2021-02-18 11:11:29 +00:00
#!/usr/bin/env bats -*- bats -*-
2019-10-29 21:08:15 +00:00
#
2021-02-18 11:11:29 +00:00
# Test podman play
#
load helpers
2021-02-24 21:24:26 +00:00
# This is a long ugly way to clean up pods and remove the pause image
function teardown() {
2021-09-30 18:43:39 +00:00
run_podman pod rm -t 0 -f -a
run_podman rm -t 0 -f -a
2021-02-24 21:24:26 +00:00
run_podman image list --format '{{.ID}} {{.Repository}}'
while read id name; do
if [[ "$name" =~ /pause ]]; then
run_podman rmi $id
fi
done <<<"$output"
basic_teardown
}
2021-02-18 11:11:29 +00:00
testYaml="
2019-10-29 21:08:15 +00:00
apiVersion: v1
kind: Pod
metadata:
labels:
app: test
2021-02-18 11:11:29 +00:00
name: test_pod
2019-10-29 21:08:15 +00:00
spec:
containers:
- command:
- sleep
System tests: tighten 'is' operator
Fix day-one sloppiness: when I first wrote this framework
it compared strings using 'expr', not '=', to be more
forgiving of extra cruft in output. This was a bad decision.
It means that warnings or additional text are ignored:
is "all is ok, NOT!" "all is ok" <-- this would pass
Solution: tighten up the 'is' check. Use '=' (direct
compare) first. If it fails, look for wild cards ('*')
or character classes ('[') in the expect string. If
so, and only then, use 'expr'. And, thanks to a clever
suggestion from Luap99, include '(using expr)' in the
error message when we do so; this could make it easier
for a developer to understand a string mismatch.
This change exposes a lot of instances in which we weren't
doing proper comparisons. Fix those. Thankfully, there
weren't as many as I'd feared.
Also, and completely unrelated, add '-T' flag to bats
helper, for showing timing results. (I will open this
as a separate PR if requested. I too find it offensive
to jumble together unrelated commits.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-28 13:13:51 +00:00
- \"100\"
2019-10-29 21:08:15 +00:00
env:
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- name: TERM
value: xterm
- name: container
value: podman
2021-02-24 21:24:26 +00:00
image: $IMAGE
2019-10-29 21:08:15 +00:00
name: test
resources: {}
securityContext:
2019-11-04 23:07:58 +00:00
runAsUser: 1000
runAsGroup: 3000
fsGroup: 2000
2019-10-29 21:08:15 +00:00
allowPrivilegeEscalation: true
capabilities: {}
privileged: false
seLinuxOptions:
System tests: tighten 'is' operator
Fix day-one sloppiness: when I first wrote this framework
it compared strings using 'expr', not '=', to be more
forgiving of extra cruft in output. This was a bad decision.
It means that warnings or additional text are ignored:
is "all is ok, NOT!" "all is ok" <-- this would pass
Solution: tighten up the 'is' check. Use '=' (direct
compare) first. If it fails, look for wild cards ('*')
or character classes ('[') in the expect string. If
so, and only then, use 'expr'. And, thanks to a clever
suggestion from Luap99, include '(using expr)' in the
error message when we do so; this could make it easier
for a developer to understand a string mismatch.
This change exposes a lot of instances in which we weren't
doing proper comparisons. Fix those. Thankfully, there
weren't as many as I'd feared.
Also, and completely unrelated, add '-T' flag to bats
helper, for showing timing results. (I will open this
as a separate PR if requested. I too find it offensive
to jumble together unrelated commits.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-28 13:13:51 +00:00
level: \"s0:c1,c2\"
2019-10-29 21:08:15 +00:00
readOnlyRootFilesystem: false
2021-05-14 09:56:24 +00:00
volumeMounts:
- mountPath: /testdir:z
name: home-podman-testdir
2019-10-29 21:08:15 +00:00
workingDir: /
2021-05-14 09:56:24 +00:00
volumes:
- hostPath:
path: TESTDIR
type: Directory
name: home-podman-testdir
2019-10-29 21:08:15 +00:00
status: {}
2021-02-18 11:11:29 +00:00
"
2021-05-14 09:56:24 +00:00
RELABEL="system_u:object_r:container_file_t:s0"
2021-02-18 11:11:29 +00:00
@test "podman play with stdin" {
2021-05-14 09:56:24 +00:00
TESTDIR=$PODMAN_TMPDIR/testdir
mkdir -p $TESTDIR
echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
2021-02-18 11:11:29 +00:00
run_podman play kube - < $PODMAN_TMPDIR/test.yaml
2021-05-14 09:56:24 +00:00
if [ -e /usr/sbin/selinuxenabled -a /usr/sbin/selinuxenabled ]; then
run ls -Zd $TESTDIR
System tests: tighten 'is' operator
Fix day-one sloppiness: when I first wrote this framework
it compared strings using 'expr', not '=', to be more
forgiving of extra cruft in output. This was a bad decision.
It means that warnings or additional text are ignored:
is "all is ok, NOT!" "all is ok" <-- this would pass
Solution: tighten up the 'is' check. Use '=' (direct
compare) first. If it fails, look for wild cards ('*')
or character classes ('[') in the expect string. If
so, and only then, use 'expr'. And, thanks to a clever
suggestion from Luap99, include '(using expr)' in the
error message when we do so; this could make it easier
for a developer to understand a string mismatch.
This change exposes a lot of instances in which we weren't
doing proper comparisons. Fix those. Thankfully, there
weren't as many as I'd feared.
