summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix link to point at correct contentDaniel J Walsh2020-11-05
| | | | | | | | Version of runtime.spec was incorrect. Fixes: https://github.com/containers/podman/issues/8244 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8254 from yangm97/adopt-existing-volumesOpenShift Merge Robot2020-11-06
|\ | | | | fix: allow volume creation when the _data directory already exists
| * fix: allow volume creation when the _data directory already existsYan Minari2020-11-05
| | | | | | | | | | | | This restores pre f7e72bc86aff2ff986290f190309deceb7f22099 behavior Signed-off-by: Yan Minari <yangm97@gmail.com>
* | Merge pull request #8246 from ↵OpenShift Merge Robot2020-11-06
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-0.11.0 Bump github.com/rootless-containers/rootlesskit from 0.10.1 to 0.11.0
| * | Bump github.com/rootless-containers/rootlesskit from 0.10.1 to 0.11.0dependabot-preview[bot]2020-11-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.10.1 to 0.11.0. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.10.1...v0.11.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8248 from alvistack/master-linux-amd64OpenShift Merge Robot2020-11-06
|\ \ \ | |_|/ |/| | Update nix pin with `make nixpkgs`
| * | Update nix pin with `make nixpkgs`Wong Hoi Sing Edison2020-11-05
| |/ | | | | | | Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
* | Merge pull request #8249 from marcnuri-forks/fix/doc-typoOpenShift Merge Robot2020-11-05
|\ \ | | | | | | [CI:DOCS] fix: podman-system-service doc time is seconds
| * | fix: podman-system-service doc time is secondsMarc Nuri2020-11-05
| | | | | | | | | | | | Signed-off-by: Marc Nuri <marc@marcnuri.com>
* | | Merge pull request #8185 from rhatdan/mountOpenShift Merge Robot2020-11-05
|\ \ \ | |/ / |/| | Add support for mounting external containers
| * | Add support for mounting external containersDaniel J Walsh2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | Continue progress on use of external containers. This PR adds the ability to mount, umount and list the storage containers whether they are in libpod or not. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8205 from rhatdan/homeOpenShift Merge Robot2020-11-05
|\ \ \ | |_|/ |/| | Only use container/storage/pkg/unshare.HomeDir()
| * | Only use container/storage/pkg/homedir.Get()Daniel J Walsh2020-11-04
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We are resolving the homedir of the user in many different places. This Patch consolodates them to use container/storage version. This PR also fixes a failure mode when the homedir does not exists, and the user sets a root path. In this situation podman should continue to work. Podman does not require a users homedir to exist in order to run. Finally the rootlessConfigHomeDirOnce and rootlessRuntimeDirOnce were broken, because if an error ever happened, they would not be recorded the second time, and "" would be returned as the path. Fixes: https://github.com/containers/podman/issues/8131 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #8238 from joelsmith/masterOpenShift Merge Robot2020-11-05
|\ \ | |/ |/| Use regex for "pod ps" name filter to match "ps" behavior
| * Use regex for "pod ps" name filter to match "ps" behaviorJoel Smith2020-11-03
| | | | | | | | Signed-off-by: Joel Smith <joelsmith@redhat.com>
* | Merge pull request #8074 from cevich/new_f33_imagesOpenShift Merge Robot2020-11-04
|\ \ | | | | | | Cirrus: Use F33 VM image
| * | Cirrus: Use F33beta VM imageChris Evich2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes disk-space increase for all Fedora images to accommodate the static-build job disk space requirements. This job substantially leverages task-cache, which was previously failing to restore early on in the Cirrus-CI task setup, due to disk-space limitations. Also simplify .cirrus.yml slightly by removing an unncessary setup and run directory change step. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | Cirrus: Simplify artifact collectionChris Evich2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On several occasions, fatal task failures were observed during the upload of artifacts after a otherwise successful testing. Prior to this commit, most tasks were storing both logs and binary artifacts. Avoid possible major inconveniences of upload failures, by only collecting binary artifacts when necessary. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | Use ping from alpineChris Evich2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As of this commit, in Fedora 33, without without `CAP_NET_ADMIN` and `CAP_NET_RAW`, require setting `net.ipv3.ping_group_range` in order for the `ping` command to work inside a container. However, not all images `ping` are created equal. For whatever reason, the busybox version in the busybox container image, does not function. Switch to the Alpine image's busybox ping, which seems to work fine. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #8156 from mheon/add_net_aliases_dbOpenShift Merge Robot2020-11-04
|\ \ \ | |/ / |/| | Add network aliases for containers to DB
| * | Add tests for network aliasesMatthew Heon2020-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of this, we need two new functions, for retrieving all aliases for a network and removing all aliases for a network, both required to test. Also, rework handling for some things the tests discovered were broken (notably conflicts between container name and existing aliases). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Add a way to retrieve all network aliases for a ctrMatthew Heon2020-10-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | The original interface only allowed retrieving aliases for a specific network, not for all networks. This will allow aliases to be retrieved for every network the container is present in, in a single DB operation. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Add network aliases for containers to DBMatthew Heon2020-10-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the database backend for network aliases. Aliases are additional names for a container that are used with the CNI dnsname plugin - the container will be accessible by these names in addition to its name. Aliases are allowed to change over time as the container connects to and disconnects from networks. Aliases are implemented as another bucket in the database to register all aliases, plus two buckets for each container (one to hold connected CNI networks, a second to hold its aliases). The aliases are only unique per-network, to the global and per-container aliases buckets have a sub-bucket for each CNI network that has aliases, and the aliases are stored within that sub-bucket. Aliases are formatted as alias (key) to container ID (value) in both cases. Three DB functions are defined for aliases: retrieving current aliases for a given network, setting aliases for a given network, and removing all aliases for a given network. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #8239 from ↵OpenShift Merge Robot2020-11-04
