From 224e791161b396cd5c6ed91ce8a12524b60d6197 Mon Sep 17 00:00:00 2001 From: Jan Kaluza Date: Tue, 1 Apr 2025 13:49:05 +0200 Subject: [PATCH] Replace podman pause image with rootfs. This commit removes the code to build a local pause image from the Containerfile. It is replaced with code to find the catatonit binary and include it in the Rootfs. This removes the need to build a local pause container image. The same logic is also applied to createServiceContainer which is originally also based on the pause image. Fixes: #23292 Signed-off-by: Jan Kaluza --- libpod/container.go | 5 ++ libpod/container_config.go | 3 ++ libpod/container_internal_common.go | 53 ++++++++++++++++++++ libpod/container_validate.go | 4 ++ libpod/kube.go | 77 ++++++++++++++--------------- libpod/options.go | 14 ++++++ libpod/runtime_ctr.go | 11 ++++- pkg/domain/infra/abi/play.go | 12 ++--- pkg/specgen/generate/kube/kube.go | 10 ++-- pkg/specgen/generate/pause_image.go | 72 ++------------------------- pkg/specgen/generate/pod_create.go | 8 +-- test/system/010-images.bats | 42 +++++++++------- test/system/020-tag.bats | 1 + test/system/040-ps.bats | 2 - test/system/255-auto-update.bats | 4 +- test/system/700-play.bats | 6 --- test/system/helpers.bash | 24 --------- 17 files changed, 174 insertions(+), 174 deletions(-) diff --git a/libpod/container.go b/libpod/container.go index 7c04e1cf0b..ff5839a549 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -1266,6 +1266,11 @@ func (c *Container) IsInfra() bool { return c.config.IsInfra } +// IsDefaultInfra returns whether the container is a default infra container generated directly by podman +func (c *Container) IsDefaultInfra() bool { + return c.config.IsDefaultInfra +} + // IsInitCtr returns whether the container is an init container func (c *Container) IsInitCtr() bool { return len(c.config.InitContainerType) > 0 diff --git a/libpod/container_config.go b/libpod/container_config.go index 6178b0624e..261158bf49 100644 --- a/libpod/container_config.go +++ b/libpod/container_config.go @@ -404,6 +404,9 @@ type ContainerMiscConfig struct { // IsInfra is a bool indicating whether this container is an infra container used for // sharing kernel namespaces in a pod IsInfra bool `json:"pause"` + // IsDefaultInfra is a bool indicating whether this container is a default infra container + // using the default rootfs with catatonit bind-mounted into it. + IsDefaultInfra bool `json:"defaultPause"` // IsService is a bool indicating whether this container is a service container used for // tracking the life cycle of K8s service. IsService bool `json:"isService"` diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index f48afcab7a..7b546d71a8 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -178,6 +178,51 @@ func getOverlayUpperAndWorkDir(options []string) (string, string, error) { return upperDir, workDir, nil } +// Internal only function which creates the Rootfs for default internal +// pause image, configures the Rootfs in the Container and returns +// the mount-point for the /catatonit. This mount-point should be added +// to the Container spec. +func (c *Container) prepareInitRootfs() (spec.Mount, error) { + newMount := spec.Mount{ + Type: define.TypeBind, + Source: "", + Destination: "", + Options: append(bindOptions, "ro", "nosuid", "nodev"), + } + + tmpDir, err := c.runtime.TmpDir() + if err != nil { + return newMount, fmt.Errorf("getting runtime temporary directory: %w", err) + } + tmpDir = filepath.Join(tmpDir, "infra-container") + err = os.MkdirAll(tmpDir, 0755) + if err != nil { + return newMount, fmt.Errorf("creating infra container temporary directory: %w", err) + } + // Also look into the path as some distributions install catatonit in + // /usr/bin. + catatonitPath, err := c.runtime.config.FindInitBinary() + if err != nil { + return newMount, fmt.Errorf("finding catatonit binary: %w", err) + } + catatonitPath, err = filepath.EvalSymlinks(catatonitPath) + if err != nil { + return newMount, fmt.Errorf("follow symlink to