summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Update the runc commit used for testingChris Evich2018-10-29
| | | | | | | Use image ubuntu-1804-bionic-v20180911-libpod-63a86a18 which was built with RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1722 from baude/ps2spaceOpenShift Merge Robot2018-10-29
|\ | | | | Use two spaces to pad PS fields
| * Use two spaces to pad PS fieldsbaude2018-10-29
|/ | | | | | | Ed has asked that we revert to using two spaces for padding between PS fields. I assume this is for docker autotests. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #1696 from QiWang19/ExportForCrioOpenShift Merge Robot2018-10-29
|\ | | | | Change ParseDevice to exported name
| * Change to exported name in ParseDeviceQi Wang2018-10-29
|/ | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #1718 from rhatdan/vendorOpenShift Merge Robot2018-10-26
|\ | | | | Vendor in latest containers/storage
| * Vendor in latest containers/storageDaniel J Walsh2018-10-26
| | | | | | | | | | | | We need this to start testing metacopy up for podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #1717 from jwhonce/wip/unittestOpenShift Merge Robot2018-10-26
|\ \ | | | | | | Ensure test container in running state
| * | Ensure test container in running stateJhon Honce2018-10-25
| |/ | | | | | | | | | | | | | | * Save storage if tests fail Fixes #1643 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #1585 from rhatdan/labelsOpenShift Merge Robot2018-10-26
|\ \ | | | | | | Add tests for selinux labels
| * | Add tests for selinux labelsDaniel J Walsh2018-10-25
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #1637 from vrothberg/runlabel-execute-any-commandOpenShift Merge Robot2018-10-26
|\ \ | | | | | | runlabel: run any command
| * | runlabel: run any commandValentin Rothberg2018-10-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As discussed [1], the runlabel command should execute any command specified in a label. The reasoning behind is that we cannot restrict which options are passed to Podman which thereby has full access to the host (runlabels must be used with care). With the updated semantics, runlabel will substitute the commands with a basepath equal to "docker" or "podman" with "/proc/self/exe", and otherwise leave the command unchanged to execute any other command on the host. [1] https://github.com/containers/libpod/pull/1607#issuecomment-428321382 Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* | | Merge pull request #1716 from baude/rmallpsOpenShift Merge Robot2018-10-26
|\ \ \ | | | | | | | | fix bug in rm -fa parallel deletes
| * | | fix bug in rm -fa parallel deletesbaude2018-10-25
|/ / / | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #1709 from baude/parallelheurOpenShift Merge Robot2018-10-25
|\ \ \ | |_|/ |/| | Add --max-workers and heuristics for parallel operations
| * | Add --max-workers and heuristics for parallel operationsbaude2018-10-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add a global flag for --max-workers so users can limit the number of parallel operations for a given function. also, when not limited by max-workers, we implement a heuristic function that returns the number of preferred parallel workers based on the number of CPUs and the given operation. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #1699 from baude/rundOpenShift Merge Robot2018-10-25
|\ \ \ | | | | | | | | run performance improvements
| * | | run prepare in parallelbaude2018-10-25
| |/ / | | | | | | | | | | | | | | | | | | run prepare() -- which consists of creating a network namespace and mounting the container image is now run in parallel. This saves 25-40ms. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #1712 from baude/cypharOpenShift Merge Robot2018-10-25
|\ \ \ | |/ / |/| | Increase security and performance when looking up groups
| * | Increase security and performance when looking up groupsbaude2018-10-25
|/ / | | | | | | | | | | | | | | | | | | We implement the securejoin method to make sure the paths to /etc/passwd and /etc/group are not symlinks to something naughty or outside the container image. And then instead of actually chrooting, we use the runc functions to get information about a user. The net result is increased security and a a performance gain from 41ms to 100us. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #1713 from baude/runcfailOpenShift Merge Robot2018-10-24
|\ \ | |/ |/| downgrade runc due a rootless bug
| * downgrade runc due a rootless bugbaude2018-10-24
|/ | | | Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #1646 from QiWang19/addenvbudOpenShift Merge Robot2018-10-23
|\ | | | | Support auth file environment variable in podman build
| * Support auth file environment variable in podman buildQi Wang2018-10-23
| | | | | | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #1708 from rhatdan/dockerOpenShift Merge Robot2018-10-23
|\ \ | | | | | | Eat our own dogfood
| * | Eat our own dogfoodDaniel J Walsh2018-10-23
