aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Man pages: refactor common options: --networkEd Santiago2022-09-29
| | | | | | | | | | | | | | | | | | | Tricky one. In particular: podman-kube-play did not enumerate the "host" option; here I take the liberty of using it in the common network.md, so it will appear in podman-kube-play.1. If that is wrong, please tell me ASAP: I will need to un-refactor podman-kube-play. Other decisions: * move the "invalid if" text to the bottom, because it can't be shared between pod and container man pages. * ditto for "together with --pod" * kube-play said "Change the network mode of"; all the others said ">SET< the network mode >FOR< ...". I chose the latter, so that's what kube-play will have also. Again, if that's wrong, please lmk. Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman kube play allow --network hostPaul Holzinger2022-09-29
| | | | | | | | | | I see no reason to block --network host with kube play and force users to have to set it in the yaml file. This is just confusing when compared to the other podman create/run --network options, see discussion in #15945. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #15992 from Luap99/revert-15988OpenShift Merge Robot2022-09-29
|\ | | | | Revert "remote: fix manifest add --annotation"
| * Revert "remote: fix manifest add --annotation"Paul Holzinger2022-09-29
|/ | | | | | | | | This reverts commit 32f54a81ed797597827123b671b6e73194354327. `pkg/bindings` is supported outside of podman and we have to keep it stable. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #15988 from sstosh/manifest-annotate-remoteOpenShift Merge Robot2022-09-29
|\ | | | | remote: fix manifest add --annotation
| * remote: fix manifest add --annotationToshiki Sonoda2022-09-29
| | | | | | | | | | | | | | | | | | | | | | * `manifest add --annotation option` adds annotations field on remote environment. * `manifest inspect` prints annotations field on remote environment. Fixes: #15952 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | Merge pull request #15981 from edsantiago/dont_storageoptOpenShift Merge Robot2022-09-29
|\ \ | | | | | | System tests: stop deep-checking log-level
| * | System tests: stop deep-checking log-levelEd Santiago2022-09-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I was testing --log-level by --storage-opt=mount_program=/bin/false Stop doing that. It's just constantly breaking everything (#15698 and #15977). I am violently of the opinion that a command-line option must not destroy a user's system (except for --set-something, --config, something that makes it very very clear that it is a lasting change). I seem to be in the minority on this opinion. So, I give up. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #15971 from ↵OpenShift Merge Robot2022-09-29
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/container-orchestrated-devices/container-device-interface-0.5.2 build(deps): bump github.com/container-orchestrated-devices/container-device-interface from 0.5.1 to 0.5.2
| * | | build(deps): bump ↵dependabot[bot]2022-09-28
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | github.com/container-orchestrated-devices/container-device-interface Bumps [github.com/container-orchestrated-devices/container-device-interface](https://github.com/container-orchestrated-devices/container-device-interface) from 0.5.1 to 0.5.2. - [Release notes](https://github.com/container-orchestrated-devices/container-device-interface/releases) - [Commits](https://github.com/container-orchestrated-devices/container-device-interface/compare/v0.5.1...v0.5.2) --- updated-dependencies: - dependency-name: github.com/container-orchestrated-devices/container-device-interface dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #15962 from dfr/freebsd-volumeOpenShift Merge Robot2022-09-29
|\ \ \ | |_|/ |/| | Add volume support for FreeBSD
| * | libpod: Add volume support for FreeBSDDoug Rabson2022-09-27
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | libpod: Factor out usage of unix.MNT_DETACH from (*Volume).unmountDoug Rabson2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is an existing wrapper for unix.Unmount(..., MNT_DETACH) in util_linux.go but that filters all errors and for volumes, we only want to filter EINVAL. The existing libpod.Unmount seems to only have one call site so perhaps these can be merged. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | libpod: Move volume_internal_linux.go to volume_internal_common.goDoug Rabson2022-09-27
