summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #2144 from mheon/release_notes_v1.0OpenShift Merge Robot2019-01-11
|\ | | | | Update release notes for v1.0
| * Update release notes for v1.0Matthew Heon2019-01-11
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #2140 from mheon/fix_easyjsonOpenShift Merge Robot2019-01-11
|\ | | | | Regenerate EasyJSON to fix JSON issues
| * Remove clientintegration from MakefileMatthew Heon2019-01-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Regenerate EasyJSON to fix JSON issuesMatthew Heon2019-01-11
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #2133 from cevich/v1.0Matthew Heon2019-01-10
|\ | | | | Cirrus: Post-Merge Testing for v1.0 Branch
| * Cirrus: Post-Merge Testing for v1.0 BranchChris Evich2019-01-10
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #2136 from mheon/revert_1235Matthew Heon2019-01-10
|\ \ | | | | | | Revert #1235 SHM locking for v1.0
| * | Update gitvalidation to avoid reverts w/o signoffsMatthew Heon2019-01-10
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Revert "Merge pull request #1235 from mheon/shm_locking"Matthew Heon2019-01-10
|/ / | | | | | | | | | | | | This reverts commit bf5f779331870d31863c486619daae3fcea458eb, reversing changes made to 6868b5aa1444404113bc6a4582203fbbf89490c2. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #2134 from containers/revert-2083-shm_locking_fixesMatthew Heon2019-01-10
|\ \ | | | | | | Revert "Address lingering review comments from SHM locking PR"
| * | Revert "Address lingering review comments from SHM locking PR"Matthew Heon2019-01-10
| | |
* | | Merge pull request #2132 from containers/revert-2115-shmMatthew Heon2019-01-10
|\ \ \ | |/ / |/| | Revert "If you fail to open shm lock then attempt to create it"
| * | Revert "If you fail to open shm lock then attempt to create it"Matthew Heon2019-01-10
|/ /
* | Merge pull request #2131 from mheon/restore_storage_defaultsOpenShift Merge Robot2019-01-10
|\ \ | | | | | | Use defaults if paths are not specified in storage.conf
| * | Use defaults if paths are not specified in storage.confMatthew Heon2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For rootless Podman, if storage.conf exists but does not specify one or both of RunRoot and GraphRoot, set them to rootless defaults so we don't end up with an unusable configuration. Fixes #2125 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2120 from rhatdan/volumeOpenShift Merge Robot2019-01-10
|\ \ \ | | | | | | | | Fix handling of nil volumes
| * | | Fix handling of nil volumesDaniel J Walsh2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if a user passes in a -v with -v $bogus:/foobar We crash. This will throw a proper error. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #2108 from QiWang19/from1899OpenShift Merge Robot2019-01-10
|\ \ \ \ | | | | | | | | | | Fix 'image trust' from PR1899
| * | | | Fix 'image trust' from PR1899Qi Wang2019-01-09
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #2127 from QiWang19/fixsigstoreOpenShift Merge Robot2019-01-10
|\ \ \ \ \ | | | | | | | | | | | | fix up sigstore path
| * | | | | fix up sigstore pathQi Wang2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | | Merge pull request #2126 from giuseppe/set-prlimitOpenShift Merge Robot2019-01-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE
| * | | | | | podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCEGiuseppe Scrivano2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we are not able to make arbitrary changes to the RLIMIT_NOFILE when lacking CAP_SYS_RESOURCE, don't fail but bump the limit to the maximum allowed. In this way the same code path works with rootless mode. Closes: https://github.com/containers/libpod/issues/2123 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | Merge pull request #2119 from jwhonce/wip/python_podmanOpenShift Merge Robot2019-01-10
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Move python code from contrib to it's own repo python-podman
| * | | | | | | Move python code from contrib to it's own repo python-podmanJhon Honce2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | | | | Merge pull request #2129 from cevich/timestampOpenShift Merge Robot2019-01-10
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | Cirrus: (Minor) Print timestamp
| * | | | | | | (Minor) Cirrus: Print timestamp at startChris Evich2019-01-10
| | |_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also record into a file in case a later reference is required Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | | Merge pull request #2128 from mheon/pr_testOpenShift Merge Robot2019-01-10
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | Trivial readme updates
| * | | | | | Trivial readme updatesMatthew Heon2019-01-10
|/ / / / / / | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #2111 from rhatdan/signOpenShift Merge Robot2019-01-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix up image sign and trust
| * | | | | | Fix up image sign and trustDaniel J Walsh2019-01-09
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add completions Fix man pages fix code in sign to answer PR Comments. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #2121 from giuseppe/always-cleanup-rootless-containersMatthew Heon2019-01-10
