This one got complicated, and deserves its own commit.
Problem: ginkgo logs have a lot of NUL characters, making them
difficult for logformatter to process and for humans to read.
Cause: Paul tracked it down to "podman volume export" without "-o"
(hence spitting out tar data to stdout).
Solution: add "-o tmpfile" to named podman-volume-export. In
the process, fix all sorts of other problems with that test.
And, since the e2e test no longer tests "volume export" by
itself, add a system test that does.
It is possible that there are other places that emit NULs.
One step at a time.
Signed-off-by: Ed Santiago <santiago@redhat.com>
- fix a typo that was resulting in a test being a NOP, and
add actual testing to it.
- fix two Expects() with incorrectly-ordered actual/expects
- remove leading whitespace from an It() test name
- To(BeTrue()) is evil. Wherever possible, replace it with
useful string or field checks. When not possible, use
the annotation field to indicate what failed. I got
carried away here, #sorrynotsorry
- remove unused system-test code
Signed-off-by: Ed Santiago <santiago@redhat.com>
Add a workaround for #18180 so the ginkgo work can be merged without
being blocked by the issue. Please revert this commit when the issue
is fixed.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This never worked when ginkgo runs with more than one thread, we use 3
in CI. The problem is that the SynchronizedAfterSuite() function accepts
two functions. The first one is run for each ginkgo node while the
second one is only run once for the whole suite.
Because the timings are stored as slice thus in memory we loose all
timings from the other nodes as they were only reported on node 1.
Moving the printing in the first function solves this but causes the
problem that the result is now no longer sorted. To fix this we let
each node write the result to a tmp file and only then let the final
after suite function collect the timings from all these files, then
sort them and print the output like we did before.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
podman unshare --rootless-netns leaks the namespace and slirp4netns by
design as there is no safe way to remove it without any races.
To trigger a cleanup we can spin up a container and it will
automaticallt teardown the netns for us.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
USe the new ginkgo `Serial` decorator to make sure system reset is
never executed in parallel. system reset stops teh rootless pause
process which causes major issues when other process in parallel still
use this old namesapce.
Fixes#17903
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Just like Cleanup() they should check the error codes.
While doing this it was clear that some volume tests were calling
Cleanup() twice so remove this.
Instead make sure they call Cleanup() themselves so callers only need to
do one call. This is required because we cannot use Expect().To() before
doing all the cleanup. An error causes panic does results in an early
return thus missing potentially important cleanup.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It looks like AfterEach() is now executed even after Skip(), this is a
good idea because the fact that it did't before caused us to leak tmp
directories. However in case Skip() is called before the podmanTest is
initialized it will no result in a panic. To fix it simply prevent such
panic by checking the pointer against nil and do nothing in such case.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The Cleanup() function tries to stop all containers, a paused contianer
cannot be stopped. The tests should make sure it works.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Porting them over to v2 requires a full rewrite.
IT is not clear who actually uses these benchmarks, Valentin who wrote
them originally is in favor of removing them. He recommends to use
script from hack/perf instead.
This commit also drop the CI integration, it is not clear who actually
uses this data. If it is needed for something please speak up.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Directly writing to stdout/err is not safe when run in parallel.
Ginkgo v2 fixed this buffering the output and syncing the output so it
is not mangled between tests.
This means we should use the GinkgoWriter everywhere to make sure the
output stays in sync.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
If we do not unset CONTAINERS_CONF before tests that create a invlid
config will cause the Cleanup to fail.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Only check exit codes last, othwerwise in case of errors it will return
early and miss other commands.
Also explicitly stop before rm, rm is not working in all cases (#18180).
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The test will leak processes because the rm -fa in the cleanup failed.
This happens because podman tried to remove the contianers in the wrong
order and thus ppodman failed with:
`contianer XXX has dependent containers which must be removed before it`
For now I patch the test but it should be much better if we can fix it
in podman to remove in the correct order. `--all` should mean all I do
not care if there is a dependent container, just get rid of it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We blindy trust these commands to work but as it turns out they do not
under certain circumstances.
The "podman run ipcns ipcmk container test" can be used to fail this
reliably, if a container has dependencies the order of rm --all may
cause it to fail because the contianers are deleted in the wrong order.
This is th eonly one I found so far, adding this will uncover many more
of such problems without proper cleanup we leak processes and ginkgo v2
will block because of them.
Of course this cannot be merged without fixing these issues.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It is not clear why but without the wait is seems like the podman
process just hangs forever which now causes ginkgo to block until it
exits.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Set REGISTRY_AUTH_FILE to unique path for each subtest. This
should eliminate collisions where one test runs "podman logout"
just after another does "podman login".
Also, add a test to confirm that the authfile gets written
as expected.
