summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #2959 from mheon/merge_volume_flagsOpenShift Merge Robot2019-05-03
|\ | | | | Merge volume flags implementation
| * Fix podman-in-podman volume testMatthew Heon2019-05-02
| | | | | | | | | | | | | | | | | | | | When running inside Podman, we get an extra `nodev` mount option. It doesn't seem to be a bug, more an artifact of running in a somewhat locked-down container. So instead of checking explicitly for a set of mount options, just verify the ones we set are present. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Move handling of ReadOnlyTmpfs into new mounts codeMatthew Heon2019-05-01
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Begin adding volume testsMatthew Heon2019-05-01
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Ensure that named volumes have their options parsedMatthew Heon2019-05-01
| | | | | | | | | | | | | | This involves moving some code out of pkg/spec/ into util/ so it can also be used by libpod. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add options parsing for tmpfs mountsMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | This ensures that all tmpfs mounts added by the user, even with the --mount flag, share a few common options (nosuid, noexec, nodev), and options for tmpfs mounts are properly validated to ensure they are correct. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Use EqualValues instead of reflect equalityMatthew Heon2019-05-01
| | | | | | | | | | | | | | Same result, but notably better error messages when things go wrong. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Hit a number of to-do comments in unified volumes codeMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | As part of this, move bind mount option validity parsing and modification (adding e.g. rbind on bind mounts that are missing it), which requires test changes (expected values have changed). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix options for non-bind and non-tmpfs volumesMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | We were unconditionally resetting volume mount options for all mount points (and by the looks of things, completely dropping tmpfs mounts), which was causing runc to refuse to run containers and all the tests to consequently fail. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Migrate unit tests from cmd/podman into pkg/specMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | Several changes made in the interface of pkg/spec make interacting with it without a runtime difficult to impossible, so move the existing limited testing from cmd/podman (which mostly tested pkg/spec) into pkg/spec itself where we can call individual functions that don't break things. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Migrate to unified volume handling codeMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | Unify handling for the --volume, --mount, --volumes-from, --tmpfs and --init flags into a single file and set of functions. This will greatly improve readability and maintainability. Further, properly handle superceding and conflicting mounts. Our current patchwork has serious issues when mounts conflict, or when a mount from --volumes-from or an image volume should be overwritten by a user volume or named volume. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Always pass pod into MakeContainerConfigMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | Play kube was passing the pod, but CreateConfig was not. Unify it so they both do, so we can remove some unnecessary duplicate lookup code. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Remove non-config fields from CreateConfigMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | The goal here is to keep only the configuration directly used to build the container in CreateConfig, and scrub temporary state and helpers that we need to generate. We'll keep those internally in MakeContainerConfig. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add a new function for converting a CreateConfigMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | Right now, there are two major API calls necessary to turn a filled-in CreateConfig into the options and OCI spec necessary to make a libpod Container. I'm intending on refactoring both of these extensively to unify a few things, so make a common frontend to both that will prevent API changes from leaking out of the package. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3051 from mheon/podman_migrate_fixesOpenShift Merge Robot2019-05-02
|\ \ | | | | | | Small fixes for #2950
| * | Small fixes for #2950Matthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | We merged #2950 with some nits still remaining, as Giuseppe was going on PTO. This addresses those small requested changes. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2985 from baude/generatesystemdOpenShift Merge Robot2019-05-02
|\ \ \ | | | | | | | | Generate Systemd
| * | | Generate systemd unit files for containersbaude2019-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the podman generate systemd command will generate a systemd unit file based on the attributes of an existing container and user inputs. the command outputs the unit file to stdout for the user to copy or redirect. it is enabled for the remote client as well. users can set a restart policy as well as define a stop timeout override for the container. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3060 from mheon/update_cstorageOpenShift Merge Robot2019-05-02
|\ \ \ \ | |/ / / |/| | | Update c/storage to v1.12.6
| * | | Update c/storage to v1.12.6Matthew Heon2019-05-02
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3039 from mheon/podman_initOpenShift Merge Robot2019-05-02
|\ \ \ \ | | | | | | | | | | Add podman init command
