create", func() { netName1 := "subipv61-" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:4:4:4::/64", "--ipv6", netName1}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) Expect(nc).Should(Exit(0)) netName2 := "subipv62-" + stringid.GenerateNonCryptoID() ncFail := podmanTest.Podman([]string{"network", "create", "--subnet", "fd00:4:4:4:4::/64", "--ipv6", netName2}) ncFail.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) Expect(ncFail).To(ExitWithError()) }) @@ -300,7 +300,7 @@ var _ = Describe("Podman network create", func() { net := "mtu-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--opt", "mtu=9000", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) nc = podmanTest.Podman([]string{"network", "inspect", net}) @@ -313,7 +313,7 @@ var _ = Describe("Podman network create", func() { net := "vlan-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--opt", "vlan=9", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) nc = podmanTest.Podman([]string{"network", "inspect", net}) @@ -326,15 +326,16 @@ var _ = Describe("Podman network create", func() { net := "invalid-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--opt", "foo=bar", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).To(ExitWithError()) }) It("podman network create with internal should not have dnsname", func() { + SkipUntilAardvark(podmanTest) net := "internal-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--internal", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) // Not performing this check on remote tests because it is a logrus error which does // not come back via stderr on the remote client. @@ -362,7 +363,7 @@ var _ = Describe("Podman network create", func() { subnet2 := "10.10.1.0/24" nc := podmanTest.Podman([]string{"network", "create", "--subnet", subnet1, "--subnet", subnet2, name}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(name) + defer podmanTest.removeNetwork(name) Expect(nc).To(Exit(0)) Expect(nc.OutputToString()).To(Equal(name)) @@ -380,7 +381,7 @@ var _ = Describe("Podman network create", func() { subnet2 := "fd52:2a5a:747e:3acd::/64" nc := podmanTest.Podman([]string{"network", "create", "--subnet", subnet1, "--subnet", subnet2, name}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(name) + defer podmanTest.removeNetwork(name) Expect(nc).To(Exit(0)) Expect(nc.OutputToString()).To(Equal(name)) @@ -401,7 +402,7 @@ var _ = Describe("Podman network create", func() { gw2 := "fd52:2a5a:747e:3acd::10" nc := podmanTest.Podman([]string{"network", "create", "--subnet", subnet1, "--gateway", gw1, "--ip-range", range1, "--subnet", subnet2, "--gateway", gw2, name}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(name) + defer podmanTest.removeNetwork(name) Expect(nc).To(Exit(0)) Expect(nc.OutputToString()).To(Equal(name)) diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index 70793fc32..bd30a1f5d 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -118,13 +118,13 @@ var _ = Describe("Podman network", func() { label2 := "abcdef" session := podmanTest.Podman([]string{"network", "create", "--label", label1, net1}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net1) + defer podmanTest.removeNetwork(net1) Expect(session).Should(Exit(0)) net2 := "labelnet" + stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", "--label", label1, "--label", label2, net2}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net2) + defer podmanTest.removeNetwork(net2) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"network", "ls", "--filter", "label=" + label1}) @@ -144,7 +144,7 @@ var _ = Describe("Podman network", func() { net := "net" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"network", "ls", "--filter", "namr=ab"}) @@ -169,9 +169,16 @@ var _ = Describe("Podman network", func() { netID := "6073aefe03cdf8f29be5b23ea9795c431868a3a22066a6290b187691614fee84" session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) + if podmanTest.NetworkBackend == Netavark { + // netavark uses a different algo for determining the id and it is not repeatable + getid := podmanTest.Podman([]string{"network", "inspect", net, "--format", "{{.ID}}"}) + getid.WaitWithDefaultTimeout() + Expect(getid).Should(Exit(0)) + netID = getid.OutputToString() + } // Tests Default Table Output session = podmanTest.Podman([]string{"network", "ls", "--filter", "id=" + netID}) session.WaitWithDefaultTimeout() @@ -270,7 +277,7 @@ var _ = Describe("Podman network", func() { netName := "net-" + stringid.GenerateNonCryptoID() network := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.50.0/24", netName}) network.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(network).Should(Exit(0)) ctrName := "testCtr" @@ -300,13 +307,13 @@ var _ = Describe("Podman network", func() { netName1 := "net1-" + stringid.GenerateNonCryptoID() network1 := podmanTest.Podman([]string{"network", "create", netName1}) network1.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) Expect(network1).Should(Exit(0)) netName2 := "net2-" + stringid.GenerateNonCryptoID() network2 := podmanTest.Podman([]string{"network", "create", netName2}) network2.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) Expect(network2).Should(Exit(0)) ctrName := "testCtr" @@ -337,13 +344,13 @@ var _ = Describe("Podman network", func() { netName1 := "net1-" + stringid.GenerateNonCryptoID() network1 := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.51.0/25", netName1}) network1.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) Expect(network1).Should(Exit(0)) netName2 := "net2-" + stringid.GenerateNonCryptoID() network2 := podmanTest.Podman([]string{"network", "create", "--subnet", "10.50.51.128/26", netName2}) network2.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) Expect(network2).Should(Exit(0)) ctrName := "testCtr" @@ -380,7 +387,7 @@ var _ = Describe("Podman network", func() { session := podmanTest.Podman([]string{"network", "create", network}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(network) + defer podmanTest.removeNetwork(network) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"run", "--name", container, "--network", network, "-d", ALPINE, "top"}) @@ -406,7 +413,7 @@ var _ = Describe("Podman network", func() { netName := "net-" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"pod", "create", "--network", netName}) @@ -442,13 +449,13 @@ var _ = Describe("Podman network", func() { netName1 := "net1-" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName1}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName1) + defer podmanTest.removeNetwork(netName1) Expect(session).Should(Exit(0)) netName2 := "net2-" + stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", netName2}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName2) + defer podmanTest.removeNetwork(netName2) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"network", "rm", netName1, netName2}) @@ -460,11 +467,12 @@ var _ = Describe("Podman network", func() { }) It("podman network with multiple aliases", func() { + SkipUntilAardvark(podmanTest) var worked bool netName := "aliasTest" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(session).Should(Exit(0)) interval := time.Duration(250 * time.Millisecond) @@ -510,10 +518,12 @@ var _ = Describe("Podman network", func() { }) It("podman network create/remove macvlan", func() { + // Netavark currently does not do dhcp so the this test fails + SkipIfNetavark(podmanTest) net := "macvlan" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--macvlan", "lo", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) nc = podmanTest.Podman([]string{"network", "rm", net}) @@ -522,10 +532,12 @@ var _ = Describe("Podman network", func() { }) It("podman network create/remove macvlan as driver (-d) no device name", func() { + // Netavark currently does not do dhcp so the this test fails + SkipIfNetavark(podmanTest) net := "macvlan" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "-d", "macvlan", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) inspect := podmanTest.Podman([]string{"network", "inspect", net}) @@ -547,10 +559,12 @@ var _ = Describe("Podman network", func() { }) It("podman network create/remove macvlan as driver (-d) with device name", func() { + // Netavark currently does not do dhcp so the this test fails + SkipIfNetavark(podmanTest) net := "macvlan" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "-d", "macvlan", "-o", "parent=lo", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) inspect := podmanTest.Podman([]string{"network", "inspect", net}) @@ -577,7 +591,7 @@ var _ = Describe("Podman network", func() { net := "net" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"network", "exists", net}) @@ -593,7 +607,7 @@ var _ = Describe("Podman network", func() { net := "macvlan" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "-d", "macvlan", "-o", "parent=lo", "-o", "mtu=1500", "--gateway", "192.168.1.254", "--subnet", "192.168.1.0/24", net}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(nc).Should(Exit(0)) inspect := podmanTest.Podman([]string{"network", "inspect", net}) @@ -622,7 +636,7 @@ var _ = Describe("Podman network", func() { It("podman network prune --filter", func() { // set custom cni directory to prevent flakes - podmanTest.CNIConfigDir = tempdir + podmanTest.NetworkConfigDir = tempdir if IsRemote() { podmanTest.RestartRemoteService() } @@ -630,7 +644,7 @@ var _ = Describe("Podman network", func() { nc := podmanTest.Podman([]string{"network", "create", net1}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net1) + defer podmanTest.removeNetwork(net1) Expect(nc).Should(Exit(0)) list := podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"}) @@ -670,7 +684,7 @@ var _ = Describe("Podman network", func() { It("podman network prune", func() { // set custom cni directory to prevent flakes - podmanTest.CNIConfigDir = tempdir + podmanTest.NetworkConfigDir = tempdir if IsRemote() { podmanTest.RestartRemoteService() } @@ -684,12 +698,12 @@ var _ = Describe("Podman network", func() { net2 := net + "2" nc := podmanTest.Podman([]string{"network", "create", net1}) nc.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net1) + defer podmanTest.removeNetwork(net1) Expect(nc).Should(Exit(0)) nc2 := podmanTest.Podman([]string{"network", "create", net2}) nc2.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net2) + defer podmanTest.removeNetwork(net2) Expect(nc2).Should(Exit(0)) list := podmanTest.Podman([]string{"network", "ls", "--format", "{{.Name}}"}) diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index cbaa8d6a4..48bc2b9da 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -2190,7 +2190,7 @@ spec: net := "playkube" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.31.0/24", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) ips := []string{"10.25.31.5", "10.25.31.10", "10.25.31.15"} @@ -2234,12 +2234,12 @@ spec: net := podmanTest.Podman([]string{"network", "create", "--subnet", "10.0.11.0/24", net1}) net.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net1) + defer podmanTest.removeNetwork(net1) Expect(net).Should(Exit(0)) net = podmanTest.Podman([]string{"network", "create", "--subnet", "10.0.12.0/24", net2}) net.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net2) + defer podmanTest.removeNetwork(net2) Expect(net).Should(Exit(0)) ip1 := "10.0.11.5" diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go index f0abfd80c..c3f77857e 100644 --- a/test/e2e/pod_create_test.go +++ b/test/e2e/pod_create_test.go @@ -109,7 +109,8 @@ var _ = Describe("Podman pod create", func() { It("podman create pod with network portbindings", func() { name := "test" - session := podmanTest.Podman([]string{"pod", "create", "--name", name, "-p", "8081:80"}) + port := GetPort() + session := podmanTest.Podman([]string{"pod", "create", "--name", name, "-p", fmt.Sprintf("%d:80", port)}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) pod := session.OutputToString() @@ -117,24 +118,21 @@ var _ = Describe("Podman pod create", func() { webserver := podmanTest.Podman([]string{"run", "--pod", pod, "-dt", nginx}) webserver.WaitWithDefaultTimeout() Expect(webserver).Should(Exit(0)) - - check := SystemExec("nc", []string{"-z", "localhost", "8081"}) - Expect(check).Should(Exit(0)) + Expect(ncz(port)).To(BeTrue()) }) It("podman create pod with id file with network portbindings", func() { file := filepath.Join(podmanTest.TempDir, "pod.id") name := "test" - session := podmanTest.Podman([]string{"pod", "create", "--name", name, "--pod-id-file", file, "-p", "8082:80"}) + port := GetPort() + session := podmanTest.Podman([]string{"pod", "create", "--name", name, "--pod-id-file", file, "-p", fmt.Sprintf("%d:80", port)}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) webserver := podmanTest.Podman([]string{"run", "--pod-id-file", file, "-dt", nginx}) webserver.WaitWithDefaultTimeout() Expect(webserver).Should(Exit(0)) - - check := SystemExec("nc", []string{"-z", "localhost", "8082"}) - Expect(check).Should(Exit(0)) + Expect(ncz(port)).To(BeTrue()) }) It("podman create pod with no infra but portbindings should fail", func() { diff --git a/test/e2e/pod_ps_test.go b/test/e2e/pod_ps_test.go index 29ee73d35..a0a1e1438 100644 --- a/test/e2e/pod_ps_test.go +++ b/test/e2e/pod_ps_test.go @@ -299,7 +299,7 @@ var _ = Describe("Podman ps", func() { session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) session = podmanTest.Podman([]string{"pod", "create", "--network", net}) session.WaitWithDefaultTimeout() @@ -338,12 +338,12 @@ var _ = Describe("Podman ps", func() { session = podmanTest.Podman([]string{"network", "create", net1}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(net1) + defer podmanTest.removeNetwork(net1) net2 := stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", net2}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(net2) + defer podmanTest.removeNetwork(net2) session = podmanTest.Podman([]string{"pod", "create", "--network", net1 + "," + net2}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go index 0c93c430b..021ebc30b 100644 --- a/test/e2e/ps_test.go +++ b/test/e2e/ps_test.go @@ -822,7 +822,7 @@ var _ = Describe("Podman ps", func() { session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) session = podmanTest.Podman([]string{"create", "--network", net, ALPINE}) session.WaitWithDefaultTimeout() @@ -865,12 +865,12 @@ var _ = Describe("Podman ps", func() { session = podmanTest.Podman([]string{"network", "create", net1}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(net1) + defer podmanTest.removeNetwork(net1) net2 := stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", net2}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - defer podmanTest.removeCNINetwork(net2) + defer podmanTest.removeNetwork(net2) session = podmanTest.Podman([]string{"create", "--network", net1 + "," + net2, ALPINE}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 4868fbd01..4c056df10 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -78,9 +78,9 @@ var _ = Describe("Podman run networking", func() { It("podman run network expose port 222", func() { SkipIfRootless("iptables is not supported for rootless users") session := podmanTest.Podman([]string{"run", "-dt", "--expose", "222-223", "-P", ALPINE, "/bin/sh"}) - session.Wait(30) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - results := SystemExec("iptables", []string{"-t", "nat", "-L"}) + results := SystemExec("iptables", []string{"-t", "nat", "-nvL"}) Expect(results).Should(Exit(0)) Expect(results.OutputToString()).To(ContainSubstring("222")) Expect(results.OutputToString()).To(ContainSubstring("223")) @@ -371,31 +371,35 @@ EXPOSE 2004-2005/tcp`, ALPINE) Expect(inspectOut[0].NetworkSettings.Ports["80/tcp"][0].HostIP).To(Equal("")) }) - It("podman run network expose host port 80 to container port 8000", func() { + It("podman run network expose host port 80 to container port", func() { SkipIfRootless("iptables is not supported for rootless users") - session := podmanTest.Podman([]string{"run", "-dt", "-p", "80:8000", ALPINE, "/bin/sh"}) - session.Wait(30) + port1 := GetPort() + port2 := GetPort() + session := podmanTest.Podman([]string{"run", "-dt", "-p", fmt.Sprintf("%d:%d", port1, port2), ALPINE, "/bin/sh"}) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) results := SystemExec("iptables", []string{"-t", "nat", "-L"}) Expect(results).Should(Exit(0)) - Expect(results.OutputToString()).To(ContainSubstring("8000")) + Expect(results.OutputToString()).To(ContainSubstring(fmt.Sprintf("%d", port2))) - ncBusy := SystemExec("nc", []string{"-l", "-p", "80"}) + ncBusy := SystemExec("nc", []string{"-l", "-p", fmt.Sprintf("%d", port1)}) Expect(ncBusy).To(ExitWithError()) }) It("podman run network expose host port 18081 to container port 8000 using rootlesskit port handler", func() { - session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:port_handler=rootlesskit", "-dt", "-p", "18081:8000", ALPINE, "/bin/sh"}) - session.Wait(30) + port1 := GetPort() + port2 := GetPort() + session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:port_handler=rootlesskit", "-dt", "-p", fmt.Sprintf("%d:%d", port2, port1), ALPINE, "/bin/sh"}) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - ncBusy := SystemExec("nc", []string{"-l", "-p", "18081"}) + ncBusy := SystemExec("nc", []string{"-l", "-p", fmt.Sprintf("%d", port2)}) Expect(ncBusy).To(ExitWithError()) }) It("podman run slirp4netns verify net.ipv6.conf.default.accept_dad=0", func() { session := podmanTest.Podman([]string{"run", "--network", "slirp4netns:enable_ipv6=true", ALPINE, "ip", "addr"}) - session.Wait(30) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) // check the ipv6 setup id done without delay (https://github.com/containers/podman/issues/11062) Expect(session.OutputToString()).To(ContainSubstring("inet6 fd00::")) @@ -403,12 +407,12 @@ EXPOSE 2004-2005/tcp`, ALPINE) const ipv6ConfDefaultAcceptDadSysctl = "/proc/sys/net/ipv6/conf/all/accept_dad" cat := SystemExec("cat", []string{ipv6ConfDefaultAcceptDadSysctl}) - cat.Wait(30) + cat.WaitWithDefaultTimeout() Expect(cat).Should(Exit(0)) sysctlValue := cat.OutputToString() session = podmanTest.Podman([]string{"run", "--network", "slirp4netns:enable_ipv6=true", ALPINE, "cat", ipv6ConfDefaultAcceptDadSysctl}) - session.Wait(30) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(Equal(sysctlValue)) }) @@ -460,19 +464,20 @@ EXPOSE 2004-2005/tcp`, ALPINE) slirp4netnsHelp := SystemExec("slirp4netns", []string{"--help"}) Expect(slirp4netnsHelp).Should(Exit(0)) networkConfiguration := "slirp4netns:outbound_addr=127.0.0.1,allow_host_loopback=true" + port := GetPort() if strings.Contains(slirp4netnsHelp.OutputToString(), "outbound-addr") { - ncListener := StartSystemExec("nc", []string{"-v", "-n", "-l", "-p", "8083"}) - session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", "8083"}) - session.Wait(30) - ncListener.Wait(30) + ncListener := StartSystemExec("nc", []string{"-v", "-n", "-l", "-p", fmt.Sprintf("%d", port)}) + session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", fmt.Sprintf("%d", port)}) + session.WaitWithDefaultTimeout() + ncListener.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) Expect(ncListener).Should(Exit(0)) Expect(ncListener.ErrorToString()).To(ContainSubstring("127.0.0.1")) } else { - session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", "8083"}) - session.Wait(30) + session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", fmt.Sprintf("%d", port)}) + session.WaitWithDefaultTimeout() Expect(session).To(ExitWithError()) Expect(session.ErrorToString()).To(ContainSubstring("outbound_addr not supported")) } @@ -481,14 +486,15 @@ EXPOSE 2004-2005/tcp`, ALPINE) It("podman run network bind to HostIP", func() { ip, err := utils.HostIP() Expect(err).To(BeNil()) + port := GetPort() slirp4netnsHelp := SystemExec("slirp4netns", []string{"--help"}) Expect(slirp4netnsHelp).Should(Exit(0)) networkConfiguration := fmt.Sprintf("slirp4netns:outbound_addr=%s,allow_host_loopback=true", ip.String()) if strings.Contains(slirp4netnsHelp.OutputToString(), "outbound-addr") { - ncListener := StartSystemExec("nc", []string{"-v", "-n", "-l", "-p", "8084"}) - session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", "8084"}) + ncListener := StartSystemExec("nc", []string{"-v", "-n", "-l", "-p", fmt.Sprintf("%d", port)}) + session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", fmt.Sprintf("%d", port)}) session.Wait(30) ncListener.Wait(30) @@ -496,7 +502,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) Expect(ncListener).Should(Exit(0)) Expect(ncListener.ErrorToString()).To(ContainSubstring(ip.String())) } else { - session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", "8084"}) + session := podmanTest.Podman([]string{"run", "--network", networkConfiguration, "-dt", ALPINE, "nc", "-w", "2", "10.0.2.2", fmt.Sprintf("%d", port)}) session.Wait(30) Expect(session).To(ExitWithError()) Expect(session.ErrorToString()).To(ContainSubstring("outbound_addr not supported")) @@ -505,10 +511,10 @@ EXPOSE 2004-2005/tcp`, ALPINE) It("podman run network expose ports in image metadata", func() { session := podmanTest.Podman([]string{"create", "--name", "test", "-t", "-P", nginx}) - session.Wait(90) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) results := podmanTest.Podman([]string{"inspect", "test"}) - results.Wait(30) + results.WaitWithDefaultTimeout() Expect(results).Should(Exit(0)) Expect(results.OutputToString()).To(ContainSubstring(`"80/tcp":`)) }) @@ -533,7 +539,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) It("podman run forward sctp protocol", func() { SkipIfRootless("sctp protocol only works as root") session := podmanTest.Podman([]string{"--log-level=info", "run", "--name=test", "-p", "80/sctp", "-p", "81/sctp", ALPINE}) - session.Wait(90) + session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) // we can only check logrus on local podman if !IsRemote() { @@ -541,7 +547,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) Expect(strings.Count(session.ErrorToString(), "Port reservation for SCTP is not supported")).To(Equal(1), "`Port reservation for SCTP is not supported` is not displayed exactly one time in the logrus logs") } results := podmanTest.Podman([]string{"inspect", "test"}) - results.Wait(30) + results.WaitWithDefaultTimeout() Expect(results).Should(Exit(0)) Expect(results.OutputToString()).To(ContainSubstring(`"80/sctp":`)) Expect(results.OutputToString()).To(ContainSubstring(`"81/sctp":`)) @@ -701,7 +707,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.30.0/24", netName}) create.WaitWithDefaultTimeout() Expect(create).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) run := podmanTest.Podman([]string{"run", "-t", "-i", "--rm", "--net", netName, "--ip", ipAddr, ALPINE, "ip", "addr"}) run.WaitWithDefaultTimeout() @@ -710,11 +716,12 @@ EXPOSE 2004-2005/tcp`, ALPINE) }) It("podman cni network works across user ns", func() { + SkipUntilAardvark(podmanTest) netName := stringid.GenerateNonCryptoID() create := podmanTest.Podman([]string{"network", "create", netName}) create.WaitWithDefaultTimeout() Expect(create).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) name := "nc-server" run := podmanTest.Podman([]string{"run", "--log-driver", "k8s-file", "-d", "--name", name, "--net", netName, ALPINE, "nc", "-l", "-p", "9480"}) @@ -740,7 +747,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) create := podmanTest.Podman([]string{"network", "create", "--subnet", "10.25.40.0/24", netName}) create.WaitWithDefaultTimeout() Expect(create).Should(Exit(0)) - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) run := podmanTest.Podman([]string{"run", "-t", "-i", "--rm", "--pod", "new:" + podname, "--net", netName, "--ip", ipAddr, ALPINE, "ip", "addr"}) run.WaitWithDefaultTimeout() @@ -808,6 +815,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) }) It("podman run check dnsname plugin", func() { + SkipUntilAardvark(podmanTest) pod := "testpod" session := podmanTest.Podman([]string{"pod", "create", "--name", pod}) session.WaitWithDefaultTimeout() @@ -816,7 +824,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) net := "IntTest" + stringid.GenerateNonCryptoID() session = podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) pod2 := "testpod2" @@ -843,10 +851,11 @@ EXPOSE 2004-2005/tcp`, ALPINE) }) It("podman run check dnsname adds dns search domain", func() { + SkipUntilAardvark(podmanTest) net := "dnsname" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"run", "--network", net, ALPINE, "cat", "/etc/resolv.conf"}) @@ -873,7 +882,7 @@ EXPOSE 2004-2005/tcp`, ALPINE) net := "dns" + stringid.GenerateNonCryptoID() session := podmanTest.Podman([]string{"network", "create", "--disable-dns", net}) session.