| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
[CI:BUILD] Packit: Disable until proved in other repos
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
There are concerns with Packit causing flakes and delays on Podman so
let's have Packit prove itself in other repos and only then make its way
into Podman.
See: https://github.com/containers/podman/pull/15549#issuecomment-1233230573
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\
| |
| | |
Inhibit SIGTERM during Conmon startup
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If we get a SIGTERM immediately after Conmon starts but before we
record its PID in the database, we end up leaking a Conmon and
associated OCI runtime process. Inhibit shutdown using the logic
we originally wrote to prevent similar issues during container
creation to prevent this problem.
[NO NEW TESTS NEEDED] No real way to test this I can think of.
Fixes #15557
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
Add emptyDir volume support to kube play
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a kube yaml has a volume set as empty dir, podman
will create an anonymous volume with the empty dir name and
attach it to the containers running in the pod. When the pod
is removed, the empy dir volume created is also removed.
Add tests and docs for this as well.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |\ \ \
| | | |
| | | | |
[CI:DOCS] Man pages: refactor common options: --signal
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Would've been an easy one, except I decided to fix the text
to conform to our guidelines. I haven't been doing this,
but in this case it's only two man pages and the text is
short enough to make for easy review.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Makefile: Mount . with --security-opt label=disable instead of using --privileged
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
$(CURDIR) is mounted in podman as is which causes issues on systems with SELinux
as then the container cannot read or write anything inside /src/. This has been
worked around with the --privileged flag, but that's a rather brutal
solution. Adding :Z is also suboptimal, as that requires a full relabeling after
every run. Instead, we disable security labeling via `--security-opt
label=disable` for this development container allowing us to run `make
vendor-in-container` unprivileged.
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
podman rmi: emit untag events
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Emit untag events for each tag when removing an image.
Fixes: #15485
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Allow to override default username via command line
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
|
| |\ \ \ \ \ \ \
| |_|_|_|/ / /
|/| | | | | | |
podman: add uid and gid options to keep-id
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
add two new options to the keep-id user namespace option:
- uid: allow to override the UID used inside the container.
- gid: allow to override the GID used inside the container.
For example, the following command will map the rootless user (that
has UID=0 inside the rootless user namespace) to the UID=11 inside the
container user namespace:
$ podman run --userns=keep-id:uid=11 --rm -ti fedora cat /proc/self/uid_map
0 1 11
11 0 1
12 12 65525
Closes: https://github.com/containers/podman/issues/15294
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Mark some of the option fields as ignored in pkg/bindings
|
| | | |_|/ / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
I realized that `params.Del("SkipTLSVerify")` doesn't have any
effect because keys are always lowercased. So it should really
be `params.Del("skiptlsverify")`.
There's also a little bug introduced by 3bf52aa and b1d1248: if
one passes `ProgressWriter` object having `Stringer` interface
i.e. `bytes.Buffer` it ends up been serialized in query with
`util.ToParams()`.
To circumvent both problems I propose to mark non-serializable
parameters with `schema:"-"` so there's no need to delete them from
resulting `url.Values`.
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
libpod: Make sure writeConmonPipeData is called on FreeBSD
|
| |/ / / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
I managed to miss this while factoring out moveConmonToCgroupAndSignal.
Perhaps the signalling part should move to the caller instead?
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
| |\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | | |
[CI:DOCS] Man pages: refactor common options: --restart
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Only applicable to podman-create and -run. I went with the -run
version because it is cleaner and more recently updated.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
[CI:DOCS] Man pages: refactor common options: --subXidname
|
| | | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Whew! This one started off identical everywhere, but the version
in podman-run got fixed in #1380, then again in #5192, with no
corresponding fixes to any of the other man pages.
I went with the podman-run version, with a small change in wording.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
remove github.com/docker/libnetwork dependency
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Code from this dependency was replaced with a simple version. As a
result Podman's memory consumption has been reduced by ~10%.
[NO NEW TESTS NEEDED]
Signed-off-by: Mikhail Khachayants <tyler92@inbox.ru>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] Man pages: refactor common options: --http-proxy
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Only between podman-create and -run. (podman-build is too
different). I went with the podman-run version.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
e2e tests: try to deflake 5000
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We keep getting flakes in tests that use port 5000. Try to
find and fix, by switching ports where possible, and locking
5000 when not possible (or not easy) to switch.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
[CI:BUILD] Packit: Re-introduce packit with fix-spec-file action
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Any new files installed by new PRs and those present in unreleased
versions of Podman will need additional manipulation of the
dist-git spec file in the files section to workaround the
`installed but unpackaged files` issue.
The fix-spec-file packit action is useful for this.
The default fix-spec-file action often has trouble guessing the correct
version from upstream code, so it would be beneficial to specify the
correct upstream version as well.
See: https://packit.dev/docs/actions/#fix-spec-file
Rename cirrus task: `Test build RPM` to
`Test build podman-next Copr RPM` for clarity.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Man pages: refactor common options: --dns-*
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
--dns-opt and --dns-search, but only in podman-create and -run.
Went with the -run version in both cases; --dns-opt remained
unchanged, but in --dns-search I changed 'and' to 'with'.
Did not consolidate podman-build or podman-pod-create: too
different.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
APIv2 test cleanup, part 2 of 2
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This finishes the removal of curls and exits.
Please please please, everyone, if you see a 'curl' or 'exit'
in any new PR, reject the PR and tell me immediately so I can
help the developer do it the proper way.
Also, removed some very-very-wrong USER/UID code. Both are
reserved variables in bash. You cannot override them.
Also, added a cleanup to a system-connection test. I wasted
a lot of time because my podman-remote stopped working, all
because I had run this test as part of something unrelated.
Also, found and fixed dangerously-broken timeout code.
Implemented a new mechanism for requiring a timeout.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Handle an already connected network in libpod API
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Compat: Treat already attached networks as a no-op
Applies only to containers in created state. Maintain error in running state.
Co-authored-by: Alessandro Rossi <al.rossi87@gmail.com>
Co-authored-by: Brent Baude <bbaude@redhat.com>
Co-authored-by: Jason T. Greene <jason.greene@redhat.com>
Signed-off-by: Alessandro Rossi <al.rossi87@gmail.com>
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
pkg/domain: Add terminal support for FreeBSD
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This just moves the code to files which can be shared with freebsd.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
| |\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
[CI:DOCS] Cirrus: Update meta-task for EC2 image
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Copied from: https://github.com/containers/aardvark-dns/pull/207
Fixes: #15502
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
[CI:DOCS] Fix example sections to follow the same format
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | | |
Signed-off-by: patrycja-guzik <patrycja.k.guzik@gmail.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
libpod: UpdateContainerStatus: do not wait for container
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Commit 30e7cbccc194 accidentally added a deadlock as Podman was waiting
for the exit code to show up when the container transitioned to stopped.
Code paths that require the exit code to be written (by the cleanup
process) should already be using `(*Container).Wait()` in a deadlock
free way.
[NO NEW TESTS NEEDED] as I did not manage to a reproducer that would
work in CI. Ultimately, it's a race condition.
Fixes: #15492
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] - Fix: template name inconsistency
|
| | | |/ /
| |/| |
| | | | |
Signed-off-by: Stefano Figura <stefano@figura.im>
|
