Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure correct IPC mode handling in system tests #25440

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Ensure correct IPC mode handling in system tests #25440

wants to merge 1 commit into from
+1 −1

Conversation

bitoku
Copy link

@bitoku bitoku commented Mar 2, 2025

In environment where the default ipc mode is host, it fails the test.
This PR ensures the ipc mode.

Does this PR introduce a user-facing change?

None

giuseppe
giuseppe approved these changes Mar 3, 2025
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wondering if it would be better to use CONTAINERS_CONF_OVERRIDE= and an empty config file to test if the default shareable is used, but either way, the proposed fix is an improvement, so:

LGTM

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Mar 3, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bitoku, giuseppe

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 3, 2025
Luap99
Luap99 requested changes Mar 3, 2025
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this is the wrong thing to do, the tests are not designed to run with arbitrary containers.conf settings and I am sure many more will fail.
We assume certain defaults and it is a good thing to actual test/use the defaults so we notice what breaks if someone changes the default.

In particular this change turn this test into podman --ipc=shareable which does the same thing already so we now test the same thing twice which is not good.

So I would strongly prefer to not merge this, or similar patches.

@bitoku
Copy link
Author

bitoku commented Mar 3, 2025

Thanks for the comment!

the tests are not designed to run with arbitrary containers.conf settings and I am sure many more will fail.

Then why we have skip_if_* tests?

We assume certain defaults and it is a good thing to actual test/use the defaults so we notice what breaks if someone changes the default.

If we want to care about that, why don't we have the test to ensure that? Currently the test aims to check two things (the config default and ipc flag), which is worse I think.

In particular this change turn this test into podman --ipc=shareable which does the same thing already so we now test the same thing twice which is not good.

This is a kind of setup for the next --ipc=container test, so it's somewhat overlapped but required.

@bitoku
Copy link
Author

bitoku commented Mar 3, 2025
edited
Loading

If so, don't you have any test sets that ensures that the system has a capability of running podman?

@Luap99
Copy link
Member

Luap99 commented Mar 3, 2025

Then why we have skip_if_* tests?

Because we target a certain amount of envs that we test, local vs remote, fedora vs debian, selinux, etc...
Some might depend on a specific when things need to be skipped, but to me this is entirely different from I am using a non default containers.conf and expect all tests to pass. There are hundreds of options in containers.conf, expecting all tests to work with all possible option is simply unsustainable.

We assume certain defaults and it is a good thing to actual test/use the defaults so we notice what breaks if someone changes the default.

If we want to care about that, why don't we have the test to ensure that? Currently the test aims to check two things (the config default and ipc flag), which is worse I think.

The test is called --ipc=container, the assumption is that this works because the default ipc mode is shareable. And that is how most users would actually use it so I don't see what is wrong with it.

If so, don't you have any test sets that ensures that the system has a capability of running podman?

I don't understand what that means, what capabilities? Podman is very complex and what will or will not work totally depends on the underlying environment. I have no idea what you want to test for, podman run $IMAGE should tell you if you can run a container or not.

Our tests are designed for podman upstream testing and distro gating testing (primarily fedora and RHEL). I am not interested in targeting more envs simply due the high maintenance required.

@bitoku
Copy link
Author

bitoku commented Mar 3, 2025

ok.
I wanted to test what podman can/can't do in nested container (in podman and in cri-o).
I still think this helps understand what's required to pass the test, and if we want to check unexpected change in default config, we can implement a new test to check it.
However, if podman maintainers are on the same page, feel free to close it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Luap99 Luap99 Luap99 requested changes

@giuseppe giuseppe giuseppe approved these changes

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. release-note-none
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bitoku @Luap99 @giuseppe