| Commit message (Collapse) | Author | Age |
|\
| |
| | |
make podman run --systemd case insensitive
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since boolean flags accept `True` and `False` the systemd flag should do
this as well.
Fixes #11387
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| |/
|/| |
Drop dependency on iproute
|
|/
|
|
|
|
|
|
|
|
|
| |
We only use the `ip` util to remove a network interface. We can do
this directly via the netlink lib, no need to call a external binary.
[NO TESTS NEEDED]
Fixes #11403
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
System tests: add cleanup & debugging output
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cleanup: the final 'play' test wasn't cleaning up after itself,
leading to angry warning messages when rerunning tests (in
my environment; never in CI)
Debug: I'm seeing a lot of "Could not parse READY=1 as MAINPID=nnn"
flakes in the sdnotify:container test (nine in the past month). Add
debug traces to help diagnose in future flakes.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] fix indentation for userns modes
|
| |
| |
| |
| |
| |
| | |
Closes: https://github.com/containers/podman/issues/11364
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
rootlessport: allow socket paths with more than 108 chars
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Creating the rootlessport socket can fail with `bind: invalid argument`
when the socket path is longer than 108 chars. This is the case for
users with a long runtime directory.
Since the kernel does not allow to use socket paths with more then 108
chars use a workaround to open the socket path.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman stop always cleanup
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a container is configured for auto removal podman stop should still
do cleanup, there is no guarantee the the cleanup process spawned by
conmon will be successful. Also a user expects after podman stop that
the network/mounts are cleaned up. Therefore podman stop should not return
early and instead do the cleanup and ignore errors if the container was
already removed.
[NO TESTS NEEDED] I don't know how to test this.
Fixes #11384
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
Make secret env var available to exec session
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Secret environment variables were only available to a podman run/start.
This commit makes sure that exec sessions can see them as well.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
[CI:DOCS] generate systemd: clarify limitations of `--new`
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
`generate systemd --new` is looking at the "create command" of the
container/pod which is simply the os.Args at creation time.
It does not work on containers or pods created via the REST API since
the create command is not set. `--new` does work on such containers and
pods since there is no reliable way to reverse-map their configs to
command-line arguments of podman.
Fixes: #11370
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] podman cp: highlight globbing and multi-file copy
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
`podman cp` does not allow for globbing or filtering copied data in any
form. `docker cp` does not either, so Podman remains compatible. Due
to a number of requests, highlight how users can effectively achieve
that by means of chaining with tools such as xargs(1) or find(1), or by
making use of `podman mount`.
Closes: #11346
Closes: #11194
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Cirrus: Reduce APIv2 task timeout
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
At the time of this commit, a significant problem has been identified
(introduced in f5ce02b227f4). The effect is, `podman pull` has a chance
of hanging, especially when re-pulling an existing image. While a fix
is in the works, there's no reason to make developers wait the full
(default) 1-hour timeout for the APIv2 task. Reduce it to 2x nominal
test runtime, so if the hang/flake is hit, the task can be re-run more
quickly.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| |/ /
|/| | |
pass LISTEN_* environment into container
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure that Podman passes the LISTEN_* environment into containers.
Similar to runc, LISTEN_PID is set to 1.
Also remove conditionally passing the LISTEN_FDS as extra files.
The condition was wrong (inverted) and introduced to fix #3572 which
related to running under varlink which has been dropped entirely
with Podman 3.0. Note that the NOTIFY_SOCKET and LISTEN_* variables
are cleared when running `system service`.
Fixes: #10443
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Use UNMERGED vbauerster/mpb PR to fix a pull deadlock
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
> go mod edit -replace github.com/vbauerster/mpb/v7=github.com/mtrmac/mpb/v7@abort-deadlock
> make vendor
See https://github.com/vbauerster/mpb/issues/100 and
https://github.com/vbauerster/mpb/pull/101 .
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
|\ \
| | |
| | | |
Cirrus: Skip APIv2 tests for [CI:DOCS]
|
| |/
| |
| |
| | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| |/
|/| |
Upgrade test: add new baseline
|
| |
| |
| |
| |
| |
| | |
Add a new reference point against which to test upgrades.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
auto-update: fix authfile label
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make sure that the container's authfile label is used when pulling down
a new image.
[NO TESTS NEEDED] since it would require some larger rewrite of the
auto-update system tests that I currently have no time for. I added a
reminder to have some breadcrumbs when there is more time.
Fixes: #11171
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |_|/
|/| | |
container: resolve workdir during initialization after all the mounts are completed.
|
| |/
| |
| |
| |
| |
| |
| |
| | |
There are use-cases where users would want to use overlay-mounts as
workdir. For such cases workdir should be resolved after all the mounts
are completed during the container init process.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|\ \
| | |
| | | |
clean up socket and pid files from podman machine
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
to avoid segvs, we should clean up as much of the socket and regular
files from podman machine as possible on stop. also, on start, we
should add logic to remove these files before starting in case the start
process is stopped prematurely (due to an error for example).
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
rootless cni: resolve absolute symlinks correctly
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When /etc/resolv.conf is a symlink to an absolute path use it and not
join it the the previous path.
[NO TESTS NEEDED] This depends on the host layout.
Fixes #11358
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
Add support for mount options to API
|
| |/
| |
| |
| |
| |
| |
| |
| | |
When creating containers the specialized mount options where not
populated via the API.
Fixes: #10831
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
Globally replace http:// with https://
|
| | |
| | |
| | |
| | |
| | |
| | | |
[NO TESTS NEEDED] Hopefully existing tests will find issues.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Add support for libsubid
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This will enable remote access to /etc/subuid and /etc/subgid
information from ldap services, if shadow-utils ships with a libsubid.
[NO TESTS NEEDED] Since we have no way to test this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
InfraContainer Rework
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
InfraContainer should go through the same creation process as regular containers. This change was from the cmd level
down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod
cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows
FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state)
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \ \
| |_|/
|/| |
| | |
| | | |
containers/dependabot/go_modules/github.com/containers/image/v5-5.16.0
Bump github.com/containers/image/v5 from 5.15.2 to 5.16.0
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.2 to 5.16.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.15.2...v5.16.0)
---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| |_|/
|/| | |
Shell completion for --format with anonymous fields
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In commit d81021ed265e I introduced shell completion for the `--format`
flag. This is a very nice way to complete go template field names.
However it did not work correct for anonymous fields. In this case the
child fields can be accessed directly from the parent.
For example:
```
type Anonymous struct {
Field1 string
Field2 string
...
}
type MyType struct {
Anonymous
}
var s = MyType{}
```
Now if you want to access a field from the Anonymous struct you can just
do `s.Field1`. The same is allowed for go templates, using `{{.Field1}}`
should work. This commit adds this functionality, if the field is anonymous
read the child field names recursively and add them to the suggestions.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
teardown play kube
|
| | |
| | |
| | |
| | |
| | |
| | | |
Add special case for op PlayKubeDownLibpod Heuristic for guessing swagger operation id too limited for PlayKubeDownLibpod
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|