summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Ensure the Volumes field in Compat Create is honoredMatthew Heon2021-01-26
| | | | | | | | | | | | | | | | Docker has, for unclear reasons, three separate fields in their Create Container struct in which volumes can be placed. Right now we support two of those - Binds and Mounts, which (roughly) correspond to `-v` and `--mount` respectively. Unfortunately, we did not support the third, `Volumes`, which is used for anonymous named volumes created by `-v` (e.g. `-v /test`). It seems that volumes listed here are *not* included in the remaining two from my investigation, so it should be safe to just append them into our handling of the `Binds` (`-v`) field. Fixes #8649 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #9106 from baude/issue9104OpenShift Merge Robot2021-01-26
|\ | | | | [CI:DOCS]update state of restful service
| * [CI:DOCS]update state of restful servicebaude2021-01-26
| | | | | | | | | | | | | | | | | | | | we have not updated the state of the restful service. it is no longer considered under development. additionally, clarified our support of remote clients. Fixes: #9104 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #9029 from mergetb/masterOpenShift Merge Robot2021-01-26
|\ \ | | | | | | [CI:DOCS] api: fix import image swagger definition
| * | api: fix import image swagger definitionRyan Goodfellow2021-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | The podman API implementation only accepts image uploads with the applicatoin/x-tar content type, however the generated swagger documentation currently states this should be a form encoded file with the content type application/x-www-form-urlencoded which does not work. Signed-off-by: Ryan Goodfellow <rgoodfel@isi.edu>
* | | Merge pull request #9054 from vrothberg/fix-9040OpenShift Merge Robot2021-01-26
|\ \ \ | | | | | | | | make sure the workdir exists on container mount
| * | | workdir presence checksValentin Rothberg2021-01-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A container's workdir can be specified via the CLI via `--workdir` and via an image config with the CLI having precedence. Since images have a tendency to specify workdirs without necessarily shipping the paths with the root FS, make sure that Podman creates the workdir. When specified via the CLI, do not create the path, but check for its existence and return a human-friendly error. NOTE: `crun` is performing a similar check that would yield exit code 127. With this change, however, Podman performs the check and yields exit code 126. Since this is specific to `crun`, I do not consider it to be a breaking change of Podman. Fixes: #9040 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | libpod: add (*Container).ResolvePath()Valentin Rothberg2021-01-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an API to libpod to resolve a path on the container. We can refactor the code that was originally written for copy. Other functions are requiring a proper path resolution, so libpod seems like a reasonable home for sharing that code. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #9022 from cevich/swagger_uploadOpenShift Merge Robot2021-01-26
|\ \ \ \ | | | | | | | | | | Cirrus: Upload swagger YAML in every context
| * | | | Cirrus: Upload swagger YAML in every contextChris Evich2021-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman documentation site uses javascript to display API documentation at: http://docs.podman.io/en/latest/Reference.html As input, the javascript sources from a CORS-enabled Google Cloud Storage object. This commit ensures the storage object is present and updated for every Cirrus-CI execution context: Tags, Branches, and PRs. As of this commit, the documentation site only utilizes the object uploaded by the Cirrus-CI run on the `master` branch: `swagger-master.yaml`. The file produced and uploaded due to a PR is intended for testing purposes: Confirm it's generation and uploading are both functional. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #8761 from ↵OpenShift Merge Robot2021-01-26
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | ybelleguic/fix-man-page-on-overlayfs-in-rootless-mode [CI:DOCS] Fix man page for fuse-overlayfs config in rootless mode
| * | | | Fix man page for fuse-overlayfs config in rootless modeYohan Belléguic2021-01-20
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Yohan Belléguic <yohan.belleguic@arkea.com>
* | | | | Merge pull request #9070 from rhatdan/searchOpenShift Merge Robot2021-01-26
|\ \ \ \ \ | | | | | | | | | | | | Fixup search
