summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Update release notes for v2.0.6Matthew Heon2020-08-28
| | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #7478 from ashley-cui/2.0docsOpenShift Merge Robot2020-08-28
|\ | | | | [CI:DOCS] remote doc fixes
| * [CI:DOCS] Update podman-remote docsPaul Holzinger2020-08-27
| | | | | | | | | | | | | | | | | | Add support for multi level subcommands. e.g. podman system connection. Update the flags and add note for containers.conf. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * [CI:DOCS] Making docs build on macAshley Cui2020-08-27
| | | | | | | | | | | | sed syntax on mac is different Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #7483 from TomSweeneyRedHat/dev/tsweeney/bumpcommonv2OpenShift Merge Robot2020-08-27
|\ \ | |/ |/| Bump c/common to v0.14.10 and c/conmon to v2.0.20
| * Bump c/common to v0.14.10 and c/conmon to v2.0.20TomSweeneyRedHat2020-08-27
|/ | | | | | As the title says. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #7475 from baude/v2triminitOpenShift Merge Robot2020-08-27
|\ | | | | abi: trim init command
| * abi: trim init commandGiuseppe Scrivano2020-08-27
|/ | | | | | | | without it the systemd detection fails. Closes: https://github.com/containers/podman/issues/7441 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #7450 from baude/v2msiremotestuffOpenShift Merge Robot2020-08-26
|\ | | | | podman-remote fixes for msi and client
| * podman-remote fixes for msi and clientBrent Baude2020-08-25
|/ | | | | | | | correct small typo that sets the path on windows via the msi xml. in the remote client, prompt for SSH password when no identity or alternate means of authentication are provided. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #7443 from mheon/undo_our_hacksOpenShift Merge Robot2020-08-25
|\ | | | | Undo v2.0 branch hacks
| * Update c/storage to v1.20.3Matthew Heon2020-08-25
| | | | | | | | | | | | | | | | This includes an important patch to fix a CI issue where the cleanup process's unmount of a container was not being registered by `podman system service`. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Revert "HACK: Disable build-each-commit"Matthew Heon2020-08-25
| | | | | | | | | | | | | | | | | | | | This reverts commit 44e5d0c1e8272f92d0fa6d41075a0127b241f003. We temporarily disabled this for the last few backports for 2.0.5, given how painful the libpod->podman move made things. We do not want to keep this around long-term, each commit should be required to build. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Revert "HACK: Manually include c/storage #698"Matthew Heon2020-08-25
| | | | | | | | | | | | | | | | | | This reverts commit ae2ee65eff71c5780e4484f1316dbbdd87bf1760. This was a horrible hack that we did for time reasons, to get 2.0.5 out on schedule; now that it has been merged into c/storage properly we no longer need or want it. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #7439 from edsantiago/fix_failing_userns_testOpenShift Merge Robot2020-08-25
|\ \ | |/ |/| run test: use explicit uid/gid
| * run test: use explicit uid/gidEd Santiago2020-08-25
|/ | | | | | | | | | Fixes Fedora gating test failure: if the host tests are running under UID 1000, --userns=keep-id will (of course) add current user as 1000, and the in-container 'adduser' will assign 1001. To prevent that, assign UID 4242 (and hope that that's not our calling user's UID). Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7402 from mheon/last_pr_before_205_really_this_timeOpenShift Merge Robot2020-08-24
|\ | | | | Final v2.0.5 backports
| * Bump to v2.0.6-devMatthew Heon2020-08-24
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Bump to v2.0.5v2.0.5Matthew Heon2020-08-24
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * HACK: Manually include c/storage #698Matthew Heon2020-08-24
| | | | | | | | | | | | | | | | | | | | | | | | We need this release out by end of day, so we don't have time to do this right. Disable the vendor task and manually add c/storage PR #698 to the vendored copy of c/storage to make the tests pass. Once #698 merges into c/storage, we need to remove this commit and backport it to the v1.20 stable branch, then cut a release there. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Final release notes update for v2.0.5.Matthew Heon2020-08-24
| | | | | | | | | | | | Really. I promise. No more after this. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Clean up pods before returning from Pod Stop API callMatthew Heon2020-08-24
