summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix podman-in-podman volume testMatthew Heon2019-05-02
| | | | | | | | | | When running inside Podman, we get an extra `nodev` mount option. It doesn't seem to be a bug, more an artifact of running in a somewhat locked-down container. So instead of checking explicitly for a set of mount options, just verify the ones we set are present. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Move handling of ReadOnlyTmpfs into new mounts codeMatthew Heon2019-05-01
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Begin adding volume testsMatthew Heon2019-05-01
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Ensure that named volumes have their options parsedMatthew Heon2019-05-01
| | | | | | | This involves moving some code out of pkg/spec/ into util/ so it can also be used by libpod. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add options parsing for tmpfs mountsMatthew Heon2019-05-01
| | | | | | | | | This ensures that all tmpfs mounts added by the user, even with the --mount flag, share a few common options (nosuid, noexec, nodev), and options for tmpfs mounts are properly validated to ensure they are correct. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Use EqualValues instead of reflect equalityMatthew Heon2019-05-01
| | | | | | | Same result, but notably better error messages when things go wrong. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Hit a number of to-do comments in unified volumes codeMatthew Heon2019-05-01
| | | | | | | | As part of this, move bind mount option validity parsing and modification (adding e.g. rbind on bind mounts that are missing it), which requires test changes (expected values have changed). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Fix options for non-bind and non-tmpfs volumesMatthew Heon2019-05-01
| | | | | | | | | We were unconditionally resetting volume mount options for all mount points (and by the looks of things, completely dropping tmpfs mounts), which was causing runc to refuse to run containers and all the tests to consequently fail. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Migrate unit tests from cmd/podman into pkg/specMatthew Heon2019-05-01
| | | | | | | | | | Several changes made in the interface of pkg/spec make interacting with it without a runtime difficult to impossible, so move the existing limited testing from cmd/podman (which mostly tested pkg/spec) into pkg/spec itself where we can call individual functions that don't break things. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Migrate to unified volume handling codeMatthew Heon2019-05-01
| | | | | | | | | | | | | Unify handling for the --volume, --mount, --volumes-from, --tmpfs and --init flags into a single file and set of functions. This will greatly improve readability and maintainability. Further, properly handle superceding and conflicting mounts. Our current patchwork has serious issues when mounts conflict, or when a mount from --volumes-from or an image volume should be overwritten by a user volume or named volume. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Always pass pod into MakeContainerConfigMatthew Heon2019-05-01
| | | | | | | | Play kube was passing the pod, but CreateConfig was not. Unify it so they both do, so we can remove some unnecessary duplicate lookup code. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Remove non-config fields from CreateConfigMatthew Heon2019-05-01
| | | | | | | | | The goal here is to keep only the configuration directly used to build the container in CreateConfig, and scrub temporary state and helpers that we need to generate. We'll keep those internally in MakeContainerConfig. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add a new function for converting a CreateConfigMatthew Heon2019-05-01
| | | | | | | | | | | Right now, there are two major API calls necessary to turn a filled-in CreateConfig into the options and OCI spec necessary to make a libpod Container. I'm intending on refactoring both of these extensively to unify a few things, so make a common frontend to both that will prevent API changes from leaking out of the package. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3018 from jamescassell/auto-http-proxyOpenShift Merge Robot2019-05-01
|\ | | | | Auto http proxy
| * auto pass http_proxy into containerJames Cassell2019-04-30
|/ | | | Signed-off-by: James Cassell <code@james.cassell.me>
* Merge pull request #3038 from mheon/update_readme_rootlessOpenShift Merge Robot2019-04-30
|\ | | | | Add details on rootless Podman to the readme
| * Add details on rootless Podman to the readmeMatthew Heon2019-04-29
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3043 from mheon/sudo_teeOpenShift Merge Robot2019-04-30
|\ \ | | | | | | Use 'sudo tee' in tutorial so install works as non-root
| * | Use 'sudo tee' in tutorial so install works as non-rootMatthew Heon2019-04-30
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2992 from cevich/collect_audit_logOpenShift Merge Robot2019-04-30
|\ \ \ | | | | | | | | Cirrus: Collect audit log on success and failure
| * | | Cirrus: Collect audit log on success and failureChris Evich2019-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Also rename `master_script` -> `failed_master_script` to clarify it's "place in the line" when viewing (Cirrus WebUI) Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #2995 from jwhonce/wip/cleanupOpenShift Merge Robot2019-04-30
|\ \ \ \ | | | | | | | | | | Refactor container cleanup to use latest functions
