Merge pull request #9631 from rhatdan/pull

Fix podman build --pull-never
This commit is contained in:
OpenShift Merge Robot
2021-03-29 13:41:42 +00:00
committed by GitHub
23 changed files with 142 additions and 88 deletions

View File

@ -303,6 +303,21 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
return nil, err return nil, err
} }
pullFlagsCount := 0
if c.Flag("pull").Changed {
pullFlagsCount++
}
if c.Flag("pull-always").Changed {
pullFlagsCount++
}
if c.Flag("pull-never").Changed {
pullFlagsCount++
}
if pullFlagsCount > 1 {
return nil, errors.Errorf("can only set one of 'pull' or 'pull-always' or 'pull-never'")
}
pullPolicy := define.PullIfMissing pullPolicy := define.PullIfMissing
if c.Flags().Changed("pull") && flags.Pull { if c.Flags().Changed("pull") && flags.Pull {
pullPolicy = define.PullAlways pullPolicy = define.PullAlways
@ -312,7 +327,7 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
} }
if flags.PullNever { if flags.PullNever {
pullPolicy = define.PullIfMissing pullPolicy = define.PullNever
} }
args := make(map[string]string) args := make(map[string]string)

View File

@ -13,6 +13,7 @@ import (
"time" "time"
"github.com/containers/buildah" "github.com/containers/buildah"
"github.com/containers/buildah/define"
"github.com/containers/buildah/imagebuildah" "github.com/containers/buildah/imagebuildah"
"github.com/containers/buildah/util" "github.com/containers/buildah/util"
"github.com/containers/image/v5/types" "github.com/containers/image/v5/types"
@ -98,6 +99,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
OutputFormat string `schema:"outputformat"` OutputFormat string `schema:"outputformat"`
Platform string `schema:"platform"` Platform string `schema:"platform"`
Pull bool `schema:"pull"` Pull bool `schema:"pull"`
PullPolicy string `schema:"pullpolicy"`
Quiet bool `schema:"q"` Quiet bool `schema:"q"`
Registry string `schema:"registry"` Registry string `schema:"registry"`
Rm bool `schema:"rm"` Rm bool `schema:"rm"`
@ -275,10 +277,14 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
jobs = query.Jobs jobs = query.Jobs
} }
pullPolicy := buildah.PullIfMissing pullPolicy := define.PullIfMissing
if utils.IsLibpodRequest(r) {
pullPolicy = define.PolicyMap[query.PullPolicy]
} else {
if _, found := r.URL.Query()["pull"]; found { if _, found := r.URL.Query()["pull"]; found {
if query.Pull { if query.Pull {
pullPolicy = buildah.PullAlways pullPolicy = define.PullAlways
}
} }
} }

View File

@ -15,7 +15,6 @@ import (
"strconv" "strconv"
"strings" "strings"
"github.com/containers/buildah"
"github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/auth"
"github.com/containers/podman/v3/pkg/bindings" "github.com/containers/podman/v3/pkg/bindings"
"github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/entities"
@ -175,9 +174,9 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
if len(platform) > 0 { if len(platform) > 0 {
params.Set("platform", platform) params.Set("platform", platform)
} }
if options.PullPolicy == buildah.PullAlways {
params.Set("pull", "1") params.Set("pullpolicy", options.PullPolicy.String())
}
if options.Quiet { if options.Quiet {
params.Set("q", "1") params.Set("q", "1")
} }

View File

@ -1 +1 @@
FROM alpine FROM quay.io/libpod/alpine:latest

View File

@ -1,2 +1,2 @@
FROM alpine FROM quay.io/libpod/alpine:latest
ENV PATH=/tmp:/bin:/usr/bin:/usr/sbin ENV PATH=/tmp:/bin:/usr/bin:/usr/sbin

View File

@ -1,2 +1,2 @@
FROM alpine FROM quay.io/libpod/alpine:latest
VOLUME "/volume0" VOLUME "/volume0"

View File

@ -1,2 +1,2 @@
FROM busybox:latest FROM quay.io/libpod/busybox:latest
ADD alpinetest.tgz /data ADD alpinetest.tgz /data

