| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
| |
Digests were used to compare local image and container image
Registry alias added for Image Policy
Refactored to integrate new feature + change some naming conventions
Tested this using a modified version of the docs autoupdate instructions & it worked successfully
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
|\
| |
| | |
[CI:DOCS] Add more documentation on conmon
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add podman run --timeout option
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This option allows users to specify the maximum amount of time to run
before conmon sends the kill signal to the container.
Fixes: https://github.com/containers/podman/issues/6412
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Cirrus: Update Ubuntu images to 21.04
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also simplify `lib.sh` after supporting changes incorporated
into automation library 2.x+ (present in all VM and container images).
* No need to force-load `/etc/profile` and handle it's expectation
to **not** being in `errexit` mode.
* Slightly re-arrange loading of automation library files for
clarity.
* Update comments.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Namely the Ubuntu 21.04 Kernel does not support BFQ. Regardless of the
distro. skip this test if the required cgroup node doesn't exist.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Allow docker volume create API to pass without name
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The Docker API does not require Volume name to be specified when
creating a volume.
Fixes: https://github.com/containers/podman/issues/9803
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
[CI:DOCS] rootless: Tell the user what was led to the error, not just what it is
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Users coming e.g. from Docker do not always read the manual and
expect podman to not require sudo or uidmap, for them the default
message is not very helpful:
Error: Cannot connect to the Podman socket, make sure there is a Podman REST API service running.:
cannot find newuidmap: exec: "newuidmap": executable file not found in $PATH
Adding a bit more context to this would help to nudge them into the
right direction and tell them what to look for in the documentation:
command required for rootless mode with multiple IDs: exec: "newuidmap": executable file not found in $PATH
Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>
[NO TESTS NEEDED]
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Restore missing content to manpages
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The following content was omitted:
- Text after the first markdown link on a line to the end of the last
(in lines with multiple markdown links)
- Email addresses of the form <a...@...>
Fixed by:
- Making the first two regexes match each link individually, instead
of matching from the start of the first link to the end of the last
- Making the last regex specifically match <a> and </a> tags
Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
|
|\ \ \
| | | |
| | | | |
Fixes generate kube incorrect when bind-mounting "/" and "/root"
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Fix rootlesskit port forwarder with custom slirp cidr
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The source ip for the rootlesskit port forwarder was hardcoded to the
standard slirp4netns ip. This is incorrect since users can change the
subnet used by slirp4netns with `--network slirp4netns:cidr=10.5.0.0/24`.
The container interface ip is always the .100 in the subnet. Only when
the rootlesskit port forwarder child ip matches the container interface
ip the port forwarding will work.
Fixes #9828
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \
| | | | |
| | | | | |
Fix podman ps --filter ancestor to match exact ImageName/ImageID
|
| | |_|/
| |/| |
| | | |
| | | | |
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix images prune filter until
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commits fixes until filter. It is now checking if the created
timestamp is before until filter value as expected in the docs.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] Fix logic for pushing stable multi-arch images
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The intention is to only push an image if there is ***NOT*** an existing
tag. The original logic for this condition was inverted.
Also, improve radability of the `{container,podman}_push=true`
statements.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
libpod/image: unit tests: don't use system's registries.conf.d
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This should make the unit tests pass on updated CI images.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
[NO TESTS NEEDED] Add machine-enabled to containers.conf for machine
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add machine-enabled=true into /etc/containers/containers.conf when
initing a VM. This field should tell Podman it's being run in a
podman-machine and it will be used in future to tell podman to set up
other necessary machine stuff such as networking
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Several multi-arch image build/push fixes
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Fix not setting `$VERSION` before reference
* Reduce need for "syntax-hilighting workaround` comment.
Simplify context-expressions -> simple env. var. referenmces
* Fix pushing quay.io/containers/podman:master twice
('upstream' and 'testing' matrix items)
* Throw error on unknown/unsupported matrix items
* Improve readability of setting multi-line `$LABELS` value.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add support for CDI device configuration
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Persist CDIDevices in container config
- Add e2e test
- Log HasDevice error and add additional condition for safety
Signed-off-by: Sebastian Jug <seb@stianj.ug>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | |
| | | | |
| | | | | |
giuseppe/create-userns-for-root-without-CAP_SYS_ADMIN
runtime: create userns when CAP_SYS_ADMIN is not present
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
when deciding to create a user namespace, check for CAP_SYS_ADMIN
instead of looking at the euid.
[NO TESTS NEEDED] Needs nested Podman
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
when creating a user namespace, attempt to create it first by copying
the current mappings and then fallback to the other methods:
1) use newidmap tools and ...
2) create a user namespace with a single user mapped.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
[CI:DOCS] Fix Markdown layout bugs
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add missing backticks to mark the end
of the code block.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Add github-action workflow to build/push multi-arch
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This borrows very heavily from the work done for buildah by @barthy1 -
Yulia Gaponenko <yulia.gaponenko1@de.ibm.com>. Some changes to code and
comments made for clarity and specificity.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Parse slirp4netns net options with compat api
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Parse the slirp4netns network options when called via compat api. The
options must be extracted from the NetworkMode string.
Fixes #10110
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Fix removal race condition in ListContainers
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It is possible that a container is removed between fetching the
initial list of containers and the second access during conversion.
Closes #10120
[NO TESTS NEEDED]
Signed-off-by: Jakob Ahrer <jakob@ahrer.dev>
|
|\ \ \ \
| |_|/ /
|/| | | |
Add go template shell completion for --format
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The --format flags accepts go template strings. I use this often but I
consistently forget the field names. This commit adds a way to provide
shell completion for the --format flag. It works by automatically
receiving the field names with the reflect package from the given
struct. This requires almost no maintenance since this ensures that we
always use the correct field names. This also works for nested structs.
```
$ podman ps --format "{{.P"
{{.Pid}} {{.PIDNS}} {{.Pod}} {{.PodName}} {{.Ports}}
```
NOTE: This only works when you use quotes otherwise the shell does not
provide completions. Also this does not work for fish at the moment.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \
| |_|/ /
|/| | | |
Add '--group-add keep-groups': supplementary groups into container
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Currently we have rootless users who want to leak their groups access
into containers, but this group access is only able to be pushed in by
a hard to find OCI Runtime annotation. This PR makes this option a lot
more visable and hides the complexity within the podman client.
This option is only really needed for local rootless users. It makes
no sense for remote clients, and probably makes little sense for
rootfull containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/common-0.37.0
Bump github.com/containers/common from 0.36.0 to 0.37.0
|