| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
Add support for secretRef and secretKeyRef to allow env vars to be set
from a secret. As K8S secrets are dictionaries the secret value must
be a JSON dictionary compatible with the data field of a K8S secret
object. The keys must consist of alphanumeric characters, '-', '_'
or '.', and the values must be base64 encoded strings.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In K8S the pod creation fails if an env var reference a non existing
config map key. It can be marked as optional, but per default it is
mandatory. Podman on the other hand always treat such references as
optional.
Rework envVarsFrom() and envVarValue() to additionaly return an error
and add support for the optional attribute in configMapRef and
configMapKeyRef.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
| |
|
|
|
|
|
|
|
|
|
| |
Rework envVarsFromConfigMap() and envVarValue() to simplify supporting
other env sources than config maps. For this we pass the whole spec
generator options struct as parameter instead of just the config maps
list. Then we rename envVarsFromConfigMap() to envVarsFrom() and in
envVarValue() we reposition the loop over the config maps to only run
it when a configMapRef element exists.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
| |\
| |
| | |
Fix list pods filter handling in libpod api
|
| | |
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \
| | |
| | | |
[NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS
|
| |/ /
| |
| | |
Signed-off-by: Natsuki <i@ntk.me>
|
| |\ \
| | |
| | | |
Remove resize race condition
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since podman-remote resize requests can come in at random times, this
generates a real potential for race conditions. We should only be
attempting to resize TTY on running containers, but the containers can
go from running to stopped at any time, and returning an error to the
caller is just causing noice.
This change will basically ignore requests to resize terminals if the
container is not running and return the caller to success. All other
callers will still return failure.
Fixes: https://github.com/containers/podman/issues/9831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
[NO TESTS NEEDED] Vendor in containers/buildah v1.20.0
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Use TMPDIR when commiting images
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes: https://github.com/containers/podman/issues/9825
Currently we are using TMPDIR for storaing temporary files
when building images, but not when you directly commit the images.
This change simply uses the TMPDIR environment variable if set
to store temporary files.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
Add RequiresMountsFor= to systemd generate
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It is rare but possible that storage locations for the graphroot and the
runroot are not mounted at boot time, and therefore might race when
doing container operations. An example we've seen in the wild is that a
slow tmpfs mount for the runroot would suddenly mount over /run, causing
the container to lose all currently-running data, requiring a system
refresh to get it back.
This patch adds RequiresMountsFor= to the systemd.unit header to ensure
the paths for both the graphroot and runroot are mounted prior to
starting any generated unit files.
Signed-off-by: Robb Manes <rmanes@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/vbauerster/mpb/v6-6.0.3
Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/vbauerster/mpb/v6](https://github.com/vbauerster/mpb) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/vbauerster/mpb/releases)
- [Commits](https://github.com/vbauerster/mpb/compare/v6.0.2...v6.0.3)
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[NO TESTS NEEDED] Rename podman machine create to init and clean up
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Rename podman machine create to init because we're initing a VM, not
really creating it
Wire up CPUs flag
Suppress QEMU GUI from popping up when not in debug mode
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
[NO TESTS NEEDED] Fix swapped dimensions from terminal.GetSize
|
| |/ / / /
| | | |
| | | |
| | | | |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Fix filters list/prune in image http compat/libpod api endpoints
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Correct json encoding field name for Namespace type
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
[NO TESTS NEEDED]
* When using the Namespace type, the field Value was json encoded
with the name "string" vs "value".
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
system tests: new interactive tests
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
socat can create a dummy PTY that we can manipulate. This
lets us run a variety of tests that we couldn't before,
involving "run -it", and stty, and even "load" with no args.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
introduce podman machine
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
clean up ci failures and add appropriate arch,os exclusion tags
Signed-off-by: baude <bbaude@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
--execute, -e allows to execute a command through ssh
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
podman machine allows podman to create, manage, and interact with a vm
running some form of linux (default is fcos). podman is then configured
to be able to interact with the vm automatically.
while this is usable on linux, the real push is to get this working on
both current apple architectures in macos.
Ashley Cui contributed to this PR and was a great help.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Podman machine will be a mac-only command that manages the VM where
containers are run. Currently, only the CLI is written and the interface
function for the VM management is stub for future developement
The podman machine cli is only built on mac builds.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Support multi doc yaml for generate/play kube
|
| | | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
image unit tests - make them pass on F34 with enforced short-name mode
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Since some unit tests use "busybox", we need to point it to some alias
if we want it to pass CI on F34 where we're running in enforced mode.
Furthermore, make sure that the registries.conf can actually be
overridden in the code.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Defer cleaning up the test artifacts as early as possible.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In contrast to `assert.NoError`, `require.NoError` treats mismatches
fatally which in many cases is necessary to prevent subsequent checks
from segfaulting.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Ensure manually-created volumes have correct ownership
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As part of a fix for an earlier bug (#5698) we added the ability
for Podman to chown volumes to correctly match the user running
in the container, even in adverse circumstances (where we don't
know the right UID/GID until very late in the process). However,
we only did this for volumes created automatically by a
`podman run` or `podman create`. Volumes made by
`podman volume create` do not get this chown, so their
permissions may not be correct. I've looked, and I don't think
there's a good reason not to do this chwon for all volumes the
first time the container is started.
I would prefer to do this as part of volume copy-up, but I don't
think that's really possible (copy-up happens earlier in the
process and we don't have a spec). There is a small chance, as
things stand, that a copy-up happens for one container and then
a chown for a second, unrelated container, but the odds of this
are astronomically small (we'd need a very close race between two
starting containers).
Fixes #9608
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.28.1
Bump github.com/containers/storage from 1.28.0 to 1.28.1
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.28.0...v1.28.1)
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/containers/common-0.35.4
Bump github.com/containers/common from 0.35.3 to 0.35.4
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.35.3 to 0.35.4.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.35.3...v0.35.4)
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[NO TESTS NEEDED] Fix rootless volume plugins
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
In a case of volume plugins with custom options.
Signed-off-by: Phoenix The Fallen <thephoenixofthevoid@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Check if stdin is a term in --interactive --tty mode
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If you are attempting to run a container in interactive mode, and want
a --tty, then there must be a terminal in use.
Docker exits right away when a user specifies to use a --interactive and
--TTY but the stdin is not a tty.
Currently podman will pull the image and then fail much later.
Podman will continue to run but will print an warning message.
Discussion in : https://github.com/containers/podman/issues/8916
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
[NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
Helps Fix https://github.com/containers/podman/issues/9765
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
