From 7cdb00a4592b0283088382997c063a1e93305efc Mon Sep 17 00:00:00 2001
From: Ed Santiago <santiago@redhat.com>
Date: Mon, 24 Jan 2022 09:58:34 -0700
Subject: CI: enable rootless-remote system tests

Minimal: only test Fedora.Latest.

Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests:
        https://github.com/containers/podman/issues/12989

Requires skipping two recently-added tests that use 'podman unshare',
which doesn't work on remote.

Signed-off-by: Ed Santiago <santiago@redhat.com>
---
 .cirrus.yml                  | 21 +++++++++++++++++++++
 test/system/160-volumes.bats |  2 ++
 test/system/410-selinux.bats |  3 ++-
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/.cirrus.yml b/.cirrus.yml
index c33ed9c0c..1bbd41b22 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -561,6 +561,26 @@ remote_system_test_task:
         TEST_FLAVOR: sys
         PODBIN_NAME: remote
 
+rootless_remote_system_test_task:
+    <<: *local_system_test_task
+    alias: rootless_remote_system_test
+    depends_on:
+      - remote_integration_test
+    matrix:
+      # Minimal sanity testing: only the latest Fedora
+      - env:
+          DISTRO_NV: ${FEDORA_NAME}
+          # Not used here, is used in other tasks
+          VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
+          CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
+          # ID for re-use of build output
+          _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID}
+    gce_instance: *standardvm
+    env:
+        TEST_FLAVOR: sys
+        PODBIN_NAME: remote
+        PRIV_NAME: rootless
+
 buildah_bud_test_task:
     name: *std_name_fmt
     alias: buildah_bud_test
@@ -716,6 +736,7 @@ success_task:
         - local_system_test
         - remote_system_test
         - rootless_system_test
+        - rootless_remote_system_test
         - rootless_gitlab_test
         - upgrade_test
         - buildah_bud_test
diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats
index 3f2d7f6bb..a3c972b3e 100644
--- a/test/system/160-volumes.bats
+++ b/test/system/160-volumes.bats
@@ -213,6 +213,8 @@ EOF
 # Podman volume user test
 @test "podman volume user test" {
     is_rootless || skip "only meaningful when run rootless"
+    skip_if_remote "not applicable on podman-remote"
+
     user="1000:2000"
     newuser="100:200"
     tmpdir=${PODMAN_TMPDIR}/volume_$(random_string)
diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats
index dbdfd4b9d..056a056f6 100644
--- a/test/system/410-selinux.bats
+++ b/test/system/410-selinux.bats
@@ -245,7 +245,8 @@ function check_label() {
     is "$output" "system_u:object_r:container_file_t:$level $tmpdir" \
        "Confined Relabel Correctly"
 
-    if is_rootless; then
+    # podman-remote has no 'unshare'
+    if is_rootless && ! is_remote; then
        run_podman unshare touch $tmpdir/test1
        # Relabel entire directory
        run_podman unshare chcon system_u:object_r:usr_t:s0 $tmpdir
-- 
cgit v1.2.3-54-g00ecf