View File

@ -1,3 +1,3 @@
FROM busybox:latest FROM quay.io/libpod/busybox:latest
ADD alpinetest.tgz /data ADD alpinetest.tgz /data
RUN rm -rf /data RUN rm -rf /data

View File

@ -1,6 +1,7 @@
package integration package integration
import ( import (
"fmt"
"io/ioutil" "io/ioutil"
"os" "os"
"path/filepath" "path/filepath"
@ -150,7 +151,7 @@ var _ = Describe("Podman build", func() {
} }
fakeFile := filepath.Join(os.TempDir(), "Containerfile") fakeFile := filepath.Join(os.TempDir(), "Containerfile")
Expect(ioutil.WriteFile(fakeFile, []byte("FROM alpine"), 0755)).To(BeNil()) Expect(ioutil.WriteFile(fakeFile, []byte(fmt.Sprintf("FROM %s", ALPINE)), 0755)).To(BeNil())
targetFile := filepath.Join(targetPath, "Containerfile") targetFile := filepath.Join(targetPath, "Containerfile")
Expect(ioutil.WriteFile(targetFile, []byte("FROM scratch"), 0755)).To(BeNil()) Expect(ioutil.WriteFile(targetFile, []byte("FROM scratch"), 0755)).To(BeNil())
@ -219,8 +220,8 @@ var _ = Describe("Podman build", func() {
podmanTest.StartRemoteService() podmanTest.StartRemoteService()
} }
podmanTest.AddImageToRWStore(ALPINE) podmanTest.AddImageToRWStore(ALPINE)
dockerfile := `FROM quay.io/libpod/alpine:latest dockerfile := fmt.Sprintf(`FROM %s
RUN printenv http_proxy` RUN printenv http_proxy`, ALPINE)
dockerfilePath := filepath.Join(podmanTest.TempDir, "Dockerfile") dockerfilePath := filepath.Join(podmanTest.TempDir, "Dockerfile")
err := ioutil.WriteFile(dockerfilePath, []byte(dockerfile), 0755) err := ioutil.WriteFile(dockerfilePath, []byte(dockerfile), 0755)
@ -263,9 +264,9 @@ RUN printenv http_proxy`
err = ioutil.WriteFile(dummyFile, []byte("dummy"), 0644) err = ioutil.WriteFile(dummyFile, []byte("dummy"), 0644)
Expect(err).To(BeNil()) Expect(err).To(BeNil())
containerfile := `FROM quay.io/libpod/alpine:latest containerfile := fmt.Sprintf(`FROM %s
ADD . /test ADD . /test
RUN find /test` RUN find /test`, ALPINE)
containerfilePath := filepath.Join(targetPath, "Containerfile") containerfilePath := filepath.Join(targetPath, "Containerfile")
err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644) err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644)
@ -307,7 +308,7 @@ RUN find /test`
err = os.Mkdir(targetSubPath, 0755) err = os.Mkdir(targetSubPath, 0755)
Expect(err).To(BeNil()) Expect(err).To(BeNil())
containerfile := `FROM quay.io/libpod/alpine:latest` containerfile := fmt.Sprintf("FROM %s", ALPINE)
containerfilePath := filepath.Join(targetSubPath, "Containerfile") containerfilePath := filepath.Join(targetSubPath, "Containerfile")
err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644) err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644)
@ -344,9 +345,9 @@ RUN find /test`
targetPath, err := CreateTempDirInTempDir() targetPath, err := CreateTempDirInTempDir()
Expect(err).To(BeNil()) Expect(err).To(BeNil())
containerfile := `FROM quay.io/libpod/alpine:latest containerfile := fmt.Sprintf(`FROM %s
ADD . /testfilter/ ADD . /testfilter/
RUN find /testfilter/` RUN find /testfilter/`, ALPINE)
containerfilePath := filepath.Join(targetPath, "Containerfile") containerfilePath := filepath.Join(targetPath, "Containerfile")
err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644) err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644)
@ -428,10 +429,10 @@ subdir**`
Expect(os.Chdir(targetSubPath)).To(BeNil()) Expect(os.Chdir(targetSubPath)).To(BeNil())
