Commit graph

1064 commits

Author SHA1 Message Date
Debarshi Ray
9f4d906e39 test/system: Remove redundant comment
It's quite obvious what the corresponding code is doing, and it isn't
any harder to understand than the rest of the code that's not commented.

https://github.com/containers/toolbox/pull/1282
2023-03-26 10:36:59 +02:00
Debarshi Ray
06245dbf52 test/system: Synchronize with the parseRelease() unit tests
https://github.com/containers/toolbox/pull/1280
2023-03-24 19:57:33 +01:00
Debarshi Ray
26b031f686 test/system: Split the tests for parsing releases
This will make it easier to find out exactly which test failed.

https://github.com/containers/toolbox/pull/1280
2023-03-23 18:09:45 +01:00
Debarshi Ray
44cbdb1f18 test/system: Ensure that both non-Toolbx containers & images are skipped
https://github.com/containers/toolbox/pull/1273
2023-03-22 12:05:06 +01:00
Debarshi Ray
11f5cde45e test/system: Check the number of images after pulling them
This is a quick sanity check with 'podman images' to ensure that all the
images are in place before running 'list'.  Other tests already do this,
so this change makes these two tests consistent with the rest.

https://github.com/containers/toolbox/pull/1273
2023-03-22 10:40:57 +01:00
Debarshi Ray
63aeabe86b test/system: Factor out some repeated code
https://github.com/containers/toolbox/pull/1273
2023-03-22 10:08:47 +01:00
Debarshi Ray
55bf3d06a8 test/system: Use fully qualified image names to check the 'list' output
https://github.com/containers/toolbox/pull/1273
2023-03-22 09:45:23 +01:00
Debarshi Ray
164c9eff36 test/system: Test 'list' with a RHEL Toolbx image
This restores parts of commit e09de9f3e5.

https://github.com/containers/toolbox/pull/1273
2023-03-22 09:18:04 +01:00
Debarshi Ray
aa9da193c6 test/system: Test 'list' with an old Fedora Toolbx image
It's good to ensure that older well-known Toolbx images continue to work
with newer versions of 'list'.

https://github.com/containers/toolbox/pull/1278
2023-03-22 09:16:58 +01:00
Debarshi Ray
571cfc1296 test/system: Use the same convenience function as elsewhere
Fallout from b27795a03e

https://github.com/containers/toolbox/pull/1278
2023-03-22 09:16:52 +01:00
Debarshi Ray
96d629c21f test/system: Test 'list' with the default Toolbx image
This is the 'simple' case of having a well-known Toolbx image (ie.,
not a copy, not an image without a name, not a non-Toolbx image).  It's
good to ensure that the default image works as expected with 'list'
before moving on to more complex scenarios.

https://github.com/containers/toolbox/pull/1278
2023-03-22 09:16:44 +01:00
Debarshi Ray
20fa122820 test/system: Test 'list' both with and without --images
https://github.com/containers/toolbox/pull/1278
2023-03-22 09:16:37 +01:00
Debarshi Ray
6890f5dc8d test/system: Rename a 'list' test for clarity
A subsequent commit will add a variant of this test that uses 'list'
without the '--images' option.

https://github.com/containers/toolbox/pull/1278
2023-03-22 09:16:29 +01:00
Debarshi Ray
9cae66ddd8 test/system: Check the standard error & output streams separately
https://github.com/containers/toolbox/pull/1278
2023-03-22 09:16:20 +01:00
Debarshi Ray
e22a82fec8 test/system: Simplify the line count checks by relying on Bats >= 1.7.0
Fedora 35 was stuck with Bats 1.5.0.  However, it reached End of Life on
13th December 2022 and was dropped from the CI [1].  Fedora 36 is the
oldest supported Fedora and it has Bats 1.8.2.

Therefore, there's no need to retain compatibility with Bats < 1.7.0.

Note that bats_require_minimum_version itself is only available from
Bats 1.7.0 [2].