catatonit binary: %w", err) + } + + newMount.Source = catatonitPath + newMount.Destination = "/" + filepath.Base(catatonitPath) + + c.config.Rootfs = tmpDir + c.config.RootfsOverlay = true + if len(c.config.Entrypoint) == 0 { + c.config.Entrypoint = []string{"/" + filepath.Base(catatonitPath), "-P"} + c.config.Spec.Process.Args = c.config.Entrypoint + } + + return newMount, nil +} + // Generate spec for a container // Accepts a map of the container's dependencies func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFuncRet func(), err error) { @@ -380,6 +425,14 @@ func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFunc c.setProcessLabel(&g) c.setMountLabel(&g) + if c.IsDefaultInfra() || c.IsService() { + newMount, err := c.prepareInitRootfs() + if err != nil { + return nil, nil, err + } + g.AddMount(newMount) + } + // Add bind mounts to container for dstPath, srcPath := range c.state.BindMounts { newMount := spec.Mount{ diff --git a/libpod/container_validate.go b/libpod/container_validate.go index 5a03de4eb6..b80c5c57e3 100644 --- a/libpod/container_validate.go +++ b/libpod/container_validate.go @@ -183,6 +183,10 @@ func (c *Container) validate() error { } } + if c.config.IsDefaultInfra && !c.config.IsInfra { + return fmt.Errorf("default rootfs-based infra container is set for non-infra container") + } + return nil } diff --git a/libpod/kube.go b/libpod/kube.go index 333d9ef324..76433e67f4 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -925,6 +925,10 @@ func containerToV1Container(ctx context.Context, c *Container, getService bool) return kubeContainer, kubeVolumes, nil, annotations, fmt.Errorf("linux devices: %w", define.ErrNotImplemented) } + if !c.IsInfra() && len(c.config.Rootfs) > 0 { + return kubeContainer, kubeVolumes, nil, annotations, fmt.Errorf("k8s does not support Rootfs") + } + if len(c.config.UserVolumes) > 0 { volumeMounts, volumes, localAnnotations, err := libpodMountsToKubeVolumeMounts(c) if err != nil { @@ -957,53 +961,44 @@ func containerToV1Container(ctx context.Context, c *Container, getService bool) kubeContainer.Name = removeUnderscores(c.Name()) _, image := c.Image() - // The infra container may have been created with an overlay root FS - // instead of an infra image. If so, set the imageto the default K8s - // pause one and make sure it's in the storage by pulling it down if - // missing. - if image == "" && c.IsInfra() { - image = c.runtime.config.Engine.InfraImage - if _, err := c.runtime.libimageRuntime.Pull(ctx, image, config.PullPolicyMissing, nil); err != nil { - return kubeContainer, nil, nil, nil, err - } - } - kubeContainer.Image = image kubeContainer.Stdin = c.Stdin() - img, _, err := c.runtime.libimageRuntime.LookupImage(image, nil) - if err != nil { - return kubeContainer, kubeVolumes, nil, annotations, fmt.Errorf("looking up image %q of container %q: %w", image, c.ID(), err) - } - imgData, err := img.Inspect(ctx, nil) - if err != nil { - return kubeContainer, kubeVolumes, nil, annotations, err - } - // If the user doesn't set a command/entrypoint when creating the container with podman and - // is using the image command or entrypoint from the image, don't add it to the generated kube yaml - if reflect.DeepEqual(imgData.Config.Cmd, kubeContainer.Command) || reflect.DeepEqual(imgData.Config.Entrypoint, kubeContainer.Command) { - kubeContainer.Command = nil - } + if len(image) > 0 { + img, _, err := c.runtime.libimageRuntime.LookupImage(image, nil) + if err != nil { + return kubeContainer, kubeVolumes, nil, annotations, fmt.Errorf("looking up image %q of container %q: %w", image, c.ID(), err) + } + imgData, err := img.Inspect(ctx, nil) + if err != nil { + return kubeContainer, kubeVolumes, nil, annotations, err + } + // If the user doesn't set a command/entrypoint when creating the container with podman and + // is using the image command or entrypoint from the image, don't add it to the generated kube yaml + if reflect.DeepEqual(imgData.Config.Cmd, kubeContainer.Command) || reflect.DeepEqual(imgData.Config.Entrypoint, kubeContainer.Command) { + kubeContainer.Command = nil + } - if c.WorkingDir() != "/" && imgData.Config.WorkingDir != c.WorkingDir() { - kubeContainer.WorkingDir = c.WorkingDir() - } + if c.WorkingDir() != "/" && imgData.Config.WorkingDir != c.WorkingDir() { + kubeContainer.WorkingDir = c.WorkingDir() + } - if imgData.User == c.User() && hasSecData { - kubeSec.RunAsGroup, kubeSec.RunAsUser = nil, nil - } - // If the image has user set as a positive integer value, then set runAsNonRoot to true - // in the kube yaml - imgUserID, err := strconv.Atoi(imgData.User) - if err == nil && imgUserID > 0 { - trueBool := true - kubeSec.RunAsNonRoot = &trueBool - } + if imgData.User == c.User() && hasSecData { + kubeSec.RunAsGroup, kubeSec.RunAsUser = nil, nil + } + // If the image has user set as a positive integer value, then set runAsNonRoot to true + // in the kube yaml + imgUserID, err := strconv.Atoi(imgData.User) + if err == nil && imgUserID > 0 { + trueBool := true + kubeSec.RunAsNonRoot = &trueBool + } - envVariables, err := libpodEnvVarsToKubeEnvVars(c.config.Spec.Process.Env, imgData.Config.Env) - if err != nil { - return kubeContainer, kubeVolumes, nil, annotations, err + envVariables, err := libpodEnvVarsToKubeEnvVars(c.config.Spec.Process.Env, imgData.Config.Env) + if err != nil { + return kubeContainer, kubeVolumes, nil, annotations, err + } + kubeContainer.Env = envVariables } - kubeContainer.Env = envVariables kubeContainer.Ports = ports // This should not be applicable diff --git a/libpod/options.go b/libpod/options.go index 5bb20ef08b..2ef252eebf 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -1648,6 +1648,20 @@ func withIsInfra() CtrCreateOption { } } +// withIsDefaultInfra allows us to differentiate between the default infra containers generated +// directly by podman and custom infra containers within the container config +func withIsDefaultInfra() CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return define.ErrCtrFinalized + } + + ctr.config.IsDefaultInfra = true + + return nil + } +} + // WithIsService allows us to differentiate between service containers and other container // within the container config. It also sets the exit-code propagation of the // service container. diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 3636a7d6d4..a313621735 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -51,6 +51,9 @@ func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, spec *spec } if infra { options = append(options, withIsInfra()) + if len(spec.RawImageName) == 0 { + options = append(options, withIsDefaultInfra()) + } } return r.newContainer(ctx, rSpec, options...) } @@ -246,6 +249,13 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options .. } func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Container, retErr error) { + if ctr.IsDefaultInfra() || ctr.IsService() { + _, err := ctr.prepareInitRootfs() + if err != nil { + return nil, err + } + } + // normalize the networks to names // the db backend only knows about network names so we have to make // sure we do not use ids internally @@ -422,7 +432,6 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai if ctr.restoreFromCheckpoint { // Remove information about bind mount // for new container from imported checkpoint - // NewFromSpec() is deprecated according to its comment // however the recommended replace just causes a nil map panic g := generate.NewFromSpec(ctr.config.Spec) diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 6ba84cf67b..adccd4723d 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -67,12 +67,6 @@ func (ic *ContainerEngine) createServiceContainer(ctx context.Context, name stri } } - // Similar to infra containers, a service container is using the pause image. - image, err := generate.PullOrBuildInfraImage(ic.Libpod, "") - if err != nil { - return nil, fmt.Errorf("image for service container: %w", err) - } - rtc, err := ic.Libpod.GetConfigNoCopy() if err != nil { return nil, err @@ -92,7 +86,7 @@ func (ic *ContainerEngine) createServiceContainer(ctx context.Context, name stri } // Create and fill out the runtime spec. - s := specgen.NewSpecGenerator(image, false) + s := specgen.NewSpecGenerator("", true) if err := specgenutil.FillOutSpecGen(s, &ctrOpts, []string{}); err != nil { return nil, fmt.Errorf("completing spec for service container: %w", err) } @@ -1314,6 +1308,10 @@ func (ic *ContainerEngine) getImageAndLabelInfo(ctx context.Context, cwd string, // Contains all labels obtained from kube labels := make(map[string]string) + if len(container.Image) == 0 { + return nil, labels, nil + } + pulledImage, err := ic.buildOrPullImage(ctx, cwd, writer, container.Image, container.ImagePullPolicy, options) if err != nil { return nil, labels, err diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 8ec71a7317..d3eb586eb7 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -301,9 +301,13 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener // TODO: We don't understand why specgen does not take of this, but // integration tests clearly pointed out that it was required. - imageData, err := opts.Image.Inspect(ctx, nil) - if err != nil { - return nil, err + var imageData *libimage.ImageData + if opts.Image != nil { + var err error + imageData, err = opts.Image.Inspect(ctx, nil) + if err != nil { + return nil, err + } } s.WorkDir = "/" // Entrypoint/Command handling is based off of diff --git a/pkg/specgen/generate/pause_image.go b/pkg/specgen/generate/pause_image.go index ffd398decc..6cadc94ffc 100644 --- a/pkg/specgen/generate/pause_image.go +++ b/pkg/specgen/generate/pause_image.go @@ -4,18 +4,15 @@ package generate import ( "context" - "fmt" - "os" - buildahDefine "github.com/containers/buildah/define" "github.com/containers/common/pkg/config" "github.com/containers/podman/v5/libpod" - "github.com/containers/podman/v5/libpod/define" ) -// PullOrBuildInfraImage pulls down the specified image or the one set in -// containers.conf. If none is set, it builds a local pause image. -func PullOrBuildInfraImage(rt *libpod.Runtime, imageName string) (string, error) { +// PullInfraImage pulls down the specified image or the one set in +// containers.conf. If none is set, it returns an empty string. In this +// case, the rootfs-based pause image is used by libpod. +func PullInfraImage(rt *libpod.Runtime, imageName string) (string, error) { rtConfig, err := rt.GetConfigNoCopy() if err != nil { return "", err @@ -33,64 +30,5 @@ func PullOrBuildInfraImage(rt *libpod.Runtime, imageName string) (string, error) return imageName, nil } - name, err := buildPauseImage(rt, rtConfig) - if err != nil { - return "", fmt.Errorf("building local pause image: %w", err) - } - return name, nil -} - -func buildPauseImage(rt *libpod.Runtime, rtConfig *config.Config) (string, error) { - version, err := define.GetVersion() - if err != nil { - return "", err - } - imageName := fmt.Sprintf("localhost/podman-pause:%s-%d", version.Version, version.Built) - - // First check if the image has already been built. - if _, _, err := rt.LibimageRuntime().LookupImage(imageName, nil); err == nil { - return imageName, nil - } - - // Also look into the path as some distributions install catatonit in - // /usr/bin. - catatonitPath, err := rtConfig.FindInitBinary() - if err != nil { - return "", fmt.Errorf("finding pause binary: %w", err) - } - - buildContent := fmt.Sprintf(`FROM scratch -COPY %s /catatonit -ENTRYPOINT ["/catatonit", "-P"]`, catatonitPath) - - tmpF, err := os.CreateTemp("", "pause.containerfile") - if err != nil { - return "", err - } - if _, err := tmpF.WriteString(buildContent); err != nil { - return "", err - } - if err := tmpF.Close(); err != nil { - return "", err - } - defer os.Remove(tmpF.Name()) - - buildOptions := buildahDefine.BuildOptions{ - CommonBuildOpts: &buildahDefine.CommonBuildOptions{}, - Output: imageName, - Quiet: true, - IgnoreFile: "/dev/null", // makes sure to not read a local .ignorefile (see #13529) - IIDFile: "/dev/null", // prevents Buildah from writing