Expect(os.Symlink("dummy", "dummy-symlink")).To(BeNil()) Expect(os.Symlink("dummy", "dummy-symlink")).To(BeNil())
containerfile := `FROM quay.io/libpod/alpine:latest containerfile := fmt.Sprintf(`FROM %s
ADD . /test ADD . /test
RUN find /test RUN find /test
RUN [[ -L /test/dummy-symlink ]] && echo SYMLNKOK || echo SYMLNKERR` RUN [[ -L /test/dummy-symlink ]] && echo SYMLNKOK || echo SYMLNKERR`, ALPINE)
containerfilePath := filepath.Join(targetSubPath, "Containerfile") containerfilePath := filepath.Join(targetSubPath, "Containerfile")
err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644) err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644)
@ -475,14 +476,14 @@ RUN grep CapEff /proc/self/status`
// When // When
session := podmanTest.Podman([]string{ session := podmanTest.Podman([]string{
"build", "--pull-never", "--cap-drop=all", "--cap-add=net_bind_service", "--add-host", "testhost:1.2.3.4", "--from", "alpine", targetPath, "build", "--pull-never", "--cap-drop=all", "--cap-add=net_bind_service", "--add-host", "testhost:1.2.3.4", "--from", ALPINE, targetPath,
}) })
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
// Then // Then
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
Expect(strings.Fields(session.OutputToString())). Expect(strings.Fields(session.OutputToString())).
To(ContainElement("alpine")) To(ContainElement(ALPINE))
Expect(strings.Fields(session.OutputToString())). Expect(strings.Fields(session.OutputToString())).
To(ContainElement("testhost")) To(ContainElement("testhost"))
Expect(strings.Fields(session.OutputToString())). Expect(strings.Fields(session.OutputToString())).
@ -494,7 +495,7 @@ RUN grep CapEff /proc/self/status`
Expect(err).To(BeNil()) Expect(err).To(BeNil())
containerFile := filepath.Join(targetPath, "Containerfile") containerFile := filepath.Join(targetPath, "Containerfile")
Expect(ioutil.WriteFile(containerFile, []byte("FROM alpine"), 0755)).To(BeNil()) Expect(ioutil.WriteFile(containerFile, []byte(fmt.Sprintf("FROM %s", ALPINE)), 0755)).To(BeNil())
defer func() { defer func() {
Expect(os.RemoveAll(containerFile)).To(BeNil()) Expect(os.RemoveAll(containerFile)).To(BeNil())
@ -502,7 +503,7 @@ RUN grep CapEff /proc/self/status`
// When // When
session := podmanTest.Podman([]string{ session := podmanTest.Podman([]string{
"build", "--pull-never", "--isolation", "oci", "--arch", "arm64", targetPath, "build", "--isolation", "oci", "--arch", "arm64", targetPath,
}) })
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
// Then // Then
@ -510,7 +511,7 @@ RUN grep CapEff /proc/self/status`
// When // When
session = podmanTest.Podman([]string{ session = podmanTest.Podman([]string{
"build", "--pull-never", "--isolation", "chroot", "--arch", "arm64", targetPath, "build", "--isolation", "chroot", "--arch", "arm64", targetPath,
}) })
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
// Then // Then
@ -534,8 +535,8 @@ RUN grep CapEff /proc/self/status`
}) })
It("podman build --timestamp flag", func() { It("podman build --timestamp flag", func() {
containerfile := `FROM quay.io/libpod/alpine:latest containerfile := fmt.Sprintf(`FROM %s
RUN echo hello` RUN echo hello`, ALPINE)
containerfilePath := filepath.Join(podmanTest.TempDir, "Containerfile") containerfilePath := filepath.Join(podmanTest.TempDir, "Containerfile")
err := ioutil.WriteFile(containerfilePath, []byte(containerfile), 0755) err := ioutil.WriteFile(containerfilePath, []byte(containerfile), 0755)