[1] Commit 419e4e8cd9
    https://github.com/containers/toolbox/pull/1237

[2] Bats commit 71d6b71cebc3d32b
    https://github.com/bats-core/bats-core/issues/556
    https://bats-core.readthedocs.io/en/stable/warnings/BW02.html

https://github.com/containers/toolbox/pull/1273
2023-03-21 19:20:21 +01:00
Debarshi Ray
08e40e666e test/system: Shorten the names of the tests and use consistent wording
Currently, some of the names of the tests were too long, and had
inconsistent and verbose wording.  This made it difficult to look at
them and get a gist of all the scenarios being tested.  The names are
like headings.  They shouldn't be too long, should capture the primary
objective of the test and be consistent in their wording.

https://github.com/containers/toolbox/pull/1276
2023-03-21 19:11:20 +01:00
Debarshi Ray
5b8a7a00c0 test/system: Use long options, instead of their shorter aliases
The long options are easier to grep(1) for in the sources than their
shorter aliases.

https://github.com/containers/toolbox/pull/1276
2023-03-21 19:11:13 +01:00
Debarshi Ray
f364812781 test/system: Shorten the names of the tests and use consistent wording
Currently, some of the names of the tests were too long, and had
inconsistent and verbose wording.  This made it difficult to look at
them and get a gist of all the scenarios being tested.  The names are
like headings.  They shouldn't be too long, should capture the primary
objective of the test and be consistent in their wording.

https://github.com/containers/toolbox/pull/1271
2023-03-20 18:28:10 +01:00
Debarshi Ray
edd82d7e6e test/system: Style fixes
Fallout from e5bab51bca

https://github.com/containers/toolbox/pull/1271
2023-03-20 18:28:07 +01:00
Debarshi Ray
3773ceb0c5 .github/CODEOWNERS: Clarify ownership of the Toolbx graphics
https://github.com/containers/toolbox/pull/1270
2023-03-20 15:25:21 +01:00
Debarshi Ray
0200b4e6d9 .github: Add CODEOWNERS
Toolbx was conceived to address the needs of Fedora Linux.  Even though
it works on host operating systems outside the Fedora family, it hasn't
treated them with the same importance as Fedora Linux and derivatives
like Red Hat Enterprise Linux.  Subsequent commits will change that by
adding first-class support for host operating systems beyond the Fedora
universe.  eg., Arch Linux and Ubuntu.

The current Toolbx maintainers, Ondřej Míchal and myself, are Fedora
developers and don't have the bandwidth to drive changes and track down
bugs in OSes outside the Fedora family.  Therefore, maintenance of some
parts of the code base will be delegated to contributors from those
other OS communities.

This is a step in that direction by clearly specifying which part of the
code base is maintained by whom.

https://github.com/containers/toolbox/pull/1268
2023-03-17 19:28:15 +01:00
Debarshi Ray
c6760299d2 pkg/utils, test/system: Add some more tests for parsing RHEL releases
https://github.com/containers/toolbox/pull/1262
2023-03-16 22:01:45 +01:00
Debarshi Ray
e01927bfdc pkg/utils, test/system: Add some more tests for parsing Fedora releases
https://github.com/containers/toolbox/pull/1262
2023-03-16 22:01:45 +01:00
Debarshi Ray
1c320b0eb0 pkg/utils: Simplify the definition of parseRelease() unit test cases
https://github.com/containers/toolbox/pull/1267
2023-03-16 21:04:24 +01:00
Debarshi Ray
56a64a68bd pkg/utils: Remove unused error
Fallout from b5474bff84

https://github.com/containers/toolbox/pull/1267
2023-03-16 20:53:12 +01:00
Debarshi Ray
a4cc791f39 test/system: Synchronize with the parseRelease() unit tests
https://github.com/containers/toolbox/pull/1266
2023-03-16 18:41:24 +01:00
Debarshi Ray
1bd6cf17ce test/system: Split the tests for parsing releases
This will make it easier to find out exactly which test failed.

