When we're given a numeric --user value, default to GID 0 if the numeric
ID doesn't correspond to a user entry in /etc/passwd that can provide us
with the user's primary group ID.
Make sure that GetAdditionalGroupsForUser() returns wrapped errors.
Also test various user:group forms.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #728
Approved by: mheon
If the user uses the image ID when saving to either docker-archive
or oci-archive, then do not save a reference in the manifest/index.json.
If the user chooses to push without an image reference, i.e <transport>:<path>
it should be valid and succeed.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #782
Approved by: rhatdan
Until we get Systemd cgroup manager working, this will
cause a validation error.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #507
Approved by: baude
If the user does not provide a host port when adding -p to create/run, podman should inject an available random port.
podman run -p 80 .... podman should assign a random port to the host and expose the container port 80 to it
Signed-off-by: baude <bbaude@redhat.com>
Closes: #703
Approved by: rhatdan
when performing a container commit, we should not add the default list of volumes
for a container to the resulting image. it will cause the resulting image to crash
when run subsequently.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #699
Approved by: mheon
file names for podman load, save, export, and import cannot
contain ":" in them. It is a reserved character for parsing
filenames.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #694
Approved by: rhatdan
Vendor in buildah and use as much of commit and bug as possible for podman
build and commit.
Resolves#586
Signed-off-by: baude <bbaude@redhat.com>
Closes: #681
Approved by: mheon
- Allow unittest's to run as normal user
- Refactor tests to use unittest features
- Refactor tests to use fixtures to track resources
- Update test runner script to clean up on failure
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #683
Approved by: rhatdan
The hidden flag is used to override the path of the default mounts file
for testing purposes.
Also modified the secrets pkg to allow for this override to happen.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #678
Approved by: mheon
If an integer is passed into the --user flag, i.e --user=1234
don't look up the user in /etc/passwd, just assign the integer as the uid.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #652
Approved by: mheon
Add --no-trunc to the command line and add output check for the
lines not include "..." with this flag.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #662
Approved by: rhatdan
If the host is in FIPS mode and /etc/system-fips exists
/run/secrets/system-fips is created in the container so that
the container can run in FIPS mode as well.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Test the --timeout flag with a container which can not be stopped with
SIGSTOP. This means the container should can not be stopped and will be
killed then restart with timeout value. Test steps:
Start a container with STOPSIGNAL=SIGKILL
Restart it with --timeout set to 2s
Check the restart command will finished more than 2s and less than
10s(the default timeout)
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Remove the --latest from the restart running container test, and
add a separated case with following steps:
start two container in order: test1, test2
restart container with --latest
check the start time for test1 and test2
And the results should be test1 is not restarted and test2 is restarted.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
been meaning to do this for a while. add an environment variable that
disables the caching and restoring of images before integration tests
are run. this is useful for developers only ... when testing specific
integration tests where caching and restoring the images is not worth
the benefit.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #650
Approved by: rhatdan
When STDOUT and STDERR are not attached, we now print a container
ID. Make the tests aware of this.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #638
Approved by: rhatdan
The test steps are:
1. Start a container and touch a file under /tmp
2. Use diff to check the container
3. commit the change into a new image
4. Use diff to check the image
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #643
Approved by: mheon
Made necessary changes to functions to include contex.Context wherever needed
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #640
Approved by: baude
Sometime podman push local registry still failed caused by the
docker registry is not start yet after sleep 5s in the test.
So add this function to check the container status by its output
and skip the test when the docker registry can not start normally
instead of failed the case.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Add five tests for podman push tests:
- push to docker with authorization
- push to docker-archive
- push to docker-daemon
- push to oci-archive
- push to ostree
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
We used to not allow the use of -a/-i on containers that were not
started with -i or a tty. Given the improvements in our terminal
handling, this should work now.
This also fixes a systemic problem with the autotests.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #617
Approved by: baude
The secrets code was just tarring and copying the contents of the secrets directory on host as is.
This meant it was not accounting for any symlinks inside the directory, leading up to the contents
not being copied over.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #611
Approved by: mheon
We leak open files when creating new c/storage stores (locks do
not close themselves, so the open FDs in the test suite increase
every time we use c/storage to load cached images for the tests).
