summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Autoupdate local label functionalParker Van Roy2021-04-28
| | | | | | | | | | | | Digests were used to compare local image and container image Registry alias added for Image Policy Refactored to integrate new feature + change some naming conventions Tested this using a modified version of the docs autoupdate instructions & it worked successfully Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* Merge pull request #10134 from rhatdan/conmonOpenShift Merge Robot2021-04-27
|\ | | | | [CI:DOCS] Add more documentation on conmon
| * Add more documentation on conmonDaniel J Walsh2021-04-27
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10119 from rhatdan/timeoutOpenShift Merge Robot2021-04-27
|\ \ | | | | | | Add podman run --timeout option
| * | Add podman run --timeout optionDaniel J Walsh2021-04-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | This option allows users to specify the maximum amount of time to run before conmon sends the kill signal to the container. Fixes: https://github.com/containers/podman/issues/6412 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10137 from cevich/update_ubuntu_2104OpenShift Merge Robot2021-04-27
|\ \ \ | | | | | | | | Cirrus: Update Ubuntu images to 21.04
| * | | Cirrus: Update Ubuntu images to 21.04Chris Evich2021-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also simplify `lib.sh` after supporting changes incorporated into automation library 2.x+ (present in all VM and container images). * No need to force-load `/etc/profile` and handle it's expectation to **not** being in `errexit` mode. * Slightly re-arrange loading of automation library files for clarity. * Update comments. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | Skip blkio-weight test when no kernel BFQ supportChris Evich2021-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Namely the Ubuntu 21.04 Kernel does not support BFQ. Regardless of the distro. skip this test if the required cgroup node doesn't exist. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #10149 from rhatdan/volumeOpenShift Merge Robot2021-04-27
|\ \ \ \ | |_|_|/ |/| | | Allow docker volume create API to pass without name
| * | | Allow docker volume create API to pass without nameDaniel J Walsh2021-04-27
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | The Docker API does not require Volume name to be specified when creating a volume. Fixes: https://github.com/containers/podman/issues/9803 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9788 from andrewshadura/rootless-friendly-errorOpenShift Merge Robot2021-04-27
|\ \ \ | |/ / |/| | [CI:DOCS] rootless: Tell the user what was led to the error, not just what it is
| * | rootless: Tell the user what was led to the error, not just what it isAndrej Shadura2021-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Users coming e.g. from Docker do not always read the manual and expect podman to not require sudo or uidmap, for them the default message is not very helpful: Error: Cannot connect to the Podman socket, make sure there is a Podman REST API service running.: cannot find newuidmap: exec: "newuidmap": executable file not found in $PATH Adding a bit more context to this would help to nudge them into the right direction and tell them what to look for in the documentation: command required for rootless mode with multiple IDs: exec: "newuidmap": executable file not found in $PATH Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk> [NO TESTS NEEDED]
* | | Merge pull request #10132 from rcowsill/restore-lost-textOpenShift Merge Robot2021-04-27
|\ \ \ | | | | | | | | [CI:DOCS] Restore missing content to manpages
| * | | [CI:DOCS] Restore missing content to manpagesRob Cowsill2021-04-25
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following content was omitted: - Text after the first markdown link on a line to the end of the last (in lines with multiple markdown links) - Email addresses of the form <a...@...> Fixed by: - Making the first two regexes match each link individually, instead of matching from the start of the first link to the end of the last - Making the last regex specifically match <a> and </a> tags Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
* | | Merge pull request #10136 from zhangguanzhang/generate-kube-volumeOpenShift Merge Robot2021-04-27
|\ \ \ | | | | | | | | Fixes generate kube incorrect when bind-mounting "/" and "/root"
| * | | Fixes generate kube incorrect when bind-mounting "/" and "/root"zhangguanzhang2021-04-26
| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | Merge pull request #9941 from Luap99/fix-9828OpenShift Merge Robot2021-04-27
|\ \ \ \ | |_|_|/ |/| | | Fix rootlesskit port forwarder with custom slirp cidr
| * | | Fix rootlesskit port forwarder with custom slirp cidrPaul Holzinger2021-04-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The source ip for the rootlesskit port forwarder was hardcoded to the standard slirp4netns ip. This is incorrect since users can change the subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`. The container interface ip is always the .100 in the subnet. Only when the rootlesskit port forwarder child ip matches the container interface ip the port forwarding will work. Fixes #9828 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | Merge pull request #10074 from flouthoc/ancestor-truncate-bugOpenShift Merge Robot2021-04-26
|\ \ \ \ | | | | | | | | | | Fix podman ps --filter ancestor to match exact ImageName/ImageID
| * | | | Fix podman ps --filter ancestor to match exact ImageName/ImageIDflouthoc2021-04-25
| | |_|/ | |/| | | | | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | Merge pull request #10144 from jmguzik/fix-prune-until-filter-imagesOpenShift Merge Robot2021-04-26
|\ \ \ \ | | | | | | | | | | Fix images prune filter until
| * | | | Fix images prune filter untilJakub Guzik2021-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commits fixes until filter. It is now checking if the created timestamp is before until filter value as expected in the docs. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | | | Merge pull request #10142 from cevich/fix_push_logicOpenShift Merge Robot2021-04-26
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] Fix logic for pushing stable multi-arch images
| * | | | | Fix logic for pushing stable multi-arch imagesChris Evich2021-04-26
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The intention is to only push an image if there is ***NOT*** an existing tag. The original logic for this condition was inverted. Also, improve radability of the `{container,podman}_push=true` statements. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #10140 from vrothberg/image-unitOpenShift Merge Robot2021-04-26
|\ \ \ \ \ | | | | | | | | | | | | libpod/image: unit tests: don't use system's registries.conf.d
| * | | | | libpod/image: unit tests: don't use system's registries.conf.dValentin Rothberg2021-04-26