View File

@ -91,7 +91,7 @@ var _ = Describe("Podman run", func() {
if IsRemote() { if IsRemote() {
podmanTest.RestartRemoteService() podmanTest.RestartRemoteService()
} }
session := podmanTest.Podman([]string{"run", "busybox", "grep", "CapEff", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", BB, "grep", "CapEff", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).ToNot(Equal(cap.OutputToString())) Expect(session.OutputToString()).ToNot(Equal(cap.OutputToString()))

View File

@ -475,10 +475,10 @@ var _ = Describe("Podman exec", func() {
}) })
It("podman exec preserves container groups with --user and --group-add", func() { It("podman exec preserves container groups with --user and --group-add", func() {
dockerfile := `FROM registry.fedoraproject.org/fedora-minimal dockerfile := fmt.Sprintf(`FROM %s
RUN groupadd -g 4000 first RUN groupadd -g 4000 first
RUN groupadd -g 4001 second RUN groupadd -g 4001 second
RUN useradd -u 1000 auser` RUN useradd -u 1000 auser`, fedoraMinimal)
imgName := "testimg" imgName := "testimg"
podmanTest.BuildImage(dockerfile, imgName, "false") podmanTest.BuildImage(dockerfile, imgName, "false")

View File

@ -1,6 +1,7 @@
package integration package integration
import ( import (
"fmt"
"os" "os"
. "github.com/containers/podman/v3/test/utils" . "github.com/containers/podman/v3/test/utils"
@ -8,11 +9,11 @@ import (
. "github.com/onsi/gomega" . "github.com/onsi/gomega"
) )
var pruneImage = ` var pruneImage = fmt.Sprintf(`
FROM alpine:latest FROM %s
LABEL RUN podman --version LABEL RUN podman --version
RUN apk update RUN apk update
RUN apk add bash` RUN apk add bash`, ALPINE)
var _ = Describe("Podman prune", func() { var _ = Describe("Podman prune", func() {
var ( var (

View File

@ -351,7 +351,7 @@ var _ = Describe("Podman ps", func() {
}) })
It("podman --format by size", func() { It("podman --format by size", func() {
session := podmanTest.Podman([]string{"create", "busybox", "ls"}) session := podmanTest.Podman([]string{"create", BB, "ls"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
@ -366,7 +366,7 @@ var _ = Describe("Podman ps", func() {
}) })
It("podman --sort by size", func() { It("podman --sort by size", func() {
session := podmanTest.Podman([]string{"create", "busybox", "ls"}) session := podmanTest.Podman([]string{"create", BB, "ls"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))

