summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* apparmor: respect "unconfined" settingValentin Rothberg2018-08-09
| | | | | | | | | | The "unconfined" profile must be treated specially to turn off apparmor confinement and to avoid applying any other profile. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1241 Approved by: mheon
* oci.go: syslog: fix debug formattingValentin Rothberg2018-08-09
| | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1242 Approved by: rhatdan
* add podman pod inspectbaude2018-08-09
| | | | | | | | | first pass of podman pod inspect Signed-off-by: baude <bbaude@redhat.com> Closes: #1236 Approved by: rhatdan
* Fix ambiguity in adding localhost to podman savehaircommander2018-08-08
| | | | | | | | | | | ...and some naming decisions. This change ensures podman save doesn't incorrectly prepend localhost when saving an image. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1140 Approved by: rhatdan
* Fix CGroupFS cgroup manager cgroup creation for podsMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1237 Approved by: rhatdan
* Update Conmon commit for testingMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1232 Approved by: rhatdan
* Pass newly-added --log-level flag to ConmonMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1232 Approved by: rhatdan
* Cleanup man pagesDaniel J Walsh2018-08-08
| | | | | | | | | | | podman does not support nocopy so remove reference in the man page. podman build now supports --isolation, so add documentation. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1225 Approved by: TomSweeneyRedHat
* Improve ps handling of container start/stop timeMatthew Heon2018-08-08
| | | | | | | | | | | | | | Previously all calculations were done based off the container's start time. Retrieve end time and use it to calculate time stopped for containers. Also, convert ps JSON output to report timestamps for create, start, and stop times. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1228 Approved by: rhatdan
* rootless: fix user lookup if USER= is not setGiuseppe Scrivano2018-08-08
| | | | | | | | | | | | Lookup the current username by UID if the USER env variable is not set. Reported in: https://github.com/projectatomic/libpod/issues/1092 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1217 Approved by: rhatdan
* enabled copr epel builds againbaude2018-08-08
| | | | | | | | | centos/epel does not understand the Recommends tag Signed-off-by: baude <bbaude@redhat.com> Closes: #1231 Approved by: rhatdan
* Handle yum and dnfbaude2018-08-07
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #1227 Approved by: rhatdan
* Test regressions against the RPM spec filebaude2018-08-07
| | | | | | | | | | | We need to make sure we dont break the RPM spec files week-to-week. If we do, the packagers need to have a place to look at what changes are needed to the SPEC so they can pull the changes into the distributions. Signed-off-by: baude <bbaude@redhat.com> Closes: #1230 Approved by: rhatdan
* Pass DESTDIR down to python MakefileDaniel J Walsh2018-08-07
| | | | | | | | | | | | In order to get a cleaner build out of the rpms we should pass down the DESTDIR to the python Makefiles. Then we can use them instead of hard coding other inteligence into the spec files. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1214 Approved by: baude
* Add dpkg support for returning oci/conmon versionsDaniel J Walsh2018-08-07
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1224 Approved by: baude
* Have info print conmon/oci runtime informationDaniel J Walsh2018-08-07
| | | | | | | | | We need into to identify the OCI runtime and conmon used by podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1224 Approved by: baude
* Better pull error for fully-qualified imagesbaude2018-08-06
| | | | | | | | | | | | | | | | | | | When pulling a fully-qualified image that fails, we should not be talking about registries/search registries in the the error message as it is not applicable. If a image that is fq'd and fails to pull, the error should be simplified. ``` $ sudo podman pull this-does-not-exist.example.com/foo Trying to pull this-does-not-exist.example.com/foo...Failed error pulling image "this-does-not-exist.example.com/foo": unable to pull this-does-not-exist.example.com/foo: unable to pull image, or you do not have pull access $ ``` Resolves: #1212 Signed-off-by: baude <bbaude@redhat.com> Closes: #1216 Approved by: mheon
* Stub varlink pod methods.haircommander2018-08-06
