| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
This code will run container operations in parallel, up to a
given maximum number of threads. Currently, it has only been
enabled for local `podman rm` as a proof of concept.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
[CI:DOCS] Bump to v2.0.0-RC4
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
/images/.../json: fix port parsing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a bug when parsing the `ExposedPorts` of the image that lead to
panics when the field was set. The OCI image spec allows three valid
formats: `tcp/port`, `udp/port` and `port`
Fixes: #6490
Reported-by: @jgallucci32
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
BATS and APIv2: more tests and tweaks
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- (minor): apiv2 tests: check for full ID
Observation made while reviewing #6461: tests were checking
only for a 12-character container/image ID in return value.
It's actually 64, and we should test for that. This should
also minimize confusion in a future maintainer.
- podman pause/unpause: new test
Runs a 'date/sleep' loop, pauses container, sleeps 3s,
restarts, then confirms that there's a 3- to 6-second
gap in the logs for the container.
- podman healthcheck: new test
run a container with healthcheck, test both healthy
and unhealthy conditions
- podman pod: check '{{.Pod}}' field in podman ps
Hey, as long as we have a pod with two running
containers, might as well confirm that 'podman ps'
returns the expected pod ID.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
fix remote test --ignore & turn on more tests
|
| | |
| | |
| | |
| | |
| | |
| | | |
fix remote test --ignore & turn on more tests
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| | | |
| | | | |
turn on remote stop_test
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
turn on stop_test --cidfile
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Properly follow linked namespace container for stats
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Podman containers can specify that they get their network
namespace from another container. This is automatic in pods, but
any container can do it.
The problem is that these containers are not guaranteed to have a
network namespace of their own; it is perfectly valid to join the
network namespace of a --net=host container, and both containers
will end up in the host namespace. The code for obtaining network
stats did not account for this, and could cause segfaults as a
result. Fortunately, the fix is simple - the function we use to
get said stats already performs appropriate checks, so we just
need to recursively call it.
Fixes #5652
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
add socket information to podman info
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
this is step 1 to self-discovery of remote ssh connections. we add a remotesocket struct to info to detect what the socket path might be.
Co-authored-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/containers/conmon-2.0.17incompatible
Bump github.com/containers/conmon from 2.0.16+incompatible to 2.0.17+incompatible
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Bumps [github.com/containers/conmon](https://github.com/containers/conmon) from 2.0.16+incompatible to 2.0.17+incompatible.
- [Release notes](https://github.com/containers/conmon/releases)
- [Changelog](https://github.com/containers/conmon/blob/master/changelog.txt)
- [Commits](https://github.com/containers/conmon/compare/v2.0.16...v2.0.17)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Namespace fields were set with bogus values
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Namespace fields were being set with their option names
unless overriden by the user. This was causing issues
with podman-remote on userns.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Add a few CVE entries to changelog.txt
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add the following CVE entries
CVE-2020-1726
CVE-2020-10696
CVE-2019-18466
to changelog.txt
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Ensure that image/container inspect are specialized
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
We are currently able to inspect images with
`podman container inspect` and containers with
`podman image inspect` and neither of those seem correct. This
ensures that the appropriate flags, and only the appropriate
flags, are available for each specialized exec, and they can only
inspect the specific type they were intended to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|/
|/| | | | | | | | |
Vendor in container/storage v1.20.2
|
|/ / / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Also modify gate Dockerfile to take advantage of skipping
mounting of the storage directory.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Remove use of ABISupport buildtag
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
We need to default to building podman. If you specify no build
tags you will not build podman, not podman-remote.
Just using remote flag to indicate podman-remote and !remote for
podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / /
|/| | | | | | | | |
When stopping containers locally, ensure cleanup runs
|
| | |_|_|_|/ / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The cleanup process was already running and ensuring that mounts
and networking configuration was cleaned up on container stop,
but this was async from the actual `podman stop` command which
breaks some expectations - the container is still mounted at the
end of `podman stop` and will be cleaned up soon, but not
immediately. Fortunately, it's a trivial change to resolve this.
Fixes #5747
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | | |
test.apiv2: add test cases for committing an image from a container
|
| | |_|/ / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Testing query parameters: container, repo, tag, comment, author, changes
and pause.
Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
Add more Remote tests
|
| |/ / / / /
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
V2 Add support for ssh authentication methods
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* podman --remote ssh://<user>:<password>@<host>:<port><path>
* podman --remote ssh://<user>:<password>@<host>:<port><path> \
--identity <path> --passphrase <phrase>
* ssh-add <key>
podman --remote ssh://<user>@<host><path>
* Fix `podman help` to run even if podman missing components
* Prompt for passphrase on stdin IFF key is protected and passphrase
not given via any other configuration
* cobra flags do not support optional value flags therefore refactored
--remote to be a boolean and --url will now contain the URI to Podman
service
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Fix a segfault in `podman inspect -l` w/ no containers
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We also need to rework container/image inspect to be separate,
but that can happen in another PR.
Fixes #6472
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
RHEL8 and Centos8 don't have oci-runtime yet
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
For the time being we need to just require runc
this should fix rdoproject.org/github-check
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Turn on remote rm_test
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
Turn on remote rm_test --cidfile
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| | | |
| | | | |
Remove reference to "upcoming" RHEL 7.7
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
7.7 has been released for a while now, so change troubleshooting
reference to indicate that.
Fixes #6349
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Enable detached exec for remote
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We need 2.0.17 for detached remote exec.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The biggest obstacle here was cleanup - we needed a way to remove
detached exec sessions after they exited, but there's no way to
tell if an exec session will be attached or detached when it's
created, and that's when we must add the exit command that would
do the removal. The solution was adding a delay to the exit
command (5 minutes), which gives sufficient time for attached
exec sessions to retrieve the exit code of the session after it
exits, but still guarantees that they will be removed, even for
detached sessions. This requires Conmon 2.0.17, which has the new
`--exit-delay` flag.
As part of the exit command rework, we can drop the hack we were
using to clean up exec sessions (remove them as part of inspect).
This is a lot cleaner, and I'm a lot happier about it.
Otherwise, this is just plumbing - we need a bindings call for
detached exec, and that needed to be added to the tunnel mode
backend for entities.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |_|/ /
|/| | | |
make env handling os dependent
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
environment variables are handled differently on windows vs linux. here we split them to be handled but no actually processing of windows environment variables was done. it can be added for future. hoowever, now we dont get errors on windows about processing them.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
check --user range for rootless containers
|