the ID on stdout - IDMappingOptions: &buildahDefine.IDMappingOptions{ - // Use the host UID/GID mappings for the build to avoid issues when - // running with a custom mapping (BZ #2083997). - HostUIDMapping: true, - HostGIDMapping: true, - }, - } - if _, _, err := rt.Build(context.Background(), buildOptions, tmpF.Name()); err != nil { - return "", err - } - - return imageName, nil + return "", nil } diff --git a/pkg/specgen/generate/pod_create.go b/pkg/specgen/generate/pod_create.go index f0a14ce86c..fedc901975 100644 --- a/pkg/specgen/generate/pod_create.go +++ b/pkg/specgen/generate/pod_create.go @@ -38,12 +38,14 @@ func MakePod(p *entities.PodSpec, rt *libpod.Runtime) (_ *libpod.Pod, finalErr e } if !p.PodSpecGen.NoInfra { - imageName, err := PullOrBuildInfraImage(rt, p.PodSpecGen.InfraImage) + imageName, err := PullInfraImage(rt, p.PodSpecGen.InfraImage) if err != nil { return nil, err } - p.PodSpecGen.InfraImage = imageName - p.PodSpecGen.InfraContainerSpec.RawImageName = imageName + if len(imageName) > 0 { + p.PodSpecGen.InfraImage = imageName + p.PodSpecGen.InfraContainerSpec.RawImageName = imageName + } } spec, err := MapSpec(&p.PodSpecGen) diff --git a/test/system/010-images.bats b/test/system/010-images.bats index 020f94f97d..491860ec4d 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -259,41 +259,45 @@ Labels.created_at | 20[0-9-]\\\+T[0-9:]\\\+Z run_podman inspect --format '{{.ID}}' $IMAGE imageID=$output - pauseImage=$(pause_image) - run_podman inspect --format '{{.ID}}' $pauseImage - pauseID=$output + run_podman pod inspect --format "{{.InfraContainerID}}" $pname + infra_ID="$output" run_podman 2 rmi -a - is "$output" "Error: 2 errors occurred: -.** image used by .*: image is in use by a container: consider listing external containers and force-removing image -.** image used by .*: image is in use by a container: consider listing external containers and force-removing image" + is "$output" "Error: image used by .*: image is in use by a container: consider listing external containers and force-removing image" run_podman rmi -af is "$output" "Untagged: $IMAGE -Untagged: $pauseImage -Deleted: $imageID -Deleted: $pauseID" "infra images gets removed as well" +Deleted: $imageID" "image gets removed" run_podman images --noheading is "$output" "" - run_podman ps --all --noheading - is "$output" "" + run_podman ps --all --noheading --no-trunc + assert "$output" =~ ".*$infra_ID.*" "infra container still running" run_podman pod ps --noheading - is "$output" "" + assert "$output" =~ ".*$pname.*" "pod still running" - run_podman create --pod new:$pname $IMAGE # Clean up - run_podman rm "${lines[-1]}" run_podman pod rm -a - run_podman rmi $pauseImage } # CANNOT BE PARALLELIZED: relies on exact output from podman images @test "podman images - rmi -f can remove infra images" { pname=p_$(safename) - run_podman create --pod new:$pname $IMAGE - pauseImage=$(pause_image) + # Create a custom image so we can test --infra-image and -command. + # It will have a randomly generated infra command, using the + # existing 'pause' script in our testimage. We assign a bogus + # entrypoint to confirm that --infra-command will override. + local pauseImage="infra_image_$(safename)" + # --layers=false needed to work around buildah#5674 parallel flake + run_podman build -t $pauseImage --layers=false - << EOF +FROM $IMAGE +ENTRYPOINT ["/home/podman/pause"] +EOF + + run_podman --noout pod create --name $pname --infra-image "$pauseImage" + run_podman create --pod $pname $IMAGE + run_podman inspect --format '{{.ID}}' $pauseImage pauseID=$output @@ -301,7 +305,7 @@ Deleted: $pauseID" "infra images gets removed as well" is "$output" "Error: image used by .