summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* get_ci_vm.sh: Fix conflicting homedir filesChris Evich2019-03-01
| | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the script would bind mount the user's home directory into the container in order to execute gcloud commands. This was done to preserve the `.config/gcloud` directory and new ssh keys in `.ssh`. However, it's possible the user has modified `.bash*` or `.ssh/config` files which do not play nicely with gcloud and/or the container. Fix this by mounting the existing temporary directory on the host, as the user's home directory. Then bind mount in a dedicated `gcloud/ssh` sub-directory, and the libpod repo directory on top. Pre-create the necessary mount-points as the user, so later removal does not require root on the host. The gcloud tool takes minutes to setup/manage its ssh-keys, so preserving that work between runs is a necessary optimization. Similarly, saving the `.gcloud` directory prevents repeatedly going through the lengthy client-auth process. Overall, these changes make the container environment much more selective with the host-side data it has access to use/modify. Preventing unrelated details from getting in the way, and preserving only the bare-minimum of details on the host, between runs. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #2486 from edsantiago/podman_command_compareEd Santiago2019-03-01
|\ | | | | podman-commands script: refactor
| * podman-commands script: refactorEd Santiago2019-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make more general-purpose: instead of hardcoding a list of known subcommands, and duplicating sed pipelines for each, rely on 'podman help' itself to tell us which podman commands have subcommands; and examine each in turn. Should there ever be new subcommands, this will identify and test them. A special case is needed for 'podman image trust', whose documentation format doesn't match the others. The change to `common.go` fixes an inconsistency: the Usage message for commands with subcommands had an unnecessary blank line, making it harder to parse automatically. This simply produces consistent Usage messages for all podman commands. This script will not pass until #2480 is merged. After that, the goal is to add this as a CI hook. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #2493 from edsantiago/broken_doc_linksEd Santiago2019-03-01
|\ \ | | | | | | Fix link inconsistencies in man pages
| * | Fix link inconsistencies in man pagesEd Santiago2019-03-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Found via: for i in docs/*.md;do x=$(perl -ne 'if (/\[(podman-.*?)\(1\)\]\((podman-.*?)\.1\.md/) { print " $1 != $2\n" if $1 ne $2; print " ENOENT $2\n" unless -e "docs/$2.1.md" }' <$i); if [ -n "$x" ]; then echo $i; echo "$x";fi;done ...which is probably a good candidate for another CI hook, except I have no idea how to rewrite it in awk. Additionally, mark `podman refresh` and `podman container refresh` as hidden, remove its man page, and remove references to it from all other man pages. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #2481 from cevich/sysexec_waitcompleteOpenShift Merge Robot2019-03-01
|\ \ \ | | | | | | | | Fix SystemExec completion race
| * | | Fix SystemExec completion raceChris Evich2019-03-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some callers assume when SystemExec returns, the command has completed. Other callers explicitly wait for completion (as required). However, forgetting to do that is an incredibly easy mistake to make. Fix this by adding an explicit parameter to the function. This requires every caller to deliberately state whether or not a completion-check is required. Also address **many** resource naming / cleanup completion-races. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #2492 from rhatdan/pullOpenShift Merge Robot2019-03-01
|\ \ \ \ | |_|/ / |/| | | Should be defaulting to pull not pull-always
| * | | Should be defaulting to pull not pull-alwaysDaniel J Walsh2019-02-28
|/ / / | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #2484 from rhatdan/manOpenShift Merge Robot2019-02-28
|\ \ \ | | | | | | | | No podman container ps command exists
| * | | Move Alias lines to descriptions of commandsDaniel J Walsh2019-02-28
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | No podman container ps command existsDaniel J Walsh2019-02-28
| | |/ | |/| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #2461 from adrianreber/disableOpenShift Merge Robot2019-02-28
|\ \ \ | |_|/ |/| | Skip checkpoint/restore tests on Fedora for now
| * | Skip checkpoint/restore tests on Fedora for nowAdrian Reber2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is currently still one SELinux related checkpoint/restore problem: https://github.com/containers/libpod/issues/2334 To avoid unnecessary CI failures the checkpoint/restore tests are temporarily disabled on Fedora. It is not necessary to disable the tests on Ubuntu as it is running without SELinux and it is also not necessary to disable the RHEL 7 tests as RHEL's CRIU is too old to run the checkpoint/restore tests at all. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Merge pull request #2490 from TomSweeneyRedHat/dev/tsweeney/fixbaseOpenShift Merge Robot2019-02-28
|\ \ \ | | | | | | | | Fix -s to --storage-driver in baseline test
| * | | Fix -s to --storage-driver in baseline testTomSweeneyRedHat2019-02-28
| | |/ | |/| | | | | | | | | | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Changes the short option `-s` to the fully specified `--storage-driver`. The short version is no longer supported.
