From 97e58ded359c211b8b0fb3c3c12993ecafebfc52 Mon Sep 17 00:00:00 2001 From: Jindrich Novy Date: Thu, 10 Dec 2020 10:00:54 +0100 Subject: [PATCH] podman-3.0.0-0.11.el9 - update to https://github.com/containers/dnsname/releases/tag/v1.1.1 Signed-off-by: Jindrich Novy --- gating.yaml | 15 +--- podman.spec | 9 ++- sources | 4 +- tests/README | 25 ------- tests/check_results.yml | 36 --------- tests/roles/bats_installed/tasks/main.yml | 12 +++ tests/roles/nonroot_user/tasks/main.yml | 7 ++ .../roles/rootless_user_ready/tasks/main.yml | 6 -- .../files/helper.buildah-root.sh | 38 ++++++++++ tests/roles/set_cgroups/tasks/main.yml | 75 ------------------- tests/test_podman.yml | 44 ----------- tests/test_podman_cgroups_vn.yml | 19 ----- 12 files changed, 69 insertions(+), 221 deletions(-) delete mode 100644 tests/README delete mode 100644 tests/check_results.yml create mode 100644 tests/roles/bats_installed/tasks/main.yml create mode 100644 tests/roles/nonroot_user/tasks/main.yml delete mode 100644 tests/roles/rootless_user_ready/tasks/main.yml create mode 100644 tests/roles/run_bats_tests/files/helper.buildah-root.sh delete mode 100644 tests/roles/set_cgroups/tasks/main.yml delete mode 100644 tests/test_podman.yml delete mode 100644 tests/test_podman_cgroups_vn.yml diff --git a/gating.yaml b/gating.yaml index c8a218f..7eeedfc 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,14 +1,7 @@ +# recipients: jnovy, lsm5, santiago --- !Policy product_versions: - - fedora-* -decision_context: bodhi_update_push_stable -subject_type: koji_build + - rhel-8 +decision_context: osci_compose_gate rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} ---- !Policy -product_versions: - - fedora-* -decision_context: bodhi_update_push_testing -subject_type: koji_build -rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/podman.spec b/podman.spec index b561728..f364f68 100644 --- a/podman.spec +++ b/podman.spec @@ -17,14 +17,14 @@ go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl %global import_path github.com/containers/podman %global branch master -%global commit0 dd295f297b6dd51d22c64c75f4ef4f80f953bbde +%global commit0 9216be2008696bc9f0bc26686be8becae3d12bfc %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) %global cataver 0.1.5 -%global dnsnamever 1.0.0 +%global dnsnamever 1.1.1 Name: podman Version: 3.0.0 -Release: 0.10%{?dist} +Release: 0.11%{?dist} Summary: Manage Pods, Containers and Container Images License: ASL 2.0 and GPLv3+ URL: https://%{name}.io/ @@ -339,6 +339,9 @@ exit 0 %{_datadir}/%{name}/test %changelog +* Thu Dec 10 2020 Jindrich Novy - 3.0.0-0.11 +- update to https://github.com/containers/dnsname/releases/tag/v1.1.1 + * Wed Dec 09 2020 Jindrich Novy - 3.0.0-0.10 - update to the latest content of https://github.com/containers/podman/tree/master (https://github.com/containers/podman/commit/dd295f2) diff --git a/sources b/sources index e133d6e..c64175d 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ SHA512 (v0.1.5.tar.gz) = 75387cf9c611222ef0afc9f688cefb3e4a4ec388cfa9d2329ee7860cb2ad83afa9311f53c1047f92f7adde27b7eb07f5501ee602334e610a3227104d8894486b -SHA512 (v1.0.0.tar.gz) = 6eb96939847dcb4bb6fcfbf2e9e1555c1e79b0b77350b2669d4e517decdda1784fbe68536419fd5ba81bfc6b47c57665487c62e5fde7e0d2b129f0161f421b83 -SHA512 (master-dd295f2.tar.gz) = ae3a06c84db158294d3f3b191fe57b63c3d0914b8707b2d5f64a40d011653eea0e5b37ddaacb356f3e28bbb75e640322988a101f292c6d625c8a289d551c8968 +SHA512 (master-9216be2.tar.gz) = bfe97adaa3aa1053a116a3bc30f6603b8e4a752182890f558cf2ea4f3c788e0422514203bca5292ec7c880090eb94c1625b3187d537859f46a0d64a2bd0c3270 +SHA512 (v1.1.1.tar.gz) = 4ffaf73f41d96a3d36a15cfefdad989579bf3e187c0da9df35b16b43f77f8694c01a7f006b89b97070ea9c0d924778a416c30a96b18fa125b74186beb800c54f diff --git a/tests/README b/tests/README deleted file mode 100644 index 672acdb..0000000 --- a/tests/README +++ /dev/null @@ -1,25 +0,0 @@ -I'm sorry. The playbooks here are a much-too-complicated way of saying: - - - test podman (root and rootless) under cgroups v2 - - reboot into cgroups v1 - - repeat the same podman tests - -We can't use standard-test-basic any more because, tl;dr, that has to -be the last stanza in the playbook and it doesn't offer any mechanism -for running a reboot in the middle of tests. (I actually found a way -but it was even uglier than this approach). - -The starting point is tests.yml . From there: - - tests.yml - \- test_podman.yml - |- roles/rootless_user_ready/ - \- test_podman_cgroups_vn.yml (runs twice: cgroups v2, v1) - |- roles/set_cgroups/ - \- roles/run_bats_tests/ (runs tests: root, rootless) - -Principal result is the file 'artifacts/test.log'. It will contain -one line for each test run, format will be '(PASS|FAIL|ERROR) ' - -For each completed test there will also be a 'test..bats.log' -containing some setup blurbs (RPMs, environment) and the full BATS log. diff --git a/tests/check_results.yml b/tests/check_results.yml deleted file mode 100644 index e1de3bd..0000000 --- a/tests/check_results.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Copied from standard-test-basic -# ...and, 2020-05-13, updated, looks like they changed the whole thing around -- name: Check the results - local_action: - module: shell - cmd: | - log="{{ artifacts }}/test.log" - if [ ! -f "$log" ]; then - echo ERROR - echo "Test results not found." 1>&2 - elif grep ^ERROR "$log" 1>&2; then - echo ERROR - elif grep ^FAIL "$log" 1>&2; then - echo FAIL - elif grep -q ^PASS "$log"; then - echo PASS - else - echo ERROR - echo "No test results found." 1>&2 - fi - register: test_results - -- name: Set role result - set_fact: - role_result: "{{ test_results.stdout }}" - role_message: "{{ test_results.stderr|d('test execution error.') }}" - -- name: display results - vars: - msg: | - role_result: {{ role_result|d('Undefined') }} - {{ role_message|d('[No error messages found]') }} - debug: - msg: "{{ msg.split('\n') }}" - failed_when: role_message|d("") != "" diff --git a/tests/roles/bats_installed/tasks/main.yml b/tests/roles/bats_installed/tasks/main.yml new file mode 100644 index 0000000..242d444 --- /dev/null +++ b/tests/roles/bats_installed/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# Sigh; RHEL8 doesn't have BATS +- name: bats | fetch and unpack tarball + unarchive: + src: https://github.com/bats-core/bats-core/archive/v1.1.0.tar.gz + dest: /root + remote_src: true + +- name: bats | install + command: ./install.sh /usr/local + args: + chdir: /root/bats-core-1.1.0 diff --git a/tests/roles/nonroot_user/tasks/main.yml b/tests/roles/nonroot_user/tasks/main.yml new file mode 100644 index 0000000..51bf44a --- /dev/null +++ b/tests/roles/nonroot_user/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: create nonroot user + user: + name: testuser + shell: /bin/bash +- name: enable linger + command: loginctl enable-linger testuser diff --git a/tests/roles/rootless_user_ready/tasks/main.yml b/tests/roles/rootless_user_ready/tasks/main.yml deleted file mode 100644 index cfed03b..0000000 --- a/tests/roles/rootless_user_ready/tasks/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: make sure rootless account exists - user: name={{ rootless_user }} - -- name: rootless account | enable linger - shell: loginctl enable-linger {{ rootless_user }} diff --git a/tests/roles/run_bats_tests/files/helper.buildah-root.sh b/tests/roles/run_bats_tests/files/helper.buildah-root.sh new file mode 100644 index 0000000..1529b70 --- /dev/null +++ b/tests/roles/run_bats_tests/files/helper.buildah-root.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# +# setup and teardown helpers for buildah test +# + +function setup() { + REGISTRY_FQIN=docker.io/library/registry:2 + + AUTHDIR=/tmp/buildah-tests-auth.$$ + mkdir -p $AUTHDIR + + CERT=$AUTHDIR/domain.crt + if [ ! -e $CERT ]; then + openssl req -newkey rsa:4096 -nodes -sha256 \ + -keyout $AUTHDIR/domain.key -x509 -days 2 \ + -out $AUTHDIR/domain.crt \ + -subj "/C=US/ST=Foo/L=Bar/O=Red Hat, Inc./CN=localhost" + fi + + if [ ! -e $AUTHDIR/htpasswd ]; then + podman run --rm --entrypoint htpasswd $REGISTRY_FQIN \ + -Bbn testuser testpassword > $AUTHDIR/htpasswd + fi + + podman run -d -p 5000:5000 \ + --name registry \ + -v $AUTHDIR:/auth:Z \ + -e "REGISTRY_AUTH=htpasswd" \ + -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ + -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ + -e REGISTRY_HTTP_TLS_CERTIFICATE=/auth/domain.crt \ + -e REGISTRY_HTTP_TLS_KEY=/auth/domain.key \ + $REGISTRY_FQIN +} + +function teardown() { + podman rm -f registry +} diff --git a/tests/roles/set_cgroups/tasks/main.yml b/tests/roles/set_cgroups/tasks/main.yml deleted file mode 100644 index 133d7fe..0000000 --- a/tests/roles/set_cgroups/tasks/main.yml +++ /dev/null @@ -1,75 +0,0 @@ ---- -# Check the CURRENT cgroup