opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-07-04 01:48:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Build and use a newer systemd image

Browse Source 
...based on f37, not f31. And make it fedora-minimal so it's
smaller. And clean up dnf so it's even smaller. And tag it
with our proper YMD tag, and commit the script that builds it.

This broke the system-df tests. In the process of resolving
that, I found those tests a little lacking. So, improve their
coverage a little bit.

Signed-off-by: Ed Santiago <santiago@redhat.com>
This commit is contained in:
Ed Santiago
2022-12-06 08:03:41 -07:00
parent aff018244a
commit 16b595c32c
5 changed files with 139 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
test/system/255-auto-update.bats
View File

@ -31,8 +31,7 @@ function teardown() {
quay.io/libpod/busybox:latest \
quay.io/libpod/localtest:latest \
quay.io/libpod/autoupdatebroken:latest \
quay.io/libpod/test:latest \
quay.io/libpod/fedora:31
quay.io/libpod/test:latest
# The rollback tests may leave some dangling images behind, so let's prune
# them to leave a clean state.
@ -267,7 +266,7 @@ function _confirm_update() {
dockerfile1=$PODMAN_TMPDIR/Dockerfile.1
cat >$dockerfile1 <<EOF
FROM quay.io/libpod/fedora:31
FROM $SYSTEMD_IMAGE
RUN echo -e "#!/bin/sh\n\
printenv NOTIFY_SOCKET; echo READY; systemd-notify --ready;\n\
trap 'echo Received SIGTERM, finishing; exit' SIGTERM; echo WAITING; while :; do sleep 0.1; done" \
@ -277,7 +276,7 @@ EOF
dockerfile2=$PODMAN_TMPDIR/Dockerfile.2
cat >$dockerfile2 <<EOF
FROM quay.io/libpod/fedora:31
FROM $SYSTEMD_IMAGE
RUN echo -e "#!/bin/sh\n\
exit 1" >> /runme
RUN chmod +x /runme
@ -446,7 +445,7 @@ EOF
dockerfile1=$PODMAN_TMPDIR/Dockerfile.1
cat >$dockerfile1 <<EOF
FROM quay.io/libpod/fedora:31
FROM $SYSTEMD_IMAGE
RUN echo -e "#!/bin/sh\n\
printenv NOTIFY_SOCKET; echo READY; systemd-notify --ready;\n\
trap 'echo Received SIGTERM, finishing; exit' SIGTERM; echo WAITING; while :; do sleep 0.1; done" \
@ -456,7 +455,7 @@ EOF
dockerfile2=$PODMAN_TMPDIR/Dockerfile.2
cat >$dockerfile2 <<EOF
FROM quay.io/libpod/fedora:31
FROM $SYSTEMD_IMAGE
RUN echo -e "#!/bin/sh\n\
exit 1" >> /runme
RUN chmod +x /runme