Also, and completely unrelated, add '-T' flag to bats
helper, for showing timing results. (I will open this
as a separate PR if requested. I too find it offensive
to jumble together unrelated commits.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-28 13:13:51 +00:00
is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened"
2021-05-14 09:56:24 +00:00
fi
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
run_podman stop -a -t 0
2021-09-30 18:43:39 +00:00
run_podman pod rm -t 0 -f test_pod
2021-02-18 11:11:29 +00:00
}
@test "podman play" {
2021-05-14 09:56:24 +00:00
TESTDIR=$PODMAN_TMPDIR/testdir
mkdir -p $TESTDIR
echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml
2021-02-18 11:11:29 +00:00
run_podman play kube $PODMAN_TMPDIR/test.yaml
2021-05-14 09:56:24 +00:00
if [ -e /usr/sbin/selinuxenabled -a /usr/sbin/selinuxenabled ]; then
run ls -Zd $TESTDIR
System tests: tighten 'is' operator
Fix day-one sloppiness: when I first wrote this framework
it compared strings using 'expr', not '=', to be more
forgiving of extra cruft in output. This was a bad decision.
It means that warnings or additional text are ignored:
is "all is ok, NOT!" "all is ok" <-- this would pass
Solution: tighten up the 'is' check. Use '=' (direct
compare) first. If it fails, look for wild cards ('*')
or character classes ('[') in the expect string. If
so, and only then, use 'expr'. And, thanks to a clever
suggestion from Luap99, include '(using expr)' in the
error message when we do so; this could make it easier
for a developer to understand a string mismatch.
This change exposes a lot of instances in which we weren't
doing proper comparisons. Fix those. Thankfully, there
weren't as many as I'd feared.
Also, and completely unrelated, add '-T' flag to bats
helper, for showing timing results. (I will open this
as a separate PR if requested. I too find it offensive
to jumble together unrelated commits.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-28 13:13:51 +00:00
is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened"
2021-05-14 09:56:24 +00:00
fi
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
run_podman stop -a -t 0
2021-09-30 18:43:39 +00:00
run_podman pod rm -t 0 -f test_pod
2021-02-18 11:11:29 +00:00
}
2021-05-18 14:37:54 +00:00
2021-06-29 18:18:46 +00:00
@test "podman play --network" {
TESTDIR=$PODMAN_TMPDIR/testdir
mkdir -p $TESTDIR
echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml
run_podman 125 play kube --network bridge $PODMAN_TMPDIR/test.yaml
2021-08-11 14:09:05 +00:00
is "$output" ".*invalid value passed to --network: bridge or host networking must be configured in YAML" "podman plan-network should fail with --network host"
2021-06-29 18:18:46 +00:00
run_podman 125 play kube --network host $PODMAN_TMPDIR/test.yaml
2021-08-11 14:09:05 +00:00
is "$output" ".*invalid value passed to --network: bridge or host networking must be configured in YAML" "podman plan-network should fail with --network host"
2021-06-29 18:18:46 +00:00
run_podman play kube --network slirp4netns:port_handler=slirp4netns $PODMAN_TMPDIR/test.yaml
2021-09-07 16:24:22 +00:00
run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}"
infraID="$output"
run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID
is "$output" "slirp4netns" "network mode slirp4netns is set for the container"
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
run_podman stop -a -t 0
2021-09-30 18:43:39 +00:00
run_podman pod rm -t 0 -f test_pod
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
2021-09-07 16:24:22 +00:00
run_podman play kube --network none $PODMAN_TMPDIR/test.yaml
run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}"
infraID="$output"
run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID
is "$output" "none" "network mode none is set for the container"
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
run_podman stop -a -t 0
2021-09-30 18:43:39 +00:00
run_podman pod rm -t 0 -f test_pod
2021-06-29 18:18:46 +00:00
}
2021-05-18 14:37:54 +00:00
@test "podman play with user from image" {
TESTDIR=$PODMAN_TMPDIR/testdir
mkdir -p $TESTDIR
testUserYaml="
apiVersion: v1
kind: Pod
metadata:
labels:
app: test
name: test_pod
spec:
containers:
- command:
- id
env:
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- name: TERM
value: xterm
- name: container
value: podman
image: userimage
name: test
resources: {}
status: {}
"
cat > $PODMAN_TMPDIR/Containerfile << _EOF
from $IMAGE
USER bin
_EOF
echo "$testUserYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml
run_podman build -t userimage $PODMAN_TMPDIR
run_podman play kube --start=false $PODMAN_TMPDIR/test.yaml
run_podman inspect --format "{{ .Config.User }}" test_pod-test
is "$output" bin "expect container within pod to run as the bin user"
System tests: speed up. They've gotten too slow.
- logs: remove unnecessary sleeps. This saves ~25s.
Unfortunately, journald seems to have some sort of lag,
so we need to keep retrying until we get the 'after' string.
- ps: add placeholder test for once buildah 3544 is fixed
- cp: bulk-kill containers when finished, instead of one by one.
This is a big change and only saves about 8s per run, but hey.
- mount,pause,healthcheck: 'podman stop -t 0' before rm'ing containers.
Easy 50s.
Have I mentioned, lately, that 'podman rm -f' needs a '-t 0' flag?
- play: same, and also 'podman pod stop'. Seems to shave ~20s.
- socket-activation: UGH! Buggy and useless tests! They were
running "sleep 90" containers for no reason whatsoever. I
assume the intention was to run them with "-d", so that's
what I've done here. Also fixed some language. 180 seconds!
(Unrelated: cleanup in 070-build, use $IMAGE, not alpine)
Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-09-27 17:36:31 +00:00
run_podman stop -a -t 0
2021-09-30 18:43:39 +00:00
run_podman pod rm -t 0 -f test_pod
2021-09-01 17:29:59 +00:00
run_podman rmi -f userimage:latest
2021-05-18 14:37:54 +00:00
}