level; we get this from /proc/cmdline -- name: check current kernel options - shell: fgrep systemd.unified_cgroup_hierarchy=0 /proc/cmdline - register: result - ignore_errors: true - -- name: determine current cgroups | assume v2 - set_fact: current_cgroups=2 - -- name: determine current cgroups | looks like v1 - set_fact: current_cgroups=1 - when: result is succeeded - -- debug: - msg: "want: v{{ want_cgroups }} actual: v{{ current_cgroups }}" - -- name: grubenv, pre-edit, cat - shell: cat /boot/grub2/grubenv - register: grubenv - -- name: grubenv, pre-edit, show - debug: - msg: "{{ grubenv.stdout_lines }}" - -# Update grubenv file to reflect the desired cgroup level -- name: remove cgroup option from kernel flags - shell: - cmd: sed -i -e "s/^\(kernelopts=.*\)systemd\.unified_cgroup_hierarchy=.\(.*\)/\1 \2/" /boot/grub2/grubenv - warn: false - -- name: add it with the desired value - shell: - cmd: sed -i -e "s/^\(kernelopts=.*\)/\1 systemd.unified_cgroup_hierarchy=0/" /boot/grub2/grubenv - warn: false - when: want_cgroups == 1 - -- name: grubenv, post-edit, cat - shell: cat /boot/grub2/grubenv - register: grubenv - -- name: grubenv, post-edit, show - debug: - msg: "post: {{ grubenv.stdout_lines }}" - -# If want != have, reboot -- name: reboot and wait - block: - - name: reboot - reboot: - reboot_timeout: 900 - ignore_errors: yes - - name: wait and reconnect - wait_for_connection: - timeout: 900 - when: want_cgroups|int != current_cgroups|int - -- set_fact: - expected_fstype: - - none - - tmpfs - - cgroup2fs - -- name: confirm cgroups setting - shell: stat -f -c "%T" /sys/fs/cgroup - register: fstype - -- debug: - msg: "stat(/sys/fs/cgroup) = {{ fstype.stdout }}" - -- name: system cgroups is the expected type - assert: - that: - - fstype.stdout == expected_fstype[want_cgroups|int] - fail_msg: "stat(/sys/fs/cgroup) = {{ fstype.stdout }} (expected {{ expected_fstype[want_cgroups|int] }})" diff --git a/tests/test_podman.yml b/tests/test_podman.yml deleted file mode 100644 index d5e65be..0000000 --- a/tests/test_podman.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -- hosts: localhost - tags: - - classic - - container - vars: - - artifacts: ./artifacts - rootless_user: testuser - roles: - - role: rootless_user_ready - - tasks: - # At the start of a run, clean up state. Useful for test reruns. - - name: local artifacts directory exists - local_action: file path="{{ artifacts }}" state=directory - - - name: remove stale log files - local_action: shell rm -f {{ artifacts }}/test*.log - - - name: clear test results (test.log) - local_action: command truncate --size=0 {{ artifacts }}/test.log - - - name: clear test results (results.yml) - local_action: copy content="results:\n" dest={{ artifacts }}/results.yml - - # These are the actual tests: set cgroups vN, then run root/rootless tests. - # - # FIXME FIXME FIXME: 2020-05-21: 'loop' should be '2, 1' but there's some - # nightmarish bug in CI wherein reboots hang forever. There's a bug open[1] - # but it seems dead. Without a working reboot, there's no way to test v1. - # [1] https://redhat.service-now.com/surl.do?n=PNT0808530 - # I'm leaving this as a 'loop' in (foolish? vain?) hope that the bug will - # be fixed. Let's revisit this after, say, 2020-08. If the bug persists - # then let's just revert the entire cgroups v1 change, and go back to - # using standard-test-basic. - - name: set cgroups and run podman tests - include_tasks: test_podman_cgroups_vn.yml - loop: [ 2 ] - loop_control: - loop_var: want_cgroups - - # Postprocessing: check for FAIL or ERROR in any test, exit 1 if so - - name: check results - include_tasks: check_results.yml diff --git a/tests/test_podman_cgroups_vn.yml b/tests/test_podman_cgroups_vn.yml deleted file mode 100644 index f069182..0000000 --- a/tests/test_podman_cgroups_vn.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# Requires: 'want_cgroups' variable set to 1 or 2 -- include_role: - name: set_cgroups -- include_role: - name: run_bats_tests - vars: - tests: - # Yes, this is horrible duplication, but trying to refactor in ansible - # yields even more horrible unreadable code. This is the lesser evil. - - name: podman root cgroupsv{{ want_cgroups }} - package: podman - environment: - PODMAN: /usr/bin/podman - - name: podman rootless cgroupsv{{ want_cgroups }} - package: podman - environment: - PODMAN: /usr/bin/podman - become: true