summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Cirrus: Add image-test for locked dpkgChris Evich2019-07-16
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use images w/o periodic svcsChris Evich2019-07-16
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Disable most periodic services/timersChris Evich2019-07-16
| | | | | | | | | | For CI testing, it's important to remove as much variability from the overall system as possible. This permits focusing just on problems closely related to code-changes. To this end, and because VMs are very short-lived (2 hours at most), disable all systemd services and timers which perform periodic activities. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #3546 from cevich/abstract_dest_branchOpenShift Merge Robot2019-07-16
|\ | | | | Cirrus: Abstract destination branch refs.
| * Cirrus: Abstract destination branch refs.Chris Evich2019-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Various tasks and scripts behave differently depending on whether or not the build is running against a PR or on a branch, post-merge. However, a great number of them are hard-coded to the string 'master' as the destination. Since this is not always the case (there are other relevant branches), it makes sense to abstract the references with a single definition. Add a top-level `$DEST_BRANCH` variable to CI, and otherwise default to 'master' when unset. This enables running CI builds on additional branches without the overhead of updating all the static references to 'master'. Simply update `$DEST_BRANCH` at the top-level and all branch-conditional logic will function as intended. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #3539 from stefanb2/topic-pr-3507-3525OpenShift Merge Robot2019-07-16
|\ \ | | | | | | Fix handling of healthcheck from image
| * | healthcheck: reject empty commandsStefan Becker2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | An image with "HEALTHCHECK CMD ['']" is valid but as there is no command defined the healthcheck will fail. Reject such a configuration. Fixes #3507 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
| * | create: ignore check if image has HEALTHCHECK NONEStefan Becker2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the image was built with "HEALTHCHECK NONE" then we should create a container without healthcheck configuration. Otherwise executing the healthcheck on the container will return "unhealthy" instead of the correct error message that the container doesn't have a healthcheck. We also ignore the healthcheck configuration if the command list is empty or the command string is empty. Fixes #3525 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
| * | create: apply defaults on image healthcheck optionsStefan Becker2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the image doesn't provide any options, e.g. interval, timeout, etc., then apply the Docker defaults when creating the container. Otherwise the defaults will be left 0 and podman doesn't schedule the healtcheck service & timer for the container or incorrectly reports unhealthy state when the check is executed. Fixes #3525 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
| * | healthcheck: improve command list parserStefan Becker2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - remove duplicate check, already called in HealthCheck() - reject zero-length command list and empty command string as errorneous - support all Docker command list keywords: NONE, CMD or CMD-SHELL - use Docker default "/bin/sh -c" for CMD-SHELL Fixes #3507 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | | Merge pull request #3513 from vrothberg/analysesOpenShift Merge Robot2019-07-16
|\ \ \ | |/ / |/| | Binary bloat analyses
| * | dependency/analyses: simplify scriptsValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | Credits to bash wizard @edsantiago for the changes. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | dependency-tree analysis: direct and transitiveValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | | | | Change the script to generate two files. One including direct dependencies, the other including direct and transitive dependencies. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | analyses: README: consistent code examplesValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | | | | Remove a blank line to make code examples more consistent and fix the path of the 2nd example. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | analyses: README: fix typosValentin Rothberg2019-07-16
| | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | analyses: add dependency-tree.shValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | Add a new analysis script to print the dependency tree. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | analyses: add README.mdValentin Rothberg2019-07-16
| | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | hack/analyses -> dependencies/analysesValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | | | | Move the analyses scripts to the dependencies directory to avoid scattering of the dependency management. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | hack/analyses/go-archive-analysis.sh: fix sortingValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | | | | Believe it or not: `sort -ruh` is loosing data while `sort -u | sort -rh` does not. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | add hack/analyses/nm-symbols-analysis.shValentin Rothberg2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The script allows for analyzing the symbols of a go binary passed as an argument. The tabular output looks as follows: 336 unicode/utf8.DecodeLastRune 323 unicode/utf8.DecodeLastRuneInString 518 unicode/utf8.DecodeRune 518 unicode/utf8.DecodeRuneInString 337 unicode/utf8.EncodeRune The first column indicates the size in bytes of the symbol in the second column. Note that only text symbols are considered, other symbols from the data or the bss segment are ignored to avoid information overload. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | analyse package sizesValentin Rothberg2019-07-16
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Analyse the size of all go-packages used during the build process via the newly added `hack/analyses/go-archive-analysis.sh` script. The script expects the `WORK` environment variable to be set, which points to a temporary work directory generated by `go build`. To generate such a work directory, set the `BUILDFLAGS="-work -a"`: * `-work` for creating the work directory * `-a` to force rebuilding all packages even when already cached The workflow may look as follows: ``` $ BUILDFLAGS="-work -a" make podman [...] WORK=/tmp/go-build127001249 $ WORK=/tmp/go-build127001249 ./hack/analyses/go-archive-analysis.sh ``` The output of the script has the format `$SIZE $PACKAGE` where $SIZE is the size of the compiled version of the go package (i.e., `.a` file) and $PACKAGE for the corresponding package, for instance, `math/big` for a stdlib package or vendor/... for vendored packages. Credits to the authors of https://github.com/jondot/goweight, which inspired this work. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #3574 from stefanb2/topic-health-cmd-parsingOpenShift Merge Robot2019-07-15
