From fe05e25edfdfd848e3fe8c1360a8e3c864f72a56 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 10:15:12 +0200 Subject: [PATCH 1/9] test/system: speed up podman run --name There is no reason for this check to wait 4 seconds for the container to run, instead make sure to have a running process and then stop it directly with -t0 not have any delay. Signed-off-by: Paul Holzinger --- test/system/030-run.bats | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index bb12bf6826..823bd7d6ba 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -127,10 +127,7 @@ echo $rand | 0 | $rand @test "podman run --name" { randomname=$(random_string 30) - # Assume that 4 seconds gives us enough time for 3 quick tests (or at - # least for the 'ps'; the 'container exists' should pass even in the - # unlikely case that the container exits before we get to them) - run_podman run -d --name $randomname $IMAGE sleep 4 + run_podman run -d --name $randomname $IMAGE sleep inf cid=$output run_podman ps --format '{{.Names}}--{{.ID}}' @@ -140,7 +137,7 @@ echo $rand | 0 | $rand run_podman container exists $cid # Done with live-container tests; now let's test after container finishes - run_podman wait $cid + run_podman stop -t0 $cid # Container still exists even after stopping: run_podman container exists $randomname From edf6f1814e2c01e23d0c13fb50b8df85200a7a4f Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 11:16:58 +0200 Subject: [PATCH 2/9] test/system: speed up podman logs - multi ... The test used sleep to synchronize log output between both containers which is slow. There is actually no way to guarantee the ordering on the reading side so just remove the sleep's and check the the lines within the same container are in the right order. Trying to preserve the orignal ordering is just not possible if we speed up the test as it would flake to often. Signed-off-by: Paul Holzinger --- test/system/035-logs.bats | 32 +++++++++++++------------------- 1 file changed, 13 insertions(+), 19 deletions(-) diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index e0d80db689..6325b88e06 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -89,36 +89,30 @@ function _log_test_multi() { skip_if_remote "logs does not support multiple containers when run remotely" - # Under k8s file, 'podman logs' returns just the facts, Ma'am. - # Under journald, there may be other cruft (e.g. container removals) - local etc= - if [[ $driver =~ journal ]]; then - etc='.*' - fi - local events_backend=$(_additional_events_backend $driver) # Simple helper to make the container starts, below, easier to read local -a cid doit() { - run_podman ${events_backend} run --log-driver=$driver --rm -d --name "$1" $IMAGE sh -c "$2"; + run_podman ${events_backend} run --log-driver=$driver -d \ + --name "$1" $IMAGE sh -c "$2"; cid+=($(echo "${output:0:12}")) } - # Not really a guarantee that we'll get a-b-c-d in order, but it's - # the best we can do. The trailing 'sleep' in each container - # minimizes the chance of a race condition in which the container - # is removed before 'podman logs' has a chance to wake up and read - # the final output. - doit c1 "echo a;sleep 10;echo d;sleep 3" - doit c2 "sleep 1;echo b;sleep 2;echo c;sleep 3" + doit c1 "echo a1; echo a2" + doit c2 "echo b1; echo b2" + # Reading logs only guarantees the order for a single container, + # when using multiple containers the line order between them can vary. run_podman ${events_backend} logs -f c1 c2 assert "$output" =~ \ - "${cid[0]} a$etc -${cid[1]} b$etc -${cid[1]} c$etc -${cid[0]} d" "Sequential output from logs" + ".*^${cid[0]} a1\$.* +${cid[0]} a2" "Sequential output from c1" + assert "$output" =~ \ + ".*^${cid[1]} b1\$.* +${cid[1]} b2" "Sequential output from c2" + + run_podman rm -f -t0 ${cid[0]} ${cid[1]} } @test "podman logs - multi k8s-file" { From 4f3c6910870af974f8cabe0af0c6cc38e1e6da2f Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 11:38:02 +0200 Subject: [PATCH 3/9] test/system: speed up read-only from containers.conf Instead of iterating over all tmp dirs and creating test containers for each one we can just pass all files to one touch call. With that we have to create much less containers while still checking the same thing. This speeds up the test by about 4 seconds. Signed-off-by: Paul Holzinger --- test/system/030-run.bats | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 823bd7d6ba..5ff1fb29ba 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -1140,16 +1140,19 @@ EOF CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman 1 run --rm $IMAGE touch /testro CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only=false $IMAGE touch /testrw - CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm $IMAGE touch /tmp/testrw - for dir in /tmp /var/tmp /dev /dev/shm /run; do - CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm $IMAGE touch $dir/testro - CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only=false $IMAGE touch $dir/testro - CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only=false --read-only-tmpfs=true $IMAGE touch $dir/testro - CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only-tmpfs=true $IMAGE touch $dir/testro - CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman 1 run --rm --read-only-tmpfs=false $IMAGE touch $dir/testro - assert "$output" =~ "touch: $dir/testro: Read-only file system" - done + files="/tmp/a /var/tmp/b /dev/c /dev/shm/d /run/e" + CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm $IMAGE touch $files + CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only=false $IMAGE touch $files + CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only=false --read-only-tmpfs=true $IMAGE touch $files + CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman run --rm --read-only-tmpfs=true $IMAGE touch $files + + CONTAINERS_CONF_OVERRIDE="$containersconf" run_podman 1 run --rm --read-only-tmpfs=false $IMAGE touch $files + assert "$output" == "touch: /tmp/a: Read-only file system +touch: /var/tmp/b: Read-only file system +touch: /dev/c: Read-only file system +touch: /dev/shm/d: Read-only file system +touch: /run/e: Read-only file system" } @test "podman run ulimit from containers.conf" { From 37120bbe80e93bdef9396e33a1c38d209f249aaf Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 11:44:38 +0200 Subject: [PATCH 4/9] test/system: speed up podman ps - basic tests Do not wait 5 seconds, just stop the container directly. This speeds up the test by more than 4 seconds. One could make the case here that we want to check podman wait but there are so many other podman wait tests that it should not matter. Signed-off-by: Paul Holzinger --- test/system/040-ps.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/system/040-ps.bats b/test/system/040-ps.bats index f9fc531fa2..5259299ecc 100644 --- a/test/system/040-ps.bats +++ b/test/system/040-ps.bats @@ -24,8 +24,8 @@ load helpers "${cid:0:12} \+$IMAGE \+sleep [0-9]\+ .*second.* $cname"\ "output from podman ps" - # OK. Wait for sleep to finish... - run_podman wait $cid + # OK. Stop container now. + run_podman stop -t0 $cid # ...then make sure container shows up as stopped run_podman ps -a From 6fa064f991dc59c2ae7e72e828092613142bb974 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 12:23:24 +0200 Subject: [PATCH 5/9] test/system: speed up podman container rm ... Use only one retry and a short stop timeout to speed them up. I am not sure if this will cause flakes, I have not seen any after trying for some time so I think this works just as well. And is about 2-3 seconds faster for both tests. If it does start to flake we can revert this commit again or write the test differently. Signed-off-by: Paul Holzinger --- test/system/055-rm.bats | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/system/055-rm.bats b/test/system/055-rm.bats index c8169746ec..cfd2adf009 100644 --- a/test/system/055-rm.bats +++ b/test/system/055-rm.bats @@ -124,10 +124,10 @@ function __run_healthcheck_container() { run_podman run -d --name $1 \ --health-cmd /bin/false \ --health-interval 1s \ - --health-retries 2 \ + --health-retries 1 \ --health-timeout 1s \ --health-on-failure=stop \ - --stop-timeout=2 \ + --stop-timeout=1 \ --health-start-period 0 \ --stop-signal SIGTERM \ $IMAGE sleep infinity @@ -156,7 +156,7 @@ function __run_healthcheck_container() { assert "$output" =~ "Error: cannot remove container $cid as it is .* - running or paused containers cannot be removed without force: container state improper" \ "Expected error message from podman rm" rm_failures=$((rm_failures + 1)) - sleep 1 + sleep 0.5 done # At this point, container should be gone From 01642c64ea9b472f0fb05196eca55490b12b1691 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 13:48:08 +0200 Subject: [PATCH 6/9] test/system: simplify test signal handling in containers The current logic used podman logs I don't understand way, all we care about is the container output and we can just read the same with a attached podman run, of course we have to move it into the background but it did the some with logs. This also allows us to remove the extra log-driver checks and because podman logs seems to be much slower than the extra run we safe over 10s with this change. Signed-off-by: Paul Holzinger --- test/system/130-kill.bats | 38 ++++++++++---------------------------- 1 file changed, 10 insertions(+), 28 deletions(-) diff --git a/test/system/130-kill.bats b/test/system/130-kill.bats index 013edc3d5c..c03a7e1121 100644 --- a/test/system/130-kill.bats +++ b/test/system/130-kill.bats @@ -7,35 +7,18 @@ load helpers # bats test_tags=distro-integration @test "podman kill - test signal handling in containers" { - - # Prepare for 'logs -f' - run_podman info --format '{{.Host.LogDriver}}' - log_driver=$output - run_podman info --format '{{.Host.EventLogger}}' - event_logger=$output - opt_log_driver= - if [ $log_driver = "journald" ] && [ $event_logger != "journald" ]; then - # Since PR#10431, 'logs -f' with journald driver is only supported with journald events backend. - # Set '--log driver' temporally because remote doesn't support '--events-backend'. - opt_log_driver="--log-driver k8s-file" - fi + local cname=c-$(random_string 10) + local fifo=${PODMAN_TMPDIR}/podman-kill-fifo.$(random_string 10) + mkfifo $fifo # Start a container that will handle all signals by emitting 'got: N' local -a signals=(1 2 3 4 5 6 8 10 12 13 14 15 16 20 21 22 23 24 25 26 64) - run_podman run -d ${opt_log_driver} $IMAGE sh -c \ + $PODMAN run --name $cname $IMAGE sh -c \ "for i in ${signals[*]}; do trap \"echo got: \$i\" \$i; done; echo READY; while ! test -e /stop; do sleep 0.1; done; - echo DONE" - cid="$output" - - # Run 'logs -f' on that container, but run it in the background with - # redirection to a named pipe from which we (foreground job) read - # and confirm that signals are received. We can't use run_podman here. - local fifo=${PODMAN_TMPDIR}/podman-kill-fifo.$(random_string 10) - mkfifo $fifo - $PODMAN logs -f $cid >$fifo $fifo Date: Tue, 28 May 2024 14:53:20 +0200 Subject: [PATCH 7/9] test/system: speed up podman shell completion test This test is by far the slowest one taking over minute, the reason is that it is checking every single podman command for shell completions. The test is useful but it does not need to check the "..." argument 3 times. Test a second time to make sure not only the first arg is completed. This change makes it about 15 seconds faster. Long term we should get this test out of the main system tests together with other cli only tests as they do not need to run on each OS, etc... Signed-off-by: Paul Holzinger --- test/system/600-completion.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/system/600-completion.bats b/test/system/600-completion.bats index 6a577ffc12..2f5aa0b9c7 100644 --- a/test/system/600-completion.bats +++ b/test/system/600-completion.bats @@ -213,8 +213,8 @@ function check_shell_completion() { i=$(($i + 1)) # If the argument ends with ...] than we accept 0...n args - # Loop three times to make sure we are not only completing the first arg - if [[ ! ${arg} =~ "..." ]] || [[ i -gt 3 ]]; then + # Loop two times to make sure we are not only completing the first arg + if [[ ! ${arg} =~ "..." ]] || [[ i -gt 1 ]]; then break fi From bff0697de88213e37ad1f7ba953ecb3966e645d6 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 16:27:21 +0200 Subject: [PATCH 8/9] test/system: speed up podman kube play tests use a command that stops on SIGTERM not sleep, that way the tests can continue to use podman kube down without waiting for the full stop timeout every time. Signed-off-by: Paul Holzinger --- test/system/700-play.bats | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/system/700-play.bats b/test/system/700-play.bats index c36ed04b9b..9d7995aa4c 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -31,8 +31,7 @@ metadata: spec: containers: - command: - - sleep - - \"100\" + - /home/podman/pause env: - name: PATH value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin From ad661b5b3131d07af27adc86a8ead285c51afd00 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 May 2024 16:36:20 +0200 Subject: [PATCH 9/9] test/system: speed up kube generate tmpfs on /tmp The command does not react on sigterm, so kube down needs to wait 10s. To fix it first use a command that does but also write the yaml directly instead of doing the podman create && kube generate dance. Signed-off-by: Paul Holzinger --- test/system/700-play.bats | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 9d7995aa4c..0944158c94 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -810,15 +810,12 @@ EOF } @test "podman kube generate tmpfs on /tmp" { - KUBE=$PODMAN_TMPDIR/kube.yaml - run_podman create --name test $IMAGE sleep 100 - run_podman kube generate test -f $KUBE - run_podman kube play $KUBE - run_podman exec test-pod-test sh -c "mount | grep /tmp" + local yaml=$PODMAN_TMPDIR/test.yaml + _write_test_yaml command=/home/podman/pause + run_podman kube play $yaml + run_podman exec test_pod-test sh -c "mount | grep /tmp" assert "$output" !~ "noexec" "mounts on /tmp should not be noexec" - run_podman kube down $KUBE - run_podman pod rm -a -f -t 0 - run_podman rm -a -f -t 0 + run_podman kube down $yaml } @test "podman kube play - pull policy" {