summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Bump github.com/containers/image/v5 from 5.10.0 to 5.10.1dependabot-preview[bot]2021-01-29
| | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.10.0 to 5.10.1. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.10.0...v5.10.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9110 from rhatdan/cgroupsOpenShift Merge Robot2021-01-28
|\ | | | | Don't fail if one of the cgroups is not setup
| * Don't fail if one of the cgroups is not setupDaniel J Walsh2021-01-27
| | | | | | | | | | | | | | | | | | | | | | It is fairly common for certain cgroups controllers to not be enabled on a system. We should Warn when this happens versus failing, when doing podman stats command. This way users can get information from the other controllers. Fixes: https://github.com/containers/podman/issues/8588 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9140 from ↵OpenShift Merge Robot2021-01-28
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.10.0 Bump github.com/containers/image/v5 from 5.9.0 to 5.10.0
| * | Bump github.com/containers/image/v5 from 5.9.0 to 5.10.0dependabot-preview[bot]2021-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.9.0 to 5.10.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.9.0...v5.10.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9115 from rhatdan/pullOpenShift Merge Robot2021-01-28
|\ \ \ | | | | | | | | Switch podman image push handlers to use abi
| * | | Switch podman image push handlers to use abiDaniel J Walsh2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change API Handlers to use the same functions that the local podman uses. At the same time: Cleanup and pass proper bindings. Remove cli options from podman-remote push. Cleanup manifest push. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #8585 from Luap99/rootless-net-aliasOpenShift Merge Robot2021-01-28
|\ \ \ \ | |_|/ / |/| | | Add support for rootless network-aliases and static ip/mac
| * | | Add support for rootless network-aliasesPaul Holzinger2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure we pass the network aliases as capability args to the cnitool in the rootless-cni-infra container. Also update the dnsname plugin in the cni-infra container. Fixes #8567 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * | | Allow static ip and mac with rootless cni networkPaul Holzinger2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure we pass the ip and mac address as CNI_ARGS to the cnitool which is executed in the rootless-cni-infra container. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | Merge pull request #9082 from saschagrunert/static-buildOpenShift Merge Robot2021-01-27
|\ \ \ \ | |_|_|/ |/| | | Fix static build cache by using cachix
| * | | Fix static build cache by using cachixSascha Grunert2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It looks like we always hit the caching issue in Cirrus CI described within #8313. A solution around that is to use cachix, which has been pre-populated from my local machine. To push all (runtime and build) dependencies, we can leverage a pre-populated store by: ``` > nix-store -qR --include-outputs $(nix-instantiate nix/default.nix) | cachix push podman ``` The cache can be re-used by everybody to rapidly build static Podman binaries: https://app.cachix.org/cache/podman [NO TESTS NEEDED] Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
* | | | Merge pull request #9127 from vrothberg/fix-9111OpenShift Merge Robot2021-01-27
|\ \ \ \ | | | | | | | | | | podman build --pull: use correct policy
| * | | | podman build --pull: use correct policyValentin Rothberg2021-01-27
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `--pull` flag should be using the "pull if newer" pull policy rather than "pull always". This aligns with what the help message states, what Buildah does and, according to #9111, what was done before, Also add a test to prevent future regressions. Fixes: #9111 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #9105 from vrothberg/fix-8281OpenShift Merge Robot2021-01-27
|\ \ \ \ | |/ / / |/| | | remote exec: write conmon error on hijacked connection
| * | | remote exec: write conmon error on hijacked connectionValentin Rothberg2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure to write error from conmon on the hijacked http connection. This fixes issues where errors were not reported on the client side, for instance, when specified command was not found on the container. To future generations: I am sorry. The code is complex, and there are many interdependencies among the concurrent goroutines. I added more complexity on top but I don't have a good idea of how to reduce complexity in the available time. Fixes: #8281 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #9124 from vrothberg/fix-8358OpenShift Merge Robot2021-01-27
|\ \ \ \ | | | | | | | | | | e2e tests: synchronize test results
| * | | | e2e tests: synchronize test resultsValentin Rothberg2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use a mutex to synchronize the slice for storing tests results. Running the e2e tests in parallel is otherwise subject to race conditions surfacing in lost entries. Fixes: #8358 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #9095 from rhatdan/psOpenShift Merge Robot2021-01-27
|\ \ \ \ \ | |_|_|_|/ |/| | | | podman-remote ps --external --pod --sort do not work.
