opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-17 15:18:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

System tests: add test tags

Browse Source 
[
  Clean cherry-pick of #19302. This is a low-risk change
  with potentially very high ROI: the opportunity to catch
  interaction problems with updates in other system components.
]

BATS 1.8.0 introduces tags: metadata that can be applied to
a single test or one entire file, then used for filtering
in a test run.

Issue #19299 introduces the possibility of using OpenQA
for podman reverse dependency testing: continuous CI on
all packages that can affect podman, so we don't go two
months with no bodhi builds then get caught by surprise
when systemd or kernel or crun change in ways that break us.

This PR introduces one bats tag, "distro-integration".
The intention is for OpenQA (or other) tests to install
the podman-tests package and run:

    bats --filter-tags distro-integration /usr/share/podman/test/system

Goal is to keep the test list short and sweet: we do not
need to test command-line option parsing. We *DO* need to
test interactions with systemd, kernel, nethack, and other
critical components.

Signed-off-by: Ed Santiago <santiago@redhat.com>
This commit is contained in:
Ed Santiago
2023-07-20 15:01:13 -06:00
parent 2b6baf9506
commit 5831bd68bf
18 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hack/bats
View File

@ -23,6 +23,9 @@ $0 is a wrapper for invoking podman system tests.
runs only subtests within FILENAME-PATTERH whose names runs only subtests within FILENAME-PATTERH whose names
match that string. match that string.
--tag=TAG Passed on to bats as '--filter-tags TAG'
As of 2023-07-26 the only tag used is 'distro-integration'
-T Passed on to bats, which will then show timing data -T Passed on to bats, which will then show timing data
--help display usage message --help display usage message
@ -83,6 +86,7 @@ for i;do
--rootless) TEST_ROOT= ;; --rootless) TEST_ROOT= ;;
--remote) REMOTE=remote ;; --remote) REMOTE=remote ;;
--ts|-T) bats_opts+=("-T") ;; --ts|-T) bats_opts+=("-T") ;;
--tag=*) bats_filter=("--filter-tags" "$value") ;;
*/*.bats) TESTS=$i ;; */*.bats) TESTS=$i ;;
*) *)
if [[ $i =~ : ]]; then if [[ $i =~ : ]]; then

3
test/system/001-basic.bats
View File

@ -13,6 +13,7 @@ function setup() {
#### DO NOT ADD ANY TESTS HERE! ADD NEW TESTS AT BOTTOM! #### DO NOT ADD ANY TESTS HERE! ADD NEW TESTS AT BOTTOM!
# bats test_tags=distro-integration
@test "podman version emits reasonable output" { @test "podman version emits reasonable output" {
run_podman version run_podman version
@ -38,6 +39,7 @@ function setup() {
is "$output" ".*The --config flag is ignored by Podman. Exists for Docker compatibility\+" "verify warning for --config option" is "$output" ".*The --config flag is ignored by Podman. Exists for Docker compatibility\+" "verify warning for --config option"
} }
# bats test_tags=distro-integration
@test "podman info" { @test "podman info" {
# These will be displayed on the test output stream, offering an # These will be displayed on the test output stream, offering an
# at-a-glance overview of important system configuration details # at-a-glance overview of important system configuration details
@ -71,6 +73,7 @@ function setup() {
"--context=swarm should fail" "--context=swarm should fail"
} }
# bats test_tags=distro-integration
@test "podman can pull an image" { @test "podman can pull an image" {
run_podman rmi -a -f run_podman rmi -a -f

