github.com/AbhinandanKurakure/podman/v3@v3.4.10/test/system/700-play.bats (about) 1 #!/usr/bin/env bats -*- bats -*- 2 # 3 # Test podman play 4 # 5 6 load helpers 7 8 # This is a long ugly way to clean up pods and remove the pause image 9 function teardown() { 10 run_podman pod rm -f -a 11 run_podman rm -f -a 12 run_podman image list --format '{{.ID}} {{.Repository}}' 13 while read id name; do 14 if [[ "$name" =~ /pause ]]; then 15 run_podman rmi $id 16 fi 17 done <<<"$output" 18 19 basic_teardown 20 } 21 22 testYaml=" 23 apiVersion: v1 24 kind: Pod 25 metadata: 26 labels: 27 app: test 28 name: test_pod 29 spec: 30 containers: 31 - command: 32 - sleep 33 - "100" 34 env: 35 - name: PATH 36 value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 37 - name: TERM 38 value: xterm 39 - name: container 40 value: podman 41 image: $IMAGE 42 name: test 43 resources: {} 44 securityContext: 45 runAsUser: 1000 46 runAsGroup: 3000 47 fsGroup: 2000 48 allowPrivilegeEscalation: true 49 capabilities: {} 50 privileged: false 51 seLinuxOptions: 52 level: "s0:c1,c2" 53 readOnlyRootFilesystem: false 54 volumeMounts: 55 - mountPath: /testdir:z 56 name: home-podman-testdir 57 workingDir: / 58 volumes: 59 - hostPath: 60 path: TESTDIR 61 type: Directory 62 name: home-podman-testdir 63 status: {} 64 " 65 66 RELABEL="system_u:object_r:container_file_t:s0" 67 68 @test "podman play with stdin" { 69 TESTDIR=$PODMAN_TMPDIR/testdir 70 mkdir -p $TESTDIR 71 echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml 72 73 run_podman play kube - < $PODMAN_TMPDIR/test.yaml 74 if [ -e /usr/sbin/selinuxenabled -a /usr/sbin/selinuxenabled ]; then 75 run ls -Zd $TESTDIR 76 is "$output" ${RELABEL} "selinux relabel should have happened" 77 fi 78 79 run_podman stop -a -t 0 80 run_podman pod stop test_pod 81 run_podman pod rm -f test_pod 82 } 83 84 @test "podman play" { 85 TESTDIR=$PODMAN_TMPDIR/testdir 86 mkdir -p $TESTDIR 87 echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml 88 run_podman play kube $PODMAN_TMPDIR/test.yaml 89 if [ -e /usr/sbin/selinuxenabled -a /usr/sbin/selinuxenabled ]; then 90 run ls -Zd $TESTDIR 91 is "$output" ${RELABEL} "selinux relabel should have happened" 92 fi 93 94 run_podman stop -a -t 0 95 run_podman pod stop test_pod 96 run_podman pod rm -f test_pod 97 } 98 99 @test "podman play --network" { 100 TESTDIR=$PODMAN_TMPDIR/testdir 101 mkdir -p $TESTDIR 102 echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml 103 run_podman 125 play kube --network bridge $PODMAN_TMPDIR/test.yaml 104 is "$output" ".*invalid value passed to --network: bridge or host networking must be configured in YAML" "podman plan-network should fail with --network host" 105 run_podman 125 play kube --network host $PODMAN_TMPDIR/test.yaml 106 is "$output" ".*invalid value passed to --network: bridge or host networking must be configured in YAML" "podman plan-network should fail with --network host" 107 run_podman play kube --network slirp4netns:port_handler=slirp4netns $PODMAN_TMPDIR/test.yaml 108 run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" 109 infraID="$output" 110 run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID 111 is "$output" "slirp4netns" "network mode slirp4netns is set for the container" 112 113 run_podman stop -a -t 0 114 run_podman pod stop test_pod 115 run_podman pod rm -f test_pod 116 117 run_podman play kube --network none $PODMAN_TMPDIR/test.yaml 118 run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" 119 infraID="$output" 120 run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID 121 is "$output" "none" "network mode none is set for the container" 122 123 run_podman stop -a -t 0 124 run_podman pod stop test_pod 125 run_podman pod rm -f test_pod 126 } 127 128 @test "podman play with user from image" { 129 TESTDIR=$PODMAN_TMPDIR/testdir 130 mkdir -p $TESTDIR 131 132 testUserYaml=" 133 apiVersion: v1 134 kind: Pod 135 metadata: 136 labels: 137 app: test 138 name: test_pod 139 spec: 140 containers: 141 - command: 142 - id 143 env: 144 - name: PATH 145 value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 146 - name: TERM 147 value: xterm 148 - name: container 149 value: podman 150 image: userimage 151 name: test 152 resources: {} 153 status: {} 154 " 155 156 cat > $PODMAN_TMPDIR/Containerfile << _EOF 157 from $IMAGE 158 USER bin 159 _EOF 160 161 echo "$testUserYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml 162 run_podman build -t userimage $PODMAN_TMPDIR 163 run_podman play kube --start=false $PODMAN_TMPDIR/test.yaml 164 run_podman inspect --format "{{ .Config.User }}" test_pod-test 165 is "$output" bin "expect container within pod to run as the bin user" 166 167 run_podman stop -a -t 0 168 run_podman pod stop test_pod 169 run_podman pod rm -f test_pod 170 run_podman rmi -f userimage:latest 171 }