summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Handle timezone on server containers.confDaniel J Walsh2021-08-04
| | | | | | | | Fixes: https://github.com/containers/podman/issues/11124 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@localhost.localdomain> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #11003 from pascomnet/f_statsopenshift-ci[bot]2021-08-04
|\ | | | | stats: add a interval parameter to cli and api stats streaming
| * e2e tests: re-enable and fix podman stats testsThomas Weber2021-08-02
| | | | | | | | | | | | | | | | | | | | Renamed podman pod stats test specs to distinguish them from podman stats tests. podman stats tests where disabled by a +build flag. Fix podman stats format test, add negative test. Fix podman stats cli command, exit non-zero on invalid format string. Add tests for podman stats interval flag. Signed-off-by: Thomas Weber <towe75@googlemail.com>
| * stats: add a interval parameter to cli and api stream modeThomas Weber2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | podman stats polled by default in a 1 sec period. This can put quite some load on a machine if you run many containers. The default value is now 5 seconds. You can change this interval with a new, optional, --interval, -i cli flag. The api request got also a interval query parameter for the same purpose. Additionally a unused const was removed. Api and cli will fail the request if a 0 or negative value is passed in. Signed-off-by: Thomas Weber <towe75@googlemail.com>
* | Merge pull request #11104 from jwhonce/bz/1988252openshift-ci[bot]2021-08-04
|\ \ | | | | | | Only support containers stats using cgroups v2
| * | Only support containers stats using cgroups v2Jhon Honce2021-08-03
| | | | | | | | | | | | | | | | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1988252 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #11125 from ↵openshift-ci[bot]2021-08-04
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-0.14.4 Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4
| * | | Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4dependabot[bot]2021-08-04
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.3 to 0.14.4. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.3...v0.14.4) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #11114 from mlegenovic/masteropenshift-ci[bot]2021-08-03
|\ \ \ | | | | | | | | Compat API: Fix healthcheck status and healthcheck config
| * | | Compat API: Fix healthcheck status and healthcheck configMilivoje Legenovic2021-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: - Do not show healthcheck status if not available or if container status is "created" (Docker behaviour) - Show healthcheck configuration if present (Config.Healthcheck) Tests: - Ensure State.Health is not present if container status is "created" - Ensure Config.Healthcheck is present and values correct - Ensure State.Health is present if container started Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | | Merge pull request #11122 from edsantiago/qfileopenshift-ci[bot]2021-08-03
|\ \ \ \ | |_|/ / |/| | | podman info: try qfile before equery
| * | | podman info: try qfile before equeryEd Santiago2021-08-03
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman info takes >20s on Gentoo, because equery is s..l..o..w. qfile is much faster and, I suspect, present in most Gentoo installations, so let's try it first. And, because packageVersion() was scarily unmaintainable, refactor it. Define a simple (string) list of packaging tools to query (rpm, dpkg, ...) and iterate until we find one that works. IMPORTANT NOTE: the Debian (and, presumably, Ubuntu) query does not include version number! There is no standard way on Debian to get a package version from a file path, you can only do it via pipes of chained commands, and I have no desire to implement that. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #11091 from Luap99/connect-disconnectopenshift-ci[bot]2021-08-03
|\ \ \ | | | | | | | | fix rootless port forwarding with network dis-/connect
| * | | fix rootless port forwarding with network dis-/connectPaul Holzinger2021-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rootlessport forwarder requires a child IP to be set. This must be a valid ip in the container network namespace. The problem is that after a network disconnect and connect the eth0 ip changed. Therefore the packages are dropped since the source ip does no longer exists in the netns. One solution is to set the child IP to 127.0.0.1, however this is a security problem. [1] To fix this we have to recreate the ports after network connect and disconnect. To make this work the rootlessport process exposes a socket where podman network connect/disconnect connect to and send to new child IP to rootlessport. The rootlessport process will remove all ports and recreate them with the new correct child IP. Also bump rootlesskit to v0.14.3 to fix a race with RemovePort(). Fixes #10052 [1] https://nvd.nist.gov/vuln/detail/CVE-2021-20199 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #11111 from ↵openshift-ci[bot]2021-08-03
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.3 Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
| * | | | Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3dependabot[bot]2021-08-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | Merge pull request #11117 from vrothberg/scp-typoopenshift-ci[bot]2021-08-03
|\ \ \ \ | | | | | | | | | | image scp: fix typo in output
| * | | | image scp: fix typo in outputValentin Rothberg2021-08-03
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | s/Loaded images(s)/Loaded image(s)/ [NO TESTS NEEDED] (I think we should test the output at some point) Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #11068 from giuseppe/drop-dir-cgroup-testopenshift-ci[bot]2021-08-03
|\ \ \ \ | |/ / / |/| | | test: move container process to a sub-cgroup
| * | | test: move container process to a sub-cgroupGiuseppe Scrivano2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | move the container to a sub-cgroup before creating a sibling hierarchy. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #11101 from rhatdan/selinuxopenshift-ci[bot]2021-08-03
|\ \ \ \ | |_|/ / |/| | | Fix handling of user specified container labels
| * | | Fix handling of user specified container labelsDaniel J Walsh2021-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we override the SELinux labels specified by the user if the container is runing a kata container or systemd container. This PR fixes to use the label specified by the user. Fixes: https://github.com/containers/podman/issues/11100 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #11099 from edsantiago/podman_registry_tweakopenshift-ci[bot]2021-08-02
|\ \ \ \ | |/ / / |/| | | podman-registry: minor usability updates