https://github.com/containers/toolbox/pull/1266
2023-03-16 18:31:12 +01:00
Debarshi Ray
6b6cb1b2f9 .zuul: Enable testing on Fedora 38
https://github.com/containers/toolbox/pull/1265
2023-03-16 17:57:46 +01:00
Debarshi Ray
e5bab51bca test/system: Shorten the names of the tests and use consistent wording
Currently, some of the names of the tests were too long, and had
inconsistent and verbose wording.  This made it difficult to look at
them and get a gist of all the scenarios being tested.  The names are
like headings.  They shouldn't be too long, should capture the primary
objective of the test and be consistent in their wording.

https://github.com/containers/toolbox/pull/1265
2023-03-16 17:57:46 +01:00
Debarshi Ray
068d22a199 test/system: Use long options, instead of their shorter aliases
The long options are easier to grep(1) for in the sources than their
shorter aliases.

https://github.com/containers/toolbox/pull/1265
2023-03-16 17:37:16 +01:00
Nieves Montero
a1c309541f Report the size of the image that will be downloaded from a registry
This uses 'skopeo inspect' to get the size of the image on the registry,
which is usually less than the size of the image in a local
containers/storage image store after download (eg., 'podman images'),
because they are kept compressed on the registry.  Skopeo >= 1.10.0 is
needed to retrieve the sizes [1].

However, this doesn't add a hard dependency on Skopeo to accommodate
size-constrained operating systems like Fedora CoreOS.  If skopeo(1) is
missing or too old, then the size of the image won't be shown, but
everything else would continue to work as before.

Some changes by Debarshi Ray.

[1] Skopeo commit d9dfc44888ff71a6
    https://github.com/containers/skopeo/commit/d9dfc44888ff71a6
    https://github.com/containers/skopeo/issues/641

https://github.com/containers/toolbox/issues/752

Signed-off-by: Nieves Montero <nmontero@redhat.com>
2023-03-14 01:05:50 +01:00
Debarshi Ray
2129e28fe6 cmd/create, cmd/root, cmd/run: Tweak the debug logs for consistency
Debug logs are sweeter when they are shorter.

https://github.com/containers/toolbox/pull/1258
2023-03-08 00:18:46 +01:00
Debarshi Ray
fb15655ace cmd/create: Simplify code
Fallout from 8e80dd5db1

https://github.com/containers/toolbox/pull/1256
2023-03-07 17:23:32 +01:00
Debarshi Ray
aeae18920b cmd/initContainer: Bind mount locations regardless of /run/host/etc
Bind mounting the locations at runtime doesn't really have anything to
do with whether /run/host/etc is present inside the Toolbx container.

The only possible exception could have been /etc/machine-id, but it
isn't, because the bind mount is only performed if the source at
/run/host/etc/machine-id is present.

This is a historical mistake that has persisted for a long time, since,
in practice, /run/host/etc will almost always exist inside the Toolbx
container.  It's time to finally correct it.

Fallout from 9436bbece0

https://github.com/containers/toolbox/pull/1255
2023-03-07 16:34:16 +01:00
Debarshi Ray
58638c5940 Deprecate the --monitor-host option of 'init-container'
The --monitor-host option was added to the 'init-container' command in
commit 8b84b5e460 to accommodate Podman versions older than 1.2.0
that didn't have the '--dns none' and '--no-hosts' options for
'podman create'.  These options are necessary to keep the Toolbx
container's /etc/resolv.conf and /etc/hosts files synchronized with
those of the host.

Note that Podman 1.2.0 was already available a few months before
commit 8b84b5e460 introduced the --monitor-host option.  The
chances of someone using an older Podman back then was already on the
decline, and it's very unlikely that a container created with such a
Podman has survived till this date.

Commit b6b484fa79 raised the minimum required Podman version to
1.4.0, and made the '--dns none' and '--no-hosts' options a hard
requirement.  The minimum required Podman version was again raised
recently in commit 8e80dd5db1 to 1.6.4.  Therefore, these days,
there's no need to separately use the --monitor-host option of
'init-container' for newly created containers to indicate that the
Podman version wasn't older than 1.2.0.