Fix this temporarily by increasing rlimits on open files until we
can create a permanent fix next release.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #615
Approved by: baude
--group-add
--blkio-weight-device
--device-read-bps
--device-write-bps
--device-read-iops
--device-write-iops
--group-add now supports group names as well as the gid associated with them.
All the --device flags work now with moderate changes to the code to support both
bps and iops.
Added tests for all the flags.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #590
Approved by: mheon
In our ezrly development, we always allocated a tty when not -d. Now we should only allocated when the user asks for it.
Resolves: #573
Signed-off-by: baude <bbaude@redhat.com>
Closes: #574
Approved by: rhatdan
Some more features.
docker-archive generates docker legacy compatible images
Do not create $DiffID subdirectories for layers with no configs
Ensure the layer IDs in legacy docker/tarfile metadata are unique
docker-archive: repeated layers are symlinked in the tar file
sysregistries: remove all trailing slashes
Improve docker/* error messages
Fix failure to make auth directory
Create a new slice in Schema1.UpdateLayerInfos
Drop unused storageImageDestination.{image,systemContext}
Load a *storage.Image only once in storageImageSource
Support gzip for docker-archive files
Remove .tar extension from blob and config file names
ostree, src: support copy of compressed layers
ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size
image: fix docker schema v1 -> OCI conversion
Add /etc/containers/certs.d as default certs directory
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #569
Approved by: mheon
Use a socket to coordinate between the test suite and the container and its
script.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #567
Approved by: rhatdan
We should allow users to pass in image ids with the sha256: prefix
for local images.
Resolves: #493
Signed-off-by: baude <bbaude@redhat.com>
Closes: #560
Approved by: baude
Adds support for mounting secrets especially on RHEL where the container
can use the host subsription to run yum
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #544
Approved by: rhatdan
If the user does not specify foo=bar, then the exec code should
look for the foo environment variable in its environment and pass it
in. This is the way podman run works.
Also added tests to make sure this all works.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #552
Approved by: mheon
An image name is really just a tag. When an image has multiple tags, we should be
able to "delete" the one of its tags without harm. In this case, the "delete' is
really a form of Untag (removing the tag from the image).
If an image has multiple tags and the user tries to delete by ID without force, this
should be denied because when you delete by ID there is no distinguishing it like
image tags.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #528
Approved by: mheon
Migrate the podman create and commit subcommandis to leverage the images library. I also had
to migrate the cmd/ portions of run and rmi.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #498
Approved by: mheon
As Matt pointed out, when running sleep in a container, the clean up was taking a
full ten seconds to stop container because sleep does not catch SIGTERM which is
the default podman stop signal and it had to wait for SIGKILL. Changing sleep to
top should result in better test times.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #492
Approved by: rhatdan
As podman-images(1) had some issues correctly reporting all RepoTags of
an image (in the default format), extend the e2e tests to avoid running
into similar in the future.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #477
Approved by: rhatdan
Some of the paths in the e2e tests are hard-coded, which complicates
testing a bit on systems with different paths for runc, conmon, etc.
Add a make shell target to the Makefile, which will build and run the
libpod containers, giving a shell to the user in which podman can be
built, run, tested etc.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #481
Approved by: rhatdan
Due to the way ps arguments work, it was possible to display pids
that dont below to the container in top output. We now filter pids
that dont belong to the container out of the output. This also means
the pid column must be present in the output or we throw an error.
This resolves issue #391
Signed-off-by: baude <bbaude@redhat.com>
Closes: #400
Approved by: rhatdan
When trying to tag an alias (tag) of an image using only the shortname
and no tag, we were unable to find the image in storage. This corrects
that issue and adds an integration test to protect against regression. I
also updated the man page per the filed issue.
While writing the integration test, I discovered that inspect could also
not find a tagged image without its :tag.
Resolves Issue #385
Resolves Issue #384
Signed-off-by: baude <bbaude@redhat.com>
Closes: #398
Approved by: mheon
When creating container storage by name, if that name is a tagged image then the storage
could not be found. We now use the image id which seems more reliable. Also added an
integration test to protect against regression.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #393
Approved by: mheon
The exit codes for 126 and 127 were reversed. For the record, the exit
codes used are as follows:
* 125 if ‘chroot’ itself fails
* 126 if COMMAND is found but cannot be invoked
* 127 if COMMAND cannot be found
This resolves issue #367
Signed-off-by: baude <bbaude@redhat.com>
Closes: #378
Approved by: baude
Inspect should be able to inspect one or more containers depending
on the user input. Therefore, inspect output should be in array
format so the consumer could potentially iterate it. This PR allows
users to specify one more or containers|images|or a mix for
inspection. The output, as stated, is therefore in array form. This
holds true even for a singular image.
