summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.cirrus.yml6
-rwxr-xr-xAPI.md37
-rw-r--r--CONTRIBUTING.md3
-rw-r--r--Dockerfile.fedora4
-rw-r--r--Makefile3
-rw-r--r--README.md14
-rw-r--r--cmd/podman/varlink/io.podman.varlink37
-rw-r--r--docs/tutorials/podman_tutorial.md2
-rw-r--r--libpod/container_internal.go2
-rw-r--r--libpod/container_internal_linux.go7
-rw-r--r--libpod/container_internal_unsupported.go4
-rw-r--r--pkg/adapter/containers_remote.go7
-rw-r--r--pkg/spec/storage.go3
-rw-r--r--pkg/varlinkapi/attach.go4
-rw-r--r--test/e2e/run_volume_test.go10
15 files changed, 131 insertions, 12 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 241ac4b2b..d128337c3 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -117,6 +117,12 @@ gating_task:
- '/usr/local/bin/entrypoint.sh podman-remote-darwin |& ${TIMESTAMP}'
- '/usr/local/bin/entrypoint.sh podman-remote-windows |& ${TIMESTAMP}'
+ # Verify some aspects of ci/related scripts
+ ci_script:
+ - '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/lib.sh.t |& ${TIMESTAMP}'
+ - '/usr/local/bin/entrypoint.sh -C ${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/packer test'
+ - '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/cirrus_yaml_test.py |& ${TIMESTAMP}'
+
# Verify expected bash environment (-o pipefail)
pipefail_enabledscript: 'if /bin/false | /bin/true; then echo "pipefail fault" && exit 72; fi'
diff --git a/API.md b/API.md
index f0e5cf18f..3d2a6b01f 100755
--- a/API.md
+++ b/API.md
@@ -304,8 +304,43 @@ method AttachControl(name: [string](https://godoc.org/builtin#string)) </div>
method BuildImage(build: [BuildInfo](#BuildInfo)) [MoreResponse](#MoreResponse)</div>
BuildImage takes a [BuildInfo](#BuildInfo) structure and builds an image. At a minimum, you must provide the
-'dockerfile' and 'tags' options in the BuildInfo structure. It will return a [MoreResponse](#MoreResponse) structure
+contextDir tarball path, the 'dockerfiles' path, and 'output' option in the BuildInfo structure. The 'output'
+options is the name of the of the resulting build. It will return a [MoreResponse](#MoreResponse) structure
that contains the build logs and resulting image ID.
+#### Example
+~~~
+$ sudo varlink call -m unix:///run/podman/io.podman/io.podman.BuildImage '{"build":{"contextDir":"/tmp/t/context.tar","dockerfiles":["Dockerfile"], "output":"foobar"}}'
+{
+ "image": {
+ "id": "",
+ "logs": [
+ "STEP 1: FROM alpine\n"
+ ]
+ }
+}
+{
+ "image": {
+ "id": "",
+ "logs": [
+ "STEP 2: COMMIT foobar\n"
+ ]
+ }
+}
+{
+ "image": {
+ "id": "",
+ "logs": [
+ "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9\n"
+ ]
+ }
+}
+{
+ "image": {
+ "id": "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9",
+ "logs": []
+ }
+}
+~~~
### <a name="BuildImageHierarchyMap"></a>func BuildImageHierarchyMap
<div style="background-color: #E8E8E8; padding: 15px; margin: 10px; border-radius: 10px;">
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 07b2b3584..be13b6de3 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -347,9 +347,6 @@ tracking system.
There is also a [mailing list](https://lists.podman.io/archives/) at `lists.podman.io`.
You can subscribe by sending a message to `podman@lists.podman.io` with the subject `subscribe`.
