Like LockTmpDir use a random tmpdir for this directory. Make sure it is
set for all parallel ginkgo processes.
Also GinkgoT().TempDir() will automatcially remove the directory at the
end so we do not need to worry about cleanup.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
AFAIK the latest podman will not even run on RHEL 7 anymore, in any case
we do not need these tests to run there.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using the OS tempdir here is not good. This defaults to /tmp which means
the inital podman test setup uses these paths:
`--root /tmp/root --runroot /tmp/runroot and --tmpdir /tmp`
Thus we create many files directly under /tmp. Also they were never
removed thus leaked out. When running as root and then later as rooltess
this would fail to permission problems.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Ginkgo currently logs a warning because the cli version (defnied in
test/tools/go.mod) does not match the library version (defnied in
go.mod).
Simply fix this by updating ginkgo to the latest version.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
There is no need to buffer them all into an array then write them once
at the end. Just write directly to the file.
Fixes#19104
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Make sure that starting a qemu machine uses proper exponential backoffs
and that a single variable isn't shared across multiple backoffs.
DO NOT BACKPORT: I want to avoid backporting this PR to the upcoming 4.6
release as it increases the flakiness of machine start (see #17403). On
my M2 machine, the flake rate seems to have increased with this change
and I strongly suspect that additional/redundant sleep after waiting for
the machine to be running and listening reduced the flakiness. My hope
is to have more predictable behavior and find the sources of the flakes
soon.
[NO NEW TESTS NEEDED] - still too flaky to add a test to CI.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The --authfile flag has been ignored. Fix that and add a test to make
sure we won't regress another time. Requires a new --tls-verify flag
to actually test the code.
Also bump c/common since common/pull/1538 is required to correctly check
for updates. Note that I had to use the go-mod-edit-replace trick on
c/common as c/buildah would otherwise be moved back to 1.30.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2218315
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The podman-login tests have accumulated much cruft over the
years, because that's the only place where we run a local
registry, and the process was crufty: we actually start/stopped
the registry as the first & last tests of the file. Meaning,
you couldn't do 'hack/bats 150:just-one-test' because that
would skip the registry start. And just now, a completely
unrelated test has had to be shoved into the login file.
This PR revamps the whole thing, by adding a new registry helper
module that can be used anywhere. And, once the registry is
started, it just stays running until the end of tests. (This
requires BATS 1.7 or greater).
Signed-off-by: Ed Santiago <santiago@redhat.com>
When working on Linux emulation on FreeBSD, I assumed that
SpecGenerator.ImageOS was always populated from the image's OS value but
in fact, this value comes from the CLI --os flag if set, otherwise "".
This broke running FreeBSD native containers unless --os=freebsd was
also set. Fix the problem by getting the value from the image itself.
This is a strong incentive for me to complete a stalled project to enable
podman system tests on FreeBSD.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
Many/most env. vars set by the `stdenvars` alias do not apply to the
`osx_alt_build` task. In case anybody debugging a job might be confused
by them, use more meaningful values.
Signed-off-by: Chris Evich <cevich@redhat.com>
Using a FreeBSD VM allows building a functioning binary via 'make
podman-release'. This uses Cirrus' freebsd_instance which provisions VMs
on Google Compute Engine.
I attempted to add FreeBSD binaries to the artifacts task but this
failed, apparently because the extra 50Mb of space exceeded a 1Gb limit
in Cirrus.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
The markdown-to-manpage sequence needs a long row of dashes,
not a single dash. A single dash, as used in this one option,
generates unreadable *roff.
Also, some tool somewhere doesn't like too-long columns. Shrtn thm.
Also, verify that there are no more three-or-fewer-dash columns:
$ ack '\|\s+-{1,3}\s' docs/source/markdown
Fixes: #19086
Signed-off-by: Ed Santiago <santiago@redhat.com>
GetKeepIDMapping never read the gid (as it intended) but reused the uid.
Most likely a typo that never bothered anybody as uid and gid usually
match.
Signed-off-by: Simon Brakhane <simon@brakhane.net>
When debugging #17403, the logs of sshd indicates that Podman tried to
ssh into the machine too soon as the `core` user has not yet been fully
set up:
> error: kex_exchange_identification: Connection closed by remote host
> fatal: Access denied for user core by PAM account configuration [preauth]
@dustymabe found that the we may have to wait for systemd-user sessions
to be up. Doing that reduces the flake rate on my M2 machine but does
not entirely fix the issue.
Since I have seen multiple symptoms of flakiness, I think it does not
hurt to add the systemd-user sessions to the dependencies of the ready
service and continue investigating.
[NO NEW TESTS NEEDED] - once we have a fix out, I want to exercise
frequent stop/start in the machine tests but they won't pass now.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This flag is not supported on BSD-derived systems including FreeBSD and
macos. We can get exactly the same symlink by passing the desired
relative path as source argument to 'ln -sf'.
Signed-off-by: Doug Rabson <dfr@rabson.org>
For pods with bridged and slirp4netns networking we create /etc/hosts
entries to make it more convenient for the containers to address each
other. We omitted to do this for pasta networking, however. Add the
necessary code to do this.
Closes: https://github.com/containers/podman/issues/17922
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Confirm that pasta test name agrees with the test being run.
This is a development-time-only check, it must never fail
beyond CI. The idea is to prevent something like
@test "... Single TCP ... IPv4" {
pasta_test_to 6 ... udp ...
}
Signed-off-by: Ed Santiago <santiago@redhat.com>
- typo fix, a misspelled variable resulting in test being NOP
- remove unnecessary variable (followup to #19044)
- add opportunistic CONTAINERS_CONF test (followup to #19032)
Signed-off-by: Ed Santiago <santiago@redhat.com>
This adds the 'system service' command to the build on FreeBSD and
suppresses the call to servicereaper.Start which is only needed to
support slirp4netns on Linux. A stub for compat.StatsContainer is also
added - stats are still supported via the libpod.StatsContainer API
call.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
With PR #14167, the pod-level security Context ID are supported, while the markdown says it isn't.
This patch fixes it.
```
None
```
Signed-off-by: Fabian Wiesel <fwiesel@users.noreply.github.com>