In the case that the user enters an invalid container|image "name", we
handle that gracefully. Podman will output json for the valid names
until it reaches the invalid one. For example:
In this case, podman will out the json for alpine and then print an
error about 123 being invalid. It will not continute onto busybox.
This behavior imatates docker.
This addresses issue #360
Signed-off-by: baude <bbaude@redhat.com>
Closes: #371
Approved by: baude
Previous code was using slow routines to collect some of the information
needed to output images. Specifically size was being calculated instead
of using the cached, already known size already available. Also, straight-
lined several of the code paths. Overall assessment is that these
improvements cut the time for images in half.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #365
Approved by: mheon
We should be able to run nested podman containers in particular
for our testing environment. i.e. eat our own dog food.
Some privileges had to be corrected in order for this to work
correctly.
Added a third papr target that runs podman tests inside podman. I
marked the test as not required right now as we get more confident
in the results
Signed-off-by: baude <bbaude@redhat.com>
Closes: #340
Approved by: rhatdan
When using podman to pull an image, print the image id after
the image is pulled.
Resolves issue #329
Signed-off-by: baude <bbaude@redhat.com>
Closes: #342
Approved by: rhatdan
When an image does not have an ENTRYPOINT nor a CMD and the
user does not provide a command in the CLI, we should fail
gracefully.
This resolves issue #328
Signed-off-by: baude <bbaude@redhat.com>
Closes: #333
Approved by: mheon
When running a privileged container, it should inherit the same
devices the host has.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #330
Approved by: mheon
Changing these fields caused the output of podman inspect to more
closely match docker inspect.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #306
Approved by: mheon
When an image has an ENTRYPOINT defined, we should be honoring it. The
problem is described in issue #321.
Also, added buildah binary to test runtimes for testing entrypoint and
will also allow us to test podman build as well.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #322
Approved by: rhatdan
Rework port code for generalized clean up and to address
issue #269 where additional portbindings between host
and containers we being introduced by error.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #308
Approved by: mheon
Fix issues with tailing of container logs as described
in issue #16. Also add in the ability to use a duration or
known time stamp formats for the --since flag.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #317
Approved by: mheon
Completion of the migration from bats to ginkgo. This includes:
* load
* mount
* pause
* port
* run_networking
* search
Note: build will be done within a different PR
Signed-off-by: baude <bbaude@redhat.com>
If the output is to a terminal, return a new line at the end of the
output so that the output is visually appealing. If the output is being
piped, or saved to a file, basically not being outputted to a terminal, do
not print a new line at the end of the output. This ensures any further data
manipulation with the results happens smoothly without requiring to remember
the '/n' at the end of the output.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Made a change to make sure that the output paths of podman inspect
matches that of docker inspect. For example to get the stop signal
you should be able to do podman inspect ctr --format {{.Config.StopSignal}}
and the same thing in docker will give the same results.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #292
Approved by: rhatdan
podman search queries a registry for a matching image and prints
the output.
I added a new flag called "registry" giving the user the option
to search a specific registry if they don't want to search all
their default registries.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #241
Approved by: rhatdan
Migrate the diff, exec, export, and history bats tests to
the ginkgo test suite.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #287
Approved by: baude
Issue #169 describes a common failure when running podman top where
if the commands inside the container container a space in them, podman
will panic. This was occuring because we take the output from ps and
attempt to format it nicely for output and things like JSON. Given that
this cannot be predicted or dealt with programatically, the decision was
made to deprecate the format switch and simply output what ps provides
us.
Migrated top integration tests to ginkgo.
Resolves Issue: https://github.com/projectatomic/libpod/issues/169
Signed-off-by: baude <bbaude@redhat.com>
Closes: #291
Approved by: rhatdan
In order to have sd_notify from systemd to work in containers
we need to pass down the NOTIFY_SOCKET environment variable to
the container.
