aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Instead of erroring, clean up after dangling IDs in DBMatthew Heon2022-05-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | For various (mostly legacy) reasons, Podman presently maintains a unified namespace for pods and containers - IE, we cannot have both a pod and a container named "test" at the same time. To implement this, we use a global database table of every pod and container ID (and another of every pod and container name). These entries should be added when containers/pods are added, and removed when containers/pods are removed, with the database's transactional integrity providing a guarantee that this is batched with the overall removal and that the DB should remain sane and consistent no matter what. As such, we treat a dangling ID as a hard error that stops the use of Podman. Unfortunately, we have someone run into this last Friday. I'm still not certain how exactly their DB got into this state, but without further clarification there, we can consider removing the error and making Podman instead clean up and remove any dangling IDs, which should restore Podman to a serviceable state. Drop an error message if we do this, though, because people should know that the DB is in a bad state. [NO NEW TESTS NEEDED] it is deliberately impossible to produce a configuration that would test this without hex-editing the DB file. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #14191 from vrothberg/fix-benchmarksOpenShift Merge Robot2022-05-12
|\ | | | | [CI:DOCS] fix `make localbenchmarks`
| * [CI:DOCS] fix `make localbenchmarks`Valentin Rothberg2022-05-11
| | | | | | | | | | | | | | | | Since `./hack` has been removed from the Makefile's path, add it back for `make localbenchmarks` to make `podman-registry` binary available for running local registries. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14211 from giuseppe/vendor-storage-imageOpenShift Merge Robot2022-05-12
|\ \ | | | | | | vendor: update c/storage and c/image
| * | vendor: update c/storage and c/imageGiuseppe Scrivano2022-05-12
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #14215 from vrothberg/fix-notifyOpenShift Merge Robot2022-05-12
|\ \ \ | | | | | | | | sdnotify: send MAINPID only once
| * | | sdnotify: send MAINPID only onceValentin Rothberg2022-05-12
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | Send the main PID only once. Previously, `(*Container).start()` and the conmon handler sent them ~simultaneously and went into a race. I noticed the issue while debugging a WIP PR. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14209 from edsantiago/investigate_bloat_hangOpenShift Merge Robot2022-05-12
|\ \ \ | | | | | | | | Fix hang in build-each-commit test
| * | | Fix hang in build-each-commit testEd Santiago2022-05-11
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #14178: I broke CI. "--fork-point" does not do what I thought it did, so remove it. Also, add 'set -x' to help us debug the next time something like this happens. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14175 from giuseppe/update-toolbox-imageOpenShift Merge Robot2022-05-12
|\ \ \ | |/ / |/| | test: update fedora toolbox image
| * | test: update fedora toolbox imageGiuseppe Scrivano2022-05-11
| |/ | | | | | | | | | | f32 is already EOL. Let's use the latest version. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #14198 from edsantiago/easy_manpage_fixesOpenShift Merge Robot2022-05-11
|\ \ | | | | | | [CI:DOCS] man pages: fix inconsistencies
| * | [CI:DOCS] man pages: fix inconsistenciesEd Santiago2022-05-11
| |/ | | | | | | | | | | | | | | As part of work done in #14046, fix bugs found in man pages, basically just moving a few descriptions to the right place and removing some undesired asterisks. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #14141 from n1hility/win-docsOpenShift Merge Robot2022-05-11
|\ \ | |/ |/| [CI:DOCS] Add Windows Guide/Tutorial
| * Add initial Windows guideJason T. Greene2022-05-10
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Merge pull request #14170 from ashley-cui/machtestsOpenShift Merge Robot2022-05-11
|\ \ | | | | | | Add more machine tests
| * | Add more machine testsAshley Cui2022-05-10
| | | | | | | | | | | | | | | | | | Add more machine tests for flags in init, inspect, and list. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #14176 from giuseppe/test-parallel-rm-cleanupOpenShift Merge Robot2022-05-11