| * | | | Refactor container cleanup to use latest functionsJhon Honce2019-04-30
| | |/ / | |/| | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #3026 from baude/remotestartattachOpenShift Merge Robot2019-04-30
|\ \ \ \ | |/ / / |/| | | Fix remote-client testing reports
| * | | Fix remote-client testing reportsbaude2019-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure when using remote attach --no-stdin a mock device is used to prevent stdin and not nil. This fixes issue #3009. When starting a container with the remote client, if the container is already running and the user asks to attach, we should just attach. This fixes issue #3011 Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3040 from TomSweeneyRedHat/dev/tsweeney/fixrunmdOpenShift Merge Robot2019-04-30
|\ \ \ \ | | | | | | | | | | Move --mount in run man page
| * | | | Move --mount in run man pageTomSweeneyRedHat2019-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `--mount` options was after the `--uts` option in the man page for run. This moves it up into alphabetical order. No other changes to the text. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #2982 from baude/remotecontainerpruneOpenShift Merge Robot2019-04-30
|\ \ \ \ \ | |/ / / / |/| | | | podman-remote prune containers
| * | | | podman-remote prune containersbaude2019-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | enable the ability to prune containers from the remote-command. this also includes the system prune command. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #3032 from baude/remotestopOpenShift Merge Robot2019-04-29
|\ \ \ \ \ | |_|_|_|/ |/| | | | podman-remote stop
| * | | | podman-remote stopbaude2019-04-29
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | add stop to the container subcommands for the remote client. the stop function is already done. this is a graphical change only. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3036 from baude/behaveOpenShift Merge Robot2019-04-29
|\ \ \ \ | | | | | | | | | | correct upstream vndr issues
| * | | | correct upstream vndr issuesbaude2019-04-29
|/ / / / | | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3015 from QiWang19/credsHOpenShift Merge Robot2019-04-29
|\ \ \ \ | | | | | | | | | | fix login supports credHelpers config
| * | | | fix login supports credHelpers configQi Wang2019-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Skip the error if login can't find credentials in credHelpers with credHelpers configed in auth.json and podman login will store the credentials in credHelpers later. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #3016 from rhatdan/vendorOpenShift Merge Robot2019-04-29
|\ \ \ \ \ | | | | | | | | | | | | Vendor in latest containers/storage and containers/buildah
| * | | | | Vendor in latest buildah codeDaniel J Walsh2019-04-26
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | | | Vendor in latest containers/storageDaniel J Walsh2019-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Should fix the issue on Windows platform. Lots of other fixes and enhancements. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #3025 from rhatdan/read-onlyOpenShift Merge Robot2019-04-29
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add --read-only-tmpfs options
| * | | | | | Add --read-only-tmpfs optionsDaniel J Walsh2019-04-26
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --read-only-tmpfs option caused podman to mount tmpfs on /run, /tmp, /var/tmp if the container is running int read-only mode. The default is true, so you would need to execute a command like --read-only --read-only-tmpfs=false to turn off this behaviour. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #2950 from giuseppe/podman-system-migrateOpenShift Merge Robot2019-04-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | system: add new subcommand "migrate"
| * | | | | | runtime: pass down the contextGiuseppe Scrivano2019-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | system: add new subcommand "migrate"Giuseppe Scrivano2019-04-26
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it is useful to migrate existing containers to a new version of podman. Currently, it is needed to migrate rootless containers that were created with podman <= 1.2 to a newer version which requires all containers to be running in the same user namespace. Closes: https://github.com/containers/libpod/issues/2935 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #3028 from baude/removemanualinstallOpenShift Merge Robot2019-04-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | remove manual install of libsystemd-dev
| * | | | | | remove manual install of libsystemd-devbaude2019-04-26
| | |/ / / / | |/| | | | | | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3019 from mheon/system_eventsOpenShift Merge Robot2019-04-26
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Add System event type and renumber, refresh events
| * | | | | Do not hard fail on non-decodable eventsMatthew Heon2019-04-26
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | | | Add System event type and renumber, refresh eventsMatthew Heon2019-04-25
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, re-add locking to file eventer Write() to protect against concurrent events. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #2991 from cevich/libsystemd_devOpenShift Merge Robot2019-04-26
|\ \ \ \ \ | |_|/ / / |/| | | | Libsystemd dev + newer runc
| * | | | Cirrus: Use freshly built imagesChris Evich2019-04-24
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-18 16:44:29 +0000