summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix static build cache by using cachixSascha Grunert2021-02-01
| | | | | | | | | | | | | | | | | | | | It looks like we always hit the caching issue in Cirrus CI described within #8313. A solution around that is to use cachix, which has been pre-populated from my local machine. To push all (runtime and build) dependencies, we can leverage a pre-populated store by: ``` > nix-store -qR --include-outputs $(nix-instantiate nix/default.nix) | cachix push podman ``` The cache can be re-used by everybody to rapidly build static Podman binaries: https://app.cachix.org/cache/podman [NO TESTS NEEDED] Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
* Merge pull request #9163 from mheon/backports_rc2OpenShift Merge Robot2021-01-29
|\ | | | | Backports for v3.0 RC2
| * Bump to v3.0.0-devMatthew Heon2021-01-29
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Bump to v3.0.0-RC2v3.0.0-rc2Matthew Heon2021-01-29
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Cirrus: add bindings checksValentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | | | Make sure that bindings are in sync with the code. The check is similar to what's already being done with `make vendor`, so integrate the two. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * make bindings generation explicitValentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | Instead of implicitly generating the bindings, make it explicit, similar to `make vendor`. This should prevent redundant and possibly error prone generations. A following commit will shield CI. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * make bindings generation more robutsValentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Go gods did not shine upon us trying to understand what's going on in #9000. The symptom is that `go generate` did not add required imports to a generated file, ultimately breaking subsequent compilation. While it still remains unclear *why* Go is behaving like that, the symptom disappears when `go generate` runs in module mode; that is without `-mod=vendor` and without `GO111MODULE=off`. This was reproducible on two separate machines (Ubuntu and Fedora). Also, when facing an unset GOPATH, set it to Go's default (i.e., $HOME/go) and make sure that GOBIN is in PATH since `goimports` is required by `go generate`. Fixes: #9000 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * simplify bindings generationValentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | | | | | Run `go generate ./pkg/bindings/...` once for all bindings instead of generating them separately. This should speed up bindings generation as a given package is visited only once, and it fixes #8989 by dropping the use of pushd and popd. Fixes: #8989 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * make: generate bindings: use vendorValentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | Set `-mod=vendor` when generating the bindings. We expect all dependencies to be vendored already. This should slightly speed up the bindings generation and prevent redundant network accesses. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * Make generate systemd --new robust against double curly bracesPaul Holzinger2021-01-29
| | | | | | | | | | | | | | | | | | | | | | If the container create command contains an argument with double curly braces the golang template parsing can fail since it tries to interpret the value as variable. To fix this change the default delimiter for the internal template to `{{{{`. Fixes #9034 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Ensure shutdown handler access is syncronizedMatthew Heon2021-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | There was a potential race where two handlers could be added at the same time. Go Maps are not thread-safe, so that could do unpleasant things. Add a mutex to keep things safe. Also, swap the order or Register and Start for the handlers in Libpod runtime created. As written, there was a small gap between Start and Register where SIGTERM/SIGINT would be completely ignored, instead of stopping Podman. Swapping the two closes this gap. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * workdir presence checksValentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A container's workdir can be specified via the CLI via `--workdir` and via an image config with the CLI having precedence. Since images have a tendency to specify workdirs without necessarily shipping the paths with the root FS, make sure that Podman creates the workdir. When specified via the CLI, do not create the path, but check for its existence and return a human-friendly error. NOTE: `crun` is performing a similar check that would yield exit code 127. With this change, however, Podman performs the check and yields exit code 126. Since this is specific to `crun`, I do not consider it to be a breaking change of Podman. Fixes: #9040 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * libpod: add (*Container).ResolvePath()Valentin Rothberg2021-01-29
