summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Use pod netns with --pod-id-filePaul Holzinger2021-08-23
| | | | | | | | | | When `--pod-id-file` is used do not parse the default network namespace and let specgen handle it instead. This regression was introduced in commit 7ef3981abe24. Fixes #11303 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #11301 from mheon/330_mainOpenShift Merge Robot2021-08-22
|\ | | | | Update README for 3.3.0 release
| * Update README for 3.3.0 releaseMatthew Heon2021-08-20
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #11296 from vrothberg/memory-profileOpenShift Merge Robot2021-08-21
|\ \ | | | | | | add flag to record memory profiles
| * | add flag to record memory profilesValentin Rothberg2021-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new flag `--memory-profile=$path` which creates a memory profile. The generated profile can later be analyzed via `go tool pprof`. [NO TESTS NEEDED] since it's a hidden flag, devs-only. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11292 from ↵OpenShift Merge Robot2021-08-21
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/k8s.io/apimachinery-0.22.1 Bump k8s.io/apimachinery from 0.22.0 to 0.22.1
| * | Bump k8s.io/apimachinery from 0.22.0 to 0.22.1dependabot[bot]2021-08-20
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.22.0 to 0.22.1. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.22.0...v0.22.1) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11286 from jwhonce/issues/11227OpenShift Merge Robot2021-08-20
|\ \ | | | | | | Update /version endpoint to add components
| * | Update /version endpoint to add componentsJhon Honce2021-08-19
| | | | | | | | | | | | | | | | | | | | | | | | * Include OCI and conmon information as components Fixes #11227 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #11289 from Luap99/net-alias-idOpenShift Merge Robot2021-08-20
|\ \ \ | |_|/ |/| | Fix network aliases with network id
| * | Fix network aliases with network idPaul Holzinger2021-08-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a network id is used to create a container we translate it to use the name internally for the db. The network aliases are also stored with the network name as key so we have to also translate them for the db. Also removed some outdated skips from the e2e tests. Fixes #11285 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11246 from vrothberg/sdnotify=containerOpenShift Merge Robot2021-08-20
|\ \ \ | |/ / |/| | Implement SD-NOTIFY proxy in conmon
| * | Implement SD-NOTIFY proxy in conmonDaniel J Walsh2021-08-20
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This leverages conmon's ability to proxy the SD-NOTIFY socket. This prevents locking caused by OCI runtime blocking, waiting for SD-NOTIFY messages, and instead passes the messages directly up to the host. NOTE: Also re-enable the auto-update tests which has been disabled due to flakiness. With this change, Podman properly integrates into systemd. Fixes: #7316 Signed-off-by: Joseph Gooch <mrwizard@dok.org> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #11280 from Luap99/info-pluginsOpenShift Merge Robot2021-08-19
|\ \ | |/ |/| Podman info output plugin information
| * Podman info output plugin informationPaul Holzinger2021-08-19
| | | | | | | | | | | | | | | | | | For docker compat include information about available volume, log and network drivers which should be listed under the plugins key. Fixes #11265 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11279 from guillaumerose/refactor1OpenShift Merge Robot2021-08-19
|\ \ | | | | | | machine: compute sha256 as we are reading the file
| * | machine: compute sha256 as we read the image fileGuillaume Rose2021-08-19
| | | | | | | | | | | | | | | | | | | | | | | | It avoids to have the full file in memory. [NO TESTS NEEDED] Signed-off-by: Guillaume Rose <gurose@redhat.com>
| * | machine: check for file exists instead of listing directoryGuillaume Rose2021-08-19
| |/ | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Guillaume Rose <gurose@redhat.com>
* | Merge pull request #11271 from jwhonce/issues/8577OpenShift Merge Robot2021-08-19
|\ \ | | | | | | Clean up swagger
| * | [NO TESTS NEEDED] Clean up swaggerJhon Honce2021-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Removed defined by unused responses * Added missing body definitions * Updated header input definitions Outstanding issues: * Supporting body ContainerConfig for /commit endpoint Fixes #8577 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #11275 from ↵OpenShift Merge Robot2021-08-19
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.15.2 Bump github.com/containers/image/v5 from 5.15.1 to 5.15.2
| * | Bump github.com/containers/image/v5 from 5.15.1 to 5.15.2dependabot[bot]2021-08-19
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.1 to 5.15.2. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.15.1...v5.15.2) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11242 from ↵OpenShift Merge Robot2021-08-19
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.15.1 Bump github.com/containers/image/v5 from 5.15.0 to 5.15.1
| * | Bump github.com/containers/image/v5 from 5.15.0 to 5.15.1dependabot[bot]2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.0 to 5.15.1. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.15.0...v5.15.1) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #11249 from afro-coder/troubleshooting-updateOpenShift Merge Robot2021-08-19
|\ \ \ | | | | | | | | [CI:DOCS] Updated Troubleshooting.md Closes #5431
| * | | Documented ways to fix firewall rules that are lost when firewalld reloadsafro-coder2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | Closes #5431 Signed-off-by: afro-coder <leon9923@gmail.com>
* | | | Merge pull request #11260 from nalind/remote-build-pathOpenShift Merge Robot2021-08-19
|\ \ \ \ | | | | | | | | | | pkg/bindings/images.nTar(): slashify hdr.Name values
| * | | | pkg/bindings/images.nTar(): slashify hdr.Name valuesNalin Dahyabhai2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When setting path names in the build context archive, convert path names to use forward slashes, as is normal for those archives, so that directory hierarchies archived on Windows hosts extract correctly everywhere. Not really sure how to run the remote client in CI on a system that uses `\` as a path separator, which is where this error crops up, so [NO TESTS NEEDED] Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | | | | Merge pull request #11269 from Luap99/rootlessport-flakeOpenShift Merge Robot2021-08-18
|\ \ \ \ \ | | | | | | | | | | | | fix rootlessport flake
| * | | | | fix rootlessport flakePaul Holzinger2021-08-18
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the rootlessport process is started the stdout/stderr are attached to the podman process. However once everything is setup podman exits and when the rootlessport process tries to write to stdout it will fail with SIGPIPE. The code handles this signal and puts /dev/null to stdout and stderr but this is not robust. I do not understand the exact cause but sometimes the process is still killed by SIGPIPE. Either go lost the signal or the process got already killed before the goroutine could handle it. Instead of handling SIGPIPE just set /dev/null to stdout and stderr before podman exits. With this there should be no race and no way to run into SIGPIPE errors. [NO TESTS NEEDED] Fixes #11248 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #11267 from mheon/fix_11214OpenShift Merge Robot2021-08-18
|\ \ \ \ \ | | | | | | | | | | | | Volumes: Only remove from DB if plugin removal succeeds
| * | | | | Volumes: Only remove from DB if plugin removal succeedsMatthew Heon2021-08-18
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Originally, Podman