We used to not allow the use of -a/-i on containers that were not
started with -i or a tty. Given the improvements in our terminal
handling, this should work now.
This also fixes a systemic problem with the autotests.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #617
Approved by: baude
The secrets code was just tarring and copying the contents of the secrets directory on host as is.
This meant it was not accounting for any symlinks inside the directory, leading up to the contents
not being copied over.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #611
Approved by: mheon
We leak open files when creating new c/storage stores (locks do
not close themselves, so the open FDs in the test suite increase
every time we use c/storage to load cached images for the tests).
Fix this temporarily by increasing rlimits on open files until we
can create a permanent fix next release.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #615
Approved by: baude
--group-add
--blkio-weight-device
--device-read-bps
--device-write-bps
--device-read-iops
--device-write-iops
--group-add now supports group names as well as the gid associated with them.
All the --device flags work now with moderate changes to the code to support both
bps and iops.
Added tests for all the flags.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #590
Approved by: mheon
In our ezrly development, we always allocated a tty when not -d. Now we should only allocated when the user asks for it.
Resolves: #573
Signed-off-by: baude <bbaude@redhat.com>
Closes: #574
Approved by: rhatdan
Use a socket to coordinate between the test suite and the container and its
script.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #567
Approved by: rhatdan
We should allow users to pass in image ids with the sha256: prefix
for local images.
Resolves: #493
Signed-off-by: baude <bbaude@redhat.com>
Closes: #560
Approved by: baude
Adds support for mounting secrets especially on RHEL where the container
can use the host subsription to run yum
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #544
Approved by: rhatdan
If the user does not specify foo=bar, then the exec code should
look for the foo environment variable in its environment and pass it
in. This is the way podman run works.
Also added tests to make sure this all works.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #552
Approved by: mheon
An image name is really just a tag. When an image has multiple tags, we should be
able to "delete" the one of its tags without harm. In this case, the "delete' is
really a form of Untag (removing the tag from the image).
If an image has multiple tags and the user tries to delete by ID without force, this
should be denied because when you delete by ID there is no distinguishing it like
image tags.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #528
Approved by: mheon
Migrate the podman create and commit subcommandis to leverage the images library. I also had
to migrate the cmd/ portions of run and rmi.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #498
Approved by: mheon
As Matt pointed out, when running sleep in a container, the clean up was taking a
full ten seconds to stop container because sleep does not catch SIGTERM which is
the default podman stop signal and it had to wait for SIGKILL. Changing sleep to
top should result in better test times.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #492
Approved by: rhatdan
As podman-images(1) had some issues correctly reporting all RepoTags of
an image (in the default format), extend the e2e tests to avoid running
into similar in the future.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #477
Approved by: rhatdan
Due to the way ps arguments work, it was possible to display pids
that dont below to the container in top output. We now filter pids
that dont belong to the container out of the output. This also means
the pid column must be present in the output or we throw an error.
This resolves issue #391
Signed-off-by: baude <bbaude@redhat.com>
Closes: #400
Approved by: rhatdan
When trying to tag an alias (tag) of an image using only the shortname
and no tag, we were unable to find the image in storage. This corrects
that issue and adds an integration test to protect against regression. I
also updated the man page per the filed issue.
While writing the integration test, I discovered that inspect could also
not find a tagged image without its :tag.
Resolves Issue #385
Resolves Issue #384
Signed-off-by: baude <bbaude@redhat.com>
Closes: #398
Approved by: mheon
When creating container storage by name, if that name is a tagged image then the storage
could not be found. We now use the image id which seems more reliable. Also added an
integration test to protect against regression.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #393
Approved by: mheon
The exit codes for 126 and 127 were reversed. For the record, the exit
codes used are as follows:
* 125 if ‘chroot’ itself fails
* 126 if COMMAND is found but cannot be invoked
* 127 if COMMAND cannot be found
This resolves issue #367
Signed-off-by: baude <bbaude@redhat.com>
Closes: #378
Approved by: baude
Inspect should be able to inspect one or more containers depending
on the user input. Therefore, inspect output should be in array
format so the consumer could potentially iterate it. This PR allows
users to specify one more or containers|images|or a mix for
inspection. The output, as stated, is therefore in array form. This
holds true even for a singular image.
In the case that the user enters an invalid container|image "name", we
handle that gracefully. Podman will output json for the valid names
until it reaches the invalid one. For example:
In this case, podman will out the json for alpine and then print an
error about 123 being invalid. It will not continute onto busybox.
