Quadlet - add support for KubeDownForce

Allow users to set --force for Stop command Add doc and tests Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
2025-06-20 00:51:16 +08:00 · 2023-10-16 08:51:52 +03:00
parent 5853e2bee9
commit 5d5facbd79
5 changed files with 103 additions and 1 deletions
--- a/docs/source/markdown/podman-systemd.unit.5.md
+++ b/docs/source/markdown/podman-systemd.unit.5.md
@ -640,6 +640,7 @@ Valid options for `[Kube]` are listed below:
 | ConfigMap=/tmp/config.map           | --config-map /tmp/config.map                                     |
 | ContainersConfModule=/etc/nvd\.conf | --module=/etc/nvd\.conf                                          |
 | GlobalArgs=--log-level=debug        | --log-level=debug                                                |
+| KubeDownForce=true                  | -force (for `podman kube down`)                                  |
 | LogDriver=journald                  | --log-driver journald                                            |
 | Network=host                        | --net host                                                       |
 | PodmanArgs=\-\-annotation=key=value | --annotation=key=value                                           |
@ -696,6 +697,10 @@ escaped to allow inclusion of whitespace and other control characters.

 This key can be listed multiple times.

+### `KubeDownForce=`
+
+Remove all resources when calling `podman kube down`.
+Equivalent to the Podman `--force` option.

 ### `LogDriver=`

--- a/pkg/systemd/quadlet/quadlet.go
+++ b/pkg/systemd/quadlet/quadlet.go
@ -90,6 +90,7 @@ const (
 	KeyIP                    = "IP"
 	KeyIP6                   = "IP6"
 	KeyImage                 = "Image"
+	KeyKubeDownForce         = "KubeDownForce"
 	KeyLabel                 = "Label"
 	KeyLogDriver             = "LogDriver"
 	KeyMask                  = "Mask"
@ -264,6 +265,7 @@ var (
 		KeyContainersConfModule: true,
 		KeyExitCodePropagation:  true,
 		KeyGlobalArgs:           true,
+		KeyKubeDownForce:        true,
 		KeyLogDriver:            true,
 		KeyNetwork:              true,
 		KeyPodmanArgs:           true,
@ -1139,7 +1141,14 @@ func ConvertKube(kube *parser.UnitFile, names map[string]string, isUser bool) (*
 	// Use `ExecStopPost` to make sure cleanup happens even in case of
 	// errors; otherwise containers, pods, etc. would be left behind.
 	execStop := createBasePodmanCommand(kube, KubeGroup)
-	execStop.add("kube", "down", yamlPath)
+
+	execStop.add("kube", "down")
+
+	if kubeDownForce, ok := kube.LookupBoolean(KubeGroup, KeyKubeDownForce); ok {
+		execStop.addBool("--force", kubeDownForce)
+	}
+
+	execStop.add(yamlPath)
 	service.AddCmdline(ServiceGroup, "ExecStopPost", execStop.Args)

 	err = handleSetWorkingDirectory(kube, service)
--- a/test/e2e/quadlet/downforce.kube
+++ b/test/e2e/quadlet/downforce.kube
@ -0,0 +1,8 @@
+## assert-podman-stop-post-args "kube"
+## assert-podman-stop-post-args "down"
+## assert-podman-stop-post-args "--force"
+## assert-podman-stop-post-final-args-regex .*/podman_test.*/quadlet/deployment.yml
+
+[Kube]
+Yaml=deployment.yml
+KubeDownForce=true
--- a/test/e2e/quadlet_test.go
+++ b/test/e2e/quadlet_test.go
@ -765,6 +765,7 @@ BOGUS=foo
 		Entry("Kube - global args", "globalargs.kube", 0, ""),
 		Entry("Kube - Containers Conf Modules", "containersconfmodule.kube", 0, ""),
 		Entry("Kube - Service Type=oneshot", "oneshot.kube", 0, ""),
+		Entry("Kube - Down force", "downforce.kube", 0, ""),

 		Entry("Network - Basic", "basic.network", 0, ""),
 		Entry("Network - Disable DNS", "disable-dns.network", 0, ""),
--- a/test/system/252-quadlet.bats
+++ b/test/system/252-quadlet.bats
@ -1246,4 +1246,83 @@ EOF
    run_podman rmi --ignore $(pause_image)
 }

+@test "quadlet - kube down force" {
+    local test_random_string=$(random_string)
+
+    local quadlet_kube_volume_name=test-volume_$test_random_string
+    local pod_name="test_pod_$test_random_string"
+    local container_name="test"
+    local quadlet_kube_pod_yaml_file=$PODMAN_TMPDIR/pod_$test_random_string.yaml
+    cat > $quadlet_kube_pod_yaml_file <<EOF
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: $quadlet_kube_volume_name
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  labels:
+    app: test
+  name: $pod_name
+spec:
+  containers:
+  - command:
+    - "sh"
+    args:
+    - "-c"
+    - "echo STARTED CONTAINER; top -b"
+    image: $IMAGE
+    name: $container_name
+    volumeMounts:
+    - name: storage
+      mountPath: /mnt/storage
+  volumes:
+  - name: storage
+    persistentVolumeClaim:
+      claimName: $quadlet_kube_volume_name
+EOF
+
+    local quadlet_kube_pod_unit_file=$PODMAN_TMPDIR/pod_$test_random_string.kube
+    cat > $quadlet_kube_pod_unit_file <<EOF
+[Kube]
+Yaml=$quadlet_kube_pod_yaml_file
+KubeDownForce=true
+EOF
+
+    # Have quadlet create the systemd unit file for the pod unit
+    run_quadlet "$quadlet_kube_pod_unit_file" "$quadlet_tmpdir"
+    local pod_service=$QUADLET_SERVICE_NAME
+
+    # Volume should not exist
+    run_podman 1 volume exists ${quadlet_kube_volume_name}
+
+    service_setup $pod_service
+
+    # Volume should exist
+    run_podman volume exists ${quadlet_kube_volume_name}
+
+    run_podman container inspect --format "{{(index .Mounts 0).Type}}" $pod_name-$container_name
+    assert "$output" = "volume" \
+           "quadlet - kube oneshot: volume .Type"
+
+    run_podman container inspect --format "{{(index .Mounts 0).Name}}" $pod_name-$container_name
+    assert "$output" = "$quadlet_kube_volume_name" \
+           "quadlet - kube oneshot: volume .Name"
+
+    # Shutdown the service
+    service_cleanup $pod_service failed
+
+    # Volume should not exist
+    run_podman 1 volume exists ${quadlet_kube_volume_name}
+    run_podman rmi --ignore $(pause_image)
+}
+
 # vim: filetype=sh