3
test/system/030-run.bats
View File

@ -3,6 +3,7 @@
load helpers load helpers
load helpers.network load helpers.network
# bats test_tags=distro-integration
@test "podman run - basic tests" { @test "podman run - basic tests" {
rand=$(random_string 30) rand=$(random_string 30)
@ -296,6 +297,7 @@ echo $rand | 0 | $rand
} }
# #6829 : add username to /etc/passwd inside container if --userns=keep-id # #6829 : add username to /etc/passwd inside container if --userns=keep-id
# bats test_tags=distro-integration
@test "podman run : add username to /etc/passwd if --userns=keep-id" { @test "podman run : add username to /etc/passwd if --userns=keep-id" {
skip_if_not_rootless "--userns=keep-id only works in rootless mode" skip_if_not_rootless "--userns=keep-id only works in rootless mode"
# Default: always run as root # Default: always run as root
@ -695,6 +697,7 @@ json-file | f
# https://github.com/containers/podman/issues/9096 # https://github.com/containers/podman/issues/9096
# podman exec may truncate stdout/stderr; actually a bug in conmon: # podman exec may truncate stdout/stderr; actually a bug in conmon:
# https://github.com/containers/conmon/issues/236 # https://github.com/containers/conmon/issues/236
# bats test_tags=distro-integration
@test "podman run - does not truncate or hang with big output" { @test "podman run - does not truncate or hang with big output" {
# Size, in bytes, to dd and to expect in return # Size, in bytes, to dd and to expect in return
char_count=700000 char_count=700000

1
test/system/032-sig-proxy.bats
View File

@ -5,6 +5,7 @@ load helpers.sig-proxy
# Each of the tests below does some setup, then invokes the helper from helpers.sig-proxy.bash. # Each of the tests below does some setup, then invokes the helper from helpers.sig-proxy.bash.
# bats test_tags=distro-integration
@test "podman sigproxy test: run" { @test "podman sigproxy test: run" {
# We're forced to use $PODMAN because run_podman cannot be backgrounded # We're forced to use $PODMAN because run_podman cannot be backgrounded
$PODMAN run -i --name c_run $IMAGE sh -c "$SLEEPLOOP" & $PODMAN run -i --name c_run $IMAGE sh -c "$SLEEPLOOP" &

2
test/system/035-logs.bats
View File

@ -337,6 +337,7 @@ timeout: sending signal TERM to command.*" "logs --since -f on running container
_log_test_follow_since k8s-file _log_test_follow_since k8s-file
} }
# bats test_tags=distro-integration
@test "podman logs - --since --follow journald" { @test "podman logs - --since --follow journald" {
# We can't use journald on RHEL as rootless: rhbz#1895105 # We can't use journald on RHEL as rootless: rhbz#1895105
skip_if_journald_unavailable skip_if_journald_unavailable
@ -379,6 +380,7 @@ $content--2.*" "logs --until -f on running container works"
_log_test_follow_until k8s-file _log_test_follow_until k8s-file
} }
# bats test_tags=distro-integration
@test "podman logs - --until --follow journald" { @test "podman logs - --until --follow journald" {
# We can't use journald on RHEL as rootless: rhbz#1895105 # We can't use journald on RHEL as rootless: rhbz#1895105
skip_if_journald_unavailable skip_if_journald_unavailable

2
test/system/070-build.bats
View File

@ -6,6 +6,7 @@
load helpers load helpers
# bats test_tags=distro-integration
@test "podman build - basic test" { @test "podman build - basic test" {
rand_filename=$(random_string 20) rand_filename=$(random_string 20)
rand_content=$(random_string 50) rand_content=$(random_string 50)
@ -272,6 +273,7 @@ EOF
} }
# bats test_tags=distro-integration
@test "podman build - workdir, cmd, env, label" { @test "podman build - workdir, cmd, env, label" {
tmpdir=$PODMAN_TMPDIR/build-test tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir mkdir -p $tmpdir

2
test/system/075-exec.bats
View File

@ -5,6 +5,7 @@
load helpers load helpers
# bats test_tags=distro-integration
@test "podman exec - basic test" { @test "podman exec - basic test" {
rand_filename=$(random_string 20) rand_filename=$(random_string 20)
rand_content=$(random_string 50) rand_content=$(random_string 50)
@ -43,6 +44,7 @@ load helpers
run_podman rm $cid run_podman rm $cid
} }
# bats test_tags=distro-integration
@test "podman exec - leak check" { @test "podman exec - leak check" {
skip_if_remote "test is meaningless over remote" skip_if_remote "test is meaningless over remote"

2
test/system/080-pause.bats
View File

@ -5,6 +5,7 @@
load helpers load helpers
# bats test_tags=distro-integration
@test "podman pause/unpause" { @test "podman pause/unpause" {
if is_rootless && ! is_cgroupsv2; then if is_rootless && ! is_cgroupsv2; then
skip "'podman pause' (rootless) only works with cgroups v2" skip "'podman pause' (rootless) only works with cgroups v2"
@ -58,6 +59,7 @@ load helpers
run_podman 125 unpause $cname run_podman 125 unpause $cname
} }
# bats test_tags=distro-integration
@test "podman unpause --all" { @test "podman unpause --all" {
if is_rootless && ! is_cgroupsv2; then if is_rootless && ! is_cgroupsv2; then
skip "'podman pause' (rootless) only works with cgroups v2" skip "'podman pause' (rootless) only works with cgroups v2"

