| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the script would bind mount the user's home directory into
the container in order to execute gcloud commands. This was done
to preserve the `.config/gcloud` directory and new ssh keys in `.ssh`.
However, it's possible the user has modified `.bash*` or `.ssh/config`
files which do not play nicely with gcloud and/or the container.
Fix this by mounting the existing temporary directory on the host, as
the user's home directory. Then bind mount in a dedicated `gcloud/ssh`
sub-directory, and the libpod repo directory on top. Pre-create the
necessary mount-points as the user, so later removal does not require
root on the host.
The gcloud tool takes minutes to setup/manage its ssh-keys, so preserving
that work between runs is a necessary optimization. Similarly, saving the
`.gcloud` directory prevents repeatedly going through the lengthy
client-auth process.
Overall, these changes make the container environment much more selective
with the host-side data it has access to use/modify. Preventing unrelated
details from getting in the way, and preserving only the bare-minimum of
details on the host, between runs.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
podman-commands script: refactor
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make more general-purpose: instead of hardcoding a list
of known subcommands, and duplicating sed pipelines for
each, rely on 'podman help' itself to tell us which
podman commands have subcommands; and examine each
in turn. Should there ever be new subcommands, this
will identify and test them.
A special case is needed for 'podman image trust', whose
documentation format doesn't match the others.
The change to `common.go` fixes an inconsistency: the
Usage message for commands with subcommands had an
unnecessary blank line, making it harder to parse
automatically. This simply produces consistent
Usage messages for all podman commands.
This script will not pass until #2480 is merged.
After that, the goal is to add this as a CI hook.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Fix link inconsistencies in man pages
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Found via:
for i in docs/*.md;do x=$(perl -ne 'if (/\[(podman-.*?)\(1\)\]\((podman-.*?)\.1\.md/) { print " $1 != $2\n" if $1 ne $2; print " ENOENT $2\n" unless -e "docs/$2.1.md" }' <$i); if [ -n "$x" ]; then echo $i; echo "$x";fi;done
...which is probably a good candidate for another CI hook,
except I have no idea how to rewrite it in awk.
Additionally, mark `podman refresh` and `podman container refresh`
as hidden, remove its man page, and remove references to it from
all other man pages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix SystemExec completion race
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Some callers assume when SystemExec returns, the command has completed.
Other callers explicitly wait for completion (as required). However,
forgetting to do that is an incredibly easy mistake to make. Fix this
by adding an explicit parameter to the function. This requires
every caller to deliberately state whether or not a completion-check
is required.
Also address **many** resource naming / cleanup completion-races.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Should be defaulting to pull not pull-always
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
No podman container ps command exists
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Skip checkpoint/restore tests on Fedora for now
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There is currently still one SELinux related checkpoint/restore problem:
https://github.com/containers/libpod/issues/2334
To avoid unnecessary CI failures the checkpoint/restore tests are
temporarily disabled on Fedora.
It is not necessary to disable the tests on Ubuntu as it is running
without SELinux and it is also not necessary to disable the RHEL 7 tests
as RHEL's CRIU is too old to run the checkpoint/restore tests at all.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix -s to --storage-driver in baseline test
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Changes the short option `-s` to the fully specified `--storage-driver`.
The short version is no longer supported.
|
|\ \ \
| | | |
| | | | |
Allow Exec API user to override streams
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Allow passing in of AttachStreams to libpod.Exec() for usage in podman healthcheck. An API caller can now specify different streams for stdout, stderr and stdin, or no streams at all.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
rootless, new[ug]idmap: on failure add output
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
if any of the mapping tools for setting up the user namespace fail,
then include their output in the error message.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
fix up a number of misplace commands
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* ps now on main command
* sign is no longer on main commmand
* ls, list no longer are valid main aliases for images
* ls, list does work for podman image
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
podman port fix output
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
list a portion of the container id and the ports exposed on the same
line. when using all, if no ports are exposed, do not list the container
id. Also, shorten the container id to a len of 12 like other container
commands.
Fixes bugzilla #1683734
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Clean up man pages to match commands
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also add podman-commands.sh to compare man pages to commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Fix ignored --stop-timeout flag to 'podman create'
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Three flags are unimplemented (never implemented)
One had an incorrect retrieval macro
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also add some extra debug information to help figure out what's
going on when stop goes bad.
Fixes: #2472
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| | | | |
| | | | | |
secrets: fix fips-mode with user namespaces
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When using a user namespace, we create the mount point under
`mountPrefix` so that the uid != 0 can access that directory.
Change the addFIPSModeSecret code to honor that, and also ensure we
are creating the directories with the right ownership.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podman create: disable interspersed opts
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With the change to cobra, the following command fails:
# podman create alpine sh -c /bin/true
Error: unknown shorthand flag: 'c' in -c
(Correct behavior is to pass '-c' to the container command)
This PR corrects that.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Followup to #2456: update examples, add trust
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Per tsweeney, add back the original examples
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- [flags] in generate-kube
- optional [IMAGE] in images
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
...it's a subcommand of 'podman container'
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- belatedly incorporate review feedback from baude
- add usage synopsis for trust-set and trust-show
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
fix up a number of misplace commands
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* ps now on main command
* sign is no longer on main commmand
* ls, list no longer are valid main aliases for images
* ls, list does work for podman image
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Add a task to Cirrus gating to build w/o Varlink
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We had a regression on master where we broke the build for
non-Varlink builds. Catch this in CI in the future.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |/ / /
|/| | | |
Fix build for non-Varlink-tagged Podman
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
Fixes #2459
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
podman remote-client readme
|
| | |
| | |
| | |
| | |
| | |
| | | |
addition of a remote-client readme.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Move all storage configuration defaults into libpod
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
No reason to do it in util/ anymore. It's always going to be a
subdirectory of c/storage graph root by default, so we can just
set it after the return.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|