* | | Merge pull request #2487 from haircommander/exec_attahcOpenShift Merge Robot2019-02-28
|\ \ \ | | | | | | | | Allow Exec API user to override streams
| * | | Allow Exec API user to override streamsPeter Hunt2019-02-28
| | | | | | | | | | | | | | | | | | | | | | | | Allow passing in of AttachStreams to libpod.Exec() for usage in podman healthcheck. An API caller can now specify different streams for stdout, stderr and stdin, or no streams at all. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #2479 from giuseppe/rootless-give-uidmaptools-errorOpenShift Merge Robot2019-02-28
|\ \ \ \ | |_|/ / |/| | | rootless, new[ug]idmap: on failure add output
| * | | rootless, new[ug]idmap: on failure add outputGiuseppe Scrivano2019-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | if any of the mapping tools for setting up the user namespace fail, then include their output in the error message. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #2480 from baude/clifixupsOpenShift Merge Robot2019-02-28
|\ \ \ \ | |_|/ / |/| | | fix up a number of misplace commands
| * | | fix up a number of misplace commandsbaude2019-02-28
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | * ps now on main command * sign is no longer on main commmand * ls, list no longer are valid main aliases for images * ls, list does work for podman image Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2478 from baude/portbz1683734OpenShift Merge Robot2019-02-28
|\ \ \ | |/ / |/| | podman port fix output
| * | podman port fix outputbaude2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | list a portion of the container id and the ports exposed on the same line. when using all, if no ports are exposed, do not list the container id. Also, shorten the container id to a len of 12 like other container commands. Fixes bugzilla #1683734 Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2470 from rhatdan/manOpenShift Merge Robot2019-02-28
|\ \ \ | | | | | | | | Clean up man pages to match commands
| * | | Clean up man pages to match commandsDaniel J Walsh2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | Also add podman-commands.sh to compare man pages to commands. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #2476 from mheon/fix_stopOpenShift Merge Robot2019-02-28
|\ \ \ \ | |_|/ / |/| | | Fix ignored --stop-timeout flag to 'podman create'
| * | | Fix ignored --time argument to podman restartMatthew Heon2019-02-27
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Fix four errors tagged by Cobra macro debuggingMatthew Heon2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Three flags are unimplemented (never implemented) One had an incorrect retrieval macro Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Add debugging for errors to Cobra compatibility macrosMatthew Heon2019-02-27
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Fix ignored --stop-timeout flag to 'podman create'Matthew Heon2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also add some extra debug information to help figure out what's going on when stop goes bad. Fixes: #2472 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #2474 from giuseppe/fix-fips-mode-with-namespacesOpenShift Merge Robot2019-02-28
|\ \ \ \ | | | | | | | | | | secrets: fix fips-mode with user namespaces
| * | | | secrets: fix fips-mode with user namespacesGiuseppe Scrivano2019-02-27
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using a user namespace, we create the mount point under `mountPrefix` so that the uid != 0 can access that directory. Change the addFIPSModeSecret code to honor that, and also ensure we are creating the directories with the right ownership. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #2475 from edsantiago/podman_create_interspersedOpenShift Merge Robot2019-02-27
|\ \ \ \ | | | | | | | | | | podman create: disable interspersed opts
| * | | | podman create: disable interspersed optsEd Santiago2019-02-27
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the change to cobra, the following command fails: # podman create alpine sh -c /bin/true Error: unknown shorthand flag: 'c' in -c (Correct behavior is to pass '-c' to the container command) This PR corrects that. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #2463 from edsantiago/missed_some_synopsesOpenShift Merge Robot2019-02-27
|\ \ \ \ | | | | | | | | | | Followup to #2456: update examples, add trust
| * | | | fixup! Incorporate review feedbackEd Santiago2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per tsweeney, add back the original examples Signed-off-by: Ed Santiago <santiago@redhat.com>
| * | | | fixup! missed some more:Ed Santiago2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - [flags] in generate-kube - optional [IMAGE] in images Signed-off-by: Ed Santiago <santiago@redhat.com>
| * | | | fixup! Correction to 'checkpoint'Ed Santiago2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...it's a subcommand of 'podman container' Signed-off-by: Ed Santiago <santiago@redhat.com>
| * | | | Followup to #2456: update examples, add trustEd Santiago2019-02-27
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | - belatedly incorporate review feedback from baude - add usage synopsis for trust-set and trust-show Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #2471 from baude/clifixupsOpenShift Merge Robot2019-02-27
|\ \ \ \ | | | | | | | | | | fix up a number of misplace commands
| * | | | fix up a number of misplace commandsbaude2019-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ps now on main command * sign is no longer on main commmand * ls, list no longer are valid main aliases for images * ls, list does work for podman image Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #2464 from mheon/build_test_no_varlinkOpenShift Merge Robot2019-02-27
|\ \ \ \ \ | |_|/ / / |/| | | | Add a task to Cirrus gating to build w/o Varlink
| * | | | Add a task to Cirrus gating to build w/o VarlinkMatthew Heon2019-02-27
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | We had a regression on master where we broke the build for non-Varlink builds. Catch this in CI in the future. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #2465 from mheon/fix_build_varlinkOpenShift Merge Robot2019-02-27
|\ \ \ \ | |/ / / |/| | | Fix build for non-Varlink-tagged Podman
| * | | Fix build for non-Varlink-tagged PodmanMatthew Heon2019-02-27
| |/ / | | | | | | | | | | | | | | | Fixes #2459 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #2431 from baude/remotereadmeOpenShift Merge Robot2019-02-27
|\ \ \ | |/ / |/| | podman remote-client readme
| * | podman remote-client readmebaude2019-02-26
| | | | | | | | | | | | | | | | | | addition of a remote-client readme. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2454 from mheon/all_your_defaults_belong_to_libpodOpenShift Merge Robot2019-02-27
|\ \ \ | | | | | | | | Move all storage configuration defaults into libpod
| * | | Centralize setting default volume pathMatthew Heon2019-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | No reason to do it in util/ anymore. It's always going to be a subdirectory of c/storage graph root by default, so we can just set it after the return. Signed-off-by: Matthew Heon <matthew.heon@pm.me>