| | | | | | | | | | | | | | This should help alleviate races where the pod is not fully cleaned up before subsequent API calls happen. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Ensure pod infra containers have an exit commandMatthew Heon2020-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most Libpod containers are made via `pkg/specgen/generate` which includes code to generate an appropriate exit command which will handle unmounting the container's storage, cleaning up the container's network, etc. There is one notable exception: pod infra containers, which are made entirely within Libpod and do not touch pkg/specgen. As such, no cleanup process, network never cleaned up, bad things can happen. There is good news, though - it's not that difficult to add this, and it's done in this PR. Generally speaking, we don't allow passing options directly to the infra container at create time, but we do (optionally) proxy a pre-approved set of options into it when we create it. Add ExitCommand to these options, and set it at time of pod creation using the same code we use to generate exit commands for normal containers. Fixes #7103 Signed-off-by: Matthew Heon <mheon@redhat.com> <MH: Fixed cherry-pick conflicts> Signed-off-by: Matthew Heon <mheon@redhat.com>
| * error when adding container to pod with network informationBrent Baude2020-08-24
|/ | | | | | | | | | | | | | | | because a pod's network information is dictated by the infra container at creation, a container cannot be created with network attributes. this has been difficult for users to understand. we now return an error when a container is being created inside a pod and passes any of the following attributes: * static IP (v4 and v6) * static mac * ports -p (i.e. -p 8080:80) * exposed ports (i.e. 222-225) * publish ports from image -P Signed-off-by: Brent Baude <bbaude@redhat.com> <MH: Fixed cherry pick conflicts and compile> Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #7410 from rhatdan/v2.0OpenShift Merge Robot2020-08-24
|\ | | | | Vendor in containers/common v0.14.9
| * Vendor in containers/common v0.14.9Daniel J Walsh2020-08-23
|/ | | | | | | This will fix the localions of the containers.conf file on Windows and MacOS Boxes. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7399 from rhatdan/v2.0OpenShift Merge Robot2020-08-21
|\ | | | | In podman 1.* regression on --cap-add
| * In podman 1.* regression on --cap-addDaniel J Walsh2020-08-21
|/ | | | | | | | | | | | In podman 1.0 if you executed a command like: podman run --user dwalsh --cap-add net_bind_service alpine nc -l 80 It would work, and the user dwalsh would get the capability, in podman 2.0, only root and the binding set gets the capability. This change restores us back to the way podman 1.0 worked. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7363 from mheon/lets_try_this_againOpenShift Merge Robot2020-08-21
|\ | | | | Lets try this again: v2.0.5 backports, round 2
| * fix pod creation with "new:" syntax followup + allow hostnamePaul Holzinger2020-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: 4c75fe3f70ed ("fix pod creation with "new:" syntax") Commit 4c75fe3f70ed passes all net options to the pod but forgot to unset the options for the container creation. This leads to erros when using flags like `--ip` since we tried setting the ip on the pod and container which obviously fails. I didn't notice the bug because we don't throw an error when specifing port bindings on a container which joins the pods network namespace. (#7373) Also allow the use of `--hostname` and pass that option to the pod and unset it for the container. The container has to use the pods hostname anyway. This would error otherwise. Added tests to prevent regression. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Fix a Makefile issueMatthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix a system test failureMatthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix imports (podman -> libpod for v2.0 branch)Matthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Final set of updates to release notesMatthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add support for --connectionDaniel J Walsh2020-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * override --url and/or --identity fields from containers.conf * --connection flag has higher precedence than ActiveService from containers.conf. Which is set via podman system connection default * Add newline to error message printed on stderr * Added --connection to bash completion and documentation * Updated bindings to query server in case of no path or / Closes #jira-991 Fixes #7276 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Jhon Honce <jhonce@redhat.com> Squashed commits to work around CI issue <MH: Fixed rebase conflicts on v2.0> Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * remove --latest for all remote commandsBrent Baude2020-08-20