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | libpod: Move runtime_volume_linux.go to runtime_volume_common.goDoug Rabson2022-09-27
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
* | | Merge pull request #15917 from cevich/check_new_go_codeOpenShift Merge Robot2022-09-29
|\ \ \ | | | | | | | | [CI:BUILD] Check new go code
| * | | Cirrus: Add golang code consistency check scriptChris Evich2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Depends on #15893 Fixes: #15913 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #15968 from piotr-sk/fix/kube_play_liveness_probe_pathOpenShift Merge Robot2022-09-28
|\ \ \ \ | |_|_|/ |/| | | fix: kube play liveness probe http path
| * | | fix: kube play liveness probe http pathPiotr2022-09-28
|/ / / | | | | | | | | | | | | | | | | | | Use the default / for http probe path. Update to URI schemes ensuring lowercase Signed-off-by: Piotr <piotr.skoczylas@gmail.com>
* | | Merge pull request #15946 from rhatdan/kubeOpenShift Merge Robot2022-09-27
|\ \ \ | | | | | | | | Default missing hostPort to containerPort is defined in kube.yaml
| * | | Default missing hostPort to containerPort is defined in kube.yamlDaniel J Walsh2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If user does not specify hostPort in a kube.yml file but does specify a containerPort, then the hostPort should default to the containerPort. Fixes: https://github.com/containers/podman/issues/15942 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #15937 from rhatdan/manOpenShift Merge Robot2022-09-27
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Add SELinux information about boolean for using random devices
| * | | | Add SELinux information about boolean for using random devicesDaniel J Walsh2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/15930 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #15908 from edsantiago/systemd_tty_testOpenShift Merge Robot2022-09-27
|\ \ \ \ \ | | | | | | | | | | | | System tests: light cleanup
| * | | | | System tests: light cleanupEd Santiago2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #15895: - add a normal-case test, to ensure that --privileged without systemd continues to pass through /dev/ttyN devices - explain why we die() if host has no ttyN devices - I find grep -vx slightly easier to read than sed backslash-slash - run cleanup with '-t 0', to shave ten seconds from CI run Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #15958 from piotr-sk/fix/kube_play_liveness_probeOpenShift Merge Robot2022-09-27
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | fix: liveness check with http probe
| * | | | | fix: liveness check with http probePiotr2022-09-27
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure kubernetes default parameters are respected. Additional curl parameter enforces returning error for HTTP error codes. Use build-in HealthCheckOnFailureAction instead of killing the container while executing the probe. Signed-off-by: Piotr <piotr.skoczylas@gmail.com>
* | | | | Merge pull request #15896 from edsantiago/dont_install_toolsChris Evich2022-09-27
|\ \ \ \ \ | |_|_|_|/ |/| | | | CI: only make install.tools when needed
| * | | | CI: only make install.tools when neededEd Santiago2022-09-27
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reintroduce .install.foo targets into Makefile, and invoke only the bare-minimum ones needed for each individual CI step in setup_environment.sh. Also add a retry to the golangci-lint curl, in hopes of dealing with network flakes. And remove the -f (fail) because it produces unhelpful logs. Reason: saw about 25% CI flakes yesterday due to the golangci-lint fetch, something about a timeout, and this was especially frustrating because none of the steps actually needed lint. Quick reminder: avoid network fetches unless absolutely necessary. Fixes: #15892 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #15948 from ashley-cui/osxcrossOpenShift Merge Robot2022-09-27
|\ \ \ \ | |/ / / |/| | | Cirrus: Build pkginstaller in CI
| * | | Cirrus: Build pkginstaller in CIAshley Cui2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | Build unsigned pkginstaller in OSX Cross CI task & upload as an artifact. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #15916 from ashley-cui/machstartingOpenShift Merge Robot2022-09-27
|\ \ \ \ | | | | | | | | | | Fix machine starting state
| * | | | Fix machine starting stateAshley Cui2022-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Machine starting now is correctly displayed on podman machine list --format json [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | Merge pull request #15471 from cdoern/sshOpenShift Merge Robot2022-09-27