View File

@ -184,19 +184,20 @@ var _ = Describe("Podman rmi", func() {
It("podman rmi with cached images", func() { It("podman rmi with cached images", func() {
podmanTest.AddImageToRWStore(cirros) podmanTest.AddImageToRWStore(cirros)
dockerfile := `FROM quay.io/libpod/cirros:latest dockerfile := fmt.Sprintf(`FROM %s
RUN mkdir hello RUN mkdir hello
RUN touch test.txt RUN touch test.txt
ENV foo=bar ENV foo=bar
` `, cirros)
podmanTest.BuildImage(dockerfile, "test", "true") podmanTest.BuildImage(dockerfile, "test", "true")
dockerfile = `FROM quay.io/libpod/cirros:latest dockerfile = fmt.Sprintf(`FROM %s
RUN mkdir hello RUN mkdir hello
RUN touch test.txt RUN touch test.txt
RUN mkdir blah RUN mkdir blah
ENV foo=bar ENV foo=bar
` `, cirros)
podmanTest.BuildImage(dockerfile, "test2", "true") podmanTest.BuildImage(dockerfile, "test2", "true")
session := podmanTest.Podman([]string{"images", "-q", "-a"}) session := podmanTest.Podman([]string{"images", "-q", "-a"})
@ -249,14 +250,15 @@ var _ = Describe("Podman rmi", func() {
}) })
It("podman rmi -a with parent|child images", func() { It("podman rmi -a with parent|child images", func() {
dockerfile := `FROM quay.io/libpod/cirros:latest AS base podmanTest.AddImageToRWStore(cirros)
dockerfile := fmt.Sprintf(`FROM %s AS base
RUN touch /1 RUN touch /1
ENV LOCAL=/1 ENV LOCAL=/1
RUN find $LOCAL RUN find $LOCAL
FROM base FROM base
RUN find $LOCAL RUN find $LOCAL
` `, cirros)
podmanTest.BuildImage(dockerfile, "test", "true") podmanTest.BuildImage(dockerfile, "test", "true")
session := podmanTest.Podman([]string{"rmi", "-a"}) session := podmanTest.Podman([]string{"rmi", "-a"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
@ -284,14 +286,15 @@ RUN find $LOCAL
// a race, we may not hit the condition a 100 percent of times // a race, we may not hit the condition a 100 percent of times
// but ocal reproducers hit it all the time. // but ocal reproducers hit it all the time.
podmanTest.AddImageToRWStore(cirros)
var wg sync.WaitGroup var wg sync.WaitGroup
buildAndRemove := func(i int) { buildAndRemove := func(i int) {
defer GinkgoRecover() defer GinkgoRecover()
defer wg.Done() defer wg.Done()
imageName := fmt.Sprintf("rmtest:%d", i) imageName := fmt.Sprintf("rmtest:%d", i)
containerfile := `FROM quay.io/libpod/cirros:latest containerfile := fmt.Sprintf(`FROM %s
RUN ` + fmt.Sprintf("touch %s", imageName) RUN touch %s`, cirros, imageName)
podmanTest.BuildImage(containerfile, imageName, "false") podmanTest.BuildImage(containerfile, imageName, "false")
session := podmanTest.Podman([]string{"rmi", "-f", imageName}) session := podmanTest.Podman([]string{"rmi", "-f", imageName})

View File

@ -1,6 +1,7 @@
package integration package integration
import ( import (
"fmt"
"os" "os"
. "github.com/containers/podman/v3/test/utils" . "github.com/containers/podman/v3/test/utils"
@ -60,9 +61,9 @@ var _ = Describe("Podman run passwd", func() {
}) })
It("podman can run container without /etc/passwd", func() { It("podman can run container without /etc/passwd", func() {
dockerfile := `FROM alpine dockerfile := fmt.Sprintf(`FROM %s
RUN rm -f /etc/passwd /etc/shadow /etc/group RUN rm -f /etc/passwd /etc/shadow /etc/group
USER 1000` USER 1000`, ALPINE)
imgName := "testimg" imgName := "testimg"
podmanTest.BuildImage(dockerfile, imgName, "false") podmanTest.BuildImage(dockerfile, imgName, "false")
session := podmanTest.Podman([]string{"run", "--rm", imgName, "ls", "/etc/"}) session := podmanTest.Podman([]string{"run", "--rm", imgName, "ls", "/etc/"})
@ -113,9 +114,9 @@ USER 1000`
}) })
It("podman run numeric group from image and no group file", func() { It("podman run numeric group from image and no group file", func() {
dockerfile := `FROM alpine dockerfile := fmt.Sprintf(`FROM %s
RUN rm -f /etc/passwd /etc/shadow /etc/group RUN rm -f /etc/passwd /etc/shadow /etc/group
USER 1000` USER 1000`, ALPINE)
imgName := "testimg" imgName := "testimg"
podmanTest.BuildImage(dockerfile, imgName, "false") podmanTest.BuildImage(dockerfile, imgName, "false")
session := podmanTest.Podman([]string{"run", "--rm", imgName, "ls", "/etc/"}) session := podmanTest.Podman([]string{"run", "--rm", imgName, "ls", "/etc/"})