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.23.9 Bump github.com/containers/storage from 1.23.8 to 1.23.9
| * | | Bump github.com/containers/storage from 1.23.8 to 1.23.9dependabot-preview[bot]2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.23.8 to 1.23.9. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.23.8...v1.23.9) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #8225 from ↵OpenShift Merge Robot2020-11-04
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | debarshiray/wip/rishi/exec_test-use-containsubstring Improve error messages from failing tests
| * | | | Improve error messages from failing testsDebarshi Ray2020-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using a function like ContainSubstring or Equal is better because if the test fails it will log a descriptive error that includes the actual string generated during the test. This is more helpful than a function like BeTrue that will only indicate that an assertion failed without giving further details of the failure. Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
* | | | | Merge pull request #8237 from vorburger/patch-1OpenShift Merge Robot2020-11-04
|\ \ \ \ \ | | | | | | | | | | | | Add tip re. typical root cause of "Exec format error" to troubleshooting.md
| * | | | | Add tip re. typical root cause of "Exec format error" to troubleshooting.mdMichael Vorburger ⛑️2020-11-03
| | |_|_|/ | |/| | | | | | | | | | | | | Signed-off-by: Michael Vorburger <mike@vorburger.ch>
* | | | | Merge pull request #8229 from vrothberg/pr-templateOpenShift Merge Robot2020-11-04
|\ \ \ \ \ | |_|_|/ / |/| | | | [CI:DOCS] add a PR template
| * | | | add a PR templateValentin Rothberg2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a pull-request template that points to the section in the contributing guidelines and to remind users to use the `[CI:DOCS]` prefix if applicable. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #8209 from mwhahaha/issue-8208OpenShift Merge Robot2020-11-03
|\ \ \ \ \ | |_|/ / / |/| | | | Change http ConnState actions between new and active
| * | | | Change http ConnState actions between new and activeAlex Schultz2020-10-31
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently it double counts connections because it's incrementing the total for both the new and active states. Based on the comments, we should only count new connections for the total count and perform the timer stop actions when the connection has transitioned to an active state. Closes #8208 Signed-off-by: Alex Schultz <aschultz@redhat.com>
* | | | Merge pull request #8232 from ashley-cui/volfiltOpenShift Merge Robot2020-11-03
|\ \ \ \ | | | | | | | | | | Make volume filters inclusive
| * | | | Make volume filters inclusiveAshley Cui2020-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using multiple filters, return a volume that matches any one of the used filters, rather than matching both of the filters. This is for compatibility with docker's cli, and more importantly, the apiv2 compat endpoint Closes #6765 Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | Merge pull request #8233 from baude/umohnani8OpenShift Merge Robot2020-11-03
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS]Add Urvashi to podman OWNERS
| * | | | | [CI:DOCS]Add Urvashi to podman OWNERSbaude2020-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Lets add Urvashi to podman OWNERS so she can review and merge PRs. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #8213 from saschagrunert/osusergoOpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ | | | | | | | | | | | | | | Use osusergo build tag for static build
| * | | | | | Use osusergo build tag for static buildSascha Grunert2020-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now use the `osusergo` build tag to not use the glibc functions which occur in the warnings but them from golang the os/user package. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | | | Merge pull request #8219 from rhafer/rootless-mountsOpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | docs: Mention mounts.conf location for non-root users
| * | | | | | docs: Mention mounts.conf location for non-root usersRalf Haferkamp2020-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
* | | | | | | Merge pull request #8204 from jwhonce/jira/run-976OpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | Add test/apiv2/rest_api tests to make target
| * | | | | | Add test/apiv2/rest_api tests to make targetJhon Honce2020-11-02
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * renamed old API tests to not be discovered, they do not pass * Updated the API tests to use a pristine storage configuration * Skipped attach test, it needs to be re-written Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | | Merge pull request #8231 from baude/fedorarootlesscpulimitOpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ | | | | | | | | | | | | | | fedora rootless cpu settings
| * | | | | | fedora rootless cpu settingsbaude2020-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fedora does not have the the ability in rootless to set cpu limits. this requires a simple fix for fedora 33 to pass ci tests. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | Merge pull request #8226 from ↵OpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | debarshiray/wip/rishi/toolbox_test-userns-keepid-HOME Test $HOME when it's parent is bind mounted with --userns=keep-id
| * | | | | | Test $HOME when it's parent is bind mounted with --userns=keep-idDebarshi Ray2020-11-03
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When --userns=keep-id is used, Podman is supposed to set up the home directory of the user inside the container to match that on the host as long as the home directory or any of its parents are marked as volumes to be bind mounted into the container. Currently, the test only considers the case where the home directory itself is bind mounted into the container. It doesn't cover the Podman code that walks through all the bind mounts looking for ancestors in case the home directory itself wasn't specified as a bind mount. Therefore, this improves the existing test added in commit 6ca8067956128585 ("Setup HOME environment when using --userns=keep-id") Note that this test can't be run as root. The home directory of the root user is /root, and it's parent is /. Bind mounting the entire / from the host into the container prevents it from starting: Error: openat2 ``: No such file or directory: OCI not found Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
* | | | | | Merge pull request #8224 from jjasghar/patch-1OpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ | | | | | | | | | | | | | | Update README.md
| * | | | | | Update README.mdJJ Asghar2020-11-02
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Typo Signed-off-by: JJ Asghar <jjasghar@gmail.com>
* | | | | | Merge pull request #8217 from giuseppe/caps-ambientOpenShift Merge Robot2020-11-03
|\ \ \ \ \ \ | |/ / / / / |/| | | | | specgen: add support for ambient capabilities