summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Upgrade to latest criu and selinux-policyAdrian Reber2019-05-06
| | | | | | This fixes all the current errors concerning checkpoint/restore. Signed-off-by: Adrian Reber <areber@redhat.com>
* Only run checkpoint/restore tests on Fedora >= 29Adrian Reber2019-05-06
| | | | | | | | | | Only Fedora 29 and newer has an updated container-selinux and selinux-policy new enough to support CRIU in restoring threaded processes in a container with SELinux enabled. Also skip checkpoint/restore tests if rootless. CRIU requires root. Signed-off-by: Adrian Reber <areber@redhat.com>
* Merge pull request #3067 from TomSweeneyRedHat/dev/tsweeney/buildah1.8.2OpenShift Merge Robot2019-05-04
|\ | | | | Bump to Buildah v1.8.2
| * Bump to Buildah v1.8.2TomSweeneyRedHat2019-05-03
| | | | | | | | | | | | As the title suggests. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #3066 from mheon/events_libpod_manpageOpenShift Merge Robot2019-05-04
|\ \ | |/ |/| Document events logger options in libpod.conf manpage
| * Document events logger options in libpod.conf manpageMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #2826 from mheon/restart_policyOpenShift Merge Robot2019-05-03
|\ \ | |/ |/| Add restart policy for containers
| * Try and fix restart-policy testsMatthew Heon2019-05-03
| | | | | | | | | | | | | | Theory: it's SELinux blowing up and preventing us from creating files as the container. Try and use a fresh dir and :Z to fix. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix manpage typosMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Small code fixMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix 'restart' event in journaldMatthew Heon2019-05-03
| | | | | | | | | | | | | | Ensure that we can decode the restart event with the new journald events. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Address review comments on restart policyMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add a test for restart policyMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add a restart event, and make one during restart policyMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Restart policy should not run if a container is runningMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Restart policy conflicts with the --rm flagMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Move to using constants for valid restart policy typesMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add manpage information for restart policyMatthew Heon2019-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add support for retry count with --restart flagMatthew Heon2019-05-03
| | | | | | | | | | | | | | | | | | The on-failure restart option supports restarting only a given number of times. To do this, we need one additional field in the DB to track restart count (which conveniently fills a field in Inspect we weren't populating), plus some plumbing logic. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Sending signals to containers prevents restart policyMatthew Heon2019-05-03
| | | | | | | | | | | | Noticed this when testing some behavior with Docker. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add container restart policy to Libpod & PodmanMatthew Heon2019-05-03
| | | | | | | | | | | | | | This initial version does not support restart count, but it works as advertised otherwise. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add a StoppedByUser field to the DBMatthew Heon2019-05-03
| | | | | | | | | | | | | | | | This field indicates that a container was explciitly stopped by an API call, and did not exit naturally. It's used when implementing restart policy for containers. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #2971 from QiWang19/logoutcheckOpenShift Merge Robot2019-05-03
|\ \ | | | | | | fix logout message if login only with docker
| * | fix logout message if login only with dockerQi Wang2019-05-03
| | | | | | | | | | | | | | | | | | if checkAuth() success but not logged in with podman, assume it's logged in with docker and retrun the message. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #3064 from rhatdan/sysregistriesv2OpenShift Merge Robot2019-05-03
|\ \ \ | |_|/ |/| | change from sysregistries to sysregistriesv2
| * | change from sysregistries to sysregistriesv2Daniel J Walsh2019-05-03
| | | | | | | | | | | | | | | | | | | | | | | | We want to start supporting the registries.conf format. Also start showing blocked registries in podman info Fix sorting so all registries are listed together in podman info. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #3034 from vrothberg/top-fallbackOpenShift Merge Robot2019-05-03
|\ \ \ | | | | | | | | top: fallback to execing ps(1)
| * | | top: fallback to execing ps(1)Valentin Rothberg2019-05-03
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Fallback to executing ps(1) in case we hit an unknown psgo descriptor. This ensures backwards compatibility with docker-top, which was purely ps(1) driven. Also support comma-separated descriptors as input. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #2905 from QiWang19/globalvarOpenShift Merge Robot2019-05-03
|\ \ \ | | | | | | | | Add variable for global flags to runlabel
| * | | Add variable for global flags to runlabelQi Wang2019-05-02
| | | | | | | | | | | | | | | | | | | | | | | | use $GLOBAL_OPTS to pass global flags to the runlabel command. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #3061 from baude/parsecleanupOpenShift Merge Robot2019-05-03