View File

@ -59,7 +59,7 @@ var _ = Describe("Podman privileged container tests", func() {
}) })
It("podman privileged make sure sys is mounted rw", func() { It("podman privileged make sure sys is mounted rw", func() {
session := podmanTest.Podman([]string{"run", "--privileged", "busybox", "mount"}) session := podmanTest.Podman([]string{"run", "--privileged", BB, "mount"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
ok, lines := session.GrepString("sysfs") ok, lines := session.GrepString("sysfs")
@ -71,7 +71,7 @@ var _ = Describe("Podman privileged container tests", func() {
hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"})
Expect(hostCap.ExitCode()).To(Equal(0)) Expect(hostCap.ExitCode()).To(Equal(0))
session := podmanTest.Podman([]string{"run", "--privileged", "busybox", "awk", "/^CapEff/ { print $2 }", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", "--privileged", BB, "awk", "/^CapEff/ { print $2 }", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
@ -83,7 +83,7 @@ var _ = Describe("Podman privileged container tests", func() {
hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"})
Expect(hostCap.ExitCode()).To(Equal(0)) Expect(hostCap.ExitCode()).To(Equal(0))
session := podmanTest.Podman([]string{"run", "--cap-add", "all", "busybox", "awk", "/^CapEff/ { print $2 }", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", "--cap-add", "all", BB, "awk", "/^CapEff/ { print $2 }", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
@ -95,7 +95,7 @@ var _ = Describe("Podman privileged container tests", func() {
hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"}) hostCap := SystemExec("awk", []string{"/^CapEff/ { print $2 }", "/proc/self/status"})
Expect(hostCap.ExitCode()).To(Equal(0)) Expect(hostCap.ExitCode()).To(Equal(0))
session := podmanTest.Podman([]string{"run", "--user=bin", "--cap-add", "all", "busybox", "awk", "/^CapEff/ { print $2 }", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", "--user=bin", "--cap-add", "all", BB, "awk", "/^CapEff/ { print $2 }", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
@ -103,7 +103,7 @@ var _ = Describe("Podman privileged container tests", func() {
}) })
It("podman cap-drop CapEff", func() { It("podman cap-drop CapEff", func() {
session := podmanTest.Podman([]string{"run", "--cap-drop", "all", "busybox", "grep", "CapEff", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", "--cap-drop", "all", BB, "grep", "CapEff", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
capEff := strings.Split(session.OutputToString(), " ") capEff := strings.Split(session.OutputToString(), " ")
@ -120,7 +120,7 @@ var _ = Describe("Podman privileged container tests", func() {
}) })
It("podman non-privileged should have very few devices", func() { It("podman non-privileged should have very few devices", func() {
session := podmanTest.Podman([]string{"run", "-t", "busybox", "ls", "-l", "/dev"}) session := podmanTest.Podman([]string{"run", "-t", BB, "ls", "-l", "/dev"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
Expect(len(session.OutputToStringArray())).To(Equal(17)) Expect(len(session.OutputToStringArray())).To(Equal(17))
@ -147,12 +147,12 @@ var _ = Describe("Podman privileged container tests", func() {
Skip("Can't determine NoNewPrivs") Skip("Can't determine NoNewPrivs")
} }
session := podmanTest.Podman([]string{"run", "busybox", "grep", "NoNewPrivs", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", BB, "grep", "NoNewPrivs", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
privs := strings.Split(session.OutputToString(), ":") privs := strings.Split(session.OutputToString(), ":")
session = podmanTest.Podman([]string{"run", "--security-opt", "no-new-privileges", "busybox", "grep", "NoNewPrivs", "/proc/self/status"}) session = podmanTest.Podman([]string{"run", "--security-opt", "no-new-privileges", BB, "grep", "NoNewPrivs", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))

View File

@ -1,6 +1,7 @@
package integration package integration
import ( import (
"fmt"
"os" "os"
"strings" "strings"
@ -128,9 +129,9 @@ var _ = Describe("Podman generate kube", func() {
It("podman container runlabel (podman --version)", func() { It("podman container runlabel (podman --version)", func() {
SkipIfRemote("runlabel not supported on podman-remote") SkipIfRemote("runlabel not supported on podman-remote")
PodmanDockerfile := ` PodmanDockerfile := fmt.Sprintf(`
FROM alpine:latest FROM %s
LABEL io.containers.capabilities=chown,kill` LABEL io.containers.capabilities=chown,kill`, ALPINE)
image := "podman-caps:podman" image := "podman-caps:podman"
podmanTest.BuildImage(PodmanDockerfile, image, "false") podmanTest.BuildImage(PodmanDockerfile, image, "false")