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(net) + defer podmanTest.removeNetwork(net) Expect(session).Should(Exit(0)) session = podmanTest.Podman([]string{"run", "--network", net, "--network-alias", "abcdef", ALPINE, "true"}) diff --git a/test/e2e/run_staticip_test.go b/test/e2e/run_staticip_test.go index cf014d46e..b78a37495 100644 --- a/test/e2e/run_staticip_test.go +++ b/test/e2e/run_staticip_test.go @@ -71,7 +71,7 @@ var _ = Describe("Podman run with --ip flag", func() { ipv6 := "fd46:db93:aa76:ac37::10" net := podmanTest.Podman([]string{"network", "create", "--subnet", "fd46:db93:aa76:ac37::/64", netName}) net.WaitWithDefaultTimeout() - defer podmanTest.removeCNINetwork(netName) + defer podmanTest.removeNetwork(netName) Expect(net).To(Exit(0)) result := podmanTest.Podman([]string{"run", "-ti", "--network", netName, "--ip6", ipv6, ALPINE, "ip", "addr"}) diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index f8d6019b0..07198d799 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -32,18 +32,6 @@ var _ = Describe("Podman search", func() { podmanTest *PodmanTestIntegration ) - var registryEndpoints = []endpoint{ - {"localhost", "5001"}, - {"localhost", "5002"}, - {"localhost", "5003"}, - {"localhost", "5004"}, - {"localhost", "5005"}, - {"localhost", "5006"}, - {"localhost", "5007"}, - {"localhost", "5008"}, - {"localhost", "5009"}, - } - const regFileContents = ` [registries.search] registries = ['{{.Host}}:{{.Port}}'] @@ -217,21 +205,19 @@ registries = ['{{.Host}}:{{.Port}}']` if podmanTest.Host.Arch == "ppc64le" { Skip("No registry image for ppc64le") } - lock := GetPortLock(registryEndpoints[0].Port) - defer lock.Unlock() - + port := GetPort() fakereg := podmanTest.Podman([]string{"run", "-d", "--name", "registry", - "-p", fmt.Sprintf("%s:5000", registryEndpoints[0].Port), + "-p", fmt.Sprintf("%d:5000", port), registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) fakereg.WaitWithDefaultTimeout() Expect(fakereg).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry on port %s", port) } - + ep := endpoint{Port: fmt.Sprintf("%d", port), Host: "localhost"} search := podmanTest.Podman([]string{"search", - fmt.Sprintf("%s/fake/image:andtag", registryEndpoints[0].Address()), "--tls-verify=false"}) + fmt.Sprintf("%s/fake/image:andtag", ep.Address()), "--tls-verify=false"}) search.WaitWithDefaultTimeout() // if this test succeeded, there will be no output (there is no entry named fake/image:andtag in an empty registry) @@ -245,20 +231,19 @@ registries = ['{{.Host}}:{{.Port}}']` if podmanTest.Host.Arch == "ppc64le" { Skip("No registry image for ppc64le") } - lock := GetPortLock(registryEndpoints[3].Port) - defer lock.Unlock() + port := GetPort() registry := podmanTest.Podman([]string{"run", "-d", "--name", "registry3", - "-p", fmt.Sprintf("%s:5000", registryEndpoints[3].Port), registry, + "-p", fmt.Sprintf("%d:5000", port), registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) registry.WaitWithDefaultTimeout() Expect(registry).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry3", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry on port %s", port) } - + ep := endpoint{Port: fmt.Sprintf("%d", port), Host: "localhost"} podmanTest.RestoreArtifact(ALPINE) - image := fmt.Sprintf("%s/my-alpine", registryEndpoints[3].Address()) + image := fmt.Sprintf("%s/my-alpine", ep.Address()) push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push).Should(Exit(0)) @@ -269,7 +254,7 @@ registries = ['{{.Host}}:{{.Port}}']` Expect(search.OutputToString()).ShouldNot(BeEmpty()) // podman search v2 registry with empty query - searchEmpty := podmanTest.Podman([]string{"search", fmt.Sprintf("%s/", registryEndpoints[3].Address()), "--tls-verify=false"}) + searchEmpty := podmanTest.Podman([]string{"search", fmt.Sprintf("%s/", ep.Address()), "--tls-verify=false"}) searchEmpty.WaitWithDefaultTimeout() Expect(searchEmpty).Should(Exit(0)) Expect(len(searchEmpty.OutputToStringArray())).To(BeNumerically(">=", 1)) @@ -281,26 +266,26 @@ registries = ['{{.Host}}:{{.Port}}']` Skip("No registry image for ppc64le") } - lock := GetPortLock(registryEndpoints[4].Port) - defer lock.Unlock() - registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%s:5000", registryEndpoints[4].Port), + port := GetPort() + ep := endpoint{Port: fmt.Sprintf("%d", port), Host: "localhost"} + registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%d:5000", port), "--name", "registry4", registry, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) registry.WaitWithDefaultTimeout() Expect(registry).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry4", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("unable to start registry on port %s", port) } podmanTest.RestoreArtifact(ALPINE) - image := fmt.Sprintf("%s/my-alpine", registryEndpoints[4].Address()) + image := fmt.Sprintf("%s/my-alpine", ep.Address()) push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push).Should(Exit(0)) // registries.conf set up var buffer bytes.Buffer - registryFileTmpl.Execute(&buffer, registryEndpoints[4]) + registryFileTmpl.Execute(&buffer, ep) podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry4.conf", tempdir), buffer.Bytes(), 0644) if IsRemote() { @@ -323,25 +308,25 @@ registries = ['{{.Host}}:{{.Port}}']` if podmanTest.Host.Arch == "ppc64le" { Skip("No registry image for ppc64le") } - lock := GetPortLock(registryEndpoints[5].Port) - defer lock.Unlock() - registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%s:5000", registryEndpoints[5].Port), + port := GetPort() + ep := endpoint{Port: fmt.Sprintf("%d", port), Host: "localhost"} + registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%d:5000", port), "--name", "registry5", registry}) registry.WaitWithDefaultTimeout() Expect(registry).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry5", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry on port %s", port) } podmanTest.RestoreArtifact(ALPINE) - image := fmt.Sprintf("%s/my-alpine", registryEndpoints[5].Address()) + image := fmt.Sprintf("%s/my-alpine", ep.Address()) push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push).Should(Exit(0)) var buffer bytes.Buffer - registryFileTmpl.Execute(&buffer, registryEndpoints[5]) + registryFileTmpl.Execute(&buffer, ep) podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry5.conf", tempdir), buffer.Bytes(), 0644) @@ -360,25 +345,25 @@ registries = ['{{.Host}}:{{.Port}}']` if podmanTest.Host.Arch == "ppc64le" { Skip("No registry image for ppc64le") } - lock := GetPortLock(registryEndpoints[6].Port) - defer lock.Unlock() - registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%s:5000", registryEndpoints[6].Port), + port := GetPort() + ep := endpoint{Port: fmt.Sprintf("%d", port), Host: "localhost"} + registry := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%d:5000", port), "--name", "registry6", registry}) registry.WaitWithDefaultTimeout() Expect(registry).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry6", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry on port %s", port) } podmanTest.RestoreArtifact(ALPINE) - image := fmt.Sprintf("%s/my-alpine", registryEndpoints[6].Address()) + image := fmt.Sprintf("%s/my-alpine", ep.Address()) push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, image}) push.WaitWithDefaultTimeout() Expect(push).Should(Exit(0)) var buffer bytes.Buffer - registryFileBadTmpl.Execute(&buffer, registryEndpoints[6]) + registryFileBadTmpl.Execute(&buffer, ep) podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry6.conf", tempdir), buffer.Bytes(), 0644) @@ -402,36 +387,36 @@ registries = ['{{.Host}}:{{.Port}}']` if podmanTest.Host.Arch == "ppc64le" { Skip("No registry image for ppc64le") } - lock7 := GetPortLock(registryEndpoints[7].Port) - defer lock7.Unlock() - lock8 := GetPortLock("6000") - defer lock8.Unlock() + port1 := GetPort() + port2 := GetPort() + port3 := GetPort() + ep3 := endpoint{Port: fmt.Sprintf("%d", port3), Host: "localhost"} - registryLocal := podmanTest.Podman([]string{"run", "-d", "--net=host", "-p", fmt.Sprintf("%s:5000", registryEndpoints[7].Port), + registryLocal := podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%d", port1), "--name", "registry7", registry}) registryLocal.WaitWithDefaultTimeout() Expect(registryLocal).