From 8cf6051bcfeef3e4a515010a67f9f2d0251525c4 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Tue, 16 Jul 2024 07:35:34 -0600 Subject: [PATCH] MAJOR MAJOR: kube play test cleanup for parallel-safety Signed-off-by: Ed Santiago --- test/system/700-play.bats | 415 +++++++++++++++++++++----------------- 1 file changed, 229 insertions(+), 186 deletions(-) diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 7c26a4fa8e17..21dd6bc0503e 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -7,19 +7,14 @@ load helpers load helpers.network load helpers.registry -# This is a long ugly way to clean up pods and remove the pause image -function teardown() { - run_podman pod rm -t 0 -f -a - run_podman rm -t 0 -f -a - run_podman image list --format '{{.ID}} {{.Repository}}' - while read id name; do - if [[ "$name" =~ /podman-pause ]]; then - run_podman rmi $id - fi - done <<<"$output" - run_podman network rm -f podman-default-kube-network - - basic_teardown +# Create and delete a pod. This gives us a pause image. +# FIXME: this should not be necessary. #23292 +function setup_file() { + podname="p-$(safename)" + run_podman pod create $podname + run_podman pod rm $podname + # And now, we have a pause image, and each test does not + # need to build their own. } testYaml=" @@ -28,7 +23,7 @@ kind: Pod metadata: labels: app: test - name: test_pod + name: @PODNAME@ spec: containers: - command: @@ -41,7 +36,7 @@ spec: - name: container value: podman image: $IMAGE - name: test + name: @CTRNAME@ resources: {} securityContext: runAsUser: 1000 @@ -55,136 +50,159 @@ spec: readOnlyRootFilesystem: false volumeMounts: - mountPath: /testdir:z - name: home-podman-testdir + name: @VOLNAME@ workingDir: / volumes: - hostPath: - path: TESTDIR + path: @TESTDIR@ type: Directory - name: home-podman-testdir + name: @VOLNAME@ status: {} " -RELABEL="system_u:object_r:container_file_t:s0" - -@test "podman kube with stdin" { - TESTDIR=$PODMAN_TMPDIR/testdir - mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - - run_podman kube play - < $PODMAN_TMPDIR/test.yaml - if selinux_enabled; then - run ls -Zd $TESTDIR - is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" - fi - - # Make sure that the K8s pause image isn't pulled but the local podman-pause is built. - run_podman images - run_podman 1 image exists k8s.gcr.io/pause - run_podman 1 image exists registry.k8s.io/pause - run_podman image exists $(pause_image) - - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod -} - -@test "podman play" { - # Testing that the "podman play" cmd still works now that - # "podman kube" is an option. - TESTDIR=$PODMAN_TMPDIR/testdir - mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - run_podman play kube $PODMAN_TMPDIR/test.yaml - if selinux_enabled; then - run ls -Zd $TESTDIR - is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" - fi - - # Now rerun twice to make sure nothing gets removed - run_podman 125 play kube $PODMAN_TMPDIR/test.yaml - is "$output" ".* is in use: pod already exists" - run_podman 125 play kube $PODMAN_TMPDIR/test.yaml - is "$output" ".* is in use: pod already exists" - - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod -} - # helper function: writes a yaml file with customizable values function _write_test_yaml() { - local outfile=$PODMAN_TMPDIR/test.yaml + # All of these get returned to our parent + YAMLFILE=$PODMAN_TMPDIR/test.yaml + PODNAME="p-$(safename)" + CTRNAME="c-$(safename)" + VOLNAME="v-$(safename)" + TESTDIR= # Function args must all be of the form 'keyword=value' (value may be null) local annotations= local labels="app: test" - local name="test_pod" local command="" local image="$IMAGE" - local ctrname="test" + local use_standard= + for i;do # This will error on 'foo=' (no value). That's totally OK. local value=$(expr "$i" : '[^=]*=\(.