|\ \ \ | | | | | | | | test: simplify cleanup code
| * | | test: simplify cleanup codeGiuseppe Scrivano2022-05-10
| |/ / | | | | | | | | | | | | | | | | | | do not try to first stop and then rm but combine the two operations in a single command. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #14179 from cevich/ensure_dest_branchOpenShift Merge Robot2022-05-10
|\ \ \ | | | | | | | | Cirrus: Guarantee $DEST_BRANCH is passed through
| * | | Cirrus: Guarantee $DEST_BRANCH is passed throughChris Evich2022-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are several runtime contexts (rootless and container) where `$DEST_BRANCH` is needed but was not supplied. A prior commit (c4865767171b) removed the default value, `main` which was being set incorrectly when CI ran on release branches. Fix this by ensuring the variable is non-empty upon entry to `setup_environment.sh`, then ensure it gets passed through to child environments by way of the `/etc/ci_environment` file. This will maintain compatibility with both CI and `hack/get_ci_vm.sh` use. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #14016 from cevich/fix_cachingOpenShift Merge Robot2022-05-10
|\ \ \ \ | | | | | | | | | | Cirrus: Simplify use of cache in automation
| * | | | Cirrus: Update images + new automation libraryChris Evich2022-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for new automation library version w/ `$DEBUG` fix (ref: containers/automation_images#128) and added definitions for commonly used Distro/version variables. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Simplify use of cache in automationChris Evich2022-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the increasingly complex `.cirrus.yml` task relationships, build cache wasn't always working as intended. Recently, non-build tasks were observed assuming authority over `gopath_cache`. Ref.: https://github.com/containers/podman/pull/13998#issuecomment-1108834538 Address this by an overall simplification using artifacts instead of cache. Using artifacts allows establishing concrete authorship/authority over cached repo. content. In this way, dependent tasks may simply consume the artifact with `curl` instead of relying on complex caching algorithms. Also/Minor: Add YAML checking to the pre-commit configuration. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Simplify rootless ssh setupChris Evich2022-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sshd service is guaranteed to be running by the VM image build process - it's required by the packer tool for access. Remove the startup and check on the sshd service. For many tests, man ssh connections to/from $ROOTLESS_USER on the host are needed. To facilitate this, the localhost key is added to `known_hosts` for root and `$ROOTLESS_USER`. Simplify this setup using the `ssh-keyscan` tool. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #14180 from cevich/fix_makefile_pathOpenShift Merge Robot2022-05-10
|\| | | | | | | | | | | | | | Cirrus: Fix Makefile including 'hack' in $PATH
| * | | | Cirrus: Fix Makefile including 'hack' in $PATHChris Evich2022-05-10
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | This path should never, ever, ever be included in `$PATH` as it is almost guaranteed to cause serious and non-obvious breakage in CI. Fix it and include a warning comment. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #14140 from giuseppe/play-kube-usernsOpenShift Merge Robot2022-05-10
|\ \ \ \ | |/ / / |/| | | kube: add support for --userns=[auto|host]
| * | | kube: add support for --userns=Giuseppe Scrivano2022-05-10
|/ / / | | | | | | | | | | | | | | | | | | | | | add support to override the user namespace to use for the pod. Closes: https://github.com/containers/podman/issues/7504 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #14178 from edsantiago/bloat_fixOpenShift Merge Robot2022-05-10
|\ \ \ | | | | | | | | bloat check: make more robust