| * | | | | Fixup searchDaniel J Walsh2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman-remote search had some FIXMEs in tests that were failing. So I reworked the search handler to use the local abi. This means the podman search and podman-remote search will use the same functions. While doing this, I noticed we were just outputing errors via logrus.Error rather then returning them, which works ok for podman but the messages get lost on podman-remote. Changed the code to actually return the error messages to the caller. This allows us to turn on the remaining podman-remote FIXME tests. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #9084 from rhatdan/overrideOpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix --arch and --os flags to work correctly
| * | | | | | Fix --arch and --os flags to work correctlyDaniel J Walsh2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently podman implements --override-arch and --overide-os But Podman has made these aliases for --arch and --os. No reason to have to specify --override, since it is clear what the user intends. Currently if the user specifies an --override-arch field but the image was previously pulled for a different Arch, podman run uses the different arch. This PR also fixes this issue. Fixes: https://github.com/containers/podman/issues/8001 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #9094 from rhatdan/mountOpenShift Merge Robot2021-01-26
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | Pass DefaultMountsFile to podman build
| * | | | | | Pass DefaultMountsFile to podman buildDaniel J Walsh2021-01-25
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --default-mounts-file path was not being handled in podman build. This will enable it to use for testing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #9090 from mheon/sync_shutdownOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ | | | | | | | | | | | | | | [NO TESTS NEEDED] Ensure shutdown handler access is syncronized
| * | | | | | Ensure shutdown handler access is syncronizedMatthew Heon2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There was a potential race where two handlers could be added at the same time. Go Maps are not thread-safe, so that could do unpleasant things. Add a mutex to keep things safe. Also, swap the order or Register and Start for the handlers in Libpod runtime created. As written, there was a small gap between Start and Register where SIGTERM/SIGINT would be completely ignored, instead of stopping Podman. Swapping the two closes this gap. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | | | Merge pull request #9091 from edsantiago/more_batsOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | System tests: cover gaps from the last month
| * | | | | | | System tests: cover gaps from the last monthEd Santiago2021-01-25
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - stop: test --all and --ignore (#9051) - build: test /run/secrets (#8679, but see below) - sensitive mount points: deal with 'stat' failures - selinux: confirm useful diagnostics on unknown labels (#8946) The 'build' test is intended as a fix for #8679, in which 'podman build' does not mount secrets from mounts.conf. Unfortunately, as of this writing, 'podman build' does not pass the --default-mounts-file option to buildah, so there's no reasonable way to test this path. Still, we can at least confirm /run/secrets on 'podman run'. The /sys thing is related to #8949: RHEL8, rootless, cgroups v1. It's just a workaround to get gating tests to pass on RHEL. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | Merge pull request #9081 from ↵OpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/google/uuid-1.2.0 Bump github.com/google/uuid from 1.1.5 to 1.2.0
| * | | | | | Bump github.com/google/uuid from 1.1.5 to 1.2.0dependabot-preview[bot]2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.1.5 to 1.2.0. - [Release notes](https://github.com/google/uuid/releases) - [Commits](https://github.com/google/uuid/compare/v1.1.5...v1.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #9085 from rhatdan/docsOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Fix typo
| * | | | | | Fix typoTeeVenDick2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Copied from @TeeVenDick patch https://github.com/containers/podman/pull/9072 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #9079 from Luap99/fish-completionOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | [CI:DOCS] Fix fish completion issue if the command is prefixed with a space
| * | | | | | | Fix fish completion issue if the command is prefixed with a spacePaul Holzinger2021-01-24
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the completion script like https://github.com/spf13/cobra/pull/1249. [NO TESTS NEEDED] Fixes #8829 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | | | Merge pull request #9057 from baude/dnsnameinternalOpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | disable dnsname when --internal
