CI: make 710-kube parallel-safe

Use safename. Add ci:parallel tags. Use a random port, not hardcoded 9999. Do not remove pause image. And especially do not "rm -a" anything. Signed-off-by: Ed Santiago <[email protected]>
containers · Sep 10, 2024 · e61682f · e61682f
1 parent b1efc50
commit e61682f
Showing 1 changed file with 24 additions and 23 deletions.
diff --git a/test/system/710-kube.bats b/test/system/710-kube.bats
@@ -4,6 +4,10 @@
 #
 
 load helpers
+load helpers.network
+
+# All tests in this file must be able to run in parallel
+# bats file_tags=ci:parallel
 
 # capability drop list
 capabilities='{"drop":["CAP_FOWNER","CAP_SETFCAP"]}'
@@ -22,12 +26,13 @@ json.dump(yaml.safe_load(sys.stdin), sys.stdout)'
 @test "podman kube generate - usage message" {
     run_podman kube generate --help
     is "$output" ".*podman.* kube generate \[options\] {CONTAINER...|POD...|VOLUME...}"
+
     run_podman generate kube --help
     is "$output" ".*podman.* generate kube \[options\] {CONTAINER...|POD...|VOLUME...}"
 }
 
 @test "podman kube generate - container" {
-    cname=c$(random_string 15)
+    cname=c-$(safename)
     run_podman container create --cap-drop fowner --cap-drop setfcap --name $cname $IMAGE top
     run_podman kube generate $cname
 
@@ -75,28 +80,27 @@ status                           | =  | null
 }
 
 @test "podman kube generate unmasked" {
+      cname=c-$(safename)
       KUBE=$PODMAN_TMPDIR/kube.yaml
-      run_podman create --name test --security-opt unmask=all $IMAGE
-      run_podman inspect --format '{{ .HostConfig.SecurityOpt }}' test
+      run_podman create --name $cname --security-opt unmask=all $IMAGE
+      run_podman inspect --format '{{ .HostConfig.SecurityOpt }}' $cname
       is "$output" "[unmask=all]" "Inspect should see unmask all"
-      run_podman kube generate test -f $KUBE
+      run_podman kube generate $cname -f $KUBE
       assert "$(< $KUBE)" =~ "procMount: Unmasked" "Generated kube yaml should have procMount unmasked"
       run_podman kube play $KUBE
-      run_podman inspect --format '{{ .HostConfig.SecurityOpt }}' test-pod-test
+      run_podman inspect --format '{{ .HostConfig.SecurityOpt }}' ${cname}-pod-${cname}
       is "$output" "[unmask=all]" "Inspect kube play container should see unmask all"
       run_podman kube down $KUBE
-      run_podman pod rm -a
-      run_podman rm -a
-      run_podman rmi $(pause_image)
-      run_podman network rm podman-default-kube-network
+      run_podman rm $cname
 }
 
 @test "podman kube generate - pod" {
-    local pname=p$(random_string 15)
-    local cname1=c1$(random_string 15)
-    local cname2=c2$(random_string 15)
+    local pname=p-$(safename)
+    local cname1=c1-$(safename)
+    local cname2=c2-$(safename)
 
-    run_podman pod create --name $pname --publish 9999:8888
+    port=$(random_free_port)
+    run_podman pod create --name $pname --publish $port:8888
 
     # Needs at least one container. Error is slightly different between
     # regular and remote podman:
@@ -127,7 +131,7 @@ spec.containers[0].command                 | =  | [\"top\"]
 spec.containers[0].image                   | =  | $IMAGE
 spec.containers[0].name                    | =  | $cname1
 spec.containers[0].ports[0].containerPort  | =  | 8888
-spec.containers[0].ports[0].hostPort       | =  | 9999
+spec.containers[0].ports[0].hostPort       | =  | $port
 spec.containers[0].resources               | =  | null
 
 spec.containers[1].command                 | =  | [\"bottom\"]
@@ -148,14 +152,13 @@ status  | =  | null
 
     run_podman rm $cname1 $cname2
     run_podman pod rm $pname
-    run_podman rmi $(pause_image)
 }
 
 @test "podman kube generate - deployment" {
     skip_if_remote "containersconf needs to be set on server side"
-    local pname=p$(random_string 15)
-    local cname1=c1$(random_string 15)
-    local cname2=c2$(random_string 15)
+    local pname=p-$(safename)
+    local cname1=c1-$(safename)
+    local cname2=c2-$(safename)
 
     run_podman pod create --name $pname
     run_podman container create --name $cname1 --pod $pname $IMAGE top
@@ -189,14 +192,13 @@ metadata.name              | =  | ${pname}-deployment
 
     run_podman rm $cname1 $cname2
     run_podman pod rm $pname
-    run_podman rmi $(pause_image)
 }
 
 @test "podman kube generate - job" {
     skip_if_remote "containersconf needs to be set on server side"
-    local pname=p$(random_string 15)
-    local cname1=c1$(random_string 15)
-    local cname2=c2$(random_string 15)
+    local pname=p-$(safename)
+    local cname1=c1-$(safename)
+    local cname2=c2-$(safename)
 
     run_podman pod create --name $pname
     run_podman container create --name $cname1 --pod $pname $IMAGE top
@@ -230,7 +232,6 @@ metadata.name              | =  | ${pname}-job
 
     run_podman rm $cname1 $cname2
     run_podman pod rm $pname
-    run_podman rmi $(pause_image)
 }
 
 # vim: filetype=sh