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | createconfig: always cleanup a rootless container
| * | | | | createconfig: always cleanup a rootless containerGiuseppe Scrivano2019-01-10
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the rootless container storage is always mounted in a different mount namespace, owned by the unprivileged user. Even if it is mounted, a process running in another namespace cannot reuse the already mounted storage. Make sure the storage is always cleaned up once the container terminates. This has worked with vfs since there is no real mounted storage. Closes: https://github.com/containers/libpod/issues/2112 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #2122 from giuseppe/sign-fixesOpenShift Merge Robot2019-01-10
|\ \ \ \ \ | | | | | | | | | | | | sign: some fixes
| * | | | | sign: make all error messages lowercaseGiuseppe Scrivano2019-01-10
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | sign: use filepath.Join instead of fmt.SprintfGiuseppe Scrivano2019-01-10
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #2095 from rhatdan/completionsOpenShift Merge Robot2019-01-10
|\ \ \ \ \ | |/ / / / |/| | | | Add Validate completions
| * | | | Add Validate completionsDaniel J Walsh2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In podman 0.12.0 we have invalid completions. These should have been caught during testing. This check will throw an error if the completions do not successfully execute. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #2114 from vrothberg/issue-2107OpenShift Merge Robot2019-01-10
|\ \ \ \ \ | |_|_|_|/ |/| | | | apparmor: apply default profile at container initialization
| * | | | apparmor: apply default profile at container initializationValentin Rothberg2019-01-09
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Apply the default AppArmor profile at container initialization to cover all possible code paths (i.e., podman-{start,run}) before executing the runtime. This allows moving most of the logic into pkg/apparmor. Also make the loading and application of the default AppArmor profile versio-indepenent by checking for the `libpod-default-` prefix and over-writing the profile in the run-time spec if needed. The intitial run-time spec of the container differs a bit from the applied one when having started the container, which results in displaying a potentially outdated AppArmor profile when inspecting a container. To fix that, load the container config from the file system if present and use it to display the data. Fixes: #2107 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | libpod/image: Use ParseNormalizedNamed in RepoDigestsW. Trevor King2019-01-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Avoid generating quay.io/openshift-release-dev/ocp-release@sha256@sha256:239... and similar when the image name is already digest-based [1]. It's not clear exactly how we get into this state, but as shown by the unit tests, the new code handles this case correctly (while the previous code does not). [1]: https://github.com/containers/libpod/issues/2086 Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #2106 Approved by: rhatdan
* | | | Merge pull request #2115 from rhatdan/shmOpenShift Merge Robot2019-01-09
|\ \ \ \ | |/ / / |/| | | If you fail to open shm lock then attempt to create it
| * | | If you fail to open shm lock then attempt to create itDaniel J Walsh2019-01-09
|/ / / | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #2040 from QiWang19/signimgOpenShift Merge Robot2019-01-09
|\ \ \ | | | | | | | | Support podman image sign
| * | | [WIP]Support podman image signQi Wang2019-01-08
| | | | | | | | | | | | | | | | | | | | | | | | Generate a signature claim for an image using user keyring (--sign-by). The signature file will be stored in simple json format under the default or the given directory (--directory or yaml file in /etc/containers/registries.d/). Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #2061 from adrianreber/static-ipOpenShift Merge Robot2019-01-09
|\ \ \ \ | | | | | | | | | | Use existing interface to request IP address during restore
| * | | | Use existing interface to request IP address during restoreAdrian Reber2019-01-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The initial implementation to request the same IP address for a container during a restore was based on environment variables influencing CNI. With this commit the IP address selection switches to Podman's internal static IP API. This commit does a comment change in libpod/container_easyjson.go to avoid unnecessary re-generation of libpod/container_easyjson.go during build as this fails in CI. The reason for this is that make sees that libpod/container_easyjson.go needs to be re-created. The commit, however, only changes a part of libpod/container.go which is marked as 'ffjson: skip'. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | Added checkpoint/restore test for same IPAdrian Reber2019-01-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restoring a container from a checkpoint should give the container the same IP as before checkpointing. This adds a test to make sure the IP stays the same. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | Enable checkpoint test with established TCP connectionsAdrian Reber2019-01-09
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-01 14:14:30 +0000