Test rootless podman with bridge network, avoid the need for sudo.

adelton · Dec 13, 2024 · a2dfbba · a2dfbba
1 parent a1edff6
commit a2dfbba
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 36 deletions.
diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml
@@ -220,7 +220,7 @@ jobs:
       - run: podman volume create ${{ matrix.volume }}
         if: ${{ matrix.volume }} == freeipa-data
       - name: Run master and replica
-        run: docker=podman VOLUME=${{ matrix.volume }} tests/run-master-and-replica.sh localhost/freeipa-server:${{ matrix.os }} && podman pod ls -q | xargs podman pod rm -f
+        run: docker=podman VOLUME=${{ matrix.volume }} tests/run-master-and-replica.sh localhost/freeipa-server:${{ matrix.os }}
       - name: Run partial tests
         if: ${{ failure() }}
         run: docker=podman tests/run-partial-tests.sh Dockerfile.${{ matrix.os }}
@@ -417,5 +417,5 @@ jobs:
       - name: Build image
         run: podman build -t localhost/freeipa-server:${{ matrix.os }} -f Dockerfile.${{ matrix.os }} .
       - name: Run master
-        run: docker=podman tests/run-master-and-replica.sh localhost/freeipa-server:${{ matrix.os }} && podman pod ls -q | xargs podman pod rm -f
+        run: docker=podman tests/run-master-and-replica.sh localhost/freeipa-server:${{ matrix.os }}
 
diff --git a/tests/run-master-and-replica.sh b/tests/run-master-and-replica.sh
@@ -127,14 +127,9 @@ function run_ipa_container() {
 		OPTS="$OPTS --security-opt seccomp=$seccomp"
 	fi
 	if [ "$(id -u)" != 0 -a "$docker" == podman -a "$replica" != none ] ; then
-		if [ "$N" == "freeipa-master" ] ; then
-			OPTS="$OPTS --pod=$BASE-master"
-		else
-			OPTS="$OPTS --pod=$BASE-replica"
-		fi
-	else
-		OPTS="$OPTS -h $HOSTNAME"
+		OPTS="$OPTS --network=bridge"
 	fi
+	OPTS="$OPTS -h $HOSTNAME"
 	(
 	set -x
 	umask 0
@@ -148,30 +143,7 @@ function run_ipa_container() {
 IMAGE="$1"
 
 readonly_run="$readonly"
-if [ "$(id -u)" != 0 -a "$docker" == podman -a "$replica" != none ] ; then
-	# cleanup of potential previous runs
-	podman pod rm -f $BASE-master 2> /dev/null || :
-	podman pod rm -f $BASE-replica 2> /dev/null || :
-	sudo ip link del $BASE-master 2> /dev/null || :
-	sudo ip link del $BASE-replica 2> /dev/null || :
-	sudo ip netns del $BASE-master 2> /dev/null || :
-	sudo ip netns del $BASE-replica 2> /dev/null || :
-	# create link
-	sudo ip link add $BASE-master type veth peer name $BASE-replica
-	# create and start pods to get their host pids; not running containers in them yet
-	podman pod create --name $BASE-master --hostname ipa.example.test --add-host ipa.example.test:172.29.0.1 --dns=127.0.0.1
-	podman pod create --name $BASE-replica --hostname replica.example.test --dns=172.29.0.1
-	podman pod start $BASE-master
-	podman pod top $BASE-master hpid | grep -v ^HPID | xargs sudo ip netns attach $BASE-master
-	sudo ip link set $BASE-master netns $BASE-master
-	sudo ip netns exec $BASE-master ip link set dev $BASE-master up
-	sudo ip netns exec $BASE-master ip addr add 172.29.0.1/24 dev $BASE-master
-	podman pod start $BASE-replica
-	podman pod top $BASE-replica hpid | grep -v ^HPID | xargs sudo ip netns attach $BASE-replica
-	sudo ip link set $BASE-replica netns $BASE-replica
-	sudo ip netns exec $BASE-replica ip link set dev $BASE-replica up
-	sudo ip netns exec $BASE-replica ip addr add 172.29.0.2/24 dev $BASE-replica
-elif [ "$readonly" == "--read-only" ] ; then
+if [ "$readonly" == "--read-only" ] ; then
 	readonly_run="$readonly --dns=127.0.0.1"
 fi
 
@@ -197,9 +169,6 @@ else
 	if [ "$replica" = 'none' ] ; then
 		dns_opts=""
 	fi
-	if [ "$(id -u)" != 0 -a "$docker" == podman -a "$replica" != none ] ; then
-		dns_opts="$dns_opts --ip-address=172.29.0.1"
-	fi
 	run_ipa_container $IMAGE freeipa-master exit-on-finished -U -r EXAMPLE.TEST --setup-dns --no-forwarders $dns_opts $skip_opts --no-ntp $ca
 
 	if [ -n "$ca" ] ; then