* image is in use by a container: consider listing external containers and force-removing image" run_podman rmi -f $pauseImage - is "$output" "Untagged: $pauseImage + is "$output" "Untagged: localhost/$pauseImage:latest Deleted: $pauseID" # Force-removing the infra container removes the pod and all its containers. @@ -330,6 +334,7 @@ Deleted: $pauseID" run_podman image rm --force bogus is "$output" "" "Should print no output" + _prefetch $IMAGE random_image_name=i_$(safename) run_podman image tag $IMAGE $random_image_name run_podman image rm --force bogus $random_image_name @@ -386,6 +391,7 @@ EOF | grep -vF '[storage.options]' >>$sconf fi + _prefetch $IMAGE skopeo copy containers-storage:$IMAGE \ containers-storage:\[${storagedriver}@${imstore}/root+${imstore}/runroot\]$IMAGE diff --git a/test/system/020-tag.bats b/test/system/020-tag.bats index c776ff53bc..ab41e49b1c 100644 --- a/test/system/020-tag.bats +++ b/test/system/020-tag.bats @@ -57,6 +57,7 @@ function _tag_and_check() { # CANNOT BE PARALLELIZED: temporarily removes $IMAGE @test "podman untag all" { + _prefetch $IMAGE # First get the image ID run_podman inspect --format '{{.ID}}' $IMAGE iid=$output diff --git a/test/system/040-ps.bats b/test/system/040-ps.bats index dbb517fb54..51b0f6cb97 100644 --- a/test/system/040-ps.bats +++ b/test/system/040-ps.bats @@ -237,7 +237,6 @@ load helpers is "$output" "$rand_value" run_podman pod rm -t 0 -f test - run_podman rmi $(pause_image) } @test "podman ps --format PodName" { @@ -252,7 +251,6 @@ load helpers run_podman rm -t 0 -f $cid run_podman pod rm -t 0 -f $rand_value - run_podman rmi $(pause_image) } # vim: filetype=sh diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 8bde211055..f4de97e5d3 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -563,7 +563,7 @@ EOF # Clean up systemctl stop $service_name - run_podman rmi -f $(pause_image) $local_image $newID $oldID + run_podman rmi -f $local_image $newID $oldID run_podman network rm podman-default-kube-network rm -f $UNIT_DIR/$unit_name } @@ -630,7 +630,7 @@ EOF assert $status -eq 0 "Error stopping pod systemd unit: $output" run_podman pod rm -f $podname - run_podman rmi $local_image $(pause_image) + run_podman rmi $local_image rm -f $podunit $ctrunit systemctl daemon-reload } diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 762d810362..7d2153a490 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -117,12 +117,6 @@ RELABEL="system_u:object_r:container_file_t:s0" is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" fi - # Make sure that the K8s pause image isn't pulled but the local podman-pause is built. - run_podman images - run_podman 1 image exists k8s.gcr.io/pause - run_podman 1 image exists registry.k8s.io/pause - run_podman image exists $(pause_image) - run_podman pod rm -t 0 -f $PODNAME } diff --git a/test/system/helpers.bash b/test/system/helpers.bash index a0285bfdf2..838bdf13ed 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -452,21 +452,6 @@ function clean_setup() { if [[ -z "$found_needed_image" ]]; then _prefetch $PODMAN_TEST_IMAGE_FQN fi - - # Load (create, actually) the pause image. This way, all pod tests will - # have it available. Without this, pod tests run in parallel will leave - # behind : images. - # FIXME: only do this when running parallel! Otherwise, we may break - # test expectations. - # SUB-FIXME: there's no actual way to tell if we're running bats - # in parallel (see bats-core#998). Use undocumented hack. - # FIXME: #23292 -- this should not be necessary. - if [[ -n "$BATS_SEMAPHORE_DIR" ]]; then - run_podman pod create mypod - run_podman pod rm mypod - # And now, we have a pause image, and each test does not - # need to build their own. - fi } # END setup/teardown tools @@ -812,15 +797,6 @@ function journald_unavailable() { return 1 } -# Returns the name of the local pause image. -function pause_image() { - # This function is intended to be used as '$(pause_image)', i.e. - # our caller wants our output. run_podman() messes with output because - # it emits the command invocation to stdout, hence the redirection. - run_podman version --format "{{.Server.Version}}-{{.Server.Built}}" >/dev/null - echo "localhost/podman-pause:$output" -} - # Wait for the pod (1st arg) to transition into the state (2nd arg) function _ensure_pod_state() { for i in {0..5}; do