using the factory approach similar to container, we now create pods based on a pod spec generator. wired up the podmanv2 pod create command, podcreatewithspec binding, simple binding test, and apiv2 endpoint.
also included some code refactoring as it introduced as easy circular import.
Signed-off-by: Brent Baude <bbaude@redhat.com>
The `pause:3.1` has wrong configs for non-amd64 images as they all claim
to be for amd64. The issue has now been fixed in the latest
`pause:3.2`.
[1] https://github.com/kubernetes/kubernetes/issues/87325
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Update the podman pod ps command to support filtering by labels.
This brings the command in line with the documentation as well as
the functionality by the containers equivalent podman ps.
Signed-off-by: Stefano Pogliani <stefano@spogliani.net>
when removing networks in integration tests, we should should force; otherwise if the network has containers associated with it, it will fail to remove.
Signed-off-by: Brent Baude <bbaude@redhat.com>
* Add second go routine for when a Timer is not needed.
* goimports updated some project files
Fixes#5531
Signed-off-by: Jhon Honce <jhonce@redhat.com>
when building images, we can now add the os and arch of the image using overrides from the commandline. the commandline options set sane defaults so we use those as well.
Fixes: #5503
Signed-off-by: Brent Baude <bbaude@redhat.com>
the podman generated systemd service file has `Type=forking` service,
so the command after `ExecStart=` should not run in front.
if someone created a container and has the detach(`-d`) param missing
like this
```
podman create --name ngxdemo -P nginxdemos/hello
```
and generate the file with `--new` param:
```
podman generate systemd --name --new ngxdemo
```
because `podman run xxx` has no `-d` param,
so the container is not run in background and nerver exit.
and systemd will fail to start the service:
```
sudo systemctl start container-ngxdemo.service
Job for container-ngxdemo.service failed because a timeout was exceeded.
See "systemctl status container-ngxdemo.service" and "journalctl -xe" for details.
```
Signed-off-by: 荒野無燈 <ttys3@outlook.com>
The recently-added 'run --rmi' test was not actually doing
what it thinks it was doing: for one, 'run_podman | grep'
is never going to work; also, the test was leaving behind
stray images.
Rework to do what I believe the intention was; and, combine
into one test (down from two) for readability.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Remove leading slashes from the run-dir paths. It was meant to make it
explicit that we're dealing with an absolute path but user feedback has
shown that most are aware. It also cleans up the path in the systemctl
status output.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
The --rmi flag will delete the container image after its execution
unless that image is already been used by another container(s).
This is useful when one wants to execute a container once and remove
any resources attached to it.
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
This introduces a new cirrus helper script, logformatter.
Usage is:
[commands...] | logformatter TEST-NAME
It reformats its input into a readable, highlighed, linkable
form. Some features:
- boring stuff (timestamps, standard podman options) is
deemphasized
- important stuff (warnings, errors) is emphasized
- in-page links to the actual failures
- active links to source files
- jumps to bottom of page on load, because that's where
the errors are. (All errors are linked)
Add it to select test commands (integration, system) and
add a new artifacts_html, run in the 'always' block, which
uploads generated *.log.html into Cirrus; from there we
generate a live URL that can be viewed in browser.
Unfortunately, due to security concerns in Cirrus, it is
not currently possible to make the link a live one.
Kludge: add a line of dashes after Restoring images; without this,
the first test ("systemd PID 1") has no dashes before it, so
logformatter doesn't see it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This patch allows users to specify the list of capabilities required
to run their container image.
Setting a image/container label "io.containers.capabilities=setuid,setgid"
tells podman that the contained image should work fine with just these two
capabilties, instead of running with the default capabilities, podman will
launch the container with just these capabilties.
If the user or image specified capabilities that are not in the default set,
the container will print an error message and will continue to run with the
default capabilities.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
API v2 has been quiet for a few days, and the test script is
actually passing. Let's take advantage of this opportunity
to get them running in CI.
Requires adding a check for cgroupsv2
Signed-off-by: Ed Santiago <santiago@redhat.com>
This corrects a regression from Podman 1.4.x where container exec
sessions inherited supplemental groups from the container, iff
the exec session did not specify a user.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
9f69c4eca (part of the f31 pr, #3091) semi-broke the kill test,
there's now an ugly warning:
setup(): removing stray images quay.io/libpod/fedora-minimal:latest 7bb5a60e8a78
The comments also didn't actually explain the problem
being addressed, and included a misleading reference
to busybox.
Here we switch to using fedora-minimal only with podman-remote,
clean it up (rmi) when finished, and include an explanation in
the comments about why this is needed; making it clear that
this workaround can be removed once we get rid of podman-remote.
We also reformat back to 80 columns.
Signed-off-by: Ed Santiago <santiago@redhat.com>
instead of searching the fedora registry which is error prone, we instead search a local registry for the empty set search.
when running two containers with the same IP, i suspect the first container has not fully gotten its ip information back from cni when the second container fires. rework this test such that we use nginx to make sure the container is up and running before continues which should pace the subsequent test.
Signed-off-by: Brent Baude <bbaude@redhat.com>
When inspecting containers, info on CNI networks added to the
container by name (e.g. --net=name1) should be displayed
separately from the configuration of the default network, in a
separate map called Networks.
This patch adds this separation, improving our Docker
compatibility and also adding the ability to see if a container
has more than one IPv4 and IPv6 address and more than one MAC
address.
Fixes#4907
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
It's possible/likely the container image for the test will need to be
pulled as part of the `run` command. Due to the way BATS handles
output, messages regarding image-pull could be misinterpreted as the
container's CID. Force the CID to be obtained by only the last line of
output.
Signed-off-by: Chris Evich <cevich@redhat.com>
Sometime between 10th and 23rd of Feb. 2020, the behavior of crun
changed. Upon consulting with Giuseppe, the podman run tests for
`device-read-*` and `device-write-*` do not depend on the container
output for success, only the exit code. Add a comment and conditional
regarding this in case of cgroupsv2. Also noted that these tests
will likely require future refactoring/simplification.
Signed-off-by: Chris Evich <cevich@redhat.com>
Looks like /libpod/pods/create has been fixed to return an
actual pod ID. Extend those tests.
Also, update timeout in the server command: it's now seconds,
not milliseconds.
Also, update FIXME comments in /pods/prune . Still doesn't
work, but clarify what we're seeing.
Also, add a new test that runs ten /info requests and
barfs if it takes more than 5 seconds.
Signed-off-by: Ed Santiago <santiago@redhat.com>
1) Help message for podman port was missing [PORT]
2) Add test for 'podman port'. And, actually, an entire
networking test that I'd written some weeks ago but
apparently didn't 'git add'.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well.
Fixes: #5299
Signed-off-by: Brent Baude <bbaude@redhat.com>
