CI: system test registry: use --net=host

This removes the need for a tricky/fragile namespace workaround. Huge thanks to Paul for discovering documentation on the Registry container, and how to override config.yml settings: https://distribution.github.io/distribution/about/configuration/#override-specific-configuration-options Drive-by: consistentize quotes in -eVAR="value". Minor, but makes them all easier to read with emacs/vi syntax highlighting. Signed-off-by: Ed Santiago <santiago@redhat.com>
2025-08-24 10:04:57 +08:00 · 2024-09-18 07:07:44 -06:00
parent 327c26af2f
commit 9c51eead06
1 changed files with 7 additions and 23 deletions
--- a/test/system/helpers.registry.bash
+++ b/test/system/helpers.registry.bash
@ -37,20 +37,6 @@ function start_registry() {
        done

        die "Internal error: timed out waiting for another process to start registry"
-
-        # Fixes very obscure corner case in root system tests:
-        #  1) we run 150-login tests, starting a registry; then
-        #  2) run 500-network, which runs iptables -F; then
-        #  3) run 700-play, the "private" test, which needs the
-        #     already-started registry, but its port is now DROPped,
-        #     so the test times out trying to talk to registry
-
-        ###### FIXME FIXME FIXME TEMPORARY!
-        ###### Trying to understand flake #23725. What happens if we stop
-        ###### doing the network reload?
-        ###### FIXME FIXME FIXME, should we do it in stop_registry??
-        ###### run_podman --storage-driver vfs $(podman_isolation_opts ${PODMAN_LOGIN_WORKDIR}) network reload --all
-        return
    fi

    mkdir -p $AUTHDIR
@ -86,21 +72,19 @@ function start_registry() {

    # Run the registry container.
    run_podman ${PODMAN_LOGIN_ARGS} run -d \
-               -p 127.0.0.1:${PODMAN_LOGIN_REGISTRY_PORT}:5000 \
+               --net=host \
               --name registry \
               -v $AUTHDIR:/auth:Z \
-               -e "REGISTRY_AUTH=htpasswd" \
-               -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-               -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-               -e REGISTRY_HTTP_TLS_CERTIFICATE=/auth/domain.crt \
-               -e REGISTRY_HTTP_TLS_KEY=/auth/domain.key \
+               -e REGISTRY_HTTP_ADDR="127.0.0.1:${PODMAN_LOGIN_REGISTRY_PORT}" \
+               -e REGISTRY_AUTH="htpasswd" \
+               -e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" \
+               -e REGISTRY_AUTH_HTPASSWD_PATH="/auth/htpasswd" \
+               -e REGISTRY_HTTP_TLS_CERTIFICATE="/auth/domain.crt" \
+               -e REGISTRY_HTTP_TLS_KEY="/auth/domain.key" \
               $REGISTRY_IMAGE
    cid="$output"

-    # wait_for_port isn't enough: that just checks that podman has mapped the port...
    wait_for_port 127.0.0.1 ${PODMAN_LOGIN_REGISTRY_PORT}
-    # ...so we look in container logs for confirmation that registry is running.
-    _PODMAN_TEST_OPTS="${PODMAN_LOGIN_ARGS}" wait_for_output "listening on .::.:5000" $cid

    touch $startflag
    echo "I have started the registry"