|\ \ \ \ | |_|/ / |/| | | clean up shared/parse/parse.go
| * | | clean up shared/parse/parse.gobaude2019-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | prune unused functions and add unit tests for a number of the remaining ones. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2849 from cevich/timestampsOpenShift Merge Robot2019-05-03
|\ \ \ \ | | | | | | | | | | Cirrus: timestamp all output script output
| * | | | Cirrus: Add pipefail confirmation checkChris Evich2019-05-02
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: timestamp all output script outputChris Evich2019-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also remove direct time-stamping by CI scripts that would compete. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #2959 from mheon/merge_volume_flagsOpenShift Merge Robot2019-05-03
|\ \ \ \ \ | | | | | | | | | | | | Merge volume flags implementation
| * | | | | Fix podman-in-podman volume testMatthew Heon2019-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running inside Podman, we get an extra `nodev` mount option. It doesn't seem to be a bug, more an artifact of running in a somewhat locked-down container. So instead of checking explicitly for a set of mount options, just verify the ones we set are present. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Move handling of ReadOnlyTmpfs into new mounts codeMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Begin adding volume testsMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Ensure that named volumes have their options parsedMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This involves moving some code out of pkg/spec/ into util/ so it can also be used by libpod. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Add options parsing for tmpfs mountsMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This ensures that all tmpfs mounts added by the user, even with the --mount flag, share a few common options (nosuid, noexec, nodev), and options for tmpfs mounts are properly validated to ensure they are correct. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Use EqualValues instead of reflect equalityMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Same result, but notably better error messages when things go wrong. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Hit a number of to-do comments in unified volumes codeMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of this, move bind mount option validity parsing and modification (adding e.g. rbind on bind mounts that are missing it), which requires test changes (expected values have changed). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Fix options for non-bind and non-tmpfs volumesMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We were unconditionally resetting volume mount options for all mount points (and by the looks of things, completely dropping tmpfs mounts), which was causing runc to refuse to run containers and all the tests to consequently fail. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Migrate unit tests from cmd/podman into pkg/specMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several changes made in the interface of pkg/spec make interacting with it without a runtime difficult to impossible, so move the existing limited testing from cmd/podman (which mostly tested pkg/spec) into pkg/spec itself where we can call individual functions that don't break things. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Migrate to unified volume handling codeMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unify handling for the --volume, --mount, --volumes-from, --tmpfs and --init flags into a single file and set of functions. This will greatly improve readability and maintainability. Further, properly handle superceding and conflicting mounts. Our current patchwork has serious issues when mounts conflict, or when a mount from --volumes-from or an image volume should be overwritten by a user volume or named volume. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Always pass pod into MakeContainerConfigMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Play kube was passing the pod, but CreateConfig was not. Unify it so they both do, so we can remove some unnecessary duplicate lookup code. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Remove non-config fields from CreateConfigMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The goal here is to keep only the configuration directly used to build the container in CreateConfig, and scrub temporary state and helpers that we need to generate. We'll keep those internally in MakeContainerConfig. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Add a new function for converting a CreateConfigMatthew Heon2019-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Right now, there are two major API calls necessary to turn a filled-in CreateConfig into the options and OCI spec necessary to make a libpod Container. I'm intending on refactoring both of these extensively to unify a few things, so make a common frontend to both that will prevent API changes from leaking out of the package. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #3051 from mheon/podman_migrate_fixesOpenShift Merge Robot2019-05-02
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Small fixes for #2950