- containerInspect compat API expects field value PrefixLen
instead of PrefixLength for type Address for SecondaryIPAddresses
- Add tests for network part of containerInspect compat api
Closes: containers#14674
Signed-off-by: 🤓 Mostafa Emami <mustafaemami@gmail.com>
* Add docs about trailing * functionality in podman-exec.1.md
* Rewrite --env description in podman-create.1.md and podman-run.1.md
* Rewrite the --env examples in podman-create.1.md and podman-run.1.md
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
[NO NEW TESTS NEEDED] podman pod clone somehow snuck by the new linter code that went in while it was in flight
fix that here
Signed-off-by: cdoern <cdoern@redhat.com>
`podman -h` currently returns an error:
`Error: pflag: help requested`
This bug was introduced in 44d037898ebc, the problem is that we wrap the
error and cobra lib checks with `==` for this one and not errors.Is().
I have a PR upstream to fix this but for now this also works.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The manpage for `podman system service` should mention that this
is not safe for external consumption unless you are comfortable
giving anyone who accesses it full root on the system.
Signed-off-by: Matthew Heon <mheon@redhat.com>
- prerequisites in Fedora section has libseccomp-devel.x86_64 named twice
- bin/podman flag "-h" does not work, "--help" is required
Signed-off-by: Carlo Lobrano <c.lobrano@gmail.com>
With runc 1.1, we have the following failure:
# #| FAIL: podman emits useful diagnostic on failure
# #| expected: 'Error.*: OCI runtime error: .*: failed to set /proc/self/attr/keycreate on procfs' (using expr)
# #| actual: 'Error: OCI runtime error: runc: runc create failed: unable to start container process: error during container init: write /proc/self/attr/keycreate: invalid argument'
which is caused by the fact that runc 1.1 uses newer opencontainers/selinux
package, which changes custom errors to standard os.PathError instances (so
that they can be unwrapped if needed).
Fix the test case accordingly.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Interrupting a `podman machine start` (ex: with CTRL-C) would leave
`Starting: true` in the machine's config file. Due to #14469 any
subsequent starts would fail since Podman would think the machine is
still in the process of starting.
Fixed here by listening for the interrupt signal and setting `Starting:
false` in the event.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
Changes:
- use --timestamp option to produce 'created' stamps
that can be reliably tested in the image-history test
- podman now supports manifest & multiarch run, so we
no longer need buildah
- bump up base alpine & busybox images
This turned out to be WAY more complicated than it should've been,
because:
- alpine 3.14 fixed 'date -Iseconds' to include a colon in
the TZ offset ("-07:00", was "-0700"). This is now consistent
with GNU date's --iso-8601 format, yay, so we can eliminate
a minor workaround.
- with --timestamp, all ADDed files are set to that timestamp,
including the custom-reference-timestamp file that many tests
rely on. So we need to split the build into two steps. But:
- ...with a two-step build I need to use --squash-all, not --squash, but:
- ... (deep sigh) --squash-all doesn't work with --timestamp (#14536)
so we need to alter existing tests to deal with new image layers.
- And, long and sordid story relating to --rootfs. TL;DR that option
only worked by a miracle relating to something special in one
specific test image; it doesn't work with any other images. Fix
seems to be complicated, so we're bypassing with a FIXME (#14505).
And, unrelated:
- remove obsolete skip and workaround in run-basic test (dating
back to varlink days)
- add a pause-image cleanup to avoid icky red warnings in logs
Fixes: #14456
Signed-off-by: Ed Santiago <santiago@redhat.com>
Update to the latest golangci-lint version. v1.46 added new linters.
I disabled nonamedreturns and exhaustruct since they enforce a certain
code style and using them would require big changes to the code base.
The nosprintfhostport is new and I fixed one problem in the tests. While
the test itself is fine because it uses ipv4 only the linter still looks
good because the sprintf use will fail for ipv6 addresses.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
I noticed 'rmi -a' in a test. I tried to fix it. Hilarity ensued.
'rmi -a' is evil: it forces a fresh pull of our test image,
which in turn almost guarantees a flake some day. We avoid
it, but once in a while it slips in.
While fixing it, I noticed a bevy of other problems that
needed cleanup.
Signed-off-by: Ed Santiago <santiago@redhat.com>
commit 1951ff168a63157fa2f4711fde283edfc4981ed3 introduced a check so
that conmon is not moved to a new cgroup when podman is running inside
of a systemd service. This is helpful to integrate podman in systemd
so that the spawned conmon lives in the same cgroup as the service
that created it.
Unfortunately this breaks when podman daemon is running in a systemd
service since the same check is in place thus all the conmon processes
end up in the same cgroup as the podman daemon. When the podman
daemon systemd service stops the conmon processes are also terminated
as well as the containers they monitor.
Improve the check to exclude podman running as a daemon.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2052697
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Commit 5fa6f686db added a regression which was fixed in eb71712626f9.
Apply the same fix again to prevent a panic and return a proper error
instead.
To not regress again I added a e2e test which makes sure we do not panic.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Sigh. Buildah PR https://github.com/containers/buildah/pull/3368
changed 'bud' to 'build' in tests. Podman #11585 well-intentionedly
did the same for run-buildah-bud tests ... but did so by *replacing*
'bud' with 'build', not by *adding* 'build' to the list of commands
handled by podman-build. Hence, all tests invoking 'run_buildah bud'
have been completely untested since then.
This remedies that, and deals with all the fallout. Principal among
which is the discovery that our exit-code changes are no longer
necessary: that thing we did where buildah exit status 1 or 2 became
podman exit status 125? That no longer applies. podman now exits
with the same status as buildah. This simplifies our diffs, and
lets us enable a bunch more tests.
Also:
- in run-buildah-bud-tests script, run 'sudo --validate' early on.
Reason: otherwise, the sudo step happens a few minutes after
the script starts (after the git-pull), by which time the user
may have stepped away to get coffee, then comes back ten or twenty
minutes later to find a stupid sudo prompt and no tests run.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This would've caught a regression that #14549 had to fix.
Let's try to prevent the next regression.
This requires some hackery to get namespaces initialized
before the service is started; otherwise the service itself
initializes namespaces, which basically ends up with a
server process that runs forever.
Also: in stop_service(), reset service_pid, because that's
the correct thing to do.
Also: add some debug statements to try to figure out a
CI failure. (And leave them in place, because they might
be useful for future problems).
Signed-off-by: Ed Santiago <santiago@redhat.com>
Fix bad design decision (mine) by adding a simple usage check to 'skip'
and 'skip_if_remote' functions: if invoked without test-name args,
fail loudly and immediately.
Background: yeah, their usage is not intuitive. Making the first arg
be a comment helps with _reading_ the code, but not _writing_ new
additions. A developer in a hurry could write "skip this-test" and,
until now, that would be a silent NOP.
Tested by adding broken skip/skip_if_remote calls inline; I confirm
that the line number and funcname usage is correct.
Signed-off-by: Ed Santiago <santiago@redhat.com>