*\)') case "$i" in + --standard) use_standard=1 ;; annotations=*) annotations="$value" ;; labels=*) labels="$value" ;; - name=*) name="$value" ;; + name=*) PODNAME="$value" ;; command=*) command="$value" ;; image=*) image="$value" ;; - ctrname=*) ctrname="$value" ;; + ctrname=*) CTRNAME="$value" ;; *) die "_write_test_yaml: cannot grok '$i'" ;; esac done + # Use the boilerplate template above + if [[ -n "$use_standard" ]]; then + TESTDIR=${PODMAN_TMPDIR}/testdir + mkdir $TESTDIR + + sed -e "s|@TESTDIR@|${TESTDIR}|g" \ + -e "s/@PODNAME@/${PODNAME}/g" \ + -e "s/@CTRNAME@/${CTRNAME}/g" \ + -e "s/@VOLNAME@/${VOLNAME}/g" \ + <<< "$testYaml" > $YAMLFILE + return + fi + # These three header lines are common to all yamls. # Note: use >> (append), not > (overwrite), for multi-pod test - cat >>$outfile <>$YAMLFILE <>$outfile - echo " $annotations" >>$outfile + echo " annotations:" >>$YAMLFILE + echo " $annotations" >>$YAMLFILE fi if [[ -n "$labels" ]]; then - echo " labels:" >>$outfile - echo " $labels" >>$outfile + echo " labels:" >>$YAMLFILE + echo " $labels" >>$YAMLFILE fi - if [[ -n "$name" ]]; then - echo " name: $name" >>$outfile + if [[ -n "$PODNAME" ]]; then + echo " name: $PODNAME" >>$YAMLFILE fi # We always have spec and container lines... - echo "spec:" >>$outfile - echo " containers:" >>$outfile + echo "spec:" >>$YAMLFILE + echo " containers:" >>$YAMLFILE # ...but command is optional. If absent, assume our caller will fill it in. if [[ -n "$command" ]]; then - cat <>$outfile + cat <>$YAMLFILE - command: - $command image: $image - name: $ctrname + name: $CTRNAME resources: {} status: {} EOF fi + + # For debugging + echo "# test yaml:" + sed -e "s/^/ /g" <$YAMLFILE } + + + +RELABEL="system_u:object_r:container_file_t:s0" + +# bats test_tags=para +@test "podman kube with stdin" { + _write_test_yaml --standard + + run_podman kube play - < $YAMLFILE + if selinux_enabled; then + run ls -Zd $TESTDIR + is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" + fi + + # Make sure that the K8s pause image isn't pulled but the local podman-pause is built. + run_podman images + run_podman 1 image exists k8s.gcr.io/pause + run_podman 1 image exists registry.k8s.io/pause + run_podman image exists $(pause_image) + + run_podman pod rm -t 0 -f $PODNAME +} + +# bats test_tags=para +@test "podman play" { + # Testing that the "podman play" cmd still works now that + # "podman kube" is an option. + _write_test_yaml --standard + + run_podman play kube $YAMLFILE + if selinux_enabled; then + run ls -Zd $TESTDIR + is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" + fi + + # Now rerun twice to make sure nothing gets removed + run_podman 125 play kube $YAMLFILE + is "$output" ".* is in use: pod already exists" + run_podman 125 play kube $YAMLFILE + is "$output" ".* is in use: pod already exists" + + run_podman pod rm -t 0 -f $PODNAME +} + +# bats test_tags=para @test "podman play --service-container" { skip_if_remote "service containers only work locally" # Create the YAMl file - yaml_source="$PODMAN_TMPDIR/test.yaml" _write_test_yaml command=top # Run `play kube` in the background as it will wait for the service # container to exit. timeout --foreground -v --kill=10 60 \ - $PODMAN play kube --service-container=true --log-driver journald $yaml_source &>/dev/null & + $PODMAN play kube --service-container=true --log-driver journald $YAMLFILE &>/dev/null & # Wait for the container to be running - container_a=test_pod-test + container_a=${PODNAME}-${CTRNAME} container_running= for i in $(seq 1 20); do run_podman "?" container wait $container_a --condition="running" @@ -202,7 +220,7 @@ EOF # The name of the service container is predictable: the first 12 characters # of the hash of the YAML file followed by the "-service" suffix - yaml_sha=$(sha256sum $yaml_source) + yaml_sha=$(sha256sum $YAMLFILE) service_container="${yaml_sha:0:12}-service" # Make sure that the service container exists and runs. @@ -216,14 +234,14 @@ EOF # 1) The pod transitions to Exited # 2) The service container is stopped # #) The service container is marked as a service container - run_podman stop test_pod-test - _ensure_pod_state test_pod Exited + run_podman stop ${PODNAME}-${CTRNAME} + _ensure_pod_state ${PODNAME} Exited _ensure_container_running $service_container false run_podman container inspect $service_container --format "{{.IsService}}" is "$output" "true" # Restart the pod, make sure the service is running again - run_podman pod restart test_pod + run_podman pod restart $PODNAME run_podman container inspect $service_container --format "{{.State.Running}}" is "$output" "true" @@ -234,84 +252,86 @@ EOF is "$output" "Error: container .* is the service container of pod(s) .* and cannot be removed without removing the pod(s)" # Kill the pod and make sure the service is not running - run_podman pod kill test_pod + run_podman pod kill $PODNAME _ensure_container_running $service_container false # Remove the pod and make sure the service is removed along with it - run_podman pod rm test_pod + run_podman pod rm $PODNAME run_podman 1 container exists $service_container } +# bats test_tags=para @test "podman kube --network" { - TESTDIR=$PODMAN_TMPDIR/testdir - mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml + _write_test_yaml --standard - run_podman kube play --network host $PODMAN_TMPDIR/test.yaml + run_podman kube play --network host $YAMLFILE is "$output" "Pod:.*" "podman kube play should work with --network host" - run_podman pod inspect --format "{{.InfraConfig.HostNetwork}}" test_pod + run_podman pod inspect --format "{{.InfraConfig.HostNetwork}}" $PODNAME is "$output" "true" ".InfraConfig.HostNetwork" - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod + run_podman pod rm -t 0 -f $PODNAME if has_slirp4netns; then - run_podman kube play --network slirp4netns:port_handler=slirp4netns $PODMAN_TMPDIR/test.yaml + run_podman kube play --network slirp4netns:port_handler=slirp4netns $YAMLFILE run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" infraID="$output" run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID is "$output" "slirp4netns" "network mode slirp4netns is set for the container" fi - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod + run_podman pod rm -t 0 -f $PODNAME - run_podman kube play --network none $PODMAN_TMPDIR/test.yaml + run_podman kube play --network none $YAMLFILE run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" infraID="$output" run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID is "$output" "none" "network mode none is set for the container" - run_podman kube down $PODMAN_TMPDIR/test.yaml - run_podman 125 inspect test_pod-test - is "$output" ".*Error: no such object: \"test_pod-test\"" - run_podman pod rm -a - run_podman rm -a + run_podman container exists ${PODNAME}-${CTRNAME} + run_podman kube down $YAMLFILE + run_podman 1 container exists ${PODNAME}-${CTRNAME} } +# bats test_tags=para @test "podman kube play read-only" { YAML=$PODMAN_TMPDIR/test.yml + podname="p-$(safename)" + c1name="c1-$(safename)" + c2name="c2-$(safename)" + c3name="c3-$(safename)" + # --restart=no is crucial: without that, the "podman wait" below # will spin for indeterminate time. - run_podman create --pod new:pod1 --restart=no --name test1 $IMAGE touch /testrw - run_podman create --pod pod1 --read-only --restart=no --name test2 $IMAGE touch /testro - run_podman create --pod pod1 --read-only --restart=no --name test3 $IMAGE sh -c "echo "#!echo hi" > /tmp/testtmp; chmod +x /tmp/test/tmp; /tmp/testtmp" + run_podman create --pod new:$podname --restart=no --name $c1name $IMAGE touch /testrw + run_podman create --pod $podname --read-only --restart=no --name $c2name $IMAGE touch /testro + run_podman create --pod $podname --read-only --restart=no --name $c3name $IMAGE sh -c "echo "#!echo hi" > /tmp/testtmp; chmod +x /tmp/test/tmp; /tmp/testtmp" # Generate and run from yaml. (The "cat" is for debugging failures) - run_podman kube generate pod1 -f $YAML + run_podman kube generate $podname -f $YAML cat $YAML run_podman kube play --replace $YAML # Wait for all containers and check their exit statuses - run_podman wait pod1-test1 pod1-test2 pod1-test3 + run_podman wait ${podname}-${c1name} ${podname}-${c2name} ${podname}-${c3name} is "${lines[0]}" 0 "exit status: touch /file on read/write container" is "${lines[1]}" 1 "exit status: touch /file on read-only container" is "${lines[2]}" 0 "exit status: touch on /tmp is always ok, even on read-only container" # Confirm config settings - run_podman container inspect --format '{{.HostConfig.ReadonlyRootfs}}' pod1-test1 pod1-test2 pod1-test3 + run_podman container inspect --format '{{.HostConfig.ReadonlyRootfs}}' ${podname}-${c1name} ${podname}-${c2name} ${podname}-${c3name} is "${lines[0]}" "false" "ReadonlyRootfs - container 1" is "${lines[1]}" "true" "ReadonlyRootfs - container 2" is "${lines[2]}" "true" "ReadonlyRootfs - container 3" # Clean up run_podman kube down - < $YAML - run_podman 1 container exists pod1-test1 - run_podman 1 container exists pod1-test2 - run_podman 1 container exists pod1-test3 + run_podman 1 container exists ${podname}-${c1name} + run_podman 1 container exists ${podname}-${c2name} + run_podman 1 container exists ${podname}-${c3name} } +# bats test_tags=para @test "podman kube play read-only from containers.conf" { containersconf=$PODMAN_TMPDIR/containers.conf cat >$containersconf < $PODMAN_TMPDIR/Containerfile << _EOF + cat > $PODMAN_TMPDIR/Containerfile << _EOF from $IMAGE USER bin _EOF # Unset the PATH during build and make sure that all default env variables # are correctly set for the created container. - run_podman build --unsetenv PATH -t userimage $PODMAN_TMPDIR - run_podman image inspect userimage --format "{{.Config.Env}}" + run_podman build --unsetenv PATH -t $imgname $PODMAN_TMPDIR + run_podman image inspect $imgname --format "{{.Config.Env}}" is "$output" "\[\]" "image does not set PATH - env is empty" - run_podman play kube --start=false $PODMAN_TMPDIR/test.yaml - run_podman inspect --format "{{ .Config.User }}" test_pod-test + run_podman play kube --start=false $YAMLFILE + run_podman ps -a + run_podman inspect --format "{{ .Config.User }}" ${PODNAME}-${CTRNAME} is "$output" bin "expect container within pod to run as the bin user" - run_podman inspect --format "{{ .Config.Env }}" test_pod-test + run_podman inspect --format "{{ .Config.Env }}" ${PODNAME}-${CTRNAME} is "$output" ".*PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin.*" "expect PATH to be set" is "$output" ".*container=podman.*" "expect container to be set" - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod - run_podman rmi -f userimage:latest + run_podman pod rm -t 0 -f ${PODNAME} + run_podman rmi -f $imgname } +# bats test_tags=para @test "podman play --build --context-dir" { skip_if_remote "--build is not supported in context remote" - mkdir -p $PODMAN_TMPDIR/userimage - cat > $PODMAN_TMPDIR/userimage/Containerfile << _EOF + imgname="userimage-$(safename)" + + mkdir -p $PODMAN_TMPDIR/$imgname + cat > $PODMAN_TMPDIR/$imgname/Containerfile << _EOF from $IMAGE USER bin _EOF - _write_test_yaml command=id image=quay.io/libpod/userimage - run_podman 125 play kube --build --start=false $PODMAN_TMPDIR/test.yaml - assert "$output" =~ "initializing source docker://quay.io/libpod/userimage:latest: reading manifest latest in " + _write_test_yaml