it is not used anymore as we completely moved the pull logic to Skopeo.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1215
Approved by: baude
Add 3 cases to verify skopeo pulling from docker to ostree works.
The 3 cases include the following:
1: pull dockertar into ostree (custom name)
2: pull dockertar into ostree (default name)
3: pull docker image into ostree(e.g: docker:image:latest)
Also added a small change to ensure checkout are existant if
no installation of containers happens prior.
Closes: #1180
Approved by: giuseppe
Before, we used the ostree copy, and the size difference between the
docker image and ostree image is minimal. However, the skopeo way
has a different way of handling image size, making the ostree image has
noticeable size difference compared to the docker image.
Therefore, to make the test pass, we will have a relaxed threshold for
virtual size difference. Since we only have the test check against one
image, we first leave the percent difference to be 4%.
Closes: #1180
Approved by: giuseppe
atomic containers update --rebase=$TO $CONTAINER attempts to pull the
image if it is missing in the repository.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1198
Approved by: rhatdan
it allows to select a different OCI runtime to use with atomic run.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1196
Approved by: rhatdan
if we try "atomic run IMAGE" then the command creates a "oneshot"
container, modifies the args for the config.json file and it runs the
specified command.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1186
Approved by: baude
The files inside the container are labelled by Skopeo when the image is
pulled to the OSTree storage.
Instead the root directory is created by atomic and by default it gets
the label "unconfined_u:object_r:container_share_t:s0".
Make sure we label the rootfs with the same label of '/'.
We have changed the way files are labelled by Skopeo but we forgot to
change the label for the rootfs created by atomic. This patch ensures
the SELinux label for the rootfs is set.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1544175
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1185
Approved by: cgwalters
We skipped file names just based on their ending without checking if
it is a symlink. This prevented container with a name ending in .0 or
.1 to be uninstalled.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1166
Approved by: peterbaouoft
Since we allow to customize the runtime to use, there is no hard
requirement for bwrap-oci anymore.
Also add the same check for system containers, let's error immediately
if the specified runtime is not present.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1141
Approved by: baude
Store the checksum of files copied to the host, so that on an update or
an uninstall we can skip the files that have a mismatch in the
checksum.
This reflects in the --system-package=no case what the rpm backend
already does.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1131
Approved by: ashcrow
Split the pipeline in two so that we check that there's something to
unmount before doing it. This is needed now because the new CI
infrastructure provisions a true uninitialized block device that doesn't
need to be unmounted, so the `grep` would fail (because of the
`pipefail` option). Previously, `/dev/vdb` was actually itself a
pre-formatted ext4 partition and thus was automounted.
This should now catch both the old CI style (in case local developers
were mirroring that setup), as well as more conventional partitioning
schemes.
I dropped the `-r` since we *know* at that point that there is at least
one entry to unmount.
Closes: #1106
Approved by: rhatdan
Fix test failures after updating papr to test with f26 atomic/cloud
images instead of f25, with the following changes:
1. Remove dependency on docker hub tester image. Instead, mimic
what ostree/rpm-ostree does and use a recursive .papr.sh script
to install the necessary packages to the base f26 image in the
fedora registry. This fixes tests on the atomic host since python3.6
is being used, and prevents future tests from testing the wrong
version. (Note this is slightly slower due to having to install
packages during the test rather than using a pre-built image).
2. Fix some pylint errors, and mask others for now
3. Fix failing integration tests due to inter-test interference
4. Remove unnecessary deepcopy in container filter
5. Add compatibility for both c-s-s and d-s-s in storage
6. Update expected sha256 values for dockertar test
Remaining issues:
1. test_storage should possibly be reworked. The current test
setup is conflicting with the new default of overlay as a driver.
For now, the test for generated d-s-s is disabled.
2. some storage commands are still using "docker-storage-setup"
instead of "container-storage-setup". There is a backward
compatible check in place that should be reworked in the future
3. some masked pylint errors should be further investigated
4. keep the dockerfile for the project atomic tester image for now
(bump to 26), since its a little easier and faster to set up with
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #1076
Approved by: baude
move the filter inside the Python script since the
"images -f" can include other results and make the comparison fail only
if the difference between the two sizes is > 1%.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1047
Approved by: TomasTomecek
Issue #1021 requested we add the NAME field to the containers list command,
so that debugging container failures would be easier.
Closes: #1024
Approved by: baude
A bug was reported in issue #1022 where if the atomic install data failed,
the installation data was still written allowing the user to proceed
with an atomic run.
Disabling test_install.sh until i can follow up with Thomas.
Closes: #1025
Approved by: baude
When image is being referenced by a container,
_mark_used function should mark image as being
used if the image id is found inside the information of
containers.
In this case, the image id for containers should be
referenced as container.image instead of container.id
Some tests are added for future regression.
Closes: #1030
Approved by: baude
There were two primary cases where a secondary atomic run with a command
would trigger an exception. The first was reported in
https://github.com/projectatomic/atomic/issues/1006. Basically it can
be summarized as:
```
atomic run registry.fedoraproject.org/fedora:25 date # works fine
atomic run registry.fedoraproject.org/fedora:26 date # tries to run in the existing f25 container
```
The second case is as simple as:
```
atomic run registry.fedoraproject.org/fedora:25 date # works fine
atomic run registry.fedoraproject.org/fedora:25 date # fails
```
This fails because atomic starts the stopped f25 container and then attempts a docker exec. The
exec fails because the 'date' command is short-lived and the container exits prior to the exec
being run.
We now catch those exceptions and notify the user. We added a `--replace` option to run where
atomic will now delete the container in question and re-run it from the correct image.
Closes: #1019
Approved by: baude
Add tests to check that the tags are being properly displayed,
and remove duplicate ostree image tagging tests that are in
test_system_container_images.sh
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #1017
Approved by: baude
When atomic containers list --json ... is used the result should always
be valid json. In the event there are no containers returned an empty
json list is expected.
Closes: #1016
Approved by: baude
The atomic tag function was not working correctly for docker images
in the dockerd. Also, when attempting to tag an image from one
backend into another, we didn't handle the error correctly. This should
not work.
Add integration tests for tagging invalid images, dockerd, and ostree.
This should fix BZ #1454656.
Closes: #1014
Approved by: baude
test_storage.sh is erroring on centos_atomic with the following:
error: /dev/vdb: probing initialization failed: Device or resource
busy
A few quick attempts to fix it were made, but ended up failing.
Disabling (by appending an underscore) the test until it can be
investigate further.
Closes: #1007
Approved by: baude
Fix --quiet and --no-trunc not working together for "images list"
and "containers list".
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #992
Approved by: giuseppe
The old tests (test_system_containers.sh) were disorganized
and lacked coverage for many commands. This refactor attempts
to improve the tests with a focus on clarity and coverage.
Improvements:
- split into 4 separate tests for clarity and independence
- section each test to better know where failures happen
- make use of shared setup functions
- use ${WORK_DIR} for test files
- better setup/teardown usage
- improved coverage for update/rollback, image commands,
environment variables and expected failures
Drawback:
- Slower
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #983
Approved by: giuseppe
We need to make sure the atomic_dbus_client code works and if something
in atomic_dbus.py changes, the client should either be updated or still
work.
Closes: #975
Approved by: rhatdan
The commit c134ee5 broke the ability for atomic install to pull an image
if it isnt present.
Also, changed the flow in install.py to use more of the backend
objects when determining the backend, the image object, and the
remote image objects.
Closes: #973
Approved by: rhatdan