|\ \ \ \ \ | | | | | | | | | | | | podman machine ssh handling
| * | | | | podman machine ssh handlingCharlie Doern2022-09-26
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the key used in newly initialized machines to the user's known_hosts file. This ensures that golang will be able to ssh into the machine using podman-remote. Also, remove the /dev/null redirection for podman machine ssh's known_hosts file. resolves #15347 Signed-off-by: Charlie Doern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | | Merge pull request #15941 from mheon/bump_430_rc1OpenShift Merge Robot2022-09-26
|\ \ \ \ \ | |_|_|/ / |/| | | | Bump to v4.3.0-RC1
| * | | | Bump to v4.3.0-devMatthew Heon2022-09-26
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Bump to v4.3.0-RC1v4.3.0-rc1Matthew Heon2022-09-26
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #15933 from vrothberg/fix-15879OpenShift Merge Robot2022-09-26
|\ \ \ \ \ | | | | | | | | | | | | auto-update: validate container image
| * | | | | auto-update: validate container imageValentin Rothberg2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Auto updates using the "registry" policy require container to be created with a fully-qualified image reference. Short names are not supported due the ambiguity of their source registry. Initially, container creation errored out for non FQN images but it seems that Podman has regressed. Fixes: #15879 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | | | Merge pull request #15940 from edsantiago/docs_dedup_env_fileOpenShift Merge Robot2022-09-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | [CI:DOCS] Man pages: refactor common options: --env-file
| * | | | | | Man pages: refactor common options: --env-fileEd Santiago2022-09-26
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Another easy one. Option is only present in these three man pages. I took the liberty of changing the "See note" text, making it the same as --env. I also took the liberty of hyphenating "line-delimited" because that's the correct thing to do. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #15907 from Luap99/compat-net-optsOpenShift Merge Robot2022-09-26
|\ \ \ \ \ \ | |/ / / / / |/| | | | | compat API: network inspect do not show isolate option
| * | | | | compat API: network inspect do not show isolate optionPaul Holzinger2022-09-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We force the isolate option on new newtworks because that is the docker behavior. However when we inspect them they should not be displayed to the caller since they have no idea about it and docker-compose throws an error because of that. Fixes #15580 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #15938 from edsantiago/docs_dedup_envOpenShift Merge Robot2022-09-26
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | [CI:DOCS] Man pages: refactor common options: --env
| * | | | | Man pages: refactor common options: --envEd Santiago2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only among podman create, exec, run. The same option in podman build, generate-systemd, and secret-create is too different. Should be a trivial one to review, the only difference is a period at the end of one sentence. And, of course, the "See Environment note" applies only to podman-create and run, not exec, so it can't be deduplicated. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #15813 from praveenkumar/podman-remote-container-fileOpenShift Merge Robot2022-09-26
|\ \ \ \ \ \ | |/ / / / / |/| | | | | [CI:BUILD] Contrib: Add containerfile to create podman-remote binary image
| * | | | | Contrib: Add containerfile to create podman-remote binary imagePraveen Kumar2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Try to partial address #14664 Signed-off-by: Praveen Kumar <kumarpraveen.nitdgp@gmail.com>
* | | | | | Merge pull request #15936 from edsantiago/docs_dedup_sigproxyOpenShift Merge Robot2022-09-26
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | [CI:DOCS] Man pages: Refactor common options: --sig-proxy
| * | | | | Man pages: Refactor common options: --sig-proxyEd Santiago2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unusually, I discarded the podman-run version and went with the one common to attach and start. (The defaults are left out of the common file, because 'start' is different by necessity). Please review extra-carefully to make sure the new wording applies to podman-run, in particular the "non-TTY mode" words. Signed-off-by: Ed Santiago <santiago@redhat.com>