| | | | | | | | | | | | | | | | | | Add an API to libpod to resolve a path on the container. We can refactor the code that was originally written for copy. Other functions are requiring a proper path resolution, so libpod seems like a reasonable home for sharing that code. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * Add default net info in container inspectbaude2021-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | when inspecting a container that is only connected to the default network, we should populate the default network in the container inspect information. Fixes: #6618 Signed-off-by: baude <bbaude@redhat.com> MH: Small fixes, added another test Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix podman history --no-trunc for the CREATED BY fieldPaul Holzinger2021-01-29
| | | | | | | | | | | | Fixes #9120 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Ensure the Volumes field in Compat Create is honoredMatthew Heon2021-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker has, for unclear reasons, three separate fields in their Create Container struct in which volumes can be placed. Right now we support two of those - Binds and Mounts, which (roughly) correspond to `-v` and `--mount` respectively. Unfortunately, we did not support the third, `Volumes`, which is used for anonymous named volumes created by `-v` (e.g. `-v /test`). It seems that volumes listed here are *not* included in the remaining two from my investigation, so it should be safe to just append them into our handling of the `Binds` (`-v`) field. Fixes #8649 Signed-off-by: Matthew Heon <mheon@redhat.com>
| * remote exec: write conmon error on hijacked connectionValentin Rothberg2021-01-29
|/ | | | | | | | | | | | | | Make sure to write error from conmon on the hijacked http connection. This fixes issues where errors were not reported on the client side, for instance, when specified command was not found on the container. To future generations: I am sorry. The code is complex, and there are many interdependencies among the concurrent goroutines. I added more complexity on top but I don't have a good idea of how to reduce complexity in the available time. Fixes: #8281 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9141 from Luap99/v3-rootless-cniOpenShift Merge Robot2021-01-29
|\ | | | | [v3.0] Add support for rootless network-aliases and static ip/mac
| * Add support for rootless network-aliasesPaul Holzinger2021-01-28
| | | | | | | | | | | | | | | | | | | | Make sure we pass the network aliases as capability args to the cnitool in the rootless-cni-infra container. Also update the dnsname plugin in the cni-infra container. Fixes #8567 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Allow static ip and mac with rootless cni networkPaul Holzinger2021-01-28
|/ | | | | | | | Make sure we pass the ip and mac address as CNI_ARGS to the cnitool which is executed in the rootless-cni-infra container. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #9107 from baude/v3backportdnsnameinternalOpenShift Merge Robot2021-01-26
|\ | | | | [3.0] disable dnsname when --internal
| * disable dnsname when --internalbaude2021-01-26
| | | | | | | | | | | | | | | | when doing a network creation, the dnsname plugin should be disabled when the --internal bool is set. a warning is displayed if this happens and docs are updated. Signed-off-by: baude <bbaude@redhat.com>
| * Use random network names in the e2e testsPaul Holzinger2021-01-26
| | | | | | | | | | | | | | | | | | Unlike the container storage all e2e test are using the same cni config directory. This causes problems if the network name already exists. Using random names will make the second run pass even if the first failed. This is only done to prevent full CI failures. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9112 from baude/v3.0correctpathOpenShift Merge Robot2021-01-26
|\ \ | | | | | | [CI:DOCS]Correct static API html path
| * | [CI:DOCS]Correct static API html pathbaude2021-01-26
| |/ | | | | | | | | | | Correct the path from the reference.rst to the static api documentation. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9108 from edsantiago/fix_rhel_sys_gating_testsOpenShift Merge Robot2021-01-26
|\ \ | |/ |/| [v3.0] fix RHEL gating test: the /sys thing
| * [v3.0] fix RHEL gating test: the /sys thingEd Santiago2021-01-26
|/ | | | | | | Backport one component of #9091 in hopes of fixing RHEL8 gating test failures. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #9097 from TomSweeneyRedHat/crypto_v3.0OpenShift Merge Robot2021-01-26
|\ | | | | Bump golang.org/x/crypto v3.0
| * Bump golang.org/x/crypto v3.0TomSweeneyRedHat2021-01-25
|/ | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #9055 from baude/v3backportcomposelogOpenShift Merge Robot2021-01-21