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | This should make the unit tests pass on updated CI images. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #10125 from ashley-cui/machenabledOpenShift Merge Robot2021-04-26
|\ \ \ \ \ | |/ / / / |/| | | | [NO TESTS NEEDED] Add machine-enabled to containers.conf for machine
| * | | | Add machine-enabled to containers.conf for machineAshley Cui2021-04-23
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add machine-enabled=true into /etc/containers/containers.conf when initing a VM. This field should tell Podman it's being run in a podman-machine and it will be used in future to tell podman to set up other necessary machine stuff such as networking [NO TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #10123 from cevich/fix_multi_arch_imageOpenShift Merge Robot2021-04-26
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Several multi-arch image build/push fixes
| * | | | Several multi-arch image build/push fixesChris Evich2021-04-23
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix not setting `$VERSION` before reference * Reduce need for "syntax-hilighting workaround` comment. Simplify context-expressions -> simple env. var. referenmces * Fix pushing quay.io/containers/podman:master twice ('upstream' and 'testing' matrix items) * Throw error on unknown/unsupported matrix items * Improve readability of setting multi-line `$LABELS` value. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #10081 from sjug/cdi_device_libOpenShift Merge Robot2021-04-26
|\ \ \ \ | | | | | | | | | | Add support for CDI device configuration
| * | | | Add support for CDI device configurationSebastian Jug2021-04-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Persist CDIDevices in container config - Add e2e test - Log HasDevice error and add additional condition for safety Signed-off-by: Sebastian Jug <seb@stianj.ug>
* | | | | Merge pull request #10079 from ↵OpenShift Merge Robot2021-04-26
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | giuseppe/create-userns-for-root-without-CAP_SYS_ADMIN runtime: create userns when CAP_SYS_ADMIN is not present
| * | | | runtime: create userns when CAP_SYS_ADMIN is not presentGiuseppe Scrivano2021-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when deciding to create a user namespace, check for CAP_SYS_ADMIN instead of looking at the euid. [NO TESTS NEEDED] Needs nested Podman Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | rootless: attempt to copy current mappings firstGiuseppe Scrivano2021-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when creating a user namespace, attempt to create it first by copying the current mappings and then fallback to the other methods: 1) use newidmap tools and ... 2) create a user namespace with a single user mapped. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | rootless: if root is not sub?id raise a debug messageGiuseppe Scrivano2021-04-22
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #10131 from eriksjolund/fix_markdown_layout_bugsOpenShift Merge Robot2021-04-25
|\ \ \ \ \ | |_|_|/ / |/| | | | [CI:DOCS] Fix Markdown layout bugs
| * | | | [CI:DOCS] Fix Markdown layout bugsErik Sjölund2021-04-25
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | * Add missing backticks to mark the end of the code block. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #10107 from cevich/multi_arch_imagesOpenShift Merge Robot2021-04-23
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Add github-action workflow to build/push multi-arch
| * | | | Add github-action workflow to build/push multi-archChris Evich2021-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This borrows very heavily from the work done for buildah by @barthy1 - Yulia Gaponenko <yulia.gaponenko1@de.ibm.com>. Some changes to code and comments made for clarity and specificity. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #10122 from Luap99/fix-10110OpenShift Merge Robot2021-04-23
|\ \ \ \ \ | | | | | | | | | | | | Parse slirp4netns net options with compat api
| * | | | | Parse slirp4netns net options with compat apiPaul Holzinger2021-04-23
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Parse the slirp4netns network options when called via compat api. The options must be extracted from the NetworkMode string. Fixes #10110 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | Merge pull request #10121 from SoMuchForSubtlety/masterOpenShift Merge Robot2021-04-23
|\ \ \ \ \ | |/ / / / |/| | | | Fix removal race condition in ListContainers
| * | | | Fix removal race condition in ListContainersSoMuchForSubtlety2021-04-23
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is possible that a container is removed between fetching the initial list of containers and the second access during conversion. Closes #10120 [NO TESTS NEEDED] Signed-off-by: Jakob Ahrer <jakob@ahrer.dev>
* | | | Merge pull request #10099 from Luap99/format-completionOpenShift Merge Robot2021-04-22
|\ \ \ \ | |_|/ / |/| | | Add go template shell completion for --format
| * | | Add go template shell completion for --formatPaul Holzinger2021-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --format flags accepts go template strings. I use this often but I consistently forget the field names. This commit adds a way to provide shell completion for the --format flag. It works by automatically receiving the field names with the reflect package from the given struct. This requires almost no maintenance since this ensures that we always use the correct field names. This also works for nested structs. ``` $ podman ps --format "{{.P" {{.Pid}} {{.PIDNS}} {{.Pod}} {{.PodName}} {{.Ports}} ``` NOTE: This only works when you use quotes otherwise the shell does not provide completions. Also this does not work for fish at the moment. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | Merge pull request #9495 from rhatdan/groupsOpenShift Merge Robot2021-04-22
|\ \ \ \ | |_|/ / |/| | | Add '--group-add keep-groups': supplementary groups into container
| * | | Add --group-add keep-groups: suplimentary groups into containerDaniel J Walsh2021-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we have rootless users who want to leak their groups access into containers, but this group access is only able to be pushed in by a hard to find OCI Runtime annotation. This PR makes this option a lot more visable and hides the complexity within the podman client. This option is only really needed for local rootless users. It makes no sense for remote clients, and probably makes little sense for rootfull containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | Fixes from make codespellDaniel J Walsh2021-04-21
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #10113 from ↵OpenShift Merge Robot2021-04-22
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.37.0 Bump github.com/containers/common from 0.36.0 to 0.37.0