| * | | | Fix typo in init manpageMatthew Heon2019-05-02
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Add an InvalidState varlink error for InitMatthew Heon2019-05-02
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Add basic structure of podman init commandMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of this, rework the number of workers used by various Podman tasks to match original behavior - need an explicit fallthrough in the switch statement for that block to work as expected. Also, trivial change to Podman cleanup to work on initialized containers - we need to reset to a different state after cleaning up the OCI runtime. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #3058 from TomSweeneyRedHat/dev/tsweeney/buidah1.8.1OpenShift Merge Robot2019-05-02
|\ \ \ \ \ | | | | | | | | | | | | Bump Buildah to v1.8.1, ImageBuilder to v1.1.0
| * | | | | Bump Buildah to v1.8.1, ImageBuilder to v1.1.0TomSweeneyRedHat2019-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As the title suggests. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | | Merge pull request #3035 from baude/remoteportOpenShift Merge Robot2019-05-02
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | podman-remote port
| * | | | | podman-remote portbaude2019-05-01
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | add the port command to the remote client. this allows users to displa port information about their host system from the remote client Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #3033 from karfau/patch-1OpenShift Merge Robot2019-05-02
|\ \ \ \ \ | | | | | | | | | | | | add arch linux rootless hints to install.md
| * | | | | install.md contains hints for rootless setup on arch linuxChristian Bewernitz2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - related to issue #3030 - including pointer to new section in README.md provided by #3038 Signed-off-by: Christian Bewernitz <coder@karfau.de>
* | | | | | Merge pull request #3056 from TomSweeneyRedHat/dev/tsweeney/healthyOpenShift Merge Robot2019-05-02
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | docs: Fix typo "healthcheck" pt2
| * | | | | docs: Fix typo "healthcheck" pt2TomSweeneyRedHat2019-05-02
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | Replaces #2988. Want to get this is for v1.3. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #3047 from jamescassell/http-proxy-fixupOpenShift Merge Robot2019-05-02
|\ \ \ \ \ | | | | | | | | | | | | http-proxy: improve docs
| * | | | | http-proxy: improve docsJames Cassell2019-05-01
| | |/ / / | |/| | | | | | | | | | | | | Signed-off-by: James Cassell <code@james.cassell.me>
* | | | | Merge pull request #3053 from edsantiago/fix_req_env_varOpenShift Merge Robot2019-05-02
|\ \ \ \ \ | | | | | | | | | | | | cirrus lib.sh: refactor req_env_var()
| * | | | | cirrus lib.sh: refactor req_env_var()Ed Santiago2019-05-02
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Existing code was not working due to a bash gotcha ('exit' from a pipeline). It also had unnecessary duplication. New version is safer; also includes unit tests run under localunit. Existing invocations of req_env_var replaced via: $ [ edit setup_environment.sh, move one closing quote to its own line ] $ perl -ni -e 's/(?<=req_env_var )"(\S+)\s+\$\1"/$1/; if (/req_env_var "$/ .. /^\s*"/) { chomp; s/(?<=\S)\s.*//; if (/^\s*"/) { print "\n" } else { unless (/req_env_var/) { s/^\s+//; print " ";} print;} } else { print }' $(ack -l req_env_var) $ [ hand-massage an incorrect instance of '@' in lib.sh:ircmsg() ] Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #2863 from cevich/fix_new_lintOpenShift Merge Robot2019-05-02
|\ \ \ \ \ | |/ / / / |/| | | | Remove two bits of dead code
| * | | | Remove two bits of dead codeChris Evich2019-05-02
|/ / / / | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3049 from giuseppe/drop-unuseful-checkOpenShift Merge Robot2019-05-01
|\ \ \ \ | |_|_|/ |/| | | container: drop rootless check
| * | | container: drop rootless checkGiuseppe Scrivano2019-05-01
| |/ / | | | | | | | | | | | | | | | | | | we don't need to treat the rootless case differently now that we use a single user namespace. Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
* | | Merge pull request #3031 from baude/remotewindowsOpenShift Merge Robot2019-05-01
|\ \ \ | |/ / |/| | enable podman-remote on windows
| * | enable podman-remote on windowsbaude2019-04-30
| | | | | | | | | | | | | | | | | | | | | build a podman-remote binary for windows that allows users to use the remote client on windows and interact with podman on linux system. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #3018 from jamescassell/auto-http-proxyOpenShift Merge Robot2019-05-01
|\ \ \ | |_|/ |/| | Auto http proxy
| * | auto pass http_proxy into containerJames Cassell2019-04-30
|/ / | | | | | | Signed-off-by: James Cassell <code@james.cassell.me>
* | Merge pull request #3038 from mheon/update_readme_rootlessOpenShift Merge Robot2019-04-30
|\ \ | | | | | | Add details on rootless Podman to the readme
| * | Add details on rootless Podman to the readmeMatthew Heon2019-04-29
| |/ | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3043 from mheon/sudo_teeOpenShift Merge Robot2019-04-30
|\ \ | | | | | | Use 'sudo tee' in tutorial so install works as non-root
| * | Use 'sudo tee' in tutorial so install works as non-rootMatthew Heon2019-04-30
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2992 from cevich/collect_audit_logOpenShift Merge Robot2019-04-30
|\ \ \ | | | | | | | | Cirrus: Collect audit log on success and failure
| * | | Cirrus: Collect audit log on success and failureChris Evich2019-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Also rename `master_script` -> `failed_master_script` to clarify it's "place in the line" when viewing (Cirrus WebUI) Signed-off-by: Chris Evich <cevich@redhat.com>