Also, add actual tests for expected error messages, instead
of just ExitWithError()
Fixes: #18397
Signed-off-by: Ed Santiago <santiago@redhat.com>
Podman's container-name generation depends on the global RNG state being
properly initialized (seeded). Should this not happen for some reason
(or it's seeded with a static value), podman will generate the exact
same repeating sequence of container names (assuming no clashes with
existing containers). Add a test to confirm this is always the case.
Signed-off-by: Chris Evich <cevich@redhat.com>
Ref: https://pkg.go.dev/math/rand@go1.20#Seed
Note: For `runtime_test.go`, this test-case was never actually doing
what appears as it's intent . Fixing it to work as intended would be
require incredibly libpod-invasive changes. Do the least-worse thing and
simply confirm that consecutive generated names are different.
Signed-off-by: Chris Evich <cevich@redhat.com>
Systemd supports unit files with a prefix '-' which
tells the system to check if the content exists before
using it. This would allow the QM project to specify
AddDevice=-/dev/kvm, which would add the /dev/kvm device
to the container iff it exists on the host.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add actual tests (for expected errors, not just exit-status) to
the "push to local registry with authorization" test. As it is
now, if the registry is unreachable, the test passes a number
of steps and only fails later, with a misleading diagnostic.
Followup to, but does not fix, #18286
Signed-off-by: Ed Santiago <santiago@redhat.com>
...at least as many as possible. "run/exec -it" make no sense
in a CI environment; I believe the vast majority of these are
the result of fingers typing on autopilot, then copy/pasting
cascades from those. This PR gets rid of as many -it/-ti as
possible. Some are still needed for testing purposes.
Y'all have no idea how much I hate #10927 (the "no logs from conmon"
flake). This does not fix the underlying problem, nor does it even
eliminate the flake (The "exec terminal doesn't hang" test needs
to keep the -ti flag, and that's one of the most popular flakers).
But this at least reduces the scope of the problem. It also removes
a ton of nasty orange "input device is not a TTY" warnings from logs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Nasty test flake, "bad address nc-server.dns.podman"
Cause: "There is absolutely no guarantee that aardvark-dns
is ready before the container is started." (source: Paul).
Workaround (not a real solution): wait before doing a host lookup.
Also: remove a 99%-duplicate test.
Closes: #16272 (I hope)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Our friend #7096 is still not fixed: it continues to flake,
singletons only, and only in the "create" test (not "run").
My guess: maybe there's a race somewhere in IP assignment,
such that container1 can have an IP, but not yet be running,
and a container2 can sneak in and start with that IP, and
container1 is the one that fails?
Solution: tighten the logic so we wait for container1 to
truly be running before we start container2. And, when we
start container2, do so with -a so we get to see stdout.
(Am not expecting it to be helpful, but who knows).
Also very minor cleanup
Signed-off-by: Ed Santiago <santiago@redhat.com>
Wire in support for writing the digest of the pushed image to a
user-specified file. Requires some massaging of _internal_ APIs
and the extension of the push endpoint to integrate the raw manifest
(i.e., in bytes) in the stream.
Closes: #18216
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
When running the remote integration test I have over 1000 zombies
because each test creates a single service process. Only after ginkgo
exists they get finally reaped by the init process. This only effected
the rootless runs.
For some reason the test use different logic between root and rootless.
This doesn't make much sense. I also see no reason to manually kill
child processes.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This is a rather big deal. All system services shared the same tmpdir
which causes big issues for the rootless netns setup.
Also use --events-backend file like the local ones. This is important
otherwise reading events and takes ages as the jounal is shared for all
tests.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Creating a new diretory results in the test leaking it when it is not
removed via a defer call. All tests have already access to
`podmanTest.TempDir` which will be automatically removed in the
`AfterEach()` block.
While some test were fine other forgot the defer call. To keep the test
consitent and prevent other from making the same mistake convert all
users to `podmanTest.TempDir`. `CreateTempDirInTempDir()` is only used
for the `podmanTest.Setup()` call.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Some network test use the same subnet as others, because the network
config direcory is shared we must ensure subnets do not conflict as
tests are run in parallel. I see this locally when running with 12
threads.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
If a unit is not active the exit code from systemctl is 3. Thus this
test always failed because it checked the error.
Fix this by checking the exit code and remove the unnecessary output
parsing.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Running these locally always created a popup to ask me for my password
as I am in the wheel group.
I would also argue that such a test should not be run on any local
system ever even as root. First docker could be a symlink to podman so
the check if the image is there would fail. Second starting the docker
deamon in a podman test suite just feels very unexpected.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Because the test mounts the current dir it does not need to create a new
file in it. Just check if the current test file is there should fulfill
the same purpose.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Adds two custom config dirs to tests that were missed in
commit dc9a65e348.
Fixes#17946 (hopefully finally)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Ed Santiago