| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/11124
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@localhost.localdomain>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
stats: add a interval parameter to cli and api stats streaming
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Renamed podman pod stats test specs to distinguish them from podman stats tests.
podman stats tests where disabled by a +build flag.
Fix podman stats format test, add negative test.
Fix podman stats cli command, exit non-zero on invalid format string.
Add tests for podman stats interval flag.
Signed-off-by: Thomas Weber <towe75@googlemail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman stats polled by default in a 1 sec period.
This can put quite some load on a machine if you run many containers.
The default value is now 5 seconds.
You can change this interval with a new, optional, --interval, -i cli flag.
The api request got also a interval query parameter for the same purpose.
Additionally a unused const was removed.
Api and cli will fail the request if a 0 or negative value is passed in.
Signed-off-by: Thomas Weber <towe75@googlemail.com>
|
|\ \
| | |
| | | |
Only support containers stats using cgroups v2
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1988252
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-0.14.4
Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.3 to 0.14.4.
- [Release notes](https://github.com/rootless-containers/rootlesskit/releases)
- [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.3...v0.14.4)
---
updated-dependencies:
- dependency-name: github.com/rootless-containers/rootlesskit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| | | |
| | | | |
Compat API: Fix healthcheck status and healthcheck config
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes:
- Do not show healthcheck status if not available or if container
status is "created" (Docker behaviour)
- Show healthcheck configuration if present (Config.Healthcheck)
Tests:
- Ensure State.Health is not present if container status is "created"
- Ensure Config.Healthcheck is present and values correct
- Ensure State.Health is present if container started
Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
podman info: try qfile before equery
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman info takes >20s on Gentoo, because equery is s..l..o..w.
qfile is much faster and, I suspect, present in most Gentoo
installations, so let's try it first.
And, because packageVersion() was scarily unmaintainable,
refactor it. Define a simple (string) list of packaging tools
to query (rpm, dpkg, ...) and iterate until we find one that
works.
IMPORTANT NOTE: the Debian (and, presumably, Ubuntu) query does not
include version number! There is no standard way on Debian to get
a package version from a file path, you can only do it via pipes
of chained commands, and I have no desire to implement that.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
fix rootless port forwarding with network dis-/connect
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The rootlessport forwarder requires a child IP to be set. This must be a
valid ip in the container network namespace. The problem is that after a
network disconnect and connect the eth0 ip changed. Therefore the
packages are dropped since the source ip does no longer exists in the
netns.
One solution is to set the child IP to 127.0.0.1, however this is a
security problem. [1]
To fix this we have to recreate the ports after network connect and
disconnect. To make this work the rootlessport process exposes a socket
where podman network connect/disconnect connect to and send to new child
IP to rootlessport. The rootlessport process will remove all ports and
recreate them with the new correct child IP.
Also bump rootlesskit to v0.14.3 to fix a race with RemovePort().
Fixes #10052
[1] https://nvd.nist.gov/vuln/detail/CVE-2021-20199
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.3
Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.8.2...v1.8.3)
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \
| | | | |
| | | | | |
image scp: fix typo in output
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
s/Loaded images(s)/Loaded image(s)/
[NO TESTS NEEDED] (I think we should test the output at some point)
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
test: move container process to a sub-cgroup
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
move the container to a sub-cgroup before creating a sibling
hierarchy.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Fix handling of user specified container labels
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Currently we override the SELinux labels specified by the user
if the container is runing a kata container or systemd container.
This PR fixes to use the label specified by the user.
Fixes: https://github.com/containers/podman/issues/11100
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
podman-registry: minor usability updates
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
1) use cached quay.io image
2) use 'podman unshare' when rm -rf'ing, to avoid EPERM
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
Bump to v4.0.0-dev
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |/ / /
|/| | | |
Created image scp feature
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
added functionality for image secure copying from local to remote.
Also moved system connection add code around a bit so functions within that file
can be used by scp.
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.33.1
Bump github.com/containers/storage from 1.33.0 to 1.33.1
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.0 to 1.33.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.33.0...v1.33.1)
---
updated-dependencies:
- dependency-name: github.com/containers/storage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] Multi-arch image build: Daily version-tag push
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This mirrors changes from
https://github.com/containers/buildah/pull/3381
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
Remove ReadHeaderTimeout
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Effectively sets timeout to infinity.
This is needed in order to make `podman` work with `pack`.
The `pack` CLI is keeping one connection for prolonged time.
Closing the connection breaks `pack`'s functionality.
[NO TESTS NEEDED]
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
containers/dependabot/go_modules/github.com/containers/image/v5-5.15.0
Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.14.0 to 5.15.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.14.0...v5.15.0)
---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add `--accept-repositories` integration tests
|
| |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This adds the integration tests for the repository or namespaced
registry feature introduced in c/common.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Fix auto-update system test for older systemd
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
If the systemd version is older than v245, the systemd uses 'Started'
when a oneshot service finishes.
In systemd, the change was done at:
https://github.com/systemd/systemd/pull/14851
commit-id: eda0cbf07186d16a160bd1d810613586fdbdf587
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
ps: support the `container...` notation for `ps --filter network=...`
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
|\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
system tests: fix race in stop test
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
In the unlock/timeout test, on slow systems, 'podman ps' could
catch the container before the just-backgrounded 'podman stop'
sends the signal. Wait for signal ack from container before
we inspect it.
Also: If I understand the test correctly, it wasn't actually
checking that 'ps' could grab the lock while the container
was exiting. Add a check.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
`ci-fix`: healthcheck tests should use `.Should()` instead of `.To()`.
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
buildah bud tests under podman-remote
|
| | |_|_|_|/ /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
New functionality -- mostly in the diffs we apply to
buildah's helpers.bash -- to enable running buildah-bud
tests under podman-remote. The gist of it is, we start
a 'podman system service' before each test, and clean
it up on test exit.
Design decision: the diff file for helpers.bash is no
longer trailing-whitespace-clean: that ended up producing
diffs that git wouldn't apply, because in some cases
the whitespace is actually important. In order to pass CI,
we need to exclude this file from some checks.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
rootless: avoid zombie process on first launch
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
avoid a zombie process if on the first launch Podman creates a long
living process, such as "podman system service -t 0".
The `r` variable was overriden thus causing the waitpid to fail and
not clean up the intermediate process.
Closes: https://github.com/containers/podman/issues/10575
[NO TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|