opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-29 01:28:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove iptables references in upgrade tests

Browse Source 
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
This commit is contained in:
Mario Loriedo
2025-11-18 13:18:41 +01:00
parent bd02d6fd74
commit aa5361ac53
3 changed files with 17 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.cirrus.yml
View File

@@ -1090,7 +1090,9 @@ upgrade_test_task:
depends_on: *build depends_on: *build
matrix: matrix:
- env: - env:
PODMAN_UPGRADE_FROM: v4.8.0 PODMAN_UPGRADE_FROM: v5.3.1
- env:
PODMAN_UPGRADE_FROM: v5.6.2
gce_instance: *standardvm gce_instance: *standardvm
env: env:
TEST_FLAVOR: upgrade_test TEST_FLAVOR: upgrade_test

17
test/upgrade/README.md
View File

@@ -21,22 +21,19 @@ container image from quay.io/podman, uses it to create and run
a number of containers, then uses new-podman to interact with a number of containers, then uses new-podman to interact with
those containers. those containers.
As of 2024-02-05 the available old-podman versions are: Testing updates from versions earlier than v5.3.1 fails. Testing updates from
tags that do not respect semantic versioning fails too (e.g. v5.6.0-immutable or
v5.6). As of 2025-11-18 the available old-podman versions to test against are:
```console ```console
$ bin/podman search --list-tags --limit=400 quay.io/podman/stable | awk '$2 ~ /^v/ { print $2}' | sort | column -c 75 $ bin/podman search --list-tags --limit=400 quay.io/podman/stable | awk '$2 ~ /^v[0-9]+\.[0-9]+\.[0-9]+$/ { print $2}' | sort | awk '/v5.3.1/,0' | column -c 75
v1.4.2 v1.9.1 v3.2.0 v3.4.0 v4.1.0 v4.3.1 v4.5.1 v4.8 v5.3.1 v5.4.0 v5.4.2 v5.5.1 v5.6.0 v5.6.2
v1.4.4 v2.0.2 v3.2.1 v3.4.1 v4.1.1 v4.4 v4.6 v4.8.0 v5.3.2 v5.4.1 v5.5.0 v5.5.2 v5.6.1
v1.5.0 v2.0.6 v3.2.2 v3.4.2 v4.2 v4.4.1 v4.6.1 v4.8.1
v1.5.1 v2.1.1 v3.2.3 v3.4.4 v4.2.0 v4.4.2 v4.6.2 v4.8.2
v1.6 v2.2.1 v3.3.0 v3.4.7 v4.2.1 v4.4.4 v4.7 v4.8.3
v1.6.2 v3 v3.3.1 v4 v4.3 v4.5 v4.7.0 v4.9
v1.9.0 v3.1.2 v3.4 v4.1 v4.3.0 v4.5.0 v4.7.2 v4.9.0
``` ```
Test invocation is: Test invocation is:
```console ```console
$ sudo env PODMAN=bin/podman PODMAN_UPGRADE_FROM=v4.1.0 PODMAN_UPGRADE_TEST_DEBUG= bats test/upgrade $ sudo env PODMAN=bin/podman PODMAN_UPGRADE_FROM=v5.3.1 PODMAN_UPGRADE_TEST_DEBUG= bats test/upgrade
``` ```
(Path assumes you're cd'ed to top-level podman repo). `PODMAN_UPGRADE_FROM` (Path assumes you're cd'ed to top-level podman repo). `PODMAN_UPGRADE_FROM`
can be any of the versions above. `PODMAN_UPGRADE_TEST_DEBUG` is empty can be any of the versions above. `PODMAN_UPGRADE_TEST_DEBUG` is empty

27
test/upgrade/test-upgrade.bats
View File

@@ -49,9 +49,9 @@ setup() {
# the default c/storage behavior is to make the mount propagation private. # the default c/storage behavior is to make the mount propagation private.
export _PODMAN_TEST_OPTS="--storage-opt=skip_mount_home=true --cgroup-manager=cgroupfs --root=$PODMAN_UPGRADE_WORKDIR/root --runroot=$PODMAN_UPGRADE_WORKDIR/runroot --tmpdir=$PODMAN_UPGRADE_WORKDIR/tmp" export _PODMAN_TEST_OPTS="--storage-opt=skip_mount_home=true --cgroup-manager=cgroupfs --root=$PODMAN_UPGRADE_WORKDIR/root --runroot=$PODMAN_UPGRADE_WORKDIR/runroot --tmpdir=$PODMAN_UPGRADE_WORKDIR/tmp"
# Old netavark used iptables but newer versions might uses nftables.
# Networking can only work correctly if both use the same firewall driver so force iptables. # Starting with v6.0.0 we only test upgrade from versions that support nftables.
printf "[network]\nfirewall_driver=\"iptables\"\n" > $PODMAN_UPGRADE_WORKDIR/containers.conf printf "[network]\nfirewall_driver=\"nftables\"\n" > $PODMAN_UPGRADE_WORKDIR/containers.conf
export CONTAINERS_CONF_OVERRIDE=$PODMAN_UPGRADE_WORKDIR/containers.conf export CONTAINERS_CONF_OVERRIDE=$PODMAN_UPGRADE_WORKDIR/containers.conf
} }
@@ -64,21 +64,6 @@ setup() {
OLD_PODMAN=quay.io/podman/stable:$PODMAN_UPGRADE_FROM OLD_PODMAN=quay.io/podman/stable:$PODMAN_UPGRADE_FROM
$PODMAN pull $OLD_PODMAN $PODMAN pull $OLD_PODMAN
# Can't mix-and-match iptables.
# This can only fail when we bring in new CI VMs. If/when it does fail,
# we'll need to figure out how to solve it. Until then, punt.
iptables_old_version=$($PODMAN run --rm $OLD_PODMAN iptables -V)
run -0 expr "$iptables_old_version" : ".*(\(.*\))"
iptables_old_which="$output"
iptables_new_version=$(iptables -V)
run -0 expr "$iptables_new_version" : ".*(\(.*\))"
iptables_new_which="$output"
if [[ "$iptables_new_which" != "$iptables_old_which" ]]; then
die "Cannot mix iptables; $PODMAN_UPGRADE_FROM container uses $iptables_old_which, host uses $iptables_new_which"
fi
# Shortcut name, because we're referencing it a lot # Shortcut name, because we're referencing it a lot
pmroot=$PODMAN_UPGRADE_WORKDIR pmroot=$PODMAN_UPGRADE_WORKDIR
@@ -223,8 +208,10 @@ EOF
@test "images" { @test "images" {
run_podman images -a --format '{{.Names}}' run_podman images -a --format '{{.Names}}'
assert "${lines[0]}" =~ "\[localhost/podman-pause:${PODMAN_UPGRADE_FROM##v}-.*\]" "podman images, line 0" # Filter out the podman-pause image which isn't present for
assert "${lines[1]}" = "[$IMAGE]" "podman images, line 1" # versions >= 5.5.0
run -0 grep -v "localhost/podman-pause" <<< "$output"
assert "${lines[0]}" = "[$IMAGE]" "podman images, line 0"
} }
@test "ps : one container running" { @test "ps : one container running" {