summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #5728 from openSUSE/pids.currentOpenShift Merge Robot2020-04-07
|\ | | | | Do not error on pids.current stats if ctr.path is empty
| * Do not error on pids.current stats if ctr.path is emptySascha Grunert2020-04-07
| | | | | | | | | | | | | | | | | | | | If the ctr.path is empty, then we do not try to access `/sys/fs/cgroup/pids/pids.current` any more because this path will be wrong in any case. We now return and do not set the PIDs stats. Refers to https://github.com/cri-o/cri-o/issues/3522 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #5734 from baude/v2runOpenShift Merge Robot2020-04-07
|\ \ | | | | | | v2podman run
| * | v2podman runBrent Baude2020-04-06
| | | | | | | | | | | | | | | | | | add the ability to run a container Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5478 from giuseppe/auto-usernsOpenShift Merge Robot2020-04-06
|\ \ \ | |/ / |/| | userns: support --userns=auto
| * | userns: support --userns=autoGiuseppe Scrivano2020-04-06
| | | | | | | | | | | | | | | | | | | | | automatically pick an empty range and create an user namespace for the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #5716 from baude/v2psOpenShift Merge Robot2020-04-06
|\ \ \ | | | | | | | | podmanv2 ps
| * | | podmanv2 psBrent Baude2020-04-06
| | | | | | | | | | | | | | | | | | | | | | | | add the ability to list containers Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5507 from baude/newinfoOpenShift Merge Robot2020-04-06
|\ \ \ \ | | | | | | | | | | refactor info
| * | | | refactor infoBrent Baude2020-04-06
| |/ / / | | | | | | | | | | | | | | | | | | | | the current implementation of info, while typed, is very loosely done so. we need stronger types for our apiv2 implmentation and bindings. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5726 from ↵OpenShift Merge Robot2020-04-06
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.18.2 build(deps): bump github.com/containers/storage from 1.18.1 to 1.18.2
| * | | | build(deps): bump github.com/containers/storage from 1.18.1 to 1.18.2dependabot-preview[bot]2020-04-06
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.18.1 to 1.18.2. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.18.1...v1.18.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #5705 from rhatdan/resetOpenShift Merge Robot2020-04-06
|\ \ \ \ | |_|/ / |/| | | Cleanup whether to enter user namespace
| * | | Cleanup whether to enter user namespace for rootless commandsDaniel J Walsh2020-04-03
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #5620 from cfelder/play-kube-networkingOpenShift Merge Robot2020-04-06
|\ \ \ \ | | | | | | | | | | Add support for specifying CNI networks in podman play kube
| * | | | Add support for specifying CNI networks in podman play kubeChristian Felder2020-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | Fixes: #5609 Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
| * | | | Fix typo in pod createChristian Felder2020-03-27
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
* | | | | Merge pull request #5731 from baude/v2startOpenShift Merge Robot2020-04-06
|\ \ \ \ \ | | | | | | | | | | | | podmanv2 start
| * | | | | podmanv2 startBrent Baude2020-04-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to start containers Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | | Merge pull request #5725 from ↵OpenShift Merge Robot2020-04-06
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/selinux-1.5.0 build(deps): bump github.com/opencontainers/selinux from 1.4.0 to 1.5.0
| * | | | | build(deps): bump github.com/opencontainers/selinux from 1.4.0 to 1.5.0dependabot-preview[bot]2020-04-06
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.4.0...v1.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #5727 from ↵OpenShift Merge Robot2020-04-06
|\ \ \ \ \ | |_|/ / / |/| | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.8.1 build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1
| * | | | build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1dependabot-preview[bot]2020-04-06
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.8.0 to 0.8.1. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.8.0...v0.8.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #5689 from sujil02/v2-pod-inspectOpenShift Merge Robot2020-04-06
|\ \ \ \ | | | | | | | | | | podmanv2 pod inspect
| * | | | podmanv2 pod inspectSujil022020-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the ability to inspect pod in podmanv2 Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | | Merge pull request #5714 from baude/v2attachOpenShift Merge Robot2020-04-06
|\ \ \ \ \ | | | | | | | | | | | | v2podman attach
| * | | | | v2podman attach and execBrent Baude2020-04-05
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to attach to a running container. the tunnel side of this is not enabled yet as we have work on the endpoints and plumbing to do yet. add the ability to exec a command in a running container. the tunnel side is also being deferred for same reason. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5713 from baude/v2versionOpenShift Merge Robot2020-04-06
|\ \ \ \ \ | |/ / / / |/| | | | podmanv2 version
| * | | | podmanv2 versionBrent Baude2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this is only for the abi side and does not print out the remote information yet. the remote information will need to be worked on and agreed upon later. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5710 from baude/v2createOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | | | | | | | | | | | | v2podman container create
| * | | | | v2podman container createBrent Baude2020-04-03
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | create a container in podmanv2 using specgen approach. this is the core implementation and still has quite a bit of code commented out specifically around volumes, devices, and namespaces. need contributions from smes on these parts. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5672 from baude/v2saveOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | |_|_|_|/ |/| | | | podmanv2 save image