31
test/system/260-sdnotify.bats
View File

@ -144,20 +144,15 @@ READY=1" "sdnotify sent MAINPID and READY"
# These tests can fail in dev. environment because of SELinux.
# quick fix: chcon -t container_runtime_exec_t ./bin/podman
@test "sdnotify : container" {
# Sigh... we need to pull a humongous image because it has systemd-notify.
# (IMPORTANT: fedora:32 and above silently removed systemd-notify; this
# caused CI to hang. That's why we explicitly require fedora:31)
# FIXME: is there a smaller image we could use?
local _FEDORA="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/fedora:31"
# Pull that image. Retry in case of flakes.
run_podman pull $_FEDORA || \
run_podman pull $_FEDORA || \
run_podman pull $_FEDORA
# Pull our systemd image. Retry in case of flakes.
run_podman pull $SYSTEMD_IMAGE || \
run_podman pull $SYSTEMD_IMAGE || \
run_podman pull $SYSTEMD_IMAGE
export NOTIFY_SOCKET=$PODMAN_TMPDIR/container.sock
_start_socat
run_podman run -d --sdnotify=container $_FEDORA \
run_podman run -d --sdnotify=container $SYSTEMD_IMAGE \
sh -c 'printenv NOTIFY_SOCKET; echo READY; while ! test -f /stop;do sleep 0.1;done;systemd-notify --ready'
cid="$output"
wait_for_ready $cid
@ -191,7 +186,6 @@ READY=1" "sdnotify sent MAINPID and READY"
READY=1"
run_podman rm $cid
run_podman rmi $_FEDORA
_stop_socat
}
@ -250,15 +244,10 @@ READY=1" "sdnotify sent MAINPID and READY"
}
@test "sdnotify : play kube - with policies" {
# Sigh... we need to pull a humongous image because it has systemd-notify.
# (IMPORTANT: fedora:32 and above silently removed systemd-notify; this
# caused CI to hang. That's why we explicitly require fedora:31)
# FIXME: is there a smaller image we could use?
local _FEDORA="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/fedora:31"
# Pull that image. Retry in case of flakes.
run_podman pull $_FEDORA || \
run_podman pull $_FEDORA || \
run_podman pull $_FEDORA
run_podman pull $SYSTEMD_IMAGE || \
run_podman pull $SYSTEMD_IMAGE || \
run_podman pull $SYSTEMD_IMAGE
# Create the YAMl file
yaml_source="$PODMAN_TMPDIR/test.yaml"
@ -279,7 +268,7 @@ spec:
- /bin/sh
- -c
- 'printenv NOTIFY_SOCKET; while ! test -f /stop;do sleep 0.1;done'
image: $_FEDORA
image: $SYSTEMD_IMAGE
name: a
- command:
- /bin/sh
@ -360,7 +349,7 @@ READY=1" "sdnotify sent MAINPID and READY"
# Clean up pod and pause image
run_podman play kube --down $yaml_source
run_podman rmi $_FEDORA $(pause_image)
run_podman rmi $(pause_image)
}
# vim: filetype=sh

50
test/system/320-system-df.bats
View File

@ -5,6 +5,15 @@
load helpers
function setup() {
# Depending on which tests have been run prior to getting here, there
# may be one or two images loaded. We want only '$IMAGE', not the
# systemd one.
run_podman rmi -f $SYSTEMD_IMAGE
basic_setup
}
function teardown() {
basic_teardown
@ -30,10 +39,45 @@ function teardown() {
}
@test "podman system df --format json functionality" {
# Run two dummy containers, one which exits, one which stays running
run_podman run --name stoppedcontainer $IMAGE true
run_podman run -d --name runningcontainer $IMAGE top
run_podman system df --format json
is "$output" '.*"TotalCount": 1' "Exactly one image"
is "$output" '.*"RawSize": 0' "RawSize reported"
is "$output" '.*"Size": "0B"' "Size reported"
local results="$output"
# FIXME: we can't check exact RawSize or Size because every CI system
# computes a different value: 12701526, 12702113, 12706209... and
# those are all amd64. aarch64 gets 12020148, 12019561.
#
# WARNING: RawSize and Size tests may fail if $IMAGE is updated. Since
# that tends to be done yearly or less, and only by Ed, that's OK.
local tests='
Type | Images | Containers | Local Volumes
Total | 1 | 2 | 0
Active | 1 | 1 | 0
RawSize | ~12...... | 0 | 0
RawReclaimable | 0 | 0 | 0
TotalCount | 1 | 2 | 0
Size | ~12.*MB | 0B | 0B
'
while read -a fields; do
for i in 0 1 2;do
expect="${fields[$((i+1))]}"
actual=$(jq -r ".[$i].${fields[0]}" <<<"$results")
# Do exact-match check, unless the expect term starts with ~
op='='
if [[ "$expect" =~ ^~ ]]; then
op='=~'
expect=${expect##\~}
fi
assert "$actual" "$op" "$expect" "system df[$i].${fields[0]}"
done
done < <(parse_table "$tests")
# Clean up
run_podman rm -f -t 0 stoppedcontainer runningcontainer
}
@test "podman system df - with active containers and volumes" {