| * | | | podman-remote ps --external --pod --sort do not work.Daniel J Walsh2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixup the bindings and the handling of the --external --por and --sort flags. The --storage option was renamed --external, make sure we use external up and down the stack. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #9025 from mheon/add_support_volumes_fieldOpenShift Merge Robot2021-01-27
|\ \ \ \ \ | | | | | | | | | | | | Ensure the Volumes field in Compat Create is honored
| * | | | | Ensure the Volumes field in Compat Create is honoredMatthew Heon2021-01-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker has, for unclear reasons, three separate fields in their Create Container struct in which volumes can be placed. Right now we support two of those - Binds and Mounts, which (roughly) correspond to `-v` and `--mount` respectively. Unfortunately, we did not support the third, `Volumes`, which is used for anonymous named volumes created by `-v` (e.g. `-v /test`). It seems that volumes listed here are *not* included in the remaining two from my investigation, so it should be safe to just append them into our handling of the `Binds` (`-v`) field. Fixes #8649 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | | Merge pull request #9122 from Luap99/fix-9120OpenShift Merge Robot2021-01-27
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Fix podman history --no-trunc for the CREATED BY field
| * | | | | Fix podman history --no-trunc for the CREATED BY fieldPaul Holzinger2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #9120 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | | Merge pull request #9109 from mheon/issue6618OpenShift Merge Robot2021-01-27
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Fix #6618
| * | | | | Add default net info in container inspectbaude2021-01-26
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when inspecting a container that is only connected to the default network, we should populate the default network in the container inspect information. Fixes: #6618 Signed-off-by: baude <bbaude@redhat.com> MH: Small fixes, added another test Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #9101 from gbraad/console-mode-messageOpenShift Merge Robot2021-01-27
|\ \ \ \ \ | |/ / / / |/| | | | Fix #9100 Change console mode message to debug
| * | | | Fix #9100 Change console mode message to debugGerard Braad2021-01-27
| | |/ / | |/| | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
* | | | Merge pull request #9106 from baude/issue9104OpenShift Merge Robot2021-01-26
|\ \ \ \ | | | | | | | | | | [CI:DOCS]update state of restful service
| * | | | [CI:DOCS]update state of restful servicebaude2021-01-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we have not updated the state of the restful service. it is no longer considered under development. additionally, clarified our support of remote clients. Fixes: #9104 Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #9029 from mergetb/masterOpenShift Merge Robot2021-01-26
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] api: fix import image swagger definition
| * | | | | api: fix import image swagger definitionRyan Goodfellow2021-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman API implementation only accepts image uploads with the applicatoin/x-tar content type, however the generated swagger documentation currently states this should be a form encoded file with the content type application/x-www-form-urlencoded which does not work. Signed-off-by: Ryan Goodfellow <rgoodfel@isi.edu>
* | | | | | Merge pull request #9054 from vrothberg/fix-9040OpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | make sure the workdir exists on container mount
| * | | | | | workdir presence checksValentin Rothberg2021-01-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A container's workdir can be specified via the CLI via `--workdir` and via an image config with the CLI having precedence. Since images have a tendency to specify workdirs without necessarily shipping the paths with the root FS, make sure that Podman creates the workdir. When specified via the CLI, do not create the path, but check for its existence and return a human-friendly error. NOTE: `crun` is performing a similar check that would yield exit code 127. With this change, however, Podman performs the check and yields exit code 126. Since this is specific to `crun`, I do not consider it to be a breaking change of Podman. Fixes: #9040 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | | libpod: add (*Container).ResolvePath()Valentin Rothberg2021-01-26
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an API to libpod to resolve a path on the container. We can refactor the code that was originally written for copy. Other functions are requiring a proper path resolution, so libpod seems like a reasonable home for sharing that code. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #9022 from cevich/swagger_uploadOpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | Cirrus: Upload swagger YAML in every context