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry7", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry on port %s", port1) } - registryLocal = podmanTest.Podman([]string{"run", "-d", "-p", "6000:5000", "--name", "registry8", registry}) + registryLocal = podmanTest.Podman([]string{"run", "-d", "-p", fmt.Sprintf("%d:5000", port2), "--name", "registry8", registry}) registryLocal.WaitWithDefaultTimeout() Expect(registryLocal).Should(Exit(0)) if !WaitContainerReady(podmanTest, "registry8", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry on port %s", port2) } podmanTest.RestoreArtifact(ALPINE) - push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:6000/my-alpine"}) + push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, fmt.Sprintf("localhost:%d/my-alpine", port2)}) push.WaitWithDefaultTimeout() Expect(push).Should(Exit(0)) // registries.conf set up var buffer bytes.Buffer - registryFileTwoTmpl.Execute(&buffer, registryEndpoints[8]) + registryFileTwoTmpl.Execute(&buffer, ep3) podmanTest.setRegistriesConfigEnv(buffer.Bytes()) ioutil.WriteFile(fmt.Sprintf("%s/registry8.conf", tempdir), buffer.Bytes(), 0644) diff --git a/test/utils/utils.go b/test/utils/utils.go index 1f5067950..14092a2a5 100644 --- a/test/utils/utils.go +++ b/test/utils/utils.go @@ -12,12 +12,34 @@ import ( "strings" "time" + "github.com/sirupsen/logrus" + "github.com/containers/storage/pkg/parsers/kernel" . "github.com/onsi/ginkgo" //nolint:golint,stylecheck . "github.com/onsi/gomega" //nolint:golint,stylecheck . "github.com/onsi/gomega/gexec" //nolint:golint,stylecheck ) +type NetworkBackend int + +const ( + // Container Networking backend + CNI NetworkBackend = iota + // Netavark network backend + Netavark NetworkBackend = iota +) + +func (n NetworkBackend) ToString() string { + switch n { + case CNI: + return "cni" + case Netavark: + return "netavark" + } + logrus.Errorf("unknown network backend: %q", n) + return "" +} + var ( DefaultWaitTimeout = 90 OSReleasePath = "/etc/os-release" @@ -34,17 +56,18 @@ type PodmanTestCommon interface { // PodmanTest struct for command line options type PodmanTest struct { - PodmanMakeOptions func(args []string, noEvents, noCache bool) []string + ImageCacheDir string + ImageCacheFS string + NetworkBackend NetworkBackend PodmanBinary string - TempDir string - RemoteTest bool + PodmanMakeOptions func(args []string, noEvents, noCache bool) []string + RemoteCommand *exec.Cmd RemotePodmanBinary string RemoteSession *os.Process RemoteSocket string RemoteSocketLock string // If not "", should be removed _after_ RemoteSocket is removed - RemoteCommand *exec.Cmd - ImageCacheDir string - ImageCacheFS string + RemoteTest bool + TempDir string } // PodmanSession wraps the gexec.session so we can extend it @@ -73,8 +96,10 @@ func (p *PodmanTest) PodmanAsUserBase(args []string, uid, gid uint32, cwd string if p.RemoteTest { podmanBinary = p.RemotePodmanBinary } - runCmd := append(wrapper, podmanBinary) + if p.NetworkBackend == Netavark { + runCmd = append(runCmd, []string{"--network-backend", "netavark"}...) + } if p.RemoteTest { podmanOptions = append([]string{"--remote", "--url", p.RemoteSocket}, podmanOptions...) } -- cgit v1.2.3-54-g00ecf From b63f61f5cdf5416bb1431188e98ce55bd97f5cf0 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 11 Jan 2022 13:53:53 -0500 Subject: Cirrus: Add e2e task w/ upstream netavark This PR adds the CI mechanisms to obtain the latest upstream netavark binary, and set a magic env-var to indicate e2e tests should execute podman with `--network-driver=netavark`. A future commit implement this functionality within the e2e tests. Due to the way the new environment is enabled, the standard task name is too long for github to display without adding ellipsis. Force the custom task name `Netavark Integration` to workaround this. At some future point, when netavark is more mainstream/widely supported, this custom task and upstream binary install can simply be removed - i.e. netavark will simply be used by default in the normal e2e tasks. Signed-off-by: Chris Evich --- .cirrus.yml | 29 ++++++++++++++++++++++++++++- contrib/cirrus/runner.sh | 2 +- contrib/cirrus/setup_environment.sh | 35 ++++++++++++++++++++++++++++++++--- 3 files changed, 61 insertions(+), 5 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 1c953c952..c298d5daa 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -7,6 +7,8 @@ env: #### # Name of the ultimate destination branch for this CI run, PR or post-merge. DEST_BRANCH: "v4.0" + # Netavark branch to use when TEST_ENVIRON=host-netavark + NETAVARK_BRANCH: "main" # Overrides default location (/tmp/cirrus) for repo clone GOPATH: &gopath "/var/tmp/go" GOBIN: "${GOPATH}/bin" @@ -44,7 +46,7 @@ env: #### N/B: Required ALL of these are set for every single task. #### TEST_FLAVOR: # int, sys, ext_svc, validate, automation, etc. - TEST_ENVIRON: host # 'host' or 'container' + TEST_ENVIRON: host # 'host', 'host-netavark', or 'container' PODBIN_NAME: podman # 'podman' or 'remote' PRIV_NAME: root # 'root' or 'rootless' DISTRO_NV: # any {PRIOR_,}{FEDORA,UBUNTU}_NAME value @@ -508,6 +510,30 @@ container_integration_test_task: main_script: *main always: *int_logs_artifacts +# Run the integration tests using the latest upstream build of netavark. +netavark_integration_test_task: + name: "Netavark integration" # using *std_name_fmt here is unreadable + alias: netavark_integration_test + only_if: *not_docs + skip: *branches_and_tags + depends_on: + - unit_test + gce_instance: *standardvm + env: + DISTRO_NV: ${FEDORA_NAME} + _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} + VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} + CTR_FQIN: ${FEDORA_CONTAINER_FQIN} + TEST_FLAVOR: int + TEST_ENVIRON: host-netavark + NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}" + NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary + clone_script: *noop # Comes from cache + gopath_cache: *ro_gopath_cache + setup_script: *setup + main_script: *main + always: *int_logs_artifacts + # Execute most integration tests as a regular (non-root) user. rootless_integration_test_task: @@ -733,6 +759,7 @@ success_task: - remote_integration_test - rootless_integration_test - container_integration_test + - netavark_integration_test - local_system_test - remote_system_test - rootless_system_test diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh index f0223f9eb..6376bafa2 100755 --- a/contrib/cirrus/runner.sh +++ b/contrib/cirrus/runner.sh @@ -12,7 +12,7 @@ set -eo pipefail # most notably: # # PODBIN_NAME : "podman" (i.e. local) or "remote" -# TEST_ENVIRON : 'host' or 'container'; desired environment in which to run +# TEST_ENVIRON : 'host', 'host-netavark', or 'container'; desired environment in which to run # CONTAINER : 1 if *currently* running inside a container, 0 if host # diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 44c821bc1..62d1e6d45 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -130,7 +130,7 @@ esac # Required to be defined by caller: The environment where primary testing happens # shellcheck disable=SC2154 case "$TEST_ENVIRON" in - host) + host*) # The e2e tests wrongly guess `--cgroup-manager` option # shellcheck disable=SC2154 if [[ "$CG_FS_TYPE" == "cgroup2fs" ]] || [[ "$PRIV_NAME" == "root" ]] @@ -141,6 +141,35 @@ case "$TEST_ENVIRON" in warn "Forcing CGROUP_MANAGER=cgroupfs" echo "CGROUP_MANAGER=cgroupfs" >> /etc/ci_environment fi + # TODO: For the foreseeable future, need to support running tests + # with and without the latest netavark. Once netavark is more + # stable and widely supported in Fedora, it can be pre-installed + # from its RPM at VM image build-time. + if [[ "$TEST_ENVIRON" =~ netavark ]]; then + req_env_vars NETAVARK_BRANCH NETAVARK_URL NETAVARK_DEBUG + msg "Downloading latest netavark from upstream branch '$NETAVARK_BRANCH'" + curl --fail --location -o /tmp/netavark.zip "${NETAVARK_URL}" + + # Needs to be in a specific location + # ref: https://github.com/containers/common/blob/main/pkg/config/config_linux.go#L39 + _nvdir=/usr/local/libexec/podman + mkdir -p $_nvdir + cd $_nvdir + msg "$PWD" + unzip /tmp/netavark.zip + if ((NETAVARK_DEBUG)); then + warn "Using debug netavark binary" + mv netavark.debug netavark + else + rm netavark.debug + fi + cd - + + chmod 0755 $_nvdir/netavark + restorecon -F -v $_nvdir + msg "Forcing NETWORK_BACKEND=netavark in all subsequent environments." + echo "NETWORK_BACKEND=netavark" >> /etc/ci_environment + fi ;; container) if ((CONTAINER==0)); then # not yet inside a container @@ -247,7 +276,7 @@ case "$TEST_FLAVOR" in # Use existing host bits when testing is to happen inside a container # since this script will run again in that environment. # shellcheck disable=SC2154 - if [[ "$TEST_ENVIRON" == "host" ]]; then + if [[ "$TEST_ENVIRON" =~ host ]]; then if ((CONTAINER)); then die "Refusing to config. host-test in container"; fi @@ -259,7 +288,7 @@ case "$TEST_FLAVOR" in make install PREFIX=/usr ETCDIR=/etc fi else - die "Invalid value for $$TEST_ENVIRON=$TEST_ENVIRON" + die "Invalid value for \$TEST_ENVIRON=$TEST_ENVIRON" fi install_test_configs -- cgit v1.2.3-54-g00ecf From 6b0d4d9158662501b8bf36a69d351abaa9265c84 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 18 Jan 2022 16:58:04 -0500 Subject: Cirrus: Also download aardvark-dns binary This involves a minor code-change so the download/install can run in a loop for the two different repositories and binaries. Given everything is exactly the same except the URLs and names. Signed-off-by: Chris Evich --- .cirrus.yml | 5 ++++ contrib/cirrus/setup_environment.sh | 52 +++++++++++++++++++++---------------- 2 files changed, 34 insertions(+), 23 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index c298d5daa..b7cfb2b8d 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -9,6 +9,8 @@ env: DEST_BRANCH: "v4.0" # Netavark branch to use when TEST_ENVIRON=host-netavark NETAVARK_BRANCH: "main" + # Aardvark branch to use + AARDVARK_BRANCH: "main" # Overrides default location (/tmp/cirrus) for repo clone GOPATH: &gopath "/var/tmp/go" GOBIN: "${GOPATH}/bin" @@ -528,6 +530,8 @@ netavark_integration_test_task: TEST_ENVIRON: host-netavark NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}" NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary + AARDVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/aardvark-dns/success/binary.zip?branch=${AARDVARK_BRANCH}" + AARDVARK_DEBUG: 0 # set non-zero to use the debug-mode binary clone_script: *noop # Comes from cache gopath_cache: *ro_gopath_cache setup_script: *setup @@ -757,6 +761,7 @@ success_task: - compose_test - local_integration_test - remote_integration_test + - netavark_integration_test - rootless_integration_test - container_integration_test - netavark_integration_test diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 62d1e6d45..36e53320c 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -142,31 +142,37 @@ case "$TEST_ENVIRON" in echo "CGROUP_MANAGER=cgroupfs" >> /etc/ci_environment fi # TODO: For the foreseeable future, need to support running tests - # with and without the latest netavark. Once netavark is more - # stable and widely supported in Fedora, it can be pre-installed + # with and without the latest netavark/aardvark. Once they're more + # stable and widely supported in Fedora, they can be pre-installed # from its RPM at VM image build-time. if [[ "$TEST_ENVIRON" =~ netavark ]]; then - req_env_vars NETAVARK_BRANCH NETAVARK_URL NETAVARK_DEBUG - msg "Downloading latest netavark from upstream branch '$NETAVARK_BRANCH'" - curl --fail --location -o /tmp/netavark.zip "${NETAVARK_URL}" - - # Needs to be in a specific location - # ref: https://github.com/containers/common/blob/main/pkg/config/config_linux.go#L39 - _nvdir=/usr/local/libexec/podman - mkdir -p $_nvdir - cd $_nvdir - msg "$PWD" - unzip /tmp/netavark.zip - if ((NETAVARK_DEBUG)); then - warn "Using debug netavark binary" - mv netavark.debug netavark - else - rm netavark.debug - fi - cd - - - chmod 0755 $_nvdir/netavark - restorecon -F -v $_nvdir + for info in "netavark $NETAVARK_BRANCH $NETAVARK_URL $NETAVARK_DEBUG" \ + "aardvark-dns $AARDVARK_BRANCH $AARDVARK_URL $AARDVARK_DEBUG"; do + + read _name _branch _url _debug <<<"$info" + req_env_vars _name _branch _url _debug + msg "Downloading latest $_name from upstream branch '$_branch'" + # Use identifiable archive filename in of a get_ci_env.sh environment + curl --fail --location -o /tmp/$_name.zip "$_url" + + # Needs to be in a specific location + # ref: https://github.com/containers/common/blob/main/pkg/config/config_linux.go#L39 + _pdir=/usr/local/libexec/podman + mkdir -p $_pdir + cd $_pdir + msg "$PWD" + unzip /tmp/$_name.zip + if ((_debug)); then + warn "Using debug $_name binary" + mv $_name.debug $_name + else + rm $_name.debug + fi + chmod 0755 $_pdir/$_name + cd - + done + + restorecon -F -v $_pdir msg "Forcing NETWORK_BACKEND=netavark in all subsequent environments." echo "NETWORK_BACKEND=netavark" >> /etc/ci_environment fi -- cgit v1.2.3-54-g00ecf From 66a3be3709ae67ec14c0ecdfee3847066c90c9ae Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Wed, 26 Jan 2022 13:05:50 -0500 Subject: Cirrus: Add netavark/aardvark system test task Also add a system-test that verifies netavark driver is in use when magic env. var. is set. Signed-off-by: Chris Evich --- .cirrus.yml | 42 +++++++++++++++++++++++++++++++------ contrib/cirrus/lib.sh | 24 +++++++++++++-------- contrib/cirrus/setup_environment.sh | 2 ++ test/system/005-info.bats | 12 +++++++++++ test/system/500-networking.bats | 10 ++++++--- test/system/README.md | 1 + test/system/helpers.bash | 9 ++++++++ 7 files changed, 82 insertions(+), 18 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index b7cfb2b8d..adcbdc9e5 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -24,6 +24,11 @@ env: # Runner statistics log file path/name STATS_LOGFILE_SFX: 'runner_stats.log' STATS_LOGFILE: '$GOSRC/${CIRRUS_TASK_NAME}-${STATS_LOGFILE_SFX}' + # Netavark/aardvark location/options when TEST_ENVIRON=host-netavark + NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}" + NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary + AARDVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/aardvark-dns/success/binary.zip?branch=${AARDVARK_BRANCH}" + AARDVARK_DEBUG: 0 # set non-zero to use the debug-mode binary #### #### Cache-image names to test with (double-quotes around names are critical) @@ -512,6 +517,7 @@ container_integration_test_task: main_script: *main always: *int_logs_artifacts + # Run the integration tests using the latest upstream build of netavark. netavark_integration_test_task: name: "Netavark integration" # using *std_name_fmt here is unreadable @@ -528,10 +534,6 @@ netavark_integration_test_task: CTR_FQIN: ${FEDORA_CONTAINER_FQIN} TEST_FLAVOR: int TEST_ENVIRON: host-netavark - NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}" - NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary - AARDVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/aardvark-dns/success/binary.zip?branch=${AARDVARK_BRANCH}" - AARDVARK_DEBUG: 0 # set non-zero to use the debug-mode binary clone_script: *noop # Comes from cache gopath_cache: *ro_gopath_cache setup_script: *setup @@ -539,6 +541,28 @@ netavark_integration_test_task: always: *int_logs_artifacts +netavark_system_test_task: + name: "Netavark system" + alias: netavark_system_test + skip: *tags + only_if: *not_build + depends_on: + - netavark_integration_test + gce_instance: *standardvm + env: + DISTRO_NV: ${FEDORA_NAME} + _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} + VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} + CTR_FQIN: ${FEDORA_CONTAINER_FQIN} + TEST_ENVIRON: host-netavark + TEST_FLAVOR: sys + clone_script: *noop # Comes from cache + gopath_cache: *ro_gopath_cache + setup_script: *setup + main_script: *main + always: *logs_artifacts + + # Execute most integration tests as a regular (non-root) user. rootless_integration_test_task: name: *std_name_fmt @@ -591,6 +615,7 @@ remote_system_test_task: TEST_FLAVOR: sys PODBIN_NAME: remote + rootless_remote_system_test_task: <<: *local_system_test_task alias: rootless_remote_system_test @@ -611,6 +636,7 @@ rootless_remote_system_test_task: PODBIN_NAME: remote PRIV_NAME: rootless + buildah_bud_test_task: name: *std_name_fmt alias: buildah_bud_test @@ -639,6 +665,7 @@ buildah_bud_test_task: main_script: *main always: *int_logs_artifacts + rootless_system_test_task: name: *std_name_fmt alias: rootless_system_test @@ -657,6 +684,7 @@ rootless_system_test_task: main_script: *main always: *logs_artifacts + rootless_gitlab_test_task: name: *std_name_fmt alias: rootless_gitlab_test @@ -684,6 +712,7 @@ rootless_gitlab_test_task: type: text/xml format: junit + upgrade_test_task: name: "Upgrade test: from $PODMAN_UPGRADE_FROM" alias: upgrade_test @@ -713,6 +742,7 @@ upgrade_test_task: main_script: *main always: *logs_artifacts + # This task is critical. It updates the "last-used by" timestamp stored # in metadata for all VM images. This mechanism functions in tandem with # an out-of-band pruning operation to remove disused VM images. @@ -761,10 +791,10 @@ success_task: - compose_test - local_integration_test - remote_integration_test - - netavark_integration_test - - rootless_integration_test - container_integration_test - netavark_integration_test + - netavark_system_test + - rootless_integration_test - local_system_test - remote_system_test - rootless_system_test diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index ae538d23f..09a255e6f 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -214,16 +214,22 @@ setup_rootless() { } install_test_configs() { - echo "Installing cni config, policy and registry config" - req_env_vars GOSRC SCRIPT_BASE - cd $GOSRC || exit 1 - install -v -D -m 644 ./cni/87-podman-bridge.conflist /etc/cni/net.d/ - # This config must always sort last in the list of networks (podman picks first one - # as the default). This config prevents allocation of network address space used - # by default in google