command=id image=quay.io/libpod/$imgname + run_podman 125 play kube --build --start=false $YAMLFILE + assert "$output" =~ "initializing source docker://quay.io/libpod/$imgname:latest: reading manifest latest in " run_podman play kube --replace --context-dir=$PODMAN_TMPDIR --build --start=false $PODMAN_TMPDIR/test.yaml - run_podman inspect --format "{{ .Config.User }}" test_pod-test + run_podman inspect --format "{{ .Config.User }}" ${PODNAME}-${CTRNAME} is "$output" bin "expect container within pod to run as the bin user" - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod - run_podman rmi -f userimage:latest + run_podman pod rm -t 0 -f $PODNAME + run_podman rmi -f $imgname cd $PODMAN_TMPDIR - run_podman play kube --replace --build --start=false $PODMAN_TMPDIR/test.yaml - run_podman inspect --format "{{ .Config.User }}" test_pod-test + run_podman play kube --replace --build --start=false $YAMLFILE + run_podman inspect --format "{{ .Config.User }}" ${PODNAME}-${CTRNAME} is "$output" bin "expect container within pod to run as the bin user" - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod - run_podman rmi -f userimage:latest + run_podman pod rm -t 0 -f $PODNAME + run_podman rmi -f $imgname } # Occasionally a remnant storage container is left behind which causes # podman play kube --replace to fail. This tests created a conflicting # storage container name using buildah to make sure --replace, still # functions proplery by removing the storage container. +# bats test_tags=para @test "podman kube play --replace external storage" { - TESTDIR=$PODMAN_TMPDIR/testdir - mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - run_podman play kube $PODMAN_TMPDIR/test.yaml + _write_test_yaml --standard + + run_podman play kube $YAMLFILE # Force removal of container - run_podman rm --force -t0 test_pod-test + run_podman rm --force -t0 ${PODNAME}-${CTRNAME} # Create external container using buildah with same name - buildah from --name test_pod-test $IMAGE + buildah from --name ${PODNAME}-${CTRNAME} $IMAGE # --replace deletes the buildah container and replace it with new one - run_podman play kube --replace $PODMAN_TMPDIR/test.yaml + run_podman play kube --replace $YAMLFILE - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod - run_podman rmi -f userimage:latest + run_podman pod rm -t 0 -f $PODNAME } +# bats test_tags=para @test "podman kube --annotation" { - TESTDIR=$PODMAN_TMPDIR/testdir + _write_test_yaml --standard + RANDOMSTRING=$(random_string 15) ANNOTATION_WITH_COMMA="comma,$(random_string 5)" - mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml + run_podman kube play --annotation "name=$RANDOMSTRING" \ - --annotation "anno=$ANNOTATION_WITH_COMMA" $PODMAN_TMPDIR/test.yaml - run_podman inspect --format "{{ .Config.Annotations }}" test_pod-test + --annotation "anno=$ANNOTATION_WITH_COMMA" $YAMLFILE + run_podman inspect --format "{{ .Config.Annotations }}" ${PODNAME}-${CTRNAME} is "$output" ".*name:$RANDOMSTRING" "Annotation should be added to pod" is "$output" ".*anno:$ANNOTATION_WITH_COMMA" "Annotation with comma should be added to pod" + run_podman kube down $YAMLFILE # invalid annotation - run_podman 125 kube play --annotation "val" $PODMAN_TMPDIR/test.yaml + run_podman 125 kube play --annotation "val" $YAMLFILE assert "$output" == "Error: annotation \"val\" must include an '=' sign" "invalid annotation error" - run_podman stop -a -t 0 - run_podman pod rm -t 0 -f test_pod + run_podman pod rm -t 0 -f $PODNAME } @test "podman play Yaml deprecated --no-trunc annotation" { @@ -467,9 +491,12 @@ _EOF } @test "podman kube play - default log driver" { + skip TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml + podname="p-$(safename)" + echo "$testYaml" | sed -e "s|TESTDIR|${TESTDIR}|g" -e "s|PODNAME|$podname|g" > $PODMAN_TMPDIR/test.yaml + # Get the default log driver run_podman info --format "{{.Host.LogDriver}}" default_driver=$output @@ -480,16 +507,17 @@ _EOF is "$output" "$default_driver" "play kube uses default log driver" run_podman kube down $PODMAN_TMPDIR/test.yaml - run_podman 125 inspect test_pod-test - is "$output" ".