67
test/system/build-systemd-image Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#
# build-systemd-image - script for producing a test image with systemd
#
# Based on the build-testimage script. This script builds a fedora-based
# image with systemd in it, for use in systemd-based tests.
#
# Podman binary to use
PODMAN=${PODMAN:-$(pwd)/bin/podman}
# Tag for this new image
YMD=$(date +%Y%m%d)
# git-relative path to this script
create_script=$(cd $(dirname $0) && git ls-files --full-name $(basename $0))
if [ -z "$create_script" ]; then
create_script=$0
fi
# Creation timestamp, Zulu time
create_time_t=$(date +%s)
create_time_z=$(env TZ=UTC date --date=@$create_time_t +'%Y-%m-%dT%H:%M:%SZ')
set -ex
# We'll need to create a Containerfile plus various other files to add in
tmpdir=$(mktemp -t -d $(basename $0).tmp.XXXXXXX)
cd $tmpdir
echo $YMD >testimage-id
cat >Containerfile <<EOF
FROM registry.fedoraproject.org/fedora-minimal:37
LABEL created_by=$create_script
LABEL created_at=$create_time_z
RUN microdnf install -y systemd && microdnf clean all
ADD testimage-id /home/podman/
WORKDIR /home/podman
CMD ["/bin/echo", "This image is intended for podman CI testing"]
EOF
# Start from scratch
testimg_base=quay.io/libpod/systemd-image
testimg=${testimg_base}:$YMD
$PODMAN rmi -f $testimg &> /dev/null || true
# Arch emulation on Fedora requires the qemu-user-static package.
for arch in amd64 arm64 ppc64le s390x;do
$PODMAN build \
--arch=$arch \
--squash-all \
--timestamp=$create_time_t \
--manifest=$testimg \
.
done
# Clean up
cd /tmp
rm -rf $tmpdir
# Tag image and push (all arches) to quay.
cat <<EOF
If you're happy with this image, run:
podman manifest push --all ${testimg} docker://${testimg}
EOF

11
test/system/helpers.bash
View File

@ -12,6 +12,11 @@ PODMAN_TEST_IMAGE_TAG=${PODMAN_TEST_IMAGE_TAG:-"20221018"}
PODMAN_TEST_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_TEST_IMAGE_NAME:$PODMAN_TEST_IMAGE_TAG"
PODMAN_TEST_IMAGE_ID=
# Larger image containing systemd tools.
PODMAN_SYSTEMD_IMAGE_NAME=${PODMAN_SYSTEMD_IMAGE_NAME:-"systemd-image"}
PODMAN_SYSTEMD_IMAGE_TAG=${PODMAN_SYSTEMD_IMAGE_TAG:-"20221206"}
PODMAN_SYSTEMD_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$PODMAN_SYSTEMD_IMAGE_NAME:$PODMAN_SYSTEMD_IMAGE_TAG"
# Remote image that we *DO NOT* fetch or keep by default; used for testing pull
# This has changed in 2021, from 0 through 3, various iterations of getting
# multiarch to work. It should change only very rarely.
@ -20,6 +25,7 @@ PODMAN_NONLOCAL_IMAGE_FQN="$PODMAN_TEST_IMAGE_REGISTRY/$PODMAN_TEST_IMAGE_USER/$
# Because who wants to spell that out each time?
IMAGE=$PODMAN_TEST_IMAGE_FQN
SYSTEMD_IMAGE=$PODMAN_SYSTEMD_IMAGE_FQN
# Default timeout for a podman command.
PODMAN_TIMEOUT=${PODMAN_TIMEOUT:-120}
@ -55,12 +61,15 @@ function basic_setup() {
run_podman images --all --format '{{.Repository}}:{{.Tag}} {{.ID}}'
for line in "${lines[@]}"; do
set $line
if [ "$1" == "$PODMAN_TEST_IMAGE_FQN" ]; then
if [[ "$1" == "$PODMAN_TEST_IMAGE_FQN" ]]; then
if [[ -z "$PODMAN_TEST_IMAGE_ID" ]]; then
# This will probably only trigger the 2nd time through setup
PODMAN_TEST_IMAGE_ID=$2
fi
found_needed_image=1
elif [[ "$1" == "$PODMAN_SYSTEMD_IMAGE_FQN" ]]; then
# This is a big image, don't force unnecessary pulls
:
else
# Always remove image that doesn't match by name
echo "# setup(): removing stray image $1" >&3