|\ \ | | | | | | Improve parser for --healthcheck-command
| * | create: improve parser for --healthcheck-commandStefan Becker2019-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix Docker CLI compatibility issue: the "--healthcheck-command" option value should not be split but instead be passed as single string to "CMD-SHELL", i.e. "/bin/sh -c <opt>". On the other hand implement the same extension as is already available for "--entrypoint", i.e. allow the option value to be a JSON array of strings. This will make life easier for tools like podman-compose. Updated "--healthcheck-command" option values in tests accordingly. Continuation of #3455 & #3507 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | | Merge pull request #3531 from haraldh/fix_ReplySendFileOpenShift Merge Robot2019-07-15
|\ \ \ | |_|/ |/| | Fix the double replySendFile()
| * | Fix the double replySendFile()Harald Hoyer2019-07-12
| | | | | | | | | | | | Signed-off-by: Harald Hoyer <harald@redhat.com>
* | | Merge pull request #3532 from mheon/ensure_store_on_refreshOpenShift Merge Robot2019-07-15
|\ \ \ | | | | | | | | Ensure we have a valid store when we refresh
| * | | Ensure we have a valid store when we refreshMatthew Heon2019-07-10
| | | | | | | | | | | | | | | | | | | | | | | | Fixes #3520 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3530 from deefin/deefin-3490-loggingOpenShift Merge Robot2019-07-14
|\ \ \ \ | |_|_|/ |/| | | Improves STD output/readability in combination
| * | | Improves STD output/readability in combinationdom finn2019-07-14
|/ / / | | | | | | | | | | | | | | | | | | | | | with debug output. Added \n char to specific standard output Signed-off-by: dom finn <dom.finn00@gmail.com>
* | | Merge pull request #3564 from giuseppe/cgroupsv2-no-controllers-last-pathOpenShift Merge Robot2019-07-13
|\ \ \ | | | | | | | | cgroupsv2: do not enable controllers for the last component
| * | | cgroupsv2: do not enable controllers for the last componentGiuseppe Scrivano2019-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | do not automatically enable the controllers for the last path component. It is necessary as once there are enabled controllers in a cgroup, it won't possible to add processes to it. Fix conmon being moved to the correct cgroup path when using --cgroup-manager cgroupfs. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #3563 from giuseppe/fix-single-mapping-rootlessOpenShift Merge Robot2019-07-12
|\ \ \ \ | | | | | | | | | | spec: fix userns with less than 5 gids
| * | | | spec: fix userns with less than 5 gidsGiuseppe Scrivano2019-07-12
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | when the container is running in a user namespace, check if gid=5 is available, otherwise drop the option gid=5 for /dev/pts. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #3537 from QiWang19/volumeabsOpenShift Merge Robot2019-07-12
|\ \ \ \ | | | | | | | | | | fix bug convert volume host path to absolute
| * | | | fix bug convert volume host path to absoluteQi Wang2019-07-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix #3504 If --volume host:dest host is not a named volume, convert the host to a absolute directory path. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #3534 from cevich/img_sys_tstOpenShift Merge Robot2019-07-12
|\ \ \ \ \ | |_|_|_|/ |/| | | | Cirrus: Execute system-tests during image-validation
| * | | | Cirrus: Update to freshly built cache-imagesChris Evich2019-07-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Execute system-tests during image-validationChris Evich2019-07-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Fix missing removal of packaged podmanChris Evich2019-07-12
|/ / / / | | | | | | | | | | | | | | | | | | | | This was originally intended, but somehow omitted from #1936 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3557 from rhatdan/envOpenShift Merge Robot2019-07-12
|\ \ \ \ | | | | | | | | | | Add support for --env-host
| * | | | Fix spelling mistakes in man pages and other docsDaniel J Walsh2019-07-11
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | | Add glob parsing for --env flagDaniel J Walsh2019-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes you want to add a few environmen variables based on the last field being a "*". Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | | Add support for -env-hostDaniel J Walsh2019-07-11
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This flag passes the host environment into the container. The basic idea is to leak all environment variables from the host into the container. Environment variables from the image, and passed in via --env and --env-file will override the host environment. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #3558 from mheon/fix_pod_removeOpenShift Merge Robot2019-07-11
|\ \ \ \ | | | | | | | | | | Fix a bug where ctrs could not be removed from pods
| * | | | Fix a bug where ctrs could not be removed from podsMatthew Heon2019-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using pod removal worked, but container removal was missing the most critical step - the actual removal. Must have been accidentally removed during a refactor. Fixes #3556 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #3552 from baude/golangcilint2OpenShift Merge Robot2019-07-11
|\ \ \ \ \ | | | | | | | | | | | | golangci-lint pass number 2
| * | | | | golangci-lint pass number 2baude2019-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | clean up and prepare to migrate to the golangci-linter Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3491 from giuseppe/rlimit-hostOpenShift Merge Robot2019-07-11
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman: add --ulimit host
| * | | | | | podman: add --ulimit hostGiuseppe Scrivano2019-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add a simple way to copy ulimit values from the host. if --ulimit host is used then the current ulimits in place are copied to the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | Merge pull request #3470 from QazerLab/docs/system-testsOpenShift Merge Robot2019-07-11
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Update the testing documentation with system tests.