3
test/system/090-events.bats
View File

@ -5,6 +5,7 @@
load helpers load helpers
# bats test_tags=distro-integration
@test "events with a filter by label" { @test "events with a filter by label" {
cname=test-$(random_string 30 | tr A-Z a-z) cname=test-$(random_string 30 | tr A-Z a-z)
labelname=$(random_string 10) labelname=$(random_string 10)
@ -141,6 +142,7 @@ function _events_disjunctive_filters() {
_events_disjunctive_filters "" _events_disjunctive_filters ""
} }
# bats test_tags=distro-integration
@test "events with events_logfile_path in containers.conf" { @test "events with events_logfile_path in containers.conf" {
skip_if_remote "remote does not support --events-backend" skip_if_remote "remote does not support --events-backend"
events_file=$PODMAN_TMPDIR/events.log events_file=$PODMAN_TMPDIR/events.log
@ -162,6 +164,7 @@ function _populate_events_file() {
done done
} }
# bats test_tags=distro-integration
@test "events log-file rotation" { @test "events log-file rotation" {
skip_if_remote "setting CONTAINERS_CONF_OVERRIDE logger options does not affect remote client" skip_if_remote "setting CONTAINERS_CONF_OVERRIDE logger options does not affect remote client"

1
test/system/130-kill.bats
View File

@ -5,6 +5,7 @@
load helpers load helpers
# bats test_tags=distro-integration
@test "podman kill - test signal handling in containers" { @test "podman kill - test signal handling in containers" {
# Prepare for 'logs -f' # Prepare for 'logs -f'

1
test/system/160-volumes.bats
View File

@ -395,6 +395,7 @@ EOF
is "$output" "" "no more volumes to prune" is "$output" "" "no more volumes to prune"
} }
# bats test_tags=distro-integration
@test "podman volume type=bind" { @test "podman volume type=bind" {
myvoldir=${PODMAN_TMPDIR}/volume_$(random_string) myvoldir=${PODMAN_TMPDIR}/volume_$(random_string)
mkdir $myvoldir mkdir $myvoldir

2
test/system/170-run-userns.bats
View File

@ -3,6 +3,8 @@
# #
# Tests for podman build # Tests for podman build
# #
# bats file_tags=distro-integration
#
load helpers load helpers

2
test/system/180-blkio.bats
View File

@ -2,6 +2,8 @@
# #
# podman blkio-related tests # podman blkio-related tests
# #
# bats file_tags=distro-integration
#
load helpers load helpers

2
test/system/190-run-ipcns.bats
View File

@ -3,6 +3,8 @@
# #
# Tests for podman build # Tests for podman build
# #
# bats file_tags=distro-integration
#
load helpers load helpers

1
test/system/195-run-namesapces.bats → test/system/195-run-namespaces.bats
View File

@ -5,6 +5,7 @@
load helpers load helpers
# bats test_tags=distro-integration
@test "podman test all namespaces" { @test "podman test all namespaces" {
# format is nsname | option name # format is nsname | option name
tests=" tests="

3
test/system/260-sdnotify.bats
View File

@ -103,6 +103,7 @@ function _assert_mainpid_is_conmon() {
_stop_socat _stop_socat
} }
# bats test_tags=distro-integration
@test "sdnotify : conmon" { @test "sdnotify : conmon" {
export NOTIFY_SOCKET=$PODMAN_TMPDIR/conmon.sock export NOTIFY_SOCKET=$PODMAN_TMPDIR/conmon.sock
_start_socat _start_socat
@ -141,6 +142,7 @@ READY=1" "sdnotify sent MAINPID and READY"
# These tests can fail in dev. environment because of SELinux. # These tests can fail in dev. environment because of SELinux.
# quick fix: chcon -t container_runtime_exec_t ./bin/podman # quick fix: chcon -t container_runtime_exec_t ./bin/podman
# bats test_tags=distro-integration
@test "sdnotify : container" { @test "sdnotify : container" {
_prefetch $SYSTEMD_IMAGE _prefetch $SYSTEMD_IMAGE
@ -393,6 +395,7 @@ spec:
" > $fname " > $fname
} }
# bats test_tags=distro-integration
@test "podman kube play - exit-code propagation" { @test "podman kube play - exit-code propagation" {
fname=$PODMAN_TMPDIR/$(random_string).yaml fname=$PODMAN_TMPDIR/$(random_string).yaml

