| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
podman machine ssh handling
|
| |/
|
|
|
|
|
|
|
|
| |
add the key used in newly initialized machines to the user's known_hosts file. This ensures that golang will be able to ssh into the machine using
podman-remote. Also, remove the /dev/null redirection for podman machine ssh's known_hosts file.
resolves #15347
Signed-off-by: Charlie Doern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| |\
| |
| | |
Bump to v4.3.0-RC1
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
auto-update: validate container image
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Auto updates using the "registry" policy require container to be created
with a fully-qualified image reference. Short names are not supported
due the ambiguity of their source registry. Initially, container
creation errored out for non FQN images but it seems that Podman has
regressed.
Fixes: #15879
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
[CI:DOCS] Man pages: refactor common options: --env-file
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Another easy one. Option is only present in these three man pages.
I took the liberty of changing the "See note" text, making it
the same as --env. I also took the liberty of hyphenating
"line-delimited" because that's the correct thing to do.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
compat API: network inspect do not show isolate option
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We force the isolate option on new newtworks because that is the docker
behavior. However when we inspect them they should not be displayed to
the caller since they have no idea about it and docker-compose throws an
error because of that.
Fixes #15580
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| | | |
| | | | |
[CI:DOCS] Man pages: refactor common options: --env
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Only among podman create, exec, run. The same option in
podman build, generate-systemd, and secret-create is too
different.
Should be a trivial one to review, the only difference is
a period at the end of one sentence. And, of course, the
"See Environment note" applies only to podman-create and
run, not exec, so it can't be deduplicated.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
[CI:BUILD] Contrib: Add containerfile to create podman-remote binary image
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Try to partial address #14664
Signed-off-by: Praveen Kumar <kumarpraveen.nitdgp@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Man pages: Refactor common options: --sig-proxy
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Unusually, I discarded the podman-run version and went with
the one common to attach and start. (The defaults are left
out of the common file, because 'start' is different by
necessity). Please review extra-carefully to make sure
the new wording applies to podman-run, in particular
the "non-TTY mode" words.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
[CI:DOCS] man page xref: verify page title
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Issue #15923 should have never happened: the problem should've
been autodetected. Make it so henceforth (and fix another
existing discrepancy)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Remove redundant log message
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[NO NEW TESTS NEEDED]
Fixes: https://github.com/containers/podman/issues/15925
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
[CI:BUILD] Cirrus: Catch use of deprecated ioutils package
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
At the time of this commit, there's no easier way to detect this using
`golangci-lint` or the go tool (that I could find). A future update
to the `go list` command may support detection, for now use a CI script.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] man pages: fix incorrect title
|
| | | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes: https://github.com/containers/podman/issues/15923
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
kube: notifyproxy: fix lost READY message
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The read deadline may yield the READY message to be lost in space.
Instead, use a more Go-idiomatic alternative by using two goroutines;
one reading from the connection, the other watching the container.
[NO NEW TESTS NEEDED] since existing tests are exercising this
functionality already.
Fixes: #15800
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Use a wait group to a) wait for all proxies in parallel
b) avoid the potential for ABBA deadlocks
[NO NEW TESTS NEEDED] as it is not changing functionality
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
Fix libsubid detection
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Library arguments must be positioned after sources when invoking GCC.
Signed-off-by: Sam Morris <sam@robots.org.uk>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Update vendor of containers(image, common, buildah, storage)
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Changes since 2022-09-09:
- man page: add --skip-unused-stages (buildah 4249)
- man page: bring in new Note for --cache-ttl (4248)
- system tests: de-stutter (4205)
- (internal): in skip() applier: escape asterisk, otherwise
the "bud with --dns* flags" sed expression never applies.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Add --pretty to podman secret inspect
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Pretty-print podman secret inspect output in a human-readable format
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
Events for containers in pods now include the pod's ID
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This allows tools like Cockpit to know that the pod in question
has also been updated, so they can refresh the list of containers
in the pod.
Fixes #15408
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
[CI:BUILD] Copr: also define _user_tmpfilesdir for f35
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Some users are still on f35, so we need to account for that for some
time.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
Add support for 'image' volume driver
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We added the concept of image volumes in 2.2.0, to support
inspecting an image from within a container. However, this is a
strictly read-only mount, with no modification allowed.
By contrast, the new `image` volume driver creates a c/storage
container as its underlying storage, so we have a read/write
layer. This, in and of itself, is not especially interesting, but
what it will enable in the future is. If we add a new command to
allow these image volumes to be committed, we can now distribute
volumes - and changes to them - via a standard OCI image registry
(which is rather new and quite exciting).
Future work in this area:
- Add support for `podman volume push` (commit volume changes and
push resulting image to OCI registry).
- Add support for `podman volume pull` (currently, we require
that the image a volume is created from be already pulled; it
would be simpler if we had a dedicated command that did the
pull and made a volume from it)
- Add support for scratch images (make an empty image on demand
to use as the base of the volume)
- Add UOR support to `podman volume push` and
`podman volume pull` to enable both with non-image volume
drivers
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
pkginstaller: use path_helper to add podman and helpers to path
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
path_helper(8) appends the contents of /etc/paths.d/podman-pkg to the
PATH env
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Don't mount /dev/ inside privileged containers running systemd
|
| | | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
According to https://systemd.io/CONTAINER_INTERFACE/, systemd will try take
control over /dev/ttyN if exported, which can cause conflicts with the host's tty
in privileged containers. Thus we will not expose these to privileged containers
in systemd mode, as this is a bad idea according to systemd's maintainers.
Additionally, this commit adds a bats regression test to check that no /dev/ttyN
are present in a privileged container in systemd mode
This fixes https://github.com/containers/podman/issues/15878
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
Add support to sig-proxy for podman-remote
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
podman-save: Add signature-policy flag
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Allow overwrite of the signature-policy file
by passing signature-policy flag to podman save command
Closes: https://github.com/containers/podman/issues/15869
Signed-off-by: 😎Mostafa Emami <mustafaemami@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
System tests: reenable some skipped aarch64 tests
|
