summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Volumes: Only remove from DB if plugin removal succeedsMatthew Heon2021-08-18
| | | | | | | | | | | | | | | | | | Originally, Podman would unconditionally remove volumes from the DB, even if they failed to be removed from the volume plugin; this was a safety measure to ensure that `volume rm` can always remove a volume from the database, even if the plugin is misbehaving. However, this is a significant deivation from Docker, which refuses to remove if the plugin errors. These errors can be legitimate configuration issues which the user should address before the volume is removed, so Podman should also use this behaviour. Fixes #11214 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #11212 from flouthoc/check-valid-systemd-sessionopenshift-ci[bot]2021-08-17
|\ | | | | cgroup-manager-systemd: Warn early if user is rootless and no relevent user session is present.
| * cgroup-manager-systemd:Fail early if user:rootless and relevent session is ↵flouthoc2021-08-17
| | | | | | | | | | | | | | | | not present. [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | Merge pull request #11252 from cevich/remove_todoopenshift-ci[bot]2021-08-17
|\ \ | | | | | | Cirrus: Resolve two upgrade-test FIXMEs
| * | Cirrus: Resolve two upgrade-test FIXMEsChris Evich2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I attempted to run the tests in a loop (one VM) but it fails with: ``` not ok 8 exec (from function `is' in file test/upgrade/../system/helpers.bash, line 474, in test file test/upgrade/test-upgrade.bats, line 222) `is "$output" "$RANDOM_STRING_1" "exec into myrunningcontainer"' failed /var/tmp/go/src/github.com/containers/podman/bin/podman exec myrunningcontainer cat /var/www/index.txt time="2021-08-17T13:34:21-05:00" level=warning msg="Failed to add conmon to systemd sandbox cgroup: Invalid unit name '/libpod_parent'" uagHtpYnA47bkz3 /vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv | FAIL: exec into myrunningcontainer | expected: 'uagHtpYnA47bkz3' | actual: 'time="2021-08-17T13:34:21-05:00" level=warning msg="Failed to add conmon to systemd sandbox cgroup: Invalid unit name '/libpod_parent'"' | > 'uagHtpYnA47bkz3' \^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ``` Since the current implementation doesn't reproduce this error, the change isn't worth the cost of debugging/fixing. OTOH, making the job only run from the daily cirrus-cron builds is a simple change. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #11192 from ashley-cui/darwinwarn3openshift-ci[bot]2021-08-17
|\ \ \ | | | | | | | | [NO TESTS NEEDED] Change connection error to be helpful for machine users
| * | | Change connection error to be helpful for machine usersAshley Cui2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If a podman-remote connection fails, remind the user to check their linux system and podman machine vm Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #11231 from flouthoc/move-volume-dest-to-serveropenshift-ci[bot]2021-08-17
|\ \ \ \ | |_|/ / |/| | | volume: move validating volume dest from client to server.