cloud. https://cloud.google.com/vpc/docs/vpc#ip-ranges - install -v -D -m 644 $SCRIPT_BASE/99-do-not-use-google-subnets.conflist /etc/cni/net.d/ - + msg "Installing ./test/registries.conf system-wide." install -v -D -m 644 ./test/registries.conf /etc/containers/ + if [[ "$TEST_ENVIRON" =~ netavark ]]; then + # belt-and-suspenders: any pre-existing CNI config. will spoil + # default use tof netavark (when both are installed). + rm -rf /etc/cni/net.d/* + else + echo "Installing cni config, policy and registry config" + req_env_vars GOSRC SCRIPT_BASE + cd $GOSRC || exit 1 + install -v -D -m 644 ./cni/87-podman-bridge.conflist /etc/cni/net.d/ + # This config must always sort last in the list of networks (podman picks first one + # as the default). This config prevents allocation of network address space used + # by default in google cloud. https://cloud.google.com/vpc/docs/vpc#ip-ranges + install -v -D -m 644 $SCRIPT_BASE/99-do-not-use-google-subnets.conflist /etc/cni/net.d/ + fi } # Remove all files provided by the distro version of podman. diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 36e53320c..4e9361152 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -173,6 +173,8 @@ case "$TEST_ENVIRON" in done restorecon -F -v $_pdir + # This is critical, it signals to all tests that netavark + # use is expected. msg "Forcing NETWORK_BACKEND=netavark in all subsequent environments." echo "NETWORK_BACKEND=netavark" >> /etc/ci_environment fi diff --git a/test/system/005-info.bats b/test/system/005-info.bats index 5f3cdff7e..0f7e8b2e4 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -88,6 +88,18 @@ host.slirp4netns.executable | $expr_path is "$output" ".*graphOptions: {}" "output includes graphOptions: {}" } +@test "podman info netavark " { + # Confirm netavark in use when explicitely required by execution environment. + if [[ "$NETWORK_BACKEND" == "netavark" ]]; then + if ! is_netavark; then + # Assume is_netavark() will provide debugging feedback. + die "Netavark driver testing required, but not in use by podman." + fi + else + skip "Netavark testing not requested (\$NETWORK_BACKEND='$NETWORK_BACKEND')" + fi +} + @test "podman --root PATH info - basic output" { if ! is_remote; then run_podman --storage-driver=vfs --root ${PODMAN_TMPDIR}/nothing-here-move-along info --format '{{ .Store.GraphOptions }}' diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 9f70c1c6c..9b39ebf97 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -256,13 +256,17 @@ load helpers # rootless cannot modify iptables if ! is_rootless; then - # flush the CNI iptables here - run iptables -t nat -F CNI-HOSTPORT-DNAT + # flush the port forwarding iptable rule here + chain="CNI-HOSTPORT-DNAT" + if is_netavark; then + chain="NETAVARK-HOSTPORT-DNAT" + fi + run iptables -t nat -F "$chain" # check that we cannot curl (timeout after 5 sec) run timeout 5 curl -s $SERVER/index.txt if [ "$status" -ne 124 ]; then - die "curl did not timeout, status code: $status" + die "curl did not timeout, status code: $status" fi fi diff --git a/test/system/README.md b/test/system/README.md index fe6d1ed52..76626b6dd 100644 --- a/test/system/README.md +++ b/test/system/README.md @@ -49,6 +49,7 @@ Running tests To run the tests locally in your sandbox, you can use one of these methods: * make;PODMAN=./bin/podman bats ./test/system/070-build.bats # runs just the specified test * make;PODMAN=./bin/podman bats ./test/system # runs all +* make;PODMAN=./bin/podman NETWORK_BACKEND=netavark bats ./test/system # Assert & enable netavark testing To test as root: * $ PODMAN=./bin/podman sudo --preserve-env=PODMAN bats test/system diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 36a88fc10..c622a5172 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -341,6 +341,15 @@ function is_cgroupsv2() { test "$cgroup_type" = "cgroup2fs" } +# True if podman is using netavark +function is_netavark() { + run_podman info --format '{{.Host.NetworkBackend}}' + if [[ "$output" =~ netavark ]]; then + return 0 + fi + return 1 +} + # Returns the OCI runtime *basename* (typically crun or runc). Much as we'd # love to cache this result, we probably shouldn't. function podman_runtime() { -- cgit v1.2.3-54-g00ecf From 1e3115cf42b3abc2cd62427e59ba71851da29b12 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Fri, 28 Jan 2022 15:09:49 -0500 Subject: Cirrus: Log netavark/aardvark binary build info. Enabled by: * https://github.com/containers/netavark/pull/191 * https://github.com/containers/aardvark-dns/pull/36 Signed-off-by: Chris Evich --- contrib/cirrus/logcollector.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/contrib/cirrus/logcollector.sh b/contrib/cirrus/logcollector.sh index 38a15ded1..0cfbf7135 100755 --- a/contrib/cirrus/logcollector.sh +++ b/contrib/cirrus/logcollector.sh @@ -74,6 +74,19 @@ case $1 in echo "Cgroups: " $(stat -f -c %T /sys/fs/cgroup) # Any not-present packages will be listed as such $PKG_LST_CMD "${PKG_NAMES[@]}" | sort -u + + # TODO: Remove this once netavark/aardvark-dns packages are used + if [[ "$TEST_ENVIRON" =~ netavark ]]; then + _npath=/usr/local/libexec/podman/ + for name in netavark aardvark-dns; do + echo "$name binary details:" + if [[ -r "$_npath/${name}.info" ]]; then + cat "$_npath/${name}.info" + else + echo "WARNING: $_npath/${name}.info not found." + fi + done + fi ;; time) # Assumed to be empty/undefined outside of Cirrus-CI (.cirrus.yml) -- cgit v1.2.3-54-g00ecf From 926c3b08ae4cf0d825f48b9a54a1544123be6fb7 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 31 Jan 2022 11:44:52 -0500 Subject: CI: fix nightly builds Nightly builds were failing on CI ever since the Makefile change to have install target independent of build targets. See: e4636ebdc84ca28cf378873435cc9a27c81756f8 This commit ensures everything is built before installation. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar --- contrib/cirrus/setup_environment.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 4e9361152..2ae5c2d77 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -289,11 +289,11 @@ case "$TEST_FLAVOR" in die "Refusing to config. host-test in container"; fi remove_packaged_podman_files - make install PREFIX=/usr ETCDIR=/etc + make && make install PREFIX=/usr ETCDIR=/etc elif [[ "$TEST_ENVIRON" == "container" ]]; then if ((CONTAINER)); then remove_packaged_podman_files - make install PREFIX=/usr ETCDIR=/etc + make && make install PREFIX=/usr ETCDIR=/etc fi else die "Invalid value for \$TEST_ENVIRON=$TEST_ENVIRON" @@ -310,7 +310,7 @@ case "$TEST_FLAVOR" in # Ref: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27270#note_499585550 remove_packaged_podman_files - make install PREFIX=/usr ETCDIR=/etc + make && make install PREFIX=/usr ETCDIR=/etc msg "Installing docker and containerd" # N/B: Tests check/expect `docker info` output, and this `!= podman info` -- cgit v1.2.3-54-g00ecf From afb39f2e477e62963b5acf688ab779897b39c517 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 1 Feb 2022 15:00:28 -0500 Subject: Cirrus: Add [CI:BUILD] magic that only builds This is intended for cases where no code changes were made in this repo. but something did change which could affect the toolchain. For example, `Makefile` or packaging changes. Signed-off-by: Chris Evich --- .cirrus.yml | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index adcbdc9e5..b7d7f94b9 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -227,7 +227,8 @@ validate_task: bindings_task: name: "Test Bindings" alias: bindings - only_if: ¬_docs $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' + # Don't run for [CI:DOCS] or [CI:BUILD] + only_if: ¬_build $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' skip: *branches_and_tags depends_on: - build @@ -307,7 +308,8 @@ consistency_task: alt_build_task: name: "$ALT_NAME" alias: alt_build - only_if: *not_docs + # Don't run for [CI:DOCS]; DO run for [CI:BUILD] + only_if: ¬_docs $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' depends_on: - build env: @@ -336,6 +338,7 @@ alt_build_task: osx_alt_build_task: name: "OSX Cross" alias: osx_alt_build + only_if: *not_docs depends_on: - build env: @@ -361,7 +364,7 @@ docker-py_test_task: name: Docker-py Compat. alias: docker-py_test skip: *tags - only_if: *not_docs + only_if: *not_build depends_on: - build gce_instance: *standardvm @@ -382,7 +385,7 @@ unit_test_task: name: "Unit tests on $DISTRO_NV" alias: unit_test skip: *tags - only_if: *not_docs + only_if: *not_build depends_on: - validate matrix: @@ -407,7 +410,7 @@ unit_test_task: apiv2_test_task: name: "APIv2 test on $DISTRO_NV" alias: apiv2_test - only_if: *not_docs + only_if: *not_build skip: *tags depends_on: - validate @@ -428,7 +431,7 @@ apiv2_test_task: compose_test_task: name: "compose test on $DISTRO_NV ($PRIV_NAME)" alias: compose_test - only_if: *not_docs + only_if: *not_build skip: *tags depends_on: - validate @@ -455,7 +458,7 @@ local_integration_test_task: &local_integration_test_task # name: &std_name_fmt "$TEST_FLAVOR $PODBIN_NAME $DISTRO_NV $PRIV_NAME $TEST_ENVIRON" alias: local_integration_test - only_if: *not_docs + only_if: *not_build skip: *branches_and_tags depends_on: - unit_test @@ -491,7 +494,7 @@ remote_integration_test_task: container_integration_test_task: name: *std_name_fmt alias: container_integration_test - only_if: *not_docs + only_if: *not_build skip: *branches_and_tags depends_on: - unit_test @@ -522,7 +525,7 @@ container_integration_test_task: netavark_integration_test_task: name: "Netavark integration" # using *std_name_fmt here is unreadable alias: netavark_integration_test - only_if: *not_docs + only_if: *not_build skip: *branches_and_tags depends_on: - unit_test @@ -567,7 +570,7 @@ netavark_system_test_task: rootless_integration_test_task: name: *std_name_fmt alias: rootless_integration_test - only_if: *not_docs + only_if: *not_build skip: *branches_and_tags depends_on: - unit_test @@ -592,7 +595,7 @@ local_system_test_task: &local_system_test_task name: *std_name_fmt alias: local_system_test skip: *tags - only_if: *not_docs + only_if: *not_build depends_on: - local_integration_test matrix: *platform_axis @@ -641,7 +644,7 @@ buildah_bud_test_task: name: *std_name_fmt alias: buildah_bud_test skip: *tags - only_if: *not_docs + only_if: *not_build depends_on: - local_integration_test env: @@ -670,7 +673,7 @@ rootless_system_test_task: name: *std_name_fmt alias: rootless_system_test skip: *tags - only_if: *not_docs + only_if: *not_build depends_on: - rootless_integration_test matrix: *platform_axis @@ -689,7 +692,7 @@ rootless_gitlab_test_task: name: *std_name_fmt alias: rootless_gitlab_test skip: *tags - only_if: *not_docs + only_if: *not_build # Community-maintained downstream test may fail unexpectedly. # Ref. repository: https://gitlab.com/gitlab-org/gitlab-runner # If necessary, uncomment the next line and file issue(s) with details. @@ -717,7 +720,7 @@ upgrade_test_task: name: "Upgrade test: from $PODMAN_UPGRADE_FROM" alias: upgrade_test skip: *tags - only_if: $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' || $CIRRUS_CRON != '' + only_if: *not_build depends_on: - local_system_test matrix: @@ -839,7 +842,10 @@ release_task: release_test_task: name: "Optional Release Test" alias: release_test - only_if: $CIRRUS_PR != '' + # Release-PRs are never ever marked with [CI:DOCS] or [CI:BUILD] + only_if: *not_build + # Allow running manually as part of release PR preperation + # see RELEASE_PROCESS.md trigger_type: manual depends_on: - success -- cgit v1.2.3-54-g00ecf From 1656a23359b988a26581a610dcbcc109578ed66e Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Wed, 2 Feb 2022 10:48:16 -0500 Subject: Cirrus: Minor - limit release task applicability This task/test is guaranteed to fail on non-release PRs. Upon reviewing actual practice and the release docs, this task should be limited to PRs with a title containing `release` or `bump` keywords. Also fix a minor comment typo. Ref: https://github.com/containers/podman/pull/13106#pullrequestreview-869855449 Signed-off-by: Chris Evich --- .cirrus.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index b7d7f94b9..00a2257be 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -842,9 +842,9 @@ release_task: release_test_task: name: "Optional Release Test" alias: release_test - # Release-PRs are never ever marked with [CI:DOCS] or [CI:BUILD] - only_if: *not_build - # Allow running manually as part of release PR preperation + # Release-PRs always include "release" or "Bump" in the title + only_if: $CIRRUS_CHANGE_TITLE =~ '.*((release)|(bump)).*' + # Allow running manually only as part of release-related builds # see RELEASE_PROCESS.md trigger_type: manual depends_on: -- cgit v1.2.3-54-g00ecf From e5644bbf13f6600f7bfee5bcf9b0dfa641d60d5d Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Fri, 4 Feb 2022 11:41:26 -0500 Subject: Cirrus: Expand netavark testing to include rootless The list of netavark/aardvark-dns tasks is likely to be ever-growing for the near-term. Consolidate them into a single task entry with a matrix attribute to make future expansions less YAML-duplicative. Also, re-arrange it to fall in-between the CNI integration and system task sections. Signed-off-by: Chris Evich --- .cirrus.yml | 73 ++++++++++++++++++++++++++----------------------------------- 1 file changed, 31 insertions(+), 42 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 00a2257be..bd5de4a63 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -521,22 +521,20 @@ container_integration_test_task: always: *int_logs_artifacts -# Run the integration tests using the latest upstream build of netavark. -netavark_integration_test_task: - name: "Netavark integration" # using *std_name_fmt here is unreadable - alias: netavark_integration_test +# Execute most integration tests as a regular (non-root) user. +rootless_integration_test_task: + name: *std_name_fmt + alias: rootless_integration_test only_if: *not_build skip: *branches_and_tags depends_on: - unit_test + matrix: *platform_axis gce_instance: *standardvm + timeout_in: 90m env: - DISTRO_NV: ${FEDORA_NAME} - _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} TEST_FLAVOR: int - TEST_ENVIRON: host-netavark + PRIV_NAME: rootless clone_script: *noop # Comes from cache gopath_cache: *ro_gopath_cache setup_script: *setup @@ -544,42 +542,34 @@ netavark_integration_test_task: always: *int_logs_artifacts -netavark_system_test_task: - name: "Netavark system" - alias: netavark_system_test - skip: *tags - only_if: *not_build - depends_on: - - netavark_integration_test - gce_instance: *standardvm - env: - DISTRO_NV: ${FEDORA_NAME} - _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - TEST_ENVIRON: host-netavark - TEST_FLAVOR: sys - clone_script: *noop # Comes from cache - gopath_cache: *ro_gopath_cache - setup_script: *setup - main_script: *main - always: *logs_artifacts - - -# Execute most integration tests as a regular (non-root) user. -rootless_integration_test_task: - name: *std_name_fmt - alias: rootless_integration_test +# Run various scenarios using upstream netavark/aardvark-dns binaries +netavark_task: + name: "Netavark $TEST_FLAVOR $PODBIN_NAME $PRIV_NAME" + alias: netavark only_if: *not_build skip: *branches_and_tags depends_on: - unit_test - matrix: *platform_axis gce_instance: *standardvm - timeout_in: 90m - env: - TEST_FLAVOR: int - PRIV_NAME: rootless + matrix: + - env: &nenv + DISTRO_NV: ${FEDORA_NAME} + _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} + VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} + CTR_FQIN: ${FEDORA_CONTAINER_FQIN} + TEST_FLAVOR: int + TEST_ENVIRON: host-netavark + - env: + <<: *nenv + TEST_FLAVOR: int + PRIV_NAME: rootless + - env: + <<: *nenv + TEST_FLAVOR: sys + - env: + <<: *nenv + TEST_FLAVOR: sys + PRIV_NAME: rootless clone_script: *noop # Comes from cache gopath_cache: *ro_gopath_cache setup_script: *setup @@ -795,9 +785,8 @@ success_task: - local_integration_test - remote_integration_test - container_integration_test - - netavark_integration_test - - netavark_system_test - rootless_integration_test + - netavark - local_system_test - remote_system_test - rootless_system_test -- cgit v1.2.3-54-g00ecf From a6fbfd47c9d11c8e98dd4fc668af86f2554996d0 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Fri, 11 Feb 2022 11:42:57 -0500 Subject: Cirrus: TODO: netavark/aardvark release branches Signed-off-by: Chris Evich --- .cirrus.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index bd5de4a63..c1923897c 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -8,9 +8,9 @@ env: # Name of the ultimate destination branch for this CI run, PR or post-merge. DEST_BRANCH: "v4.0" # Netavark branch to use when TEST_ENVIRON=host-netavark - NETAVARK_BRANCH: "main" + NETAVARK_BRANCH: "main" # TODO: This should point to a release branch # Aardvark branch to use - AARDVARK_BRANCH: "main" + AARDVARK_BRANCH: "main" # TODO: This should also be a release branch # Overrides default location (/tmp/cirrus) for repo clone GOPATH: &gopath "/var/tmp/go" GOBIN: "${GOPATH}/bin" -- cgit v1.2.3-54-g00ecf