This behavior imatates docker.
This addresses issue #360
Signed-off-by: baude <bbaude@redhat.com>
Closes: #371
Approved by: baude
Previous code was using slow routines to collect some of the information
needed to output images. Specifically size was being calculated instead
of using the cached, already known size already available. Also, straight-
lined several of the code paths. Overall assessment is that these
improvements cut the time for images in half.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #365
Approved by: mheon
We should be able to run nested podman containers in particular
for our testing environment. i.e. eat our own dog food.
Some privileges had to be corrected in order for this to work
correctly.
Added a third papr target that runs podman tests inside podman. I
marked the test as not required right now as we get more confident
in the results
Signed-off-by: baude <bbaude@redhat.com>
Closes: #340
Approved by: rhatdan
When using podman to pull an image, print the image id after
the image is pulled.
Resolves issue #329
Signed-off-by: baude <bbaude@redhat.com>
Closes: #342
Approved by: rhatdan
When an image does not have an ENTRYPOINT nor a CMD and the
user does not provide a command in the CLI, we should fail
gracefully.
This resolves issue #328
Signed-off-by: baude <bbaude@redhat.com>
Closes: #333
Approved by: mheon
When running a privileged container, it should inherit the same
devices the host has.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #330
Approved by: mheon
Changing these fields caused the output of podman inspect to more
closely match docker inspect.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #306
Approved by: mheon
When an image has an ENTRYPOINT defined, we should be honoring it. The
problem is described in issue #321.
Also, added buildah binary to test runtimes for testing entrypoint and
will also allow us to test podman build as well.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #322
Approved by: rhatdan
Rework port code for generalized clean up and to address
issue #269 where additional portbindings between host
and containers we being introduced by error.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #308
Approved by: mheon
Fix issues with tailing of container logs as described
in issue #16. Also add in the ability to use a duration or
known time stamp formats for the --since flag.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #317
Approved by: mheon
Completion of the migration from bats to ginkgo. This includes:
* load
* mount
* pause
* port
* run_networking
* search
Note: build will be done within a different PR
Signed-off-by: baude <bbaude@redhat.com>
If the output is to a terminal, return a new line at the end of the
output so that the output is visually appealing. If the output is being
piped, or saved to a file, basically not being outputted to a terminal, do
not print a new line at the end of the output. This ensures any further data
manipulation with the results happens smoothly without requiring to remember
the '/n' at the end of the output.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Made a change to make sure that the output paths of podman inspect
matches that of docker inspect. For example to get the stop signal
you should be able to do podman inspect ctr --format {{.Config.StopSignal}}
and the same thing in docker will give the same results.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #292
Approved by: rhatdan
Migrate the diff, exec, export, and history bats tests to
the ginkgo test suite.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #287
Approved by: baude
Issue #169 describes a common failure when running podman top where
if the commands inside the container container a space in them, podman
will panic. This was occuring because we take the output from ps and
attempt to format it nicely for output and things like JSON. Given that
this cannot be predicted or dealt with programatically, the decision was
made to deprecate the format switch and simply output what ps provides
us.
Migrated top integration tests to ginkgo.
Resolves Issue: https://github.com/projectatomic/libpod/issues/169
Signed-off-by: baude <bbaude@redhat.com>
Closes: #291
Approved by: rhatdan
In order to have sd_notify from systemd to work in containers
we need to pass down the NOTIFY_SOCKET environment variable to
the container.
LISTEN_FDS, tells the application inside of the container to use
socket activation and grab the FDS that are leaked into the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #271
Approved by: umohnani8
Migrate create and commit bats tests to the ginkgo
test suite. In doing so, some structures had to be
moved to pkg/podmanstructs/podmanstructs.go so we
could do better verification of test results.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #286
Approved by: rhatdan
When network == none, the container should only have a
loopback interface and that's it.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #176
Approved by: baude
Migrate ps, pull, push, and rm from bats to ginkgo.
Also, fixed a conditional issue with adding ports
when an image defines the port and the user wants
to override it.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #277
Approved by: baude
This implements the ginkgo integration test framework for
podman. As tests are migrated from bats to ginkgo, we will
still run both integration suites. When a test is migrated,
we remove the tests from bats at that time. All new tests
should be just for the ginkgo framework.
One exception is that we only run the ginkgo suit in the
travis/ubuntu environment. The CentOS and Fedora PAPR nodes
will more than cover those.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #261
Approved by: baude