Given all this, it's time to stop using the --monitor-host option of
'init-container', and assume that it's always set.  The option is still
accepted to retain compatibility with existing Toolbx containers.

For containers that were created with the --monitor-host option, a
deprecation notice will be shown as:
  $ podman start --attach CONTAINER
  Flag --monitor-host has been deprecated, it does nothing
  ...

https://github.com/containers/toolbox/pull/617
2023-03-07 15:39:57 +01:00
Debarshi Ray
9680e4eeb2 cmd, doc: Style fixes
https://github.com/containers/toolbox/pull/1254
2023-03-07 14:58:11 +01:00
Debarshi Ray
8e80dd5db1 cmd/create, cmd/run: Rely on podman >= 1.6.4 always being present
So far the minimum required Podman version was 1.4.0, based on what used
to be available in RHEL 7.  These days, Podman 1.6.4 is old enough to be
in RHEL 7.9.  Hence it's time to bump the baseline.

https://github.com/containers/toolbox/pull/1253
2023-03-02 18:36:30 +01:00
Debarshi Ray
de652f4102 Test that toolbox(1) can be built without podman(1) and subordinate IDs
This is meant to roughly replicate the build environments used by
downstream distributors to build toolbox(1).  These can be restricted in
odd ways compared to a fully featured environment where toolbox(1) is
actually going to be used.  eg., the inability to use podman(1) in the
case of Fedora or not having subordinate user and group ID ranges in the
case of openSUSE.

It's important to ensure that toolbox(1) can be built by downstream
distributors without any unnecessary hassle.

https://github.com/containers/podman/issues/17657
https://github.com/containers/toolbox/issues/1246
2023-03-02 10:25:54 +01:00
Jan Zerebecki
f555029304 cmd/root: Don't validate subordinate IDs when generating the completions
Ever since commit bafbbe81c9, the shell completions are generated
while building Toolbx using the 'completion' command.  This involves
running toolbox(1) itself, and hence validating the subordinate user and
group ID ranges.

Unfortunately, some build environments, like openSUSE's, don't have
subordinate ID ranges set up.  Therefore, it's better to not validate
the subordinate ID ranges when generating the shell completions, since
they are generated by Cobra itself and subordinate ID ranges are not
involved at all.

Note that subordinate ID ranges may be needed when the generated shell
completions are actually used in interactive command line environments.
The shell completions invoke the hidden '__complete' command to get the
results that are presented to the user, and, if needed, the subordinate
ID ranges will continue to be used by podman(1) as part of that.

Some changes by Debarshi Ray.

https://github.com/containers/toolbox/issues/1246
https://github.com/containers/toolbox/pull/1249
2023-03-02 10:25:54 +01:00
Debarshi Ray
816a7cab9e cmd/root: Shuffle some code around and sprinkle some debug logs
Having a separate convenience function reduces the indentation levels by
at least one, and sometimes two, and makes it easy to have more detailed
debug logs.

This will make the subsequent commit easier to read.

https://github.com/containers/toolbox/issues/1246
2023-03-02 10:25:54 +01:00
dependabot[bot]
9708cbf269 build: Bump golang.org/x/sys to 0.1.0 for CVE-2022-29526
... or GHSA-p782-xgp4-8hr8.

https://github.com/containers/toolbox/pull/1245
https://github.com/containers/toolbox/security/dependabot/12

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-02 10:12:03 +01:00
Debarshi Ray
cafbca996e cmd/root: Sprinkle a debug log
https://github.com/containers/toolbox/pull/1251
2023-03-01 19:43:09 +01:00
Timothée Ravier
9506173f88 images: Don't leak NAME and VERSION into the Toolbx container
Note that there can be only one ARG per line.  Otherwise, the build may
fail with some build systems.  eg., Fedora's [1], which uses Docker, not
Podman.

Only the images for currently maintained Fedoras (ie., 36, 37, 38 & 39)
were updated.