| * | | podman-registry: minor usability updatesEd Santiago2021-08-02
|/ / / | | | | | | | | | | | | | | | | | | 1) use cached quay.io image 2) use 'podman unshare' when rm -rf'ing, to avoid EPERM Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #11094 from mheon/bump_400_devopenshift-ci[bot]2021-08-02
|\ \ \ | | | | | | | | Bump to v4.0.0-dev
| * | | Bump to v4.0.0-devMatthew Heon2021-08-02
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #10828 from cdoern/scpopenshift-ci[bot]2021-08-02
|\ \ \ \ | |/ / / |/| | | Created image scp feature
| * | | Created scp.go image_scp_test.go and podman-image-scp.1.mdcdoern2021-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | added functionality for image secure copying from local to remote. Also moved system connection add code around a bit so functions within that file can be used by scp. Signed-off-by: cdoern <cdoern@redhat.com>
* | | | Merge pull request #11092 from ↵openshift-ci[bot]2021-08-02
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.33.1 Bump github.com/containers/storage from 1.33.0 to 1.33.1
| * | | | Bump github.com/containers/storage from 1.33.0 to 1.33.1dependabot[bot]2021-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.0 to 1.33.1. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.33.0...v1.33.1) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | Merge pull request #11064 from cevich/daily_version_updateopenshift-ci[bot]2021-08-02
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] Multi-arch image build: Daily version-tag push
| * | | | | Multi-arch image build: Daily version-tag pushChris Evich2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This mirrors changes from https://github.com/containers/buildah/pull/3381 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #11072 from matejvasek/header-timeoutopenshift-ci[bot]2021-08-02
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Remove ReadHeaderTimeout
| * | | | | Remove ReadHeaderTimeoutMatej Vasek2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Effectively sets timeout to infinity. This is needed in order to make `podman` work with `pack`. The `pack` CLI is keeping one connection for prolonged time. Closing the connection breaks `pack`'s functionality. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | | | | Merge pull request #11082 from ↵openshift-ci[bot]2021-08-02
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.15.0 Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0
| * | | | | | Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0dependabot[bot]2021-08-01
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.14.0 to 5.15.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.14.0...v5.15.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | Merge pull request #11054 from saschagrunert/login-logout-path-testsopenshift-ci[bot]2021-08-01
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add `--accept-repositories` integration tests
| * | | | | | Add `--accept-repositories` integration testsSascha Grunert2021-07-30
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the integration tests for the repository or namespaced registry feature introduced in c/common. Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | | | | Merge pull request #11086 from hshiina/update-testopenshift-ci[bot]2021-07-31
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix auto-update system test for older systemd
| * | | | | | Fix auto-update system test for older systemdHironori Shiina2021-07-30
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the systemd version is older than v245, the systemd uses 'Started' when a oneshot service finishes. In systemd, the change was done at: https://github.com/systemd/systemd/pull/14851 commit-id: eda0cbf07186d16a160bd1d810613586fdbdf587 Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
* | | | | | Merge pull request #11075 from flouthoc/ps-filter-network-by-containeropenshift-ci[bot]2021-07-30
|\ \ \ \ \ \ | | | | | | | | | | | | | | ps: support the `container...` notation for `ps --filter network=...`
| * | | | | | ps: support the container notation for ps --filter network=...flouthoc2021-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | | | | Merge pull request #11080 from edsantiago/batsOpenShift Merge Robot2021-07-30
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | system tests: fix race in stop test
| * | | | | | system tests: fix race in stop testEd Santiago2021-07-29
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the unlock/timeout test, on slow systems, 'podman ps' could catch the container before the just-backgrounded 'podman stop' sends the signal. Wait for signal ack from container before we inspect it. Also: If I understand the test correctly, it wasn't actually checking that 'ps' could grab the lock while the container was exiting. Add a check. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #11077 from flouthoc/healthcheck-nitOpenShift Merge Robot2021-07-29
|\ \ \ \ \ \ | | | | | | | | | | | | | | `ci-fix`: healthcheck tests should use `.Should()` instead of `.To()`.
| * | | | | | Fix: healthcheck tests use .Should() instead of .To()flouthoc2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | | | | Merge pull request #9887 from edsantiago/test_buildah_bud_with_remoteOpenShift Merge Robot2021-07-29
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | buildah bud tests under podman-remote
| * | | | | | | buildah bud tests under podman-remoteEd Santiago2021-07-28
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New functionality -- mostly in the diffs we apply to buildah's helpers.bash -- to enable running buildah-bud tests under podman-remote. The gist of it is, we start a 'podman system service' before each test, and clean it up on test exit. Design decision: the diff file for helpers.bash is no longer trailing-whitespace-clean: that ended up producing diffs that git wouldn't apply, because in some cases the whitespace is actually important. In order to pass CI, we need to exclude this file from some checks. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | Merge pull request #11073 from giuseppe/fix-zombie-process-first-runOpenShift Merge Robot2021-07-29
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | rootless: avoid zombie process on first launch
| * | | | | | | rootless: avoid zombie process on first launchGiuseppe Scrivano2021-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid a zombie process if on the first launch Podman creates a long living process, such as "podman system service -t 0". The `r` variable was overriden thus causing the waitpid to fail and not clean up the intermediate process. Closes: https://github.com/containers/podman/issues/10575 [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>