-[owners]: https://github.com/kubernetes/community/blob/master/contributors/guide/owners.md#owners
-
-
### Bot Interactions
The primary human-interface is through comments in pull-requests. Some of these are outlined
diff --git a/Dockerfile.fedora b/Dockerfile.fedora
index 9b1568b0b..8769b5c18 100644
--- a/Dockerfile.fedora
+++ b/Dockerfile.fedora
@@ -2,8 +2,11 @@ FROM registry.fedoraproject.org/fedora:30
RUN dnf -y install btrfs-progs-devel \
atomic-registries \
+ autoconf \
+ automake \
bzip2 \
device-mapper-devel \
+ file \
findutils \
git \
glib2-devel \
@@ -15,6 +18,7 @@ RUN dnf -y install btrfs-progs-devel \
libassuan-devel \
libseccomp-devel \
libselinux-devel \
+ libtool \
containers-common \
runc \
make \
diff --git a/Makefile b/Makefile
index 5fd921467..745d4f215 100644
--- a/Makefile
+++ b/Makefile
@@ -245,9 +245,6 @@ localunit: test/goecho/goecho varlink_generate
--covermode atomic \
--tags "$(BUILDTAGS)" \
--succinct
- $(MAKE) -C contrib/cirrus/packer test
- ./contrib/cirrus/lib.sh.t
- ./contrib/cirrus/cirrus_yaml_test.py
ginkgo:
ginkgo -v -tags "$(BUILDTAGS)" $(GINKGOTIMEOUT) -cover -flakeAttempts 3 -progress -trace -noColor -nodes 3 -debug test/e2e/.
diff --git a/README.md b/README.md
index 4cdccd3a9..f694e92ef 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,20 @@ This project tests all builds against each supported version of Fedora, the late
1. Further work on the podman pod command
1. Further improvements on rootless containers
+## Communications
+
+For general questions and discussion, please use the
+IRC `#podman` channel on `irc.freenode.net`.
+
+For discussions around issues/bugs and features, you can use the GitHub
+[issues](https://github.com/containers/libpod/issues)
+and
+[PRs](https://github.com/containers/libpod/pulls)
+tracking system.
+
+There is also a [mailing list](https://lists.podman.io/archives/) at `lists.podman.io`.
+You can subscribe by sending a message to `podman@lists.podman.io` with the subject `subscribe`.
+
## Rootless
Podman can be easily run as a normal user, without requiring a setuid binary.
When run without root, Podman containers use user namespaces to set root in the container to the user running Podman.
diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink
index 4692525e3..7239f5d2e 100644
--- a/cmd/podman/varlink/io.podman.varlink
+++ b/cmd/podman/varlink/io.podman.varlink
@@ -765,8 +765,43 @@ method ListImages() -> (images: []Image)
method GetImage(id: string) -> (image: Image)
# BuildImage takes a [BuildInfo](#BuildInfo) structure and builds an image. At a minimum, you must provide the
-# 'dockerfile' and 'tags' options in the BuildInfo structure. It will return a [MoreResponse](#MoreResponse) structure
+# contextDir tarball path, the 'dockerfiles' path, and 'output' option in the BuildInfo structure. The 'output'
+# options is the name of the of the resulting build. It will return a [MoreResponse](#MoreResponse) structure
# that contains the build logs and resulting image ID.
+# #### Example
+# ~~~
+# $ sudo varlink call -m unix:///run/podman/io.podman/io.podman.BuildImage '{"build":{"contextDir":"/tmp/t/context.tar","dockerfiles":["Dockerfile"], "output":"foobar"}}'
+# {
+# "image": {
+# "id": "",
+# "logs": [
+# "STEP 1: FROM alpine\n"
+# ]
+# }
+# }
+# {
+# "image": {
+# "id": "",
+# "logs": [
+# "STEP 2: COMMIT foobar\n"
+# ]
+# }
+# }
+# {
+# "image": {
+# "id": "",
+# "logs": [
+# "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9\n"
+# ]
+# }
+# }
+# {
+# "image": {
+# "id": "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9",
+# "logs": []
+# }
+# }
+# ~~~
method BuildImage(build: BuildInfo) -> (image: MoreResponse)
# This function is not implemented yet.
diff --git a/docs/tutorials/podman_tutorial.md b/docs/tutorials/podman_tutorial.md
index 559d25d6a..169cefc0e 100644
--- a/docs/tutorials/podman_tutorial.md
+++ b/docs/tutorials/podman_tutorial.md
@@ -5,7 +5,7 @@ Podman is a utility provided as part of the libpod library. It can be used to c
containers. The following tutorial will teach you how to set up Podman and perform some basic
commands with Podman.
-If you are running on a Mac, you should instead follow the [Mac tutorial](https://github.com/containers/libpod/blob/master/mac_client.md)
+If you are running on a Mac, you should instead follow the [Mac tutorial](https://github.com/containers/libpod/blob/master/docs/tutorials/mac_client.md)
to set up the remote Podman client.
