testcontainers
Add rootless podman support
Follow-up for #5822 with a new CI check for podman.
I had to modify some tests slightly to make them work for podman. Please let me know if you want me to clarify any changes or are unhappy with them.
All tests except those for docker compose pass. I had to disable them because podman does not fully support compose, but I think they could be enabled in the future with a bit of work.
Open Issues
- [ ] macvlan networks don't work with netavark backend (need subnet specified)
NetworkTest::testBuilderNetworkTest::testModifiers
- [ ] network reuse test fails with CNI backend because network IDs are deterministic
NetworkTest::testReusability
- [x] pulling from local http registry does not work (see https://github.com/containers/podman/issues/16486)
ImagePullPolicyTest::pullsByDefaultImagePullPolicyTest::shouldAlwaysPullImagePullPolicyTest::shouldSupportCustomPoliciesImagePullPolicyTest::shouldCheckPolicyAmbiguousImagePullTest::testNotUsingParseDockerClientFactoryTest::runCommandInsideDockerShouldNotFailIfImageDoesNotExistsLocallyAuthenticatedImagePullTest::testThatAuthLocatorIsUsedForDockerfileBuildAuthenticatedImagePullTest::testThatAuthLocatorIsUsedForContainerCreation
- [ ] setting swappiness is not supported by cgroups V2 (
{"cause":"OCI runtime error","message":"crun: cannot set memory swappiness with cgroupv2: OCI runtime error","response":500})GenericContainerTest::shouldReportOOMAfterWait
- [x] Port bindings in inspect response are slightly different (map value is null vs map key is absent)
GenericContainerTest::shouldOnlyPublishExposedPorts
@SoMuchForSubtlety thanks again for submitting a PR! However, Podman support should not alter the current tests.
@SoMuchForSubtlety thanks again for submitting a PR! However, Podman support should not alter the current tests.
I reverted the test changes and skip them instead.
I'll try to get the outstanding compatibility issues fixed in podman. I would be grateful if this PR could stay open to track the progress.
Would it be OK to fix a (probable) bug in the tests?
https://github.com/testcontainers/testcontainers-java/blob/98ddbb845583ff07e622077522c49122908c40b6/core/src/test/java/org/testcontainers/DockerRegistryContainer.java#L102-L103
imageName.asCanonicalNameString() returns the image name with the tag, so for example localhost:123/my-image:1.0.0, but tagImageCmd takes the image tag as a separate parameter, so the end result would be localhost:123/my-image:1.0.0:1.0.0.
This should probably be client.tagImageCmd(dummyImageId, imageName.getUnversionedPart(), tag).exec();.
According to the docker API spec, the repo parameter should not contain a tag.
Thanks a lot for your work on this PR and your openness to collaboration @SoMuchForSubtlety, this is much appreciated. We can of course keep the PR open to track the progress.
Regarding:
Would it be OK to fix a (probable) bug in the tests?
Of course, maybe even better as a small distinct PR, to decouple it from the Podman development work (since it is indeed independent of it).
Podman 4.5.0 with the last required fix landed today, this is ready for review :slightly_smiling_face:
Does it work w/ docker compose?
No, because testcontainers currently uses the deprecated link feature for the compose ambassador container. If/when the implementation is changed to not use links, it should work, but that is out of scope for this PR.
This PR has been ready for a while now, any change of getting a review?