| | | | | | | | | | | | | | | | instead of hiding the latest options for podman-remote or catching an error if podman --remote <cmd> -l is used, we no longer add the latest option to any remote command. podman will error with a "unknown flag" option. Fixes: #7127 Signed-off-by: Brent Baude <bbaude@redhat.com>
| * Further release notes updates for v2.0.5Matthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * fix podman create/run UTS NS docsPaul Holzinger2020-08-20
| | | | | | | | | | | | | | | | Add better error message when using `--pod` and `--hostname`. Improve the docs to better explain the uts hostname relation. Add more valid options for the `--uts` flag. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * abi: fix detection for systemdGiuseppe Scrivano2020-08-20
| | | | | | | | | | | | | | | | | | create a scope everytime we don't own the current cgroup and we are running on systemd. Closes: https://github.com/containers/podman/issues/6734 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * fix podman version output to include git commit and builttimePaul Holzinger2020-08-20
| | | | | | | | | | | | Add the go module version v2 to the libpod path. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * generate systemd: quote arguments with whitespaceValentin Rothberg2020-08-20
| | | | | | | | | | | | | | | | | | | | | | Make sure that arguments with whitespace are properly quoted so they are interpreted as one (and not multiple ones) by systemd. Now `-e tz="america/new york"` will be generated as `-e "tz=america/new york"`. The quotes are moving but the argument is still correct. Fixes: #7285 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * Unmount c/storage containers before removing themMatthew Heon2020-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When `podman rmi --force` is run, it will remove any containers that depend on the image. This includes Podman containers, but also any other c/storage users who may be using it. With Podman containers, we use the standard Podman removal function for containers, which handles all edge cases nicely, shutting down running containers, ensuring they're unmounted, etc. Unfortunately, no such convient function exists (or can exist) for all c/storage containers. Identifying the PID of a Buildah, CRI-O, or Podman container is extremely different, and those are just the implementations under the containers org. We can't reasonably be able to know if a c/storage container is *in use* and safe for removal if it's not a Podman container. At the very least, though, we can attempt to unmount a storage container before removing it. If it is in use, this will fail (probably with a not-particularly-helpful error message), but if it is not in use but not fully cleaned up, this should make our removing it much more robust than it normally is. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * [WIP] Refactor podman system connectionJhon Honce2020-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support to manage multiple connections * Add connection * Remove connection * Rename connection * Set connection as default * Add markdown/man pages * Fix recursion in hack/xref-helpmsgs-manpages Signed-off-by: Jhon Honce <jhonce@redhat.com> <MH: Fixed build after rebase> Signed-off-by: Matt Heon <matthew.heon@pm.me>
| * Fix `podman system connection` panicJhon Honce2020-08-20
| | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
| * Revert "remove podman system connection"Matthew Heon2020-08-20
| | | | | | | | | | | | | | This reverts commit 66e1626282fab661ac12a354f70b3b2221c69d7c. We are reenabling podman-system-connection. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Bump github.com/containers/common to v0.14.7Matthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix imports for runtime_img.goMatthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix one import path pointing to containers/podmanMatthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * HACK: Disable build-each-commitMatthew Heon2020-08-20
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Ensure DefaultEnvVariables is used in SpecgenMatthew Heon2020-08-20
| | | | | | | | | | | | | | | | | | | | | | | | When we rewrote Podman's pkg/spec, one of the things that was lost was our use of a set of default environment variables, that ensure all containers have at least $PATH and $TERM set. While we're in the process of re-adding it, change it from a variable to a function, so we can ensure the Join function does not overwrite it and corrupt the defaults. Signed-off-by: Matthew Heon <matthew.heon@pm.me>