9
test/system/410-selinux.bats
View File

@ -34,26 +34,32 @@ function check_label() {
} }
# bats test_tags=distro-integration
@test "podman selinux: confined container" { @test "podman selinux: confined container" {
check_label "" "container_t" check_label "" "container_t"
} }
# FIXME #19376 - container-selinux broken -- bats test_tags=distro-integration
@test "podman selinux: container with label=disable" { @test "podman selinux: container with label=disable" {
check_label "--security-opt label=disable" "spc_t" check_label "--security-opt label=disable" "spc_t"
} }
# FIXME #19376 - container-selinux broken -- bats test_tags=distro-integration
@test "podman selinux: privileged container" { @test "podman selinux: privileged container" {
check_label "--privileged --userns=host" "spc_t" check_label "--privileged --userns=host" "spc_t"
} }
# bats test_tags=distro-integration
@test "podman selinux: init container" { @test "podman selinux: init container" {
check_label "--systemd=always" "container_init_t" check_label "--systemd=always" "container_init_t"
} }
# bats test_tags=distro-integration
@test "podman selinux: init container with --security-opt type" { @test "podman selinux: init container with --security-opt type" {
check_label "--systemd=always --security-opt=label=type:spc_t" "spc_t" check_label "--systemd=always --security-opt=label=type:spc_t" "spc_t"
} }
# bats test_tags=distro-integration
@test "podman selinux: init container with --security-opt level&type" { @test "podman selinux: init container with --security-opt level&type" {
check_label "--systemd=always --security-opt=label=level:s0:c1,c2 --security-opt=label=type:spc_t" "spc_t" "s0:c1,c2" check_label "--systemd=always --security-opt=label=level:s0:c1,c2 --security-opt=label=type:spc_t" "spc_t" "s0:c1,c2"
} }
@ -62,6 +68,7 @@ function check_label() {
check_label "--systemd=always --security-opt=label=level:s0:c1,c2" "container_init_t" "s0:c1,c2" check_label "--systemd=always --security-opt=label=level:s0:c1,c2" "container_init_t" "s0:c1,c2"
} }
# FIXME #19376 - container-selinux broken -- bats test_tags=distro-integration
@test "podman selinux: pid=host" { @test "podman selinux: pid=host" {
# FIXME this test fails when run rootless with runc: # FIXME this test fails when run rootless with runc:
# Error: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: readonly path /proc/asound: operation not permitted: OCI permission denied # Error: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: readonly path /proc/asound: operation not permitted: OCI permission denied
@ -153,6 +160,7 @@ function check_label() {
} }
# pr #7902 - containers in pods should all run under same context # pr #7902 - containers in pods should all run under same context
# bats test_tags=distro-integration
@test "podman selinux: containers in pods share full context" { @test "podman selinux: containers in pods share full context" {
skip_if_no_selinux skip_if_no_selinux
@ -226,6 +234,7 @@ function check_label() {
is "$output" "Error.*: $expect" "podman emits useful diagnostic on failure" is "$output" "Error.*: $expect" "podman emits useful diagnostic on failure"
} }
# bats test_tags=distro-integration
@test "podman selinux: check relabel" { @test "podman selinux: check relabel" {
skip_if_no_selinux skip_if_no_selinux

1
test/system/500-networking.bats
View File

@ -449,6 +449,7 @@ load helpers.network
} }
# Test for https://github.com/containers/podman/issues/10052 # Test for https://github.com/containers/podman/issues/10052
# bats test_tags=distro-integration
@test "podman network connect/disconnect with port forwarding" { @test "podman network connect/disconnect with port forwarding" {
random_1=$(random_string 30) random_1=$(random_string 30)
HOST_PORT=$(random_free_port) HOST_PORT=$(random_free_port)