| * | | bloat check: make more robustEd Santiago2022-05-10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The use of 'C^' (parent) in 'git rebase' is counterintuitive, at least to me: when C is a merge of multiple commits, rebase picks each of those commits. That probably makes good sense to a git expert, which I'm not. Solution: forget using '^', just calculate the baseline sizes by doing a checkout of the PR's parent. Also: compute PR parent using git-merge-base instead of blindly trusting $DEST_BRANCH (which may be volatile as other PRs are merged). Also: run git-rebase directly, not via make rule. That indirection is too confusing here. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14167 from giuseppe/play-kube-honor-pod-security-contextOpenShift Merge Robot2022-05-10
|\ \ \ | |/ / |/| | kube: honor pod security context IDs
| * | kube: honor pod security context IDsGiuseppe Scrivano2022-05-10
| | | | | | | | | | | | | | | | | | | | | | | | If the RunAsUser, RunAsGroup, SupplementalGroups settings are not overriden in the container security context, then take the value from the pod security context. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | kube: refactor setupSecurityContext to accept directly the security ctxGiuseppe Scrivano2022-05-10
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #14147 from ttys3/Container.cGroupPath-Error-parsing-cgroupOpenShift Merge Robot2022-05-10
|\ \ \ | |/ / |/| | fix: Container.cGroupPath() skip empty line to avoid false error logging
| * | fix: Container.cGroupPath() skip empty line to avoid false error loggingttyS32022-05-10
|/ / | | | | | | | | | | Signed-off-by: ttyS3 <ttys3.rust@gmail.com> [NO NEW TESTS NEEDED]
* | Merge pull request #14158 from edsantiago/test_skip_fix_mainOpenShift Merge Robot2022-05-09
|\ \ | | | | | | test skipper: check for $DEST_BRANCH
| * | test skipper: check for $DEST_BRANCHEd Santiago2022-05-09
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | The test-skipping optimization is failing as rootless on non-main, because $DEST_BRANCH is not set. Solution: check for envariable, skip test if missing. (This was part of my original PR, but was accidentally removed in #14013) Also: DEST_BRANCH was silently being defaulted to 'main' in lib.sh. Remove that: per @cevich, it is no longer necessary. Fixes: #14131 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #14163 from Luap99/fix-14162OpenShift Merge Robot2022-05-09
|\ \ | |/ |/| fix broken CI test
| * fix broken CI testPaul Holzinger2022-05-09
|/ | | | | | | | | | Commit b58e7e7f11 was not fully rebased before merging and is now breaking CI because commit 69c479b16e19 made the underlying error visible. Using journald inside the container tests is not supported. Fixes #14162 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14152 from giuseppe/fix-ci-search-jsonOpenShift Merge Robot2022-05-09
|\ | | | | test: fix "podman search format json"
| * test: fix "podman search format json"Giuseppe Scrivano2022-05-08
| | | | | | | | | | | | | | | | | | | | the alpine image used previously returns a description that contains '...': $ podman search --format json alpine | fgrep ...\"\, "Description": "alpine 3.7 with bash, perl, gzip, wget...", Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #14121 from cdoern/kubeOpenShift Merge Robot2022-05-09
|\ \ | | | | | | play kube log tag handling
| * | play kube log tag handlingcdoern2022-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | currently tags cause a panic due to an uninitialized map. Initialize the map and add parsing to make sure we are only tagging with journald resolves #13356 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | Merge pull request #14136 from Luap99/config-networksOpenShift Merge Robot2022-05-06
|\ \ \ | |_|/ |/| | libpod: add c.ConfigWithNetworks()
| * | libpod: add c.ConfigWithNetworks()Paul Holzinger2022-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reading the networks requires an extra db operation. Most c.Config() callers do not need them so create a new function which returns the config with networks. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14139 from mheon/bump_main_410OpenShift Merge Robot2022-05-06
|\ \ \ | | | | | | | | Update main branch to reflect 4.1.0 release
| * | | Update version to v4.2.0-devMatthew Heon2022-05-06
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | Update release notes for Podman v4.1.0Matthew Heon2022-05-06
| |/ / | | | | | | | | | | | | | | | Also bumps version in README. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #14138 from Luap99/api-4.1OpenShift Merge Robot2022-05-06
|\ \ \ | | | | | | | | [CI:DOCS] update podman version in README and API docs