container/podman
container/podman
1
0
Fork 0
mirror of https://github.com/containers/podman synced 2024-10-21 01:34:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
podman/test/system/070-build.bats
Ed Santiago 4060b77157 BATS: fix corner case in --userns=keep-id test 
The test that does 'adduser' in a keep-id container had a
really dumb bug: if the user running the test has UID 1000,
then podman itself (via keep-id) will add the "1000" passwd
entry, and the in-container "adduser" will allocate 1001,
making our test fail. This triggered in f31/f32 podman gating
tests, but (?!?) never in rawhide gating tests.

Solution: explicitly feed a UID to adduser. Make sure that
it's not the same as the UID of the current user.

Also (unrelated): fix a ridiculous "run mkdir || die". At
the time I wrote that I probably had no idea how BATS works.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-08-27 12:58:13 -06:00

288 lines
9.9 KiB
Bash
Raw Blame History

#!/usr/bin/env bats -*- bats -*-
#
# Tests for podman build
#
load helpers
@test "podman build - basic test" {
skip_if_remote "FIXME: pending #7136"
rand_filename=$(random_string 20)
rand_content=$(random_string 50)
tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir
dockerfile=$tmpdir/Dockerfile
cat >$dockerfile <<EOF
FROM $IMAGE
RUN apk add nginx
RUN echo $rand_content > /$rand_filename
EOF
# The 'apk' command can take a long time to fetch files; bump timeout
PODMAN_TIMEOUT=240 run_podman build -t build_test --format=docker $tmpdir
is "$output" ".*STEP 4: COMMIT" "COMMIT seen in log"
run_podman run --rm build_test cat /$rand_filename
is "$output" "$rand_content" "reading generated file in image"
run_podman rmi -f build_test
}
# Regression from v1.5.0. This test passes fine in v1.5.0, fails in 1.6
@test "podman build - cache (#3920)" {
skip_if_remote "FIXME: pending #7136"
if is_remote && is_rootless; then
skip "unreliable with podman-remote and rootless; #2972"
fi
# Make an empty test directory, with a subdirectory used for tar
tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir/subtest || die "Could not mkdir $tmpdir/subtest"
echo "This is the ORIGINAL file" > $tmpdir/subtest/myfile1
run tar -C $tmpdir -cJf $tmpdir/myfile.tar.xz subtest
cat >$tmpdir/Dockerfile <<EOF
FROM $IMAGE
ADD myfile.tar.xz /
EOF
# One of: ADD myfile /myfile or COPY . .
run_podman build -t build_test -f $tmpdir/Dockerfile $tmpdir
is "$output" ".*STEP 3: COMMIT" "COMMIT seen in log"
if [[ "$output" =~ "Using cache" ]]; then
is "$output" "[no instance of 'Using cache']" "no cache used"
fi
iid=${lines[-1]}
run_podman run --rm build_test cat /subtest/myfile1
is "$output" "This is the ORIGINAL file" "file contents, first time"
# Step 2: Recreate the tarfile, with new content. Rerun podman build.
echo "This is a NEW file" >| $tmpdir/subtest/myfile2
run tar -C $tmpdir -cJf $tmpdir/myfile.tar.xz subtest
run_podman build -t build_test -f $tmpdir/Dockerfile $tmpdir
is "$output" ".*STEP 3: COMMIT" "COMMIT seen in log"
# Since the tarfile is modified, podman SHOULD NOT use a cached layer.
if [[ "$output" =~ "Using cache" ]]; then
is "$output" "[no instance of 'Using cache']" "no cache used"
fi
# Pre-buildah-1906, this fails with ENOENT because the tarfile was cached
run_podman run --rm build_test cat /subtest/myfile2
is "$output" "This is a NEW file" "file contents, second time"
run_podman rmi -f build_test $iid
}
@test "podman build - URLs" {
skip_if_remote "FIXME: pending #7137"
tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir
cat >$tmpdir/Dockerfile <<EOF
FROM $IMAGE
ADD https://github.com/containers/podman/blob/master/README.md /tmp/
EOF
run_podman build -t add_url $tmpdir
run_podman run --rm add_url stat /tmp/README.md
run_podman rmi -f add_url
# Now test COPY. That should fail.
sed -i -e 's/ADD/COPY/' $tmpdir/Dockerfile
run_podman 125 build -t copy_url $tmpdir
is "$output" ".*error building at STEP .*: source can't be a URL for COPY"
}
@test "podman build - workdir, cmd, env, label" {
skip_if_remote "FIXME: pending #7137"
tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir
# Random workdir, and multiple random strings to verify command & env
workdir=/$(random_string 10)
s_echo=$(random_string 15)
s_env1=$(random_string 20)
s_env2=$(random_string 25)
s_env3=$(random_string 30)
s_env4=$(random_string 40)
# Label name: make sure it begins with a letter! jq barfs if you
# try to ask it for '.foo.<N>xyz', i.e. any string beginning with digit
label_name=l$(random_string 8)
label_value=$(random_string 12)
# Command to run on container startup with no args
cat >$tmpdir/mycmd <<EOF
#!/bin/sh
PATH=/usr/bin:/bin
pwd
echo "\$1"
printenv | grep MYENV | sort | sed -e 's/^MYENV.=//'
EOF
# For overridding with --env-file
cat >$PODMAN_TMPDIR/env-file <<EOF
MYENV3=$s_env3
http_proxy=http-proxy-in-env-file
https_proxy=https-proxy-in-env-file
EOF
cat >$tmpdir/Containerfile <<EOF
FROM $IMAGE
LABEL $label_name=$label_value
RUN mkdir $workdir
WORKDIR $workdir
# Test for #7094 - chowning of invalid symlinks
RUN mkdir -p /a/b/c
RUN ln -s /no/such/nonesuch /a/b/c/badsymlink
RUN ln -s /bin/mydefaultcmd /a/b/c/goodsymlink
RUN touch /a/b/c/myfile
RUN chown -h 1:2 /a/b/c/badsymlink /a/b/c/goodsymlink && chown -h 4:5 /a/b/c/myfile
VOLUME /a/b/c
# Test for environment passing and override
ENV MYENV1=$s_env1
ENV MYENV2 this-should-be-overridden-by-env-host
ENV MYENV3 this-should-be-overridden-by-env-file
ENV MYENV4 this-should-be-overridden-by-cmdline
ENV http_proxy http-proxy-in-image
ENV ftp_proxy ftp-proxy-in-image
ADD mycmd /bin/mydefaultcmd
RUN chmod 755 /bin/mydefaultcmd
RUN chown 2:3 /bin/mydefaultcmd
CMD ["/bin/mydefaultcmd","$s_echo"]
EOF
# cd to the dir, so we test relative paths (important for podman-remote)
cd $PODMAN_TMPDIR
run_podman build -t build_test -f build-test/Containerfile build-test
local iid="${lines[-1]}"
# Run without args - should run the above script. Verify its output.
export MYENV2="$s_env2"
export MYENV3="env-file-should-override-env-host!"
run_podman run --rm \
--env-file=$PODMAN_TMPDIR/env-file \
--env-host \
-e MYENV4="$s_env4" \
build_test
is "${lines[0]}" "$workdir" "container default command: pwd"
is "${lines[1]}" "$s_echo" "container default command: output from echo"
is "${lines[2]}" "$s_env1" "container default command: env1"
is "${lines[3]}" "$s_env2" "container default command: env2"
is "${lines[4]}" "$s_env3" "container default command: env3 (from envfile)"
is "${lines[5]}" "$s_env4" "container default command: env4 (from cmdline)"
# Proxies - environment should override container, but not env-file
http_proxy=http-proxy-from-env ftp_proxy=ftp-proxy-from-env \
run_podman run --rm --env-file=$PODMAN_TMPDIR/env-file \
build_test \
printenv http_proxy https_proxy ftp_proxy
is "${lines[0]}" "http-proxy-in-env-file" "env-file overrides env"
is "${lines[1]}" "https-proxy-in-env-file" "env-file sets proxy var"
is "${lines[2]}" "ftp-proxy-from-env" "ftp-proxy is passed through"
# test that workdir is set for command-line commands also
run_podman run --rm build_test pwd
is "$output" "$workdir" "pwd command in container"