| * | | | | | disable dnsname when --internalbaude2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when doing a network creation, the dnsname plugin should be disabled when the --internal bool is set. a warning is displayed if this happens and docs are updated. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | Merge pull request #9080 from siretart/patch-1OpenShift Merge Robot2021-01-25
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | swagger.go: Fix compilation error
| * | | | | | swagger.go: Fix compilation errorReinhard Tartler2021-01-24
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Error looks like: # github.com/containers/podman/pkg/api/handlers/swagger src/github.com/containers/podman/pkg/api/handlers/swagger/swagger.go:169:3: undefined: libpod.InspectVolumeData [NO TESTS NEEDED] Signed-off-by: Reinhard Tartler <siretart@tauware.de>
* | | | | | Merge pull request #9066 from giuseppe/set-source-to-netOpenShift Merge Robot2021-01-24
|\ \ \ \ \ \ | | | | | | | | | | | | | | networking: lookup child IP in networks
| * | | | | | networking: lookup child IP in networksGiuseppe Scrivano2021-01-23
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if a CNI network is added to the container, use the IP address in that network instead of hard-coding the slirp4netns default. commit 5e65f0ba30f3fca73f8c207825632afef08378c1 introduced this regression. Closes: https://github.com/containers/podman/issues/9065 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #9071 from TomSweeneyRedHat/dev/tsweeney/bump_crypto2OpenShift Merge Robot2021-01-24
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Bump golang.org/x/crypto
| * | | | | Bump golang.org/x/cryptoroot2021-01-23
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump golang.org.x/cyrpto to the latest Signed-off-by: root <root@localhost.localdomain> Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #9073 from mlegenovic/masterOpenShift Merge Robot2021-01-23
|\ \ \ \ \ | |/ / / / |/| | | | Small API test improvement for compatibility search endpoint
| * | | | Small API test improvement for compatibility search endpointMilivoje Legenovic2021-01-23
|/ / / / | | | | | | | | | | | | Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | | Merge pull request #9028 from mlegenovic/masterOpenShift Merge Robot2021-01-23
|\ \ \ \ | | | | | | | | | | Accept and ignore 'null' as value for X-Registry-Auth
| * | | | Accept and ignore 'null' as value for X-Registry-AuthMilivoje Legenovic2021-01-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | docker-client is a library written in Java and used in Eclipse to speak with Docker API. When endpoint /images/search is called, HTTP header attribute X-Registry-Auth has value "null". This is for sure wrong but Docker tolerates this value, and call works. With this patch call works also with Podman. #7857 Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | | | Merge pull request #9067 from Luap99/podman-manifest-existsOpenShift Merge Robot2021-01-23
|\ \ \ \ \ | | | | | | | | | | | | podman manifest exists
| * | | | | podman manifest existsPaul Holzinger2021-01-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add podman manifest exists command with remote support. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | | Merge pull request #9068 from rhatdan/remoteOpenShift Merge Robot2021-01-22
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Turn on some remote test
| * | | | | Turn on some remote testDaniel J Walsh2021-01-22
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Just running through the tests that have SkipIfRemote("FIXME") and attempting to not skip. Found these tests now work. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #9050 from xcffl/doc-rm-pod-before-start-systemd-serviceOpenShift Merge Robot2021-01-22
|\ \ \ \ \ | |/ / / / |/| | | | [ci:docs] Add a notice to remove pods/containers before starting the systemd service
| * | | | Add a notice to remove pod before starting servicexcffl2021-01-22
|/ / / / | | | | | | | | | | | | Signed-off-by: xcffl <2216902+xcffl@users.noreply.github.com>
* | | | Merge pull request #9052 from giuseppe/set-source-to-slirp4netns-ipOpenShift Merge Robot2021-01-22
|\ \ \ \ | |_|_|/ |/| | | rootlessport: set source IP to slirp4netns device
| * | | libpod: move slirp magic IPs to constsGiuseppe Scrivano2021-01-22
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootlessport: set source IP to slirp4netns deviceGiuseppe Scrivano2021-01-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | set the source IP to the slirp4netns address instead of 127.0.0.1 when using rootlesskit. Closes: https://github.com/containers/podman/issues/5138 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | vendor: update rootlesskit to v0.12.0Giuseppe Scrivano2021-01-22
|/ / / | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>