**NOTE**: the code samples are intended to be run as a non-root user, and use `sudo` where
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 8b96b3f62..7403a216b 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -622,7 +622,7 @@ func (c *Container) refresh() error {
return err
}
- return nil
+ return c.refreshCNI()
}
// Remove conmon attach socket and terminal resize FIFO
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index e7b4b2b22..2636fdb6c 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1325,3 +1325,10 @@ func (c *Container) copyOwnerAndPerms(source, dest string) error {
}
return nil
}
+
+// Teardown CNI config on refresh
+func (c *Container) refreshCNI() error {
+ // Let's try and delete any lingering network config...
+ podNetwork := c.runtime.getPodNetwork(c.ID(), c.config.Name, "", c.config.Networks, c.config.PortMappings, c.config.StaticIP)
+ return c.runtime.netPlugin.TearDownPod(podNetwork)
+}
diff --git a/libpod/container_internal_unsupported.go b/libpod/container_internal_unsupported.go
index 6fa19a778..05a587c59 100644
--- a/libpod/container_internal_unsupported.go
+++ b/libpod/container_internal_unsupported.go
@@ -40,3 +40,7 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
func (c *Container) copyOwnerAndPerms(source, dest string) error {
return nil
}
+
+func (c *Container) refreshCNI() error {
+ return define.ErrNotImplemented
+}
diff --git a/pkg/adapter/containers_remote.go b/pkg/adapter/containers_remote.go
index 01e008e87..6cecb92da 100644
--- a/pkg/adapter/containers_remote.go
+++ b/pkg/adapter/containers_remote.go
@@ -473,7 +473,12 @@ func (r *LocalRuntime) Run(ctx context.Context, c *cliconfig.RunValues, exitCode
fmt.Println(cid)
return 0, nil
}
- exitChan, errChan, err := r.attach(ctx, os.Stdin, os.Stdout, cid, true, c.String("detach-keys"))
+ inputStream := os.Stdin
+ // If -i is not set, clear stdin
+ if !c.Bool("interactive") {
+ inputStream = nil
+ }
+ exitChan, errChan, err := r.attach(ctx, inputStream, os.Stdout, cid, true, c.String("detach-keys"))
if err != nil {
return exitCode, err
}
diff --git a/pkg/spec/storage.go b/pkg/spec/storage.go
index 3d59d70d8..93919dd0a 100644
--- a/pkg/spec/storage.go
+++ b/pkg/spec/storage.go
@@ -168,6 +168,9 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
if _, ok := baseMounts[dest]; ok {
continue
}
+ if _, ok := baseVolumes[dest]; ok {
+ continue
+ }
localOpts := options
if dest == "/run" {
localOpts = append(localOpts, "noexec", "size=65536k")
diff --git a/pkg/varlinkapi/attach.go b/pkg/varlinkapi/attach.go
index 3bd487849..f8557ae0c 100644
--- a/pkg/varlinkapi/attach.go
+++ b/pkg/varlinkapi/attach.go
@@ -65,7 +65,9 @@ func (i *LibpodAPI) Attach(call iopodman.VarlinkCall, name string, detachKeys st
}
// ACK the client upgrade request
- call.ReplyAttach()
+ if err := call.ReplyAttach(); err != nil {
+ return call.ReplyErrorOccurred(err.Error())
+ }
reader, writer, _, pw, streams := setupStreams(call)
diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go
index fc1998ab2..bc3a14b66 100644
--- a/test/e2e/run_volume_test.go
+++ b/test/e2e/run_volume_test.go
@@ -270,4 +270,14 @@ var _ = Describe("Podman run with volumes", func() {
Expect(separateVolumeSession.ExitCode()).To(Equal(0))
Expect(separateVolumeSession.OutputToString()).To(Equal(baselineOutput))
})
+
+ It("podman read-only tmpfs conflict with volume", func() {
+ session := podmanTest.Podman([]string{"run", "--rm", "-t", "-i", "--read-only", "-v", "tmp_volume:/run", ALPINE, "touch", "/run/a"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ session2 := podmanTest.Podman([]string{"run", "--rm", "-t", "-i", "--read-only", "--tmpfs", "/run", ALPINE, "touch", "/run/a"})
+ session2.WaitWithDefaultTimeout()
+ Expect(session2.ExitCode()).To(Equal(0))
+ })
})
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-22 10:29:54 +0000