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1196 Approved by: baude
* Remove inotify work aroundJhon Honce2018-08-06
| | | | | | | | | PR#1215 fixed issue with podman blowing up inotify Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1222 Approved by: baude
* Rename varlink socket and interfacebaude2018-08-06
| | | | | | | | | io.projectatomic.podman -> io.podman Signed-off-by: baude <bbaude@redhat.com> Closes: #1204 Approved by: mheon
* Merge pull request #1220 from baude/coprgitrevBrent Baude2018-08-06
|\ | | | | Change tarball filename in copr prepare and match short-commit length
| * Change tarball filename in copr prepare and match short-commit lengthbaude2018-08-06
|/ | | | Signed-off-by: baude <bbaude@redhat.com>
* Add Runc and Conmon versions to Podman Versionbaude2018-08-05
| | | | | | | | | | It will be handy to know the runc and conmon versions as our code gets into the wild. Signed-off-by: baude <bbaude@redhat.com> Closes: #1207 Approved by: rhatdan
* Merge pull request #1218 from baude/coprupdatespecBrent Baude2018-08-05
|\ | | | | update copr spec, lets get it building again
| * update copr spec, lets get it building againbaude2018-08-05
|/ | | | Signed-off-by: baude <bbaude@redhat.com>
* Add missing dependencies to build systemJhon Honce2018-08-05
| | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1199 Approved by: rhatdan
* Port to MacOSJhon Honce2018-08-05
| | | | | | | | | | | | | | | * Refactor Tunnel to support selecting port for remote sshd * Refactor ssh tunnel to support MacOS version of ssh * Refactor Tunnel.close() to find and kill off zombie siblings * Add psutil dependency * Add logging setup, letting library produce debugging records * Clean up Tunnel API * Fix test_runner.sh to propagate returncode to caller Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1199 Approved by: rhatdan
* Make one runtime for the varlink servicebaude2018-08-05
| | | | | | | | | | | | | Rather than making a runtime each time a client hits a varlink endpoint, we now make a single runtime when the varlink service starts up. This fixes a problem where we hit a max inotify limit from CNI. Resolves: #1211 Signed-off-by: baude <bbaude@redhat.com> Closes: #1215 Approved by: rhatdan
* Merge pull request #1213 from mheon/bump-0.8.1Matthew Heon2018-08-03
|\ | | | | Bump to 0.8.1
| * Bump gitvalidation epochMatthew Heon2018-08-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.2-devMatthew Heon2018-08-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.1v0.8.1Matthew Heon2018-08-03
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Vendor in latest github.com/projectatomic/buildahDaniel J Walsh2018-08-03
| | | | | | | | | | | | | | This adds support for Dockerfile.in and fixes some limits issues on docker build Also adds support for podman build to read Dockerfile from stdin. cat Dockerfile | podman build -f - . Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1209 Approved by: mheon
* Update gitvalidation epochMatthew Heon2018-08-03
| | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #1210 Approved by: rhatdan
* Check for missing arguments in /proc/self/cmdlineAnders F Björklund2018-08-03
| | | | | Closes: #1206 Approved by: giuseppe
* Added ps --pod optionhaircommander2018-08-02
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1205 Approved by: rhatdan
* clarify pull error messagebaude2018-08-02
| | | | | | | | | | | | | when pulling, we can fail to find an image (i.e. it doesn't exist) or we can not have authority/access to pull it. the registries don't tell us one way or another so the error message needs to cover both. Resolves #1194 Signed-off-by: baude <bbaude@redhat.com> Closes: #1195 Approved by: rhatdan
* rootless: do not set setgroups to deny when using newuidmapGiuseppe Scrivano2018-08-02
| | | | | | | | | It is required only when directly configuring the user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1200 Approved by: rhatdan
* Merge pull request #1201 from giuseppe/fix-segfault-rootlessDaniel J Walsh2018-08-02
|\ | | | | rootless: do not segfault if the parent already died
| * rootless: do not segfault if the parent already diedGiuseppe Scrivano2018-08-02
| | | | | | | | | | | | Closes: https://github.com/projectatomic/libpod/issues/1189 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #1202 from rhatdan/manDaniel J Walsh2018-08-02
|\ \ | | | | | | Man page fixes found by https://pagure.io/ManualPageScan
| * | Man page fixes found by https://pagure.io/ManualPageScanDaniel J Walsh2018-08-02
