nixpkgs/nixos/tests/podman.nix

# This test runs podman and checks if simple container starts

import ./make-test-python.nix (
  { pkgs, lib, ... }: {
    name = "podman";
    meta = {
      maintainers = lib.teams.podman.members;
    };

    nodes = {
      podman =
        { pkgs, ... }:
        {
          virtualisation.podman.enable = true;

          users.users.alice = {
            isNormalUser = true;
            home = "/home/alice";
            description = "Alice Foobar";
          };

        };
    };

    testScript = ''
      import shlex


      def su_cmd(cmd):
          cmd = shlex.quote(cmd)
          return f"su alice -l -c {cmd}"


      podman.wait_for_unit("sockets.target")
      start_all()

      with subtest("Run container as root with runc"):
          podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
          podman.succeed(
              "podman run --runtime=runc -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
          )
          podman.succeed("podman ps | grep sleeping")
          podman.succeed("podman stop sleeping")
          podman.succeed("podman rm sleeping")

      with subtest("Run container as root with crun"):
          podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
          podman.succeed(
              "podman run --runtime=crun -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
          )
          podman.succeed("podman ps | grep sleeping")
          podman.succeed("podman stop sleeping")
          podman.succeed("podman rm sleeping")

      with subtest("Run container as root with the default backend"):
          podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
          podman.succeed(
              "podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
          )
          podman.succeed("podman ps | grep sleeping")
          podman.succeed("podman stop sleeping")
          podman.succeed("podman rm sleeping")

      with subtest("Run container rootless with crun"):
          podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
          podman.succeed(
              su_cmd(
                  "podman run --runtime=crun -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
              )
          )
          podman.succeed(su_cmd("podman ps | grep sleeping"))
          podman.succeed(su_cmd("podman stop sleeping"))
          podman.succeed(su_cmd("podman rm sleeping"))
      # As of 2020-11-20, the runc backend doesn't work with cgroupsv2 yet, so we don't run that test.

      with subtest("Run container rootless with the default backend"):
          podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
          podman.succeed(
              su_cmd(
                  "podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
              )
          )
          podman.succeed(su_cmd("podman ps | grep sleeping"))
          podman.succeed(su_cmd("podman stop sleeping"))
          podman.succeed(su_cmd("podman rm sleeping"))
    '';
  }
)
nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00			`# This test runs podman and checks if simple container starts`

			`import ./make-test-python.nix (`
nixos/podman: Add maintainer team & add myself to podman team 2020-04-20 12:35:36 +01:00			`{ pkgs, lib, ... }: {`
nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00			`name = "podman";`
nixos/podman: Add maintainer team & add myself to podman team 2020-04-20 12:35:36 +01:00			`meta = {`
			`maintainers = lib.teams.podman.members;`
nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00			`};`

			`nodes = {`
			`podman =`
			`{ pkgs, ... }:`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`{`
			`virtualisation.podman.enable = true;`

			`users.users.alice = {`
			`isNormalUser = true;`
			`home = "/home/alice";`
			`description = "Alice Foobar";`
nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00			`};`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00
			`};`
nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00			`};`

			`testScript = ''`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`import shlex`


			`def su_cmd(cmd):`
			`cmd = shlex.quote(cmd)`
			`return f"su alice -l -c {cmd}"`

nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00
			`podman.wait_for_unit("sockets.target")`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`start_all()`

nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`with subtest("Run container as root with runc"):`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`podman.succeed("tar cv --files-from /dev/null \| podman import - scratchimg")`
			`podman.succeed(`
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`"podman run --runtime=runc -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`)`
			`podman.succeed("podman ps \| grep sleeping")`
			`podman.succeed("podman stop sleeping")`
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`podman.succeed("podman rm sleeping")`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`with subtest("Run container as root with crun"):`
			`podman.succeed("tar cv --files-from /dev/null \| podman import - scratchimg")`
			`podman.succeed(`
			`"podman run --runtime=crun -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"`
			`)`
			`podman.succeed("podman ps \| grep sleeping")`
			`podman.succeed("podman stop sleeping")`
			`podman.succeed("podman rm sleeping")`

nixosTests.podman: run default backends, don't run runc rootless The runc backend doesn't work with unified cgroup hierarchy, and it failing is a known issue. However, the default backends should work in both rootless and as-root scenarios, so make sure we test these. 2020-11-20 00:15:31 +01:00			`with subtest("Run container as root with the default backend"):`
			`podman.succeed("tar cv --files-from /dev/null \| podman import - scratchimg")`
			`podman.succeed(`
			`"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"`
			`)`
			`podman.succeed("podman ps \| grep sleeping")`
			`podman.succeed("podman stop sleeping")`
			`podman.succeed("podman rm sleeping")`

			`with subtest("Run container rootless with crun"):`
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`podman.succeed(su_cmd("tar cv --files-from /dev/null \| podman import - scratchimg"))`
			`podman.succeed(`
			`su_cmd(`
nixosTests.podman: run default backends, don't run runc rootless The runc backend doesn't work with unified cgroup hierarchy, and it failing is a known issue. However, the default backends should work in both rootless and as-root scenarios, so make sure we test these. 2020-11-20 00:15:31 +01:00			`"podman run --runtime=crun -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"`
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`)`
			`)`
			`podman.succeed(su_cmd("podman ps \| grep sleeping"))`
			`podman.succeed(su_cmd("podman stop sleeping"))`
			`podman.succeed(su_cmd("podman rm sleeping"))`
nixosTests.podman: run default backends, don't run runc rootless The runc backend doesn't work with unified cgroup hierarchy, and it failing is a known issue. However, the default backends should work in both rootless and as-root scenarios, so make sure we test these. 2020-11-20 00:15:31 +01:00			`# As of 2020-11-20, the runc backend doesn't work with cgroupsv2 yet, so we don't run that test.`
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00
nixosTests.podman: run default backends, don't run runc rootless The runc backend doesn't work with unified cgroup hierarchy, and it failing is a known issue. However, the default backends should work in both rootless and as-root scenarios, so make sure we test these. 2020-11-20 00:15:31 +01:00			`with subtest("Run container rootless with the default backend"):`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`podman.succeed(su_cmd("tar cv --files-from /dev/null \| podman import - scratchimg"))`
			`podman.succeed(`
			`su_cmd(`
nixosTests.podman: run default backends, don't run runc rootless The runc backend doesn't work with unified cgroup hierarchy, and it failing is a known issue. However, the default backends should work in both rootless and as-root scenarios, so make sure we test these. 2020-11-20 00:15:31 +01:00			`"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"`
nixos/podman: Add rootless containers to test 2020-04-24 10:49:36 +01:00			`)`
			`)`
			`podman.succeed(su_cmd("podman ps \| grep sleeping"))`
			`podman.succeed(su_cmd("podman stop sleeping"))`
nixos/podman: add crun to test 2020-05-13 15:12:59 +10:00			`podman.succeed(su_cmd("podman rm sleeping"))`
nixos/virtualisation.podman: Init module 2020-04-20 09:37:53 +01:00			`'';`
			`}`
			`)`