| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #9740. Nice work, but the _confirm_update() helper
was dangerously broken and I just wasn't able to communicate
that. Given the time zone difference, and my weekly time cost
in reviewing, it's easier for me to fix it myself. (The problem
is that the function was a complete NOP, which would lead to
flakes).
Also: got rid of some clutter, restructured a few minor places
for maintainability.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
System test: Add tests for podman auto-update
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add some cases for podman auto-update:
1. Test with different value for label io.containers.autoupdate
2. Run podman auto-update as systemd timer
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
|\ \
| | |
| | | |
Add --publish to container restore
|
| | |
| | |
| | |
| | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Restored containers, until now, had the same port mappings as the
original started container. This commit adds the parameter '--publish'
to 'podman container restore' with the same semantic as during
create/run.
With this change it is possible to create a copy from a container with a
'--publish' rule and replace the original '--publish' setting with a new
one.
# podman run -p 2345:8080 container
# podman container checkpoint -l --export=dump.tar
# podman container restore -p 5432:8080 --import=dump.tar
The restored container will now listen on localhost:5432 instead of
localhost:2345 as the original created container.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \
| | |
| | | |
systemd/generate: change type to notify
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Change the type of units generated with --new from "forking" to
"notify". This brings Podman closer to systemd and opens up
Podman to a number of use cases (see #5572).
Units generated without --new remain with `type=forking`. I
experimented a bit with adding a `--sdnotify` flag to `podman start` but
it doesn't really work well since we're competing with the default
sdnotify mode set during container creation.
Fixes: #5572
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add support for selectable checkpoint archive compression algorithm
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The checkpoint archive compression was hardcoded to `archive.Gzip`.
There have been requests to make the used compression algorithm
selectable. There was especially the request to not compress the
checkpoint archive to be able to create faster checkpoints when not
compressing it.
This also changes the default from `gzip` to `zstd`. This change should
not break anything as the restore code path automatically handles
whatever compression the user provides during restore.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
This just reorders the options in the podman-container-checkpoint man
page alphabetically. No actual content changed.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \
| | | |
| | | | |
remote events: support labels
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Certain event meta data was lost when converting the remote events to
libpod events and vice versa. Enable the skipped system tests for
remote.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Document which CNI fields are encoded
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The CNI configuration fields named Bytes are typed
[]byte which the GO JSON encoded automatically Base64 encodes.
Note: Future major versions of Podman will refactor the networking
endpoints to encapsulate/abstract the CNI structures which will
allow better documenation and encoding.
Fixes #10562
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Fix outdated docs
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Roger Coll <rogercoll@protonmail.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
[CI:DOCS] extend docs to include help for when pub/priv key is signing issue
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
unsupported algo
Signed-off-by: alex narayan <alexandar.narayan@deliveryhero.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
remote: always send resize before the container starts
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There is race condition in the remote client attach logic. Because the
resize api call was handled in an extra goroutine the container was
started before the resize call happend. To fix this we have to call
resize in the same goroutine as attach. When the first resize is done
start a goroutine to listen on SIGWINCH in the background and resize
again if the signal is received.
Fixes #9859
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add CORS support
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | | |
[NO TESTS NEEDED]
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] fix incorrect network remove api doc
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The endpoint returns an array and not a single entry.
Fixes #10494
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
remote events: fix --stream=false
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix a bug in remote events where only one event would be sent if when
streaming is turned off. The source of the bug was that the handler
attempted to implement the streaming logic and did it wrong. The fix is
rather simple by removing this logic from the handler and let the events
backend handle streaming.
Fixes: #10529
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Update main branch to reflect 3.2.0 release
|
|/ / / /
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Fix spacing in buildthedocs
|
| | |/ /
| |/| |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/go.etcd.io/bbolt-1.3.6
Bump go.etcd.io/bbolt from 1.3.5 to 1.3.6
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.5...v1.3.6)
---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.2
Bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.8.1...v1.8.2)
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \
| | | | |
| | | | | |
add ipv6 nameservers only when the container has ipv6 enabled
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The containers /etc/resolv.conf allways preserved the ipv6 nameserves
from the host even when the container did not supported ipv6. Check
if the cni result contains an ipv6 address or slirp4netns has ipv6
support enabled and only add the ipv6 nameservers when this is the case.
The test needs to have an ipv6 nameserver in the hosts /etc/hosts but we
should never mess with this file on the host. Therefore the test is
skipped when no ipv6 is detected.
Fixes #10158
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/docker/docker-20.10.7incompatible
Bump github.com/docker/docker from 20.10.6+incompatible to 20.10.7+incompatible
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.6+incompatible to 20.10.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.6...v20.10.7)
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
containers/dependabot/go_modules/github.com/onsi/ginkgo-1.16.4
Bump github.com/onsi/ginkgo from 1.16.3 to 1.16.4
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.16.3 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.3...v1.16.4)
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| | |
| | | |
events: support disjunctive filters
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
While different filters are applied in conjunction, the same filter (but
with different values) should be applied in disjunction. This allows,
for instance, to query the events of two containers.
Fixes: #10507
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Use secrets and machine rst file properly
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This change makes secrets and machine handling match the handling of
other subcommands of Podman.
Possible fixes: https://github.com/containers/podman/issues/10513
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
System tests: add :Z to volume mounts
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
selinux-policy-34.9-1.fc34 breaks a behavior we've relied on
since (at least) January 2020:
- Revert "Add permission open to files_read_inherited_tmp_files()
interface"
That's probably the correct thing to do, but it breaks our
existing tests. Solution: add ':Z' where needed.
Tested on Ed's laptop, which has the offending selinux-policy
as of 2021-05-31. Tests pass root and rootless. (I mention
this because tests will obviously pass in CI, which has a
much older selinux-policy).
Also: add a 'podman rmi' for cleanup in one test, to avoid
noise in test logs.
Fixes: #10522
Signed-off-by: Ed Santiago <santiago@redhat.com>
|