| * | | fix: unifiedOverlays should be assigned if no conflicts found.flouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
| * | | libpod/option.go remove error stutter from wrap/wrafflouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
| * | | volume: move validating volume dest from client to server.flouthoc2021-08-16
| | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | Merge pull request #11244 from ↵openshift-ci[bot]2021-08-17
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.34.1 Bump github.com/containers/storage from 1.34.0 to 1.34.1
| * | | | Bump github.com/containers/storage from 1.34.0 to 1.34.1dependabot[bot]2021-08-17
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.34.0 to 1.34.1. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.34.0...v1.34.1) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | Merge pull request #11224 from xatier/masteropenshift-ci[bot]2021-08-17
|\ \ \ \ | | | | | | | | | | Add space trimming check in ValidateSysctls
| * | | | Add space trimming check in ValidateSysctlsxatier2021-08-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is to catch invalid sysctl configs with extra spacing. See https://github.com/containers/common/issues/723#issuecomment-897395506 Signed-off-by: xatier <xatierlike@gmail.com>
* | | | | Merge pull request #11240 from vrothberg/artopenshift-ci[bot]2021-08-17
|\ \ \ \ \ | |_|/ / / |/| | | | make sure that signal buffers are sufficiently big
| * | | | make sure that signal buffers are sufficiently bigValentin Rothberg2021-08-17
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dealing with os.Signal channels seems more like an art than science since signals may get lost. os.Notify doesn't block on an unbuffered channel, so users are expected to know what they're doing or hope for the best. In the recent past, I've seen a number of flakes and BZs on non-amd64 architectures where I was under the impression that signals may got lost, for instance, during stop and exec. [NO TESTS NEEDED] since this is art. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #11154 from cdoern/imagesPullopenshift-ci[bot]2021-08-16
|\ \ \ \ | | | | | | | | | | Libpod images pull changes
| * | | | Libpod images pull changescdoern2021-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added quiet param to docs to limit stream output. Formatted JSON. fixes #10612 Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | Merge pull request #11169 from cevich/enable_docker_py_testingopenshift-ci[bot]2021-08-16
|\ \ \ \ \ | | | | | | | | | | | | Enable docker-py compat. testing w/ ignored result
| * | | | | Enable docker-py compat. testing w/ ignored resultChris Evich2021-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Significant bitrot results in almost immediate test failure. This commit adds only the very basic, bare-minimum needed to get them started. ***TESTING RESULTS ARE IGNORED*** Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #11195 from Luap99/xdg-rootopenshift-ci[bot]2021-08-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | rootful: unset XDG_RUNTIME_DIR
| * | | | | | rootful: unset XDG_RUNTIME_DIRPaul Holzinger2021-08-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Depending how the user logs in to the root account, XDG_RUNTIME_DIR is set to /run/user/0 or it is unset. For conmon we already set it always to an empty string. The inconsistency is causing issues for the dnsname plugin. To fix it unset XDG_RUNTIME_DIR for the podman process. [NO TESTS NEEDED] Fixes #10806 Fixes #10745 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | Merge pull request #11230 from Luap99/rootless-dnsopenshift-ci[bot]2021-08-16
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | Fix rootless cni dns without systemd stub resolver
| * | | | | | Fix rootless cni dns without systemd stub resolverPaul Holzinger2021-08-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a host uses systemd-resolved but not the resolved stub resolver the following symlinks are created: `/etc/resolv.conf` -> `/run/systemd/resolve/stub-resolv.conf` -> `/run/systemd/resolve/resolv.conf`. Because the code uses filepath.EvalSymlinks we put the new resolv.conf to `/run/systemd/resolve/resolv.conf` but the `/run/systemd/resolve/stub-resolv.conf` link does not exists in the mount ns. To fix this we will walk the symlinks manually until we reach the first one under `/run` and use this for the resolv.conf file destination. This fixes a regression which was introduced in e73d4829900c. Fixes #11222 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | Merge pull request #11228 from mlegenovic/mainopenshift-ci[bot]2021-08-16
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Fixed healthcheck default values when container created via compat API
| * | | | | | Fixed healthcheck default values when container created via compat APIMilivoje Legenovic2021-08-14
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #11225 Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | | | | Merge pull request #11219 from baude/oneshottoonceopenshift-ci[bot]2021-08-15
|\ \ \ \ \ \ | |/ / / / / |/| | | | | rename oneshot initcontainers to once
| * | | | | rename oneshot initcontainers to onceBrent Baude2021-08-12
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | after the init containers pr merged, it was suggested to use `once` instead of `oneshot` containers as it is more aligned with other terminiology used similarily. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #11206 from baude/gvproxynewpathopenshift-ci[bot]2021-08-12
