If the RunAsUser, RunAsGroup, SupplementalGroups settings are not
overriden in the container security context, then take the value from
the pod security context.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The test-skipping optimization is failing as rootless on non-main,
because $DEST_BRANCH is not set. Solution: check for envariable,
skip test if missing. (This was part of my original PR, but was
accidentally removed in #14013)
Also: DEST_BRANCH was silently being defaulted to 'main' in lib.sh.
Remove that: per @cevich, it is no longer necessary.
Fixes: #14131
Signed-off-by: Ed Santiago <santiago@redhat.com>
Commit b58e7e7f11 was not fully rebased before merging and is now
breaking CI because commit 69c479b16e19 made the underlying error
visible. Using journald inside the container tests is not supported.
Fixes#14162
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
currently tags cause a panic due to an uninitialized map. Initialize the map
and add parsing to make sure we are only tagging with journald
resolves#13356
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Reading the networks requires an extra db operation. Most c.Config() callers
do not need them so create a new function which returns the config with
networks.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We no longer create the temporary directory as `libpod_test_*`.
The directory returned by `t.TempDir()` is TestPostDeleteHooks/001
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.
Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
defer func() {
if err := os.RemoveAll(dir); err != nil {
t.Fatal(err)
}
}
is also tedious, but `t.TempDir` handles this for us nicely.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Pulling the K8s pause image seems unnecessarily expensive to me. Let's
use the testgitest_v2s2 one which is under our control and weighs only a
couple of KB.
This cut the execution time in less than half on my machine. Since it's
network bound and I am running on fibre, I expect more significant speed
ups in slower networks.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Squash the --quiet test into another one. The test was more complex
than necessary and can easily be squashed into another one to avoid one
more expensive pull.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Once upon a time, the tests actually pulled from Docker Hub. This has
changed with the rate limits, so we can safely remove the redundant
tests to speed up CI.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The links to the installation instructions and build instructions seem to
be outdated, so this PR updates them.
Signed-off-by: Deyao Chen <chendeyao000@gmail.com>
The `usermod` calls in rootless_tutorial.md were only adding a very narrow range
for subuids and subgids, which will cause failures with containers where a file
is owned by a user or group with a uid/gid > 1001.
Signed-off-by: Dan Čermák <dcermak@suse.com>
Rather than assuming a filesystem path, the API service URI is recorded
in the libpod runtime configuration and then reported as requested.
Note: All schemes other than "unix" are hard-coded to report URI exists.
Fixes#12023
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