| | | | | | | | | | | | | | | | | | | | | Switch all tests to use podman installed on the system, or Docker if podman does not exist. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #1684 from QiWang19/devicemanOpenShift Merge Robot2018-10-23
|\ \ \ | | | | | | | | Explain the device format in man pages
| * | | Explain the device format in man pagesQi Wang2018-10-23
| | | | | | | | | | | | | | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #1706 from giuseppe/fix-cidfile-rootlessOpenShift Merge Robot2018-10-23
|\ \ \ \ | | | | | | | | | | create: fix writing cidfile when using rootless
| * | | | create: fix writing cidfile when using rootlessGiuseppe Scrivano2018-10-23
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | prevent opening the same file twice, since we re-exec podman in rootless mode. While at it, also solve a possible race between the check for the file and writing to it. Another process could have created the file in the meanwhile and we would just end up overwriting it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #1666 from giuseppe/vendor-storage-overlayOpenShift Merge Robot2018-10-23
|\ \ \ \ | |_|/ / |/| | | vendor: update container/storage
| * | | vendor: update containers/storageGiuseppe Scrivano2018-10-23
| |/ / | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #1707 from afbjorklund/local_pathOpenShift Merge Robot2018-10-23
|\ \ \ | |/ / |/| | Add support for /usr/local installation
| * | Add support for /usr/local installationAnders F Björklund2018-10-23
| | | | | | | | | | | | Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | | Merge pull request #1705 from baude/twostepjsonOpenShift Merge Robot2018-10-23
|\ \ \ | | | | | | | | read conmon output and convert to json in two steps
| * | | read conmon output and convert to json in two stepsbaude2018-10-23
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | when reading the output from conmon using the JSON methods, it appears that JSON marshalling is higher in pprof than it really is because the pipe is "waiting" for a response. this gives us a clearer look at the real CPU/time consumers. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #1677 from cevich/cirrus_latest_buildahOpenShift Merge Robot2018-10-23
|\ \ \ | | | | | | | | Cirrus: Use images w/ buildah fix
| * | | Cirrus: Use images w/ buildah fixChris Evich2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | Ref: https://github.com/containers/buildah/pull/1109 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #1687 from rhatdan/vendorOpenShift Merge Robot2018-10-23
|\ \ \ \ | | | | | | | | | | Move selinux label reservations to containers storage.
| * | | | Allow containers/storage to handle on SELinux labelingDaniel J Walsh2018-10-23
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | | Vendor in latest containers/storage opencontainers/selinuxDaniel J Walsh2018-10-23
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #1662 from adrianreber/all-and-latestOpenShift Merge Robot2018-10-23
|\ \ \ \ \ | |_|/ / / |/| | | | Add --all and --latest to checkpoint/restore
| * | | | Add --all and --latest to checkpoint/restoreAdrian Reber2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This add the convenience options --all and --latest to the subcommands checkpoint and restore. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | Use the newly added getAllOrLatestContainers() functionAdrian Reber2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This removes duplicate code paths which has been previously factored out as getAllOrLatestContainers(). Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | Use the new checkAllAndLatest() functionAdrian Reber2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of duplicating the same code in multiple commands this uses the newly added function checkAllAndLatest() instead. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | Also factor out getAllOrLatestContainers() functionAdrian Reber2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Just as the checkAllAndLatest() function the new code in getAllOrLatestContainers() is used in some commands and duplicated. This factors out this code to be used in other places without duplicating it. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | Add checkAllAndLatest() functionAdrian Reber2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The check about the --all and --latest option is used and repeated and some commands. Factor it out and put it into common. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | Merge pull request #1649 from jwhonce/issue/1641OpenShift Merge Robot2018-10-23
|\ \ \ \ \ | | | | | | | | | | | | Downgrade code to support python3.4
| * | | | | Downgrade code to support python3.4Jhon Honce2018-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added tox configuration to test python 3.4, 3.5 and 3.6. Tox testing not enabled on every PR * Updated MANIFEST.ini to support tox * Correct comments Fixes #1641 Signed-off-by: Jhon Honce <jhonce@redhat.com>