View File

@ -489,8 +489,8 @@ var _ = Describe("Podman run", func() {
if IsRemote() { if IsRemote() {
podmanTest.RestartRemoteService() podmanTest.RestartRemoteService()
} }
dockerfile := `FROM busybox dockerfile := fmt.Sprintf(`FROM %s
USER bin` USER bin`, BB)
podmanTest.BuildImage(dockerfile, "test", "false") podmanTest.BuildImage(dockerfile, "test", "false")
session := podmanTest.Podman([]string{"run", "--rm", "--user", "bin", "test", "grep", "CapBnd", "/proc/self/status"}) session := podmanTest.Podman([]string{"run", "--rm", "--user", "bin", "test", "grep", "CapBnd", "/proc/self/status"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
@ -898,10 +898,10 @@ USER bin`
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
dockerfile := `FROM busybox dockerfile := fmt.Sprintf(`FROM %s
RUN mkdir -p /myvol/data && chown -R mail.0 /myvol RUN mkdir -p /myvol/data && chown -R mail.0 /myvol
VOLUME ["/myvol/data"] VOLUME ["/myvol/data"]
USER mail` USER mail`, BB)
podmanTest.BuildImage(dockerfile, "test", "false") podmanTest.BuildImage(dockerfile, "test", "false")
session = podmanTest.Podman([]string{"run", "--rm", "test", "ls", "-al", "/myvol/data"}) session = podmanTest.Podman([]string{"run", "--rm", "test", "ls", "-al", "/myvol/data"})
@ -1499,8 +1499,8 @@ USER mail`
It("podman run makes workdir from image", func() { It("podman run makes workdir from image", func() {
// BuildImage does not seem to work remote // BuildImage does not seem to work remote
dockerfile := `FROM busybox dockerfile := fmt.Sprintf(`FROM %s
WORKDIR /madethis` WORKDIR /madethis`, BB)
podmanTest.BuildImage(dockerfile, "test", "false") podmanTest.BuildImage(dockerfile, "test", "false")
session := podmanTest.Podman([]string{"run", "--rm", "test", "pwd"}) session := podmanTest.Podman([]string{"run", "--rm", "test", "pwd"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()

View File

@ -308,9 +308,9 @@ var _ = Describe("Podman run with volumes", func() {
It("podman named volume copyup symlink", func() { It("podman named volume copyup symlink", func() {
imgName := "testimg" imgName := "testimg"
dockerfile := `FROM alpine dockerfile := fmt.Sprintf(`FROM %s
RUN touch /testfile RUN touch /testfile
RUN sh -c "cd /etc/apk && ln -s ../../testfile"` RUN sh -c "cd /etc/apk && ln -s ../../testfile"`, ALPINE)
podmanTest.BuildImage(dockerfile, imgName, "false") podmanTest.BuildImage(dockerfile, imgName, "false")
baselineSession := podmanTest.Podman([]string{"run", "--rm", "-t", "-i", imgName, "ls", "/etc/apk/"}) baselineSession := podmanTest.Podman([]string{"run", "--rm", "-t", "-i", imgName, "ls", "/etc/apk/"})
@ -479,9 +479,8 @@ RUN sh -c "cd /etc/apk && ln -s ../../testfile"`
It("Podman mount over image volume with trailing /", func() { It("Podman mount over image volume with trailing /", func() {
image := "podman-volume-test:trailing" image := "podman-volume-test:trailing"
dockerfile := ` dockerfile := fmt.Sprintf(`FROM %s
FROM alpine:latest VOLUME /test/`, ALPINE)
VOLUME /test/`
podmanTest.BuildImage(dockerfile, image, "false") podmanTest.BuildImage(dockerfile, image, "false")
ctrName := "testCtr" ctrName := "testCtr"
@ -646,9 +645,9 @@ VOLUME /test/`
It("volume permissions after run", func() { It("volume permissions after run", func() {
imgName := "testimg" imgName := "testimg"
dockerfile := `FROM fedora-minimal dockerfile := fmt.Sprintf(`FROM %s
RUN useradd -m testuser -u 1005 RUN useradd -m testuser -u 1005
USER testuser` USER testuser`, fedoraMinimal)
podmanTest.BuildImage(dockerfile, imgName, "false") podmanTest.BuildImage(dockerfile, imgName, "false")
testString := "testuser testuser" testString := "testuser testuser"