|\ \ \ \ \ | | | | | | | | | | | | Set gvproxy path to /usr/libexec/podman/gvproxy
| * | | | | Set gvproxy path to /usr/libexec/podman/gvproxyBrent Baude2021-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have reverted the previous patches to look for the gvproxy binary in /usr/lib/podman and have again decided to use /usr/libexec/podman [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
| * | | | | Revert "Use static path for gvproxy"Brent Baude2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 4acc1d685066faa1dc102532ba76a81d3ec6bdc0. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | | Merge pull request #11203 from rhatdan/codespellopenshift-ci[bot]2021-08-12
|\ \ \ \ \ \ | | | | | | | | | | | | | | Run codespell to fix spelling
| * | | | | | Run codespell to fix spellingDaniel J Walsh2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Just fixing spelling. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #11167 from jwhonce/issues/11012openshift-ci[bot]2021-08-12
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | For compatibility, ignore Content-Type
| * | | | | | | For compatibility, ignore Content-TypeJhon Honce2021-08-11
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Endpoint /build logs an info entry when a client uses the wrong Content-Type for build payload. Given Content-Type is ignored and assumed to be "application/x-tar". Endpoint /libpod/build will fail unless "application/x-tar" or "application/tar" is given for Content-Type. "application/tar" will be logged as an info entry. Fixes #11012 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | | | Merge pull request #11190 from cevich/docs_updateopenshift-ci[bot]2021-08-11
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | [CI:DOCS] Fix multi-arch image docs
| * | | | | | [CI:DOCS] Fix multi-arch image docsChris Evich2021-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The automation workflow was altered in recent history to build images daily, even if the podman version didn't change. This was is necessary so that any updates/security vulnerabilities in ancillary packages are incorporated quickly. However, documentation was never updated to reflect this change. This commit puts the two in sync. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | | Merge pull request #11164 from cevich/enhance_priv_dev_testopenshift-ci[bot]2021-08-11
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Enhance priv. dev. check
| * | | | | | Fix device tests using ls test filesChris Evich2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `ls` command is not intended for this purpose and may behave in unexpected ways, leading to false positive or negative results. Update the tests to use the purpose built `test` command instead. Also added several *TODO* comments for possible future testing enhancements. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | | | Enhance priv. dev. checkChris Evich2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update test to confirm the negative-case, proving the `--privileged` "option is required" for this character device to be present in a container (including rootless). Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | | | Workaround host availability of /dev/kvmChris Evich2021-08-11
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This test has been failing for a long time but nobody noticed because CI doesn't have the device node (nested-VM support was disabled). After having enabled nested VM support, tests fail due to some unknown special-handling of this device. Fix both problems by removing the `skip()` and switching to a more generic device which is only present when `--privileged` is used. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #11173 from jmguzik/pod-ps-until-filteropenshift-ci[bot]2021-08-11
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add until filter to podman pod ps
| * | | | | | Add until filter to podman pod psJakub Guzik2021-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds additional until filter to podman pod ps (ls/list). Additionally, it also adds descriptions for podman pod ps filters available via http api. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | | | | | Merge pull request #11153 from cdoern/scpopenshift-ci[bot]2021-08-11
|\ \ \ \ \ \ \ | |_|_|_|_|_|/ |/| | | | | | Added autocompletion for images and system connections for podman image SCP
| * | | | | | Added autocompletion for images and system connectionscdoern2021-08-09
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] image scp should autocomplete images and system connections since the args can be either. Made a new function, common.AutocompleteScp Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | | Merge pull request #11160 from kpcyrd/repro-buildsDaniel J Walsh2021-08-10
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Reproducible Builds: trim embedded cgo paths
| * | | | | Reproducible Builds: trim embedded cgo pathskpcyrd2021-08-09
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: kpcyrd <git@rxv.cc>
* | | | | Merge pull request #11179 from ↵openshift-ci[bot]2021-08-10
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.4 Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
| * | | | Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4dependabot[bot]2021-08-10
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.3 to 1.8.4. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.3...v1.8.4) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>