*Error: no such object: \"test_pod-test\"" - run_podman pod rm -a - run_podman rm -a + run_podman 125 inspect ${podname}-test + is "$output" ".*Error: no such object: \"${podname}-test\"" + run_podman pod rm $podname } @test "podman kube play - URL" { + skip TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR - echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml + podname="p-$(safename)" + echo "$testYaml" | sed -e "s|TESTDIR|${TESTDIR}|g" -e "s|PODNAME|$podname|g" > $PODMAN_TMPDIR/test.yaml echo READY > $PODMAN_TMPDIR/ready HOST_PORT=$(random_free_port) @@ -505,17 +533,17 @@ _EOF wait_for_command_output "curl -s -S $SERVER/ready" "READY" run_podman kube play $SERVER/testpod.yaml - run_podman inspect test_pod-test --format "{{.State.Running}}" + run_podman inspect ${podname}-test --format "{{.State.Running}}" is "$output" "true" run_podman kube down $SERVER/testpod.yaml - run_podman 125 inspect test_pod-test + run_podman 125 inspect ${podname}-test is "$output" ".*Error: no such object: \"test_pod-test\"" - run_podman pod rm -a -f - run_podman rm -a -f -t0 + run_podman pod rm $podname } @test "podman play with init container" { + skip _write_test_yaml command= cat >>$PODMAN_TMPDIR/test.yaml <>$PODMAN_TMPDIR/test.yaml < $PODMAN_TMPDIR/test.yaml + podname="p-$(safename)" + echo "$testYaml" | sed -e "s|TESTDIR|${TESTDIR}|g" -e "s|PODNAME|$podname|g" > $PODMAN_TMPDIR/test.yaml bogus=$PODMAN_TMPDIR/bogus-authfile run_podman 125 kube play --authfile=$bogus - < $PODMAN_TMPDIR/test.yaml @@ -778,6 +814,7 @@ spec: } @test "podman kube play with umask from containers.conf" { + skip skip_if_remote "remote does not support CONTAINERS_CONF*" YAML=$PODMAN_TMPDIR/test.yaml @@ -788,12 +825,13 @@ spec: umask = "0472" EOF - ctr="ctr" - ctrInPod="ctr-pod-ctr" + ctr="c-$(safename)" + ctrInPod="${ctr}-pod-${ctr}" run_podman create --restart never --name $ctr $IMAGE sh -c "touch /umask-test;stat -c '%a' /umask-test" run_podman kube generate -f $YAML $ctr CONTAINERS_CONF_OVERRIDE="$containersConf" run_podman kube play $YAML + run_podman ps -a run_podman container inspect --format '{{ .Config.Umask }}' $ctrInPod is "${output}" "0472" # Confirm that umask actually takes effect. Might take a second or so. @@ -808,11 +846,11 @@ EOF assert "$output" = "204" "stat() on created file" run_podman kube down $YAML - run_podman pod rm -a - run_podman rm -a + run_podman rm $ctr } @test "podman kube generate tmpfs on /tmp" { + skip local yaml=$PODMAN_TMPDIR/test.yaml _write_test_yaml command=/home/podman/pause run_podman kube play $yaml @@ -822,6 +860,7 @@ EOF } @test "podman kube play - pull policy" { + skip skip_if_remote "pull debug logs only work locally" yaml_source="$PODMAN_TMPDIR/test.yaml" @@ -845,6 +884,7 @@ EOF } @test "podman kube play healthcheck should wait initialDelaySeconds before updating status (healthy)" { + skip fname="$PODMAN_TMPDIR/play_kube_healthy_$(random_string 6).yaml" echo " apiVersion: v1 @@ -897,6 +937,7 @@ spec: } @test "podman kube play healthcheck should wait initialDelaySeconds before updating status (unhealthy)" { + skip fname="$PODMAN_TMPDIR/play_kube_unhealthy_$(random_string 6).yaml" echo " apiVersion: v1 @@ -949,6 +990,7 @@ spec: } @test "podman play --build private registry" { + skip skip_if_remote "--build is not supported in context remote" local registry=localhost:${PODMAN_LOGIN_REGISTRY_PORT} @@ -992,6 +1034,7 @@ _EOF } @test "podman play with automount volume" { + skip cat >$PODMAN_TMPDIR/Containerfile <