View File

@ -1,6 +1,7 @@
package integration package integration
import ( import (
"fmt"
"os" "os"
. "github.com/containers/podman/v3/test/utils" . "github.com/containers/podman/v3/test/utils"
@ -46,9 +47,9 @@ var _ = Describe("Podman run", func() {
}) })
It("podman run a container on an image with a workdir", func() { It("podman run a container on an image with a workdir", func() {
dockerfile := `FROM alpine dockerfile := fmt.Sprintf(`FROM %s
RUN mkdir -p /home/foobar /etc/foobar; chown bin:bin /etc/foobar RUN mkdir -p /home/foobar /etc/foobar; chown bin:bin /etc/foobar
WORKDIR /etc/foobar` WORKDIR /etc/foobar`, ALPINE)
podmanTest.BuildImage(dockerfile, "test", "false") podmanTest.BuildImage(dockerfile, "test", "false")
session := podmanTest.Podman([]string{"run", "test", "pwd"}) session := podmanTest.Podman([]string{"run", "test", "pwd"})

View File

@ -1,6 +1,7 @@
package integration package integration
import ( import (
"fmt"
"os" "os"
. "github.com/containers/podman/v3/test/utils" . "github.com/containers/podman/v3/test/utils"
@ -8,18 +9,17 @@ import (
. "github.com/onsi/gomega" . "github.com/onsi/gomega"
) )
var PodmanDockerfile = ` var PodmanDockerfile = fmt.Sprintf(`
FROM alpine:latest FROM %s
LABEL RUN podman --version` LABEL RUN podman --version`, ALPINE)
var LsDockerfile = ` var LsDockerfile = fmt.Sprintf(`
FROM alpine:latest FROM %s
LABEL RUN ls -la` LABEL RUN ls -la`, ALPINE)
var GlobalDockerfile = ` var GlobalDockerfile = fmt.Sprintf(`
FROM alpine:latest FROM %s
LABEL RUN echo \$GLOBAL_OPTS LABEL RUN echo \$GLOBAL_OPTS`, ALPINE)
`
var _ = Describe("podman container runlabel", func() { var _ = Describe("podman container runlabel", func() {
var ( var (

View File

@ -44,7 +44,7 @@ var _ = Describe("podman system df", func() {
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
session = podmanTest.Podman([]string{"create", "-v", "data:/data", "--name", "container1", "busybox"}) session = podmanTest.Podman([]string{"create", "-v", "data:/data", "--name", "container1", BB})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))

View File

@ -668,6 +668,33 @@ EOF
run_podman image prune -f run_podman image prune -f
} }
@test "podman build --pull-never" {
local tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir
# First, confirm that --pull-never is a NOP if image exists locally
local random_string=$(random_string 15)
cat >$tmpdir/Containerfile <<EOF
FROM $IMAGE
RUN echo $random_string
EOF
run_podman build -t build_test --pull-never $tmpdir
is "$output" ".*$random_string" "pull-never is OK if image already exists"
run_podman rmi build_test
# Now try an image that does not exist locally nor remotely
cat >$tmpdir/Containerfile <<EOF
FROM quay.io/libpod/nosuchimage:nosuchtag
RUN echo $random_string
EOF
run_podman 125 build -t build_test --pull-never $tmpdir
is "$output" ".* pull policy is .never. but .* could not be found locally" \
"--pull-never fails with expected error message"
}
@test "podman build --logfile test" { @test "podman build --logfile test" {
tmpdir=$PODMAN_TMPDIR/build-test tmpdir=$PODMAN_TMPDIR/build-test
mkdir -p $tmpdir mkdir -p $tmpdir