# Confirm that 'podman inspect' shows the expected values
# FIXME: can we rely on .Env[0] being PATH, and the rest being in order??
run_podman image inspect build_test
tests="
Env[1] | MYENV1=$s_env1
Env[2] | MYENV2=this-should-be-overridden-by-env-host
Env[3] | MYENV3=this-should-be-overridden-by-env-file
Env[4] | MYENV4=this-should-be-overridden-by-cmdline
Cmd[0] | /bin/mydefaultcmd
Cmd[1] | $s_echo
WorkingDir | $workdir
Labels.$label_name | $label_value
"
parse_table "$tests" | while read field expect; do
actual=$(jq -r ".[0].Config.$field" <<<"$output")
dprint "# actual=<$actual> expect=<$expect}>"
is "$actual" "$expect" "jq .Config.$field"
done
# Bad symlink in volume. Prior to #7094, well, we wouldn't actually
# get here because any 'podman run' on a volume that had symlinks,
# be they dangling or valid, would barf with
# Error: chown <mountpath>/_data/symlink: ENOENT
run_podman run --rm build_test stat -c'%u:%g:%N' /a/b/c/badsymlink
is "$output" "1:2:'/a/b/c/badsymlink' -> '/no/such/nonesuch'" \
"bad symlink to nonexistent file is chowned and preserved"
run_podman run --rm build_test stat -c'%u:%g:%N' /a/b/c/goodsymlink
is "$output" "1:2:'/a/b/c/goodsymlink' -> '/bin/mydefaultcmd'" \
"good symlink to existing file is chowned and preserved"
run_podman run --rm build_test stat -c'%u:%g' /bin/mydefaultcmd
is "$output" "2:3" "target of symlink is not chowned"
run_podman run --rm build_test stat -c'%u:%g:%N' /a/b/c/myfile
is "$output" "4:5:/a/b/c/myfile" "file in volume is chowned"
# Hey, as long as we have an image with lots of layers, let's
# confirm that 'image tree' works as expected
run_podman image tree build_test
is "${lines[0]}" "Image ID: ${iid:0:12}" \
"image tree: first line"
is "${lines[1]}" "Tags: \[localhost/build_test:latest]" \
"image tree: second line"
is "${lines[2]}" "Size: [0-9.]\+[kM]B" \
"image tree: third line"
is "${lines[3]}" "Image Layers" \
"image tree: fourth line"
is "${lines[4]}" "... ID: [0-9a-f]\{12\} Size: .* Top Layer of: \[$IMAGE]" \
"image tree: first layer line"
is "${lines[-1]}" "... ID: [0-9a-f]\{12\} Size: .* Top Layer of: \[localhost/build_test:latest]" \
"image tree: last layer line"
# Clean up
run_podman rmi -f build_test
}
@test "podman build - stdin test" {
skip_if_remote "FIXME: pending #7136"
# Random workdir, and random string to verify build output
workdir=/$(random_string 10)
random_echo=$(random_string 15)
PODMAN_TIMEOUT=240 run_podman build -t build_test - << EOF
FROM $IMAGE
RUN mkdir $workdir
WORKDIR $workdir
RUN /bin/echo $random_echo
EOF
is "$output" ".*STEP 5: COMMIT" "COMMIT seen in log"
is "$output" ".*STEP .: RUN /bin/echo $random_echo"
run_podman run --rm build_test pwd
is "$output" "$workdir" "pwd command in container"
run_podman rmi -f build_test
}
function teardown() {
# A timeout or other error in 'build' can leave behind stale images
# that podman can't even see and which will cascade into subsequent
# test failures. Try a last-ditch force-rm in cleanup, ignoring errors.
run_podman '?' rm -a -f
run_podman '?' rmi -f build_test
basic_teardown
}
# vim: filetype=sh
Reference in a new issue View git blame Copy permalink