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Inline pullGoalNamesFromPossiblyUnqualifiedName into ↵Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Runtime.pullGoalFromPossibly... Again, we only needed them split for tests; so, integrate them back. Then drop all remaining references to pullRefName and pullGoalNames, which are not used for anything. Should not change behavior Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* | | Replace getPullRefName by Runtime.getPullRefPairMiloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This more or less reverts 9c9401a96c0b7d43dcea19c2972ef9612cc0a136 "Replace getPullRefPair with getPullRefName"; now that tests don't require us to use pullRefName, move creation of storage references deeper into the calls stack to reduce string use. ir.getSinglePullRefNameGoal is accordingly updated to ir.getSinglePullRefPairGoal, and we need to add a ~duplicate singlePullRefPairGoal; that duplication of singlePullRefNameGoal will soon be resolved by dropping singlePullRefNameGoal. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* | | Inline pullGoalNamesFromImageReference back into ↵Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Runtime.pullGoalFromImageReference Now that we don't need a separate pullGoalNamesFromImageReference for running tests, inline it back. This forces us to add some glue code to getSinglePullRefNameGoal and to convert between pullGoal and *pullGoal; that is temporary and will be cleaned up soon. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* | | Introduce getSinglePullRefNameGoalMiloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This merely wraps the > return singlePullRefNameGoal(getPullRefName(... reference)), nil pattern which is used for almost all getPullRefName uses. For now it seems not really worth it, but it will result in shorter code (and smaller migration) after we replace getPullRefName with getPullRefPair, which can fail, again - the pullGoalNamesFromImageReference will not have to add any error handling. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* | | Test Runtime.pullGoalFromPossiblyUnqualifiedName instead of pullGoalNameFrom...Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Similarly to pullGoalNamesFromImageReference, use a storage.Store and test the actually created references; that is more representative, and clearly shows the impact of further normalization in storageReference (like defaulting to :latest on NameOnly references). Only modifies tests, so does not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* | | Test Runtime.pullGoalFromImageReference instead of ↵Miloslav Trmač2018-08-02
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pullGoalNamesFromImageReference pullGoalNamesFromImageReference has been added only to allow testing without a storage.Store, because I thought that a storage.Store can only be created by root. It turns out that non-root stores, at least good enough for reference parsing and formatting, are possible (and have existed in c/image/storage tests), so this creates such a store, and modifies the existing test to test the created c/image/storage.storageReference values instead of strings; that is more representative, and clearly shows the impact of further normalization in storageReference (like defaulting to :latest on NameOnly references). Eventually we will want to get rid of pullGoalNames / pullRefName. Only modifies tests, so does not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* | Use REGISTRIES_CONFIG_PATH for all testsbaude2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We should not be using the test systems registries.conf file for integration tests. We should always use a constructed file created specifically for the integration tests or we stand to have unpredictable results. The beforeTest function now sets an environment variable pointing to a registries.conf file in the test's tempdir. That file will container docker.io as a default. The afterTest function then clears the environment variable. Signed-off-by: baude <bbaude@redhat.com> Closes: #1197 Approved by: rhatdan
* | RFC: Rename runtime.pullImage to runtime.pullImageFromHeuristicSourceMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is similar to the PushImageToHeuristicDestination RFC. The goal is to be very explicit about which functions try to heuristically guess what is the expected format of the string. Not quite "shaming" the users, but making sure they stand out. RFC: - Is this at all acceptable? Desirable? Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan