From dc70382886c9ae14c57277eabe3d2ce552c618fd Mon Sep 17 00:00:00 2001
From: Chris Evich <cevich@redhat.com>
Date: Mon, 2 Aug 2021 16:22:59 -0400
Subject: Fix AVC denials in tests of volume mounts

This becomes a problem on hosts with upgraded policies.  Ref:
https://github.com/containers/podman/issues/10522

Also, made a small change to compose-test setup to reduce runtime.

Signed-off-by: Chris Evich <cevich@redhat.com>
---
 contrib/cirrus/setup_environment.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'contrib/cirrus/setup_environment.sh')

diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index 3f2176fd6..e4c95631c 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -208,7 +208,7 @@ case "$TEST_FLAVOR" in
     unit) ;;
     apiv2) ;&  # use next item
     compose)
-        dnf install -y $PACKAGE_DOWNLOAD_DIR/podman-docker*
+        rpm -ivh $PACKAGE_DOWNLOAD_DIR/podman-docker*
         ;&  # continue with next item
     int) ;&
     sys) ;&
-- 
cgit v1.2.3-54-g00ecf


From 9dd088e555870c6bf149f9d83a5095880580a56a Mon Sep 17 00:00:00 2001
From: Chris Evich <cevich@redhat.com>
Date: Tue, 17 Aug 2021 13:03:31 -0400
Subject: Cirrus: Confirm CGv1 / CGv2 VM expectations

Signed-off-by: Chris Evich <cevich@redhat.com>
---
 contrib/cirrus/setup_environment.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'contrib/cirrus/setup_environment.sh')

diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index e4c95631c..d0c348d58 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -77,6 +77,13 @@ case "$CG_FS_TYPE" in
             else
                 echo "OCI_RUNTIME=runc" >> /etc/ci_environment
             fi
+
+            # As a general policy CGv1 + runc should coincide with the "older"
+            # VM Images in CI.  Verify this is the case.
+            if [[ -n "$VM_IMAGE_NAME" ]] && [[ ! "$VM_IMAGE_NAME" =~ prior ]]
+            then
+                die "Most recent distro. version should never run with CGv1"
+            fi
         fi
         ;;
     cgroup2fs)
@@ -85,6 +92,13 @@ case "$CG_FS_TYPE" in
             # which uses runc as the default.
             warn "Forcing testing with crun instead of runc"
             echo "OCI_RUNTIME=crun" >> /etc/ci_environment
+
+            # As a general policy CGv2 + crun should coincide with the "newer"
+            # VM Images in CI.  Verify this is the case.
+            if [[ -n "$VM_IMAGE_NAME" ]] && [[ "$VM_IMAGE_NAME" =~ prior ]]
+            then
+                die "Least recent distro. version should never run with CGv2"
+            fi
         fi
         ;;
     *) die_unknown CG_FS_TYPE
-- 
cgit v1.2.3-54-g00ecf