|\ | | | | [3.0] Set log driver for compatability containers
| * Set log driver for compatability containersbaude2021-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when using the compatibility api to create containers, now reflect the use of k8s-file as json-file so that clients, which are unaware of k8s-file, can work. specifically, if the container is using k8s-file as the log driver, we change the log type in container inspection to json-file. These terms are used interchangably in other locations in libpod/podman. this fixes log messages in compose as well. [NO TESTS NEEDED] Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9043 from cevich/no_smoke_branchesOpenShift Merge Robot2021-01-21
|\ \ | |/ |/| [v3.0] [CI:DOCS] Cirrus: Skip smoke task on branch-push
| * [CI:DOCS] Cirrus: Skip smoke task on branch-pushChris Evich2021-01-20
|/ | | | | | | | | | | There is no need to re-run the same basic validation checks as were presumably already run on a PR before it merged. There are also possible problems properly determining `$EPOCH_TEST_COMMIT` when there have been no successful CI-runs on the branch (i.e. it's new). This needlessly fouls up the git-validation tool. Fix Both problems by just skipping the 'smoke' task for branches and tags. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #9039 from baude/v3backportnocomposeciOpenShift Merge Robot2021-01-20
|\ | | | | [CI:DOCS]Do not run compose tests with CI:DOCS
| * [CI:DOCS]Do not run compose tests with CI:DOCSbaude2021-01-20
| | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9038 from baude/v3backportbindingoptsOpenShift Merge Robot2021-01-20
|\ \ | |/ |/| Add binding options for container|pod exists
| * Add binding options for container|pod existsbaude2021-01-20
|/ | | | | | | | It turns out an options was added to container exists so it makes sense to have pods and container exists calls have an optional structure for options. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #9013 from edsantiago/release_deal_with_set_minus_e--3.0OpenShift Merge Robot2021-01-19
|\ | | | | [v3.0] runner.sh : deal with bash 'set -e'
| * runner.sh : deal with bash 'set -e'Ed Santiago2021-01-18
| | | | | | | | | | | | | | | | | | | | | | Release trigger script failed[1] because the entire script runs under 'set -e'; so a 'grep -- -dev' that finds no results will cause a nonzero exit status and hence the entire script to fail. Work around that. [1] https://cirrus-ci.com/task/4541290882793472 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #9011 from baude/rtdversionOpenShift Merge Robot2021-01-18
|\ \ | | | | | | [CI:DOCS]Add readthedoc link for 3.0 docs
| * | [CI:DOCS]Add readthedoc link for 3.0 docsbaude2021-01-18
| |/ | | | | | | | | | | | | | | renamed the static api documentation and moved it into the documentation directory. then added a link on the reference page to it. this should give us versioned api documentation. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9005 from baude/v3apidocsOpenShift Merge Robot2021-01-18
|\| | | | | [CI:DOCS]Add static HTML for api docs for v3.0
| * [CI:DOCS]Add static HTML for api docs for v3.0baude2021-01-18
|/ | | | | | Manually generated static documentation for the API. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #8997 from rhatdan/v3.0OpenShift Merge Robot2021-01-18
|\ | | | | Bump to v3.0.0-rc1
| * Bump to v3.0.0-rc1v3.0.0-rc1Daniel J Walsh2021-01-18
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8992 from rhatdan/pushOpenShift Merge Robot2021-01-17
|\ | | | | [ci:docs] Create release notes for V3.0.0
| * Create release notes for V3.0.0Daniel J Walsh2021-01-17
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8942 from rhatdan/pushOpenShift Merge Robot2021-01-17
|\ | | | | Allow podman push to push manifest lists
| * Allow podman push to push manifest listsDaniel J Walsh2021-01-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When doing a podman images, manifests lists look just like images, so it is logical that users would assume that they can just podman push them to a registry. The problem is we throw out weird errors when this happens and users need to somehow figure out this is a manifest list rather then an image, and frankly the user will not understand the difference. This PR will make podman push just do the right thing, by failing over and attempting to push the manifest if it fails to push the image. Fix up handling of manifest push Protocol should bring back a digest string, which can either be printed or stored in a file. We should not reimplement the manifest push setup code in the tunnel code but take advantage of the api path, to make sure remote and local work the same way. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #8988 from Luap99/rename-port-completion-funcOpenShift Merge Robot2021-01-16
|\ \ | | | | | | [CI:DOCS] Rename AutocompletePortCommand func