LISTEN_FDS, tells the application inside of the container to use
socket activation and grab the FDS that are leaked into the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #271
Approved by: umohnani8
Migrate create and commit bats tests to the ginkgo
test suite. In doing so, some structures had to be
moved to pkg/podmanstructs/podmanstructs.go so we
could do better verification of test results.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #286
Approved by: rhatdan
When network == none, the container should only have a
loopback interface and that's it.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #176
Approved by: baude
Migrate ps, pull, push, and rm from bats to ginkgo.
Also, fixed a conditional issue with adding ports
when an image defines the port and the user wants
to override it.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #277
Approved by: baude
This implements the ginkgo integration test framework for
podman. As tests are migrated from bats to ginkgo, we will
still run both integration suites. When a test is migrated,
we remove the tests from bats at that time. All new tests
should be just for the ginkgo framework.
One exception is that we only run the ginkgo suit in the
travis/ubuntu environment. The CentOS and Fedora PAPR nodes
will more than cover those.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #261
Approved by: baude
conmon should not be built in two different places.
conmon is now a separate package in Fedora so we can just
add requires, for use on Ubuntu we can just require cri-o to
be installed.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #151
Approved by: mheon
Add results check to make sure the container is not shows up after
it is stopped. And also add some debug lines to help to figure out
which step has problem if case failed.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #264
Approved by: rhatdan
The order of the flags was casuing issue.
Enabled SkipArgReorder to fix the problem.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #259
Approved by: rhatdan
podman port reports the port mappings per container. it can be used
to report the ports ofa single container or latest container or all
containers.
in the case of a single container, the user can add an option filter for
port and protocol.
Signed-off-by: baude <bbaude@redhat.com>
When an image has a port to expose, we need to expose it. User's input overrides the
image's port information.
Also, enable port information in ps so we can see which random port is assigned.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #249
Approved by: rhatdan
Adds the ability to override the container's hostname. Also, uses
the first twelve characters of the container ID as the default hostname
if none is provided.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #248
Approved by: baude
Set up nbetworking ports for the following use cases:
* bind the same port between host and container
* bind a specific host port to a different container port
* bind a random host port to a specific container port
Signed-off-by: baude <bbaude@redhat.com>
Closes: #214
Approved by: baude
In the dns commit, tests were accidently omitted due to a
rebase against master.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #245
Approved by: baude
Remove the use of bash -c unless it involves a bash pipe. Also, use
run test_runner.sh inside script so that centos can be happy.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #239
Approved by: baude
It is desirable to have a --latest switch on the podman wait
command so we can wait on the latest container created to end.
Also, fixes a panic with latest where no containers are available.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #201
Approved by: baude
With certain short name usages, rmi still was unable to delete
certain images. This was also reflected in several commit tests
that were temporarily disabled.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #200
Approved by: rhatdan
It is desirable to have a shortcut for the most
recently created container. We can now use "**latest"
to represent the most recent container instead of its
container ID or name. For example:
Signed-off-by: baude <bbaude@redhat.com>
Closes: #179
Approved by: baude
Removing by shortname was not working. Also pruned
container storage's remove func from rmi and moved it into
an image.Remove func, which consolidates our usage of cs.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #188
Approved by: baude
In our tests, each test instance is already seeded with images. In that case,
we do not need to pull down an image that is already seeded.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #191
Approved by: baude
The output from podman run may include some debug information which
will make the ctr_id contains unexpect lines.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #180
Approved by: mheon
Allow for the user to specify network=host|bridge. If network
is not specified, the default will be bridge. While "none" is now
a valid option, it is not included in this.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #164
Approved by: rhatdan
podman needs a pair of configuration files to set up its default
network configuration: a bridge and loopback file.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #161
Approved by: baude
podman commit allows the user to commit containers
as images with options of tagging th image, setting
a commit message, setting the auther, and making
changes to the instructions.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #143
Approved by: rhatdan
Also add --quiet option to kpod create/run since
this will help with writing tests.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #140
Approved by: TomSweeneyRedHat
kpod save can now save images to directories using the
dir transport. Manifest conversion is also possible.
To save with the oci manifest type set --format to oci-dir
and to save with the v2s2(docker) manifest type, set --format
to docker-dir.