| * | | | | | Cirrus: Upload swagger YAML in every contextChris Evich2021-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman documentation site uses javascript to display API documentation at: http://docs.podman.io/en/latest/Reference.html As input, the javascript sources from a CORS-enabled Google Cloud Storage object. This commit ensures the storage object is present and updated for every Cirrus-CI execution context: Tags, Branches, and PRs. As of this commit, the documentation site only utilizes the object uploaded by the Cirrus-CI run on the `master` branch: `swagger-master.yaml`. The file produced and uploaded due to a PR is intended for testing purposes: Confirm it's generation and uploading are both functional. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | | Merge pull request #8761 from ↵OpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | | | | | | | | | | | | | | | | ybelleguic/fix-man-page-on-overlayfs-in-rootless-mode [CI:DOCS] Fix man page for fuse-overlayfs config in rootless mode
| * | | | | | Fix man page for fuse-overlayfs config in rootless modeYohan Belléguic2021-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Yohan Belléguic <yohan.belleguic@arkea.com>
* | | | | | | Merge pull request #9070 from rhatdan/searchOpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fixup search
| * | | | | | | Fixup searchDaniel J Walsh2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman-remote search had some FIXMEs in tests that were failing. So I reworked the search handler to use the local abi. This means the podman search and podman-remote search will use the same functions. While doing this, I noticed we were just outputing errors via logrus.Error rather then returning them, which works ok for podman but the messages get lost on podman-remote. Changed the code to actually return the error messages to the caller. This allows us to turn on the remaining podman-remote FIXME tests. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | | Merge pull request #9084 from rhatdan/overrideOpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ \ \ | |_|_|_|_|_|/ / |/| | | | | | | Fix --arch and --os flags to work correctly
| * | | | | | | Fix --arch and --os flags to work correctlyDaniel J Walsh2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently podman implements --override-arch and --overide-os But Podman has made these aliases for --arch and --os. No reason to have to specify --override, since it is clear what the user intends. Currently if the user specifies an --override-arch field but the image was previously pulled for a different Arch, podman run uses the different arch. This PR also fixes this issue. Fixes: https://github.com/containers/podman/issues/8001 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | | Merge pull request #9094 from rhatdan/mountOpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ \ \ | |_|_|_|_|/ / / |/| | | | | | | Pass DefaultMountsFile to podman build
| * | | | | | | Pass DefaultMountsFile to podman buildDaniel J Walsh2021-01-25
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --default-mounts-file path was not being handled in podman build. This will enable it to use for testing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #9090 from mheon/sync_shutdownOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Ensure shutdown handler access is syncronized
| * | | | | | | Ensure shutdown handler access is syncronizedMatthew Heon2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There was a potential race where two handlers could be added at the same time. Go Maps are not thread-safe, so that could do unpleasant things. Add a mutex to keep things safe. Also, swap the order or Register and Start for the handlers in Libpod runtime created. As written, there was a small gap between Start and Register where SIGTERM/SIGINT would be completely ignored, instead of stopping Podman. Swapping the two closes this gap. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | | | | Merge pull request #9091 from edsantiago/more_batsOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | System tests: cover gaps from the last month
| * | | | | | | | System tests: cover gaps from the last monthEd Santiago2021-01-25
| | |/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - stop: test --all and --ignore (#9051) - build: test /run/secrets (#8679, but see below) - sensitive mount points: deal with 'stat' failures - selinux: confirm useful diagnostics on unknown labels (#8946) The 'build' test is intended as a fix for #8679, in which 'podman build' does not mount secrets from mounts.conf. Unfortunately, as of this writing, 'podman build' does not pass the --default-mounts-file option to buildah, so there's no reasonable way to test this path. Still, we can at least confirm /run/secrets on 'podman run'. The /sys thing is related to #8949: RHEL8, rootless, cgroups v1. It's just a workaround to get gating tests to pass on RHEL. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | | Merge pull request #9081 from ↵OpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/google/uuid-1.2.0 Bump github.com/google/uuid from 1.1.5 to 1.2.0