[1] https://koji.fedoraproject.org/koji/taskinfo?taskID=98150241

https://github.com/containers/toolbox/issues/188
2023-03-01 17:06:58 +01:00
Debarshi Ray
fc5f568c5d cmd/root: Don't use podman(1) when generating the completions
Ever since commit bafbbe81c9, the shell completions are generated
while building Toolbx using the 'completion' command.  This involves
running toolbox(1) itself, and hence invoking 'podman version' to decide
if 'podman system migrate' is needed or not.

Unfortunately, some build environments, like Fedora's, are set up inside
a chroot(2) or systemd-nspawn(1) or similar, where 'podman version' may
not work because it does various things with namespaces(7) and clone(2)
that can, under certain circumstances, encounter an EPERM.

Therefore, it's better to avoid using podman(1) when generating the
shell completions, especially, since they are generated by Cobra itself
and podman(1) is not involved at all.

Note that podman(1) is needed when the generated shell completions are
actually used in interactive command line environments.  The shell
completions invoke the hidden '__complete' command to get the results
that are presented to the user, and, if needed, 'podman system migrate'
will continue to be run as part of that.

This partially reverts commit f3e005d014
because podman(1) is now only an optional runtime dependency for the
system tests.

https://github.com/containers/podman/issues/17657
2023-02-28 19:30:29 +01:00
Debarshi Ray
f7c4c7dedb Release 0.0.99.4
https://github.com/containers/toolbox/pull/1241
2023-02-20 17:02:55 +01:00
Debarshi Ray
8af015ed37 cmd/create, cmd/run: Style fixes
It's better not to use the global flag variables beyond the top-level
RunE functions, because sometimes the lower-level functions are re-used
from other files within the 'cmd' package.  In this case,
createContainer(), and hence pullImage(), is also used in src/cmd/run.go
to implement the 'run' command.  However, the 'run' command doesn't have
a --authflags option.

Since the default value of the flag is the zero value of the type, which
is a NOP in the code, it's likely that the code was still correct, but
it will be better to maintain some discipline here to highlight the
inputs needed by the lower-level functions.  Otherwise, things can get
tangled up.

Fallout from ecd1ced719

https://github.com/containers/toolbox/pull/1240
2023-02-16 15:14:33 +01:00
Debarshi Ray
48c07b8e5b doc/toolbox-create: Fix typo
The rest of the manual refers to the file passed to the --authfile
option as FILE, not AUTHFILE.

Fallout from ecd1ced719

https://github.com/containers/toolbox/pull/1240
2023-02-16 14:48:32 +01:00
Debarshi Ray
34baa10f41 pkg/utils: Update fallback release to 37 for non-fedora hosts
Fedora 34 reached End of Life on 7th June 2022:
https://docs.fedoraproject.org/en-US/releases/eol/

https://github.com/containers/toolbox/pull/1239
2023-02-16 14:12:05 +01:00
Debarshi Ray
31e01ac46b images: Add fedora-toolbox image definition for Fedora 39
This is untested because the registry.fedoraproject.org/fedora:39 base
image doesn't yet exist:
  $ podman build --squash --tag localhost/fedora-toolbox:39
    images/fedora/f39/
  STEP 1/19: FROM registry.fedoraproject.org/fedora:39
  Trying to pull registry.fedoraproject.org/fedora:39...
  Error: creating build container: initializing source
    docker://registry.fedoraproject.org/fedora:39: reading manifest 39
    in registry.fedoraproject.org/fedora: manifest unknown

https://github.com/containers/toolbox/issues/1233
2023-02-10 22:02:41 +01:00
Debarshi Ray
2a5f20e1b4 doc/toolbox, doc/toolbox-run: Refer to a newer Fedora release
Fedora 35 reached End of Life on 13th December 2022:
https://docs.fedoraproject.org/en-US/releases/eol/

https://github.com/containers/toolbox/pull/1237
2023-02-10 22:00:16 +01:00