The layers can be compressed as well when saving to a directory
using the --compress flag.
Added functionality to kpod load to be able to load image from
a directory
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #137
Approved by: rhatdan
User can select from 3 manifest types: oci, v2s1, or v2s2
e.g kpod push --format v2s2 alpine dir:my-directory
Added "compress" flag to enable compression when true
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #126
Approved by: rhatdan
Error out if more than one mutually exclusive flags are passed
in to kpod ps
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #128
Approved by: rhatdan
kpod inspect now uses the new libpod container state
and closely matches the output of docker inspect
some aspects of it are still WIP as the libpod container state
is still being worked on
Signed-off-by: umohnani8 <umohnani@redhat.com>
Initial wiring of kpod exec. We wont support the following options
for exec:
* detach -- unsure of use case
* detach-keys -- not supported by runc
* interactive -- all terminals will be interactive
Not adding exec tests as we need to think about how to support a
test that requires console access but our CI tests have no console.
Signed-off-by: baude <bbaude@redhat.com>
Add [r]shared, [r]private, [r]slave functionality to the --volume flag
for kpod create and kpod run
This sets the root propagation for each bind mount
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #87
Approved by: rhatdan
Libpod containers are immutable once created. They cannot be
renamed after created. As such remove kpod rename.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #101
Approved by: baude
Any subcommand that has two or more booleon short options can
now combine those two options. For example:
kpod rmi -af (Remove all images forceably)
Signed-off-by: baude <bbaude@redhat.com>
Closes: #100
Approved by: rhatdan
We need to differentiate between a kpod create and a kpod start
kpod create should create all of the data for libpod, but kpod start should
generate content for OCI Runtime (runc) in order to run.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #96
Approved by: mheon
Allow kpod create/run to create contianers in different network namespaces, uts namespaces and
IPC Namespaces.
This patch just handles the simple join the host, or another containers namespaces.
Lots more work needed to full integrate --net
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #64
Approved by: mheon
Stop all running containers with single switch. Useful for
maintainence of a system or integration tests.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #90
Approved by: rhatdan
Enable the --volume flag to validate user input
and add functionality for :z and :Z options
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #84
Approved by: mheon
Remove all containers with -a, --all.
Enable kpod rm tests which were all set to skip. Add two
tests for -a
Signed-off-by: baude <bbaude@redhat.com>
Closes: #74
Approved by: rhatdan
The new state for containers has been added
moved kpod mount and umount over to use it
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Closes: #57
Approved by: rhatdan
Add alpine and busybox as the two seeded images that can
be put into the tests' storage without the need to pull
it over the network. Add the following to the kpod_TEST.bats
file:
function setup() {
copy_images
}
Also, export several image names for shorter reference:
* BB -> docker.io/library/busybox:latest
* BB_GLIBC -> docker.io/library/busybox:glibc
* ALPINE -> docker.io/library/alpine:latest
* FEDORA_MINIMAL -> registry.fedoraproject.org/fedora-minimal:latest
And finally, there were two pervasive changes I made in
tests:
* Because we use temporary storage, we do not need to rmi at the end of each test
* We no longer need to pull most images because they are added via copy_images
Signed-off-by: baude <bbaude@redhat.com>
Closes: #43
Approved by: mheon
The way docker works is if a user specifies a non `-e Name=Value`, IE
just a `-e Name`, then the environment variable Name from the clients
OS.ENV is used.
Also by default Docker containers run with the HOSTNAME environment set
to the HOSTNAME specified for the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #21
Approved by: baude
The PR contains several enhancements to our CI testing.
- enable lint testing on Fedora
- add Centos Atomic as test platform
- integration tests on run on the OS natively (uncontainerized)
- builds are done in containers
- inclusion of Vagrant file for local testing
Signed-off-by: baude <bbaude@redhat.com>
Closes: #18
Approved by: mheon
This should turn on handling of SELinux, NoNewPrivs, seccomp and Apparmor
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #15
Approved by: rhatdan
Nalin Dahyabhai
Jhon Honce
umohnani8
TomSweeneyRedHat
Matthew Heon
Giuseppe Scrivano
baude
Yiqiao Pu
Daniel J Walsh
Nathan Williams
Matthew Heon
Valentin Rothberg
Valentin Rothberg