| * | | | podmanv2 save imageBrent Baude2020-04-03
| |/ / / | | | | | | | | | | | | | | | | | | | | add ability to save an image for podman v2 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5638 from baude/v2containercheckOpenShift Merge Robot2020-04-03
|\ \ \ \ | | | | | | | | | | podmanv2 checkpoint and restore
| * | | | podmanv2 checkpoint and restoreBrent Baude2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to checkpoint and restore containers on v2podman Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5707 from adrianreber/crun-checkpoint-1OpenShift Merge Robot2020-04-03
|\ \ \ \ \ | | | | | | | | | | | | Prepare for crun checkpoint support
| * | | | | checkpoint: handle XDG_RUNTIME_DIRAdrian Reber2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For (almost) all commands which podman passes on to a OCI runtime XDG_RUNTIME_DIR is set to the same value. This does not happen for the checkpoint command. Using crun to checkpoint a container without this change will lead to crun using XDG_RUNTIME_DIR of the currently logged in user and so it will not find the container Podman wants to checkpoint. This bascially just copies a few lines from on of the other commands to handle 'checkpoint' as all the other commands. Thanks to Giuseppe for helping me with this. For 'restore' it is not needed as restore goes through conmon and for calling conmon Podman already configures XDG_RUNTIME_DIR correctly. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | | checkpoint: change runtime checkpoint support testAdrian Reber2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman was checking if the runtime support checkpointing by running 'runtime checkpoint -h'. That works for runc. crun, however, does not use '-h, --help' for help output but, '-?, --help'. This commit switches both checkpoint support detection from 'runtime checkpoint -h' to 'runtime checkpoint --help'. Podman can now correctly detect if 'crun' also support checkpointing. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | | Merge pull request #5712 from rhatdan/pathOpenShift Merge Robot2020-04-03
|\ \ \ \ \ \ | | | | | | | | | | | | | | Pass path environment down to the OCI runtime
| * | | | | | Pass path environment down to the OCI runtimeDaniel J Walsh2020-04-03
| | |/ / / / | |/| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #5676 from kolyshkin/volume-flags-altOpenShift Merge Robot2020-04-03
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Fix/improve pkg/storage.InitFSMounts
| * | | | | pkg/spec.InitFSMounts: optimizeKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of getting mount options from /proc/self/mountinfo, which is very costly to read/parse (and can even be unreliable), let's use statfs(2) to figure out the flags we need. [v2: move getting default options to pkg/util, make it linux-specific] Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * | | | | pkg/spec.InitFSMounts: fix mount opts in placeKir Kolyshkin2020-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... rather than create a new slice and then make the caller replace the original with the new one. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * | | | | pkg/spec/initFSMounts: fixKir Kolyshkin2020-03-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | > $ ./bin/podman run -v /tmp:/tmp alpine true; echo $? > 0 > $ ./bin/podman run -v /tmp:/tmp:ro alpine true; echo $? > 0 > $ ./bin/podman run -v /tmp:/w0w:ro alpine true; echo $? > Error: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/tmp\\\" to rootfs \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged\\\" at \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged/w0w\\\" caused \\\"operation not permitted\\\"\"": OCI runtime permission denied error > 126 The last command is not working because in-container mount point is used to search for a parent mount in /proc/self/mountinfo. And yet the following > $ ./bin/podman run -v /tmp:/run/test:ro alpine true; echo $? > 0 still works fine! Here's why: > $ mount | grep -E '/run |/tmp ' > tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755) > tmpfs on /tmp type tmpfs (rw,nosuid,nodev,seclabel) This is the reason why previous commit modified in-container mount point. Fixes: 0f5ae3c5af Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | | | | | Merge pull request #5701 from vrothberg/v2-pushOpenShift Merge Robot2020-04-03
|\ \ \ \ \ \ | | | | | | | | | | | | | | podmanV2: implement push
| * | | | | | podmanV2: implement pushValentin Rothberg2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement `podman-push` and `podman-image-push` for the podmanV2 client. * Tests for `pkg/bindings` are not possible at the time of writing as we don't have a local registry running. * Implement `/images/{name}/push` compat endpoint. Tests are not implemented for this v2 endpoint. It has been tested manually. General note: The auth config extraction from the http header is not implement for push. Since it's not yet supported for other endpoints either, I deferred it to future work. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #5700 from ↵OpenShift Merge Robot2020-04-03
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.8.0 Bump github.com/containers/common from 0.6.1 to 0.8.0
| * | | | | | Bump github.com/containers/common from 0.6.1 to 0.8.0dependabot-preview[bot]2020-04-03
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.6.1 to 0.8.0. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.6.1...v0.8.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #5702 from kolyshkin/test-nitpicksOpenShift Merge Robot2020-04-03
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | test/e2e/run_volume_test nitpicks
| * | | | | test/e2e/run_volume_test: use unique mount pointKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For volume and bind mount tests, use the in-container mount point path that has no common ancestor with any host path (except for root). This might help to uncover bugs like [1]. Even if not, it seems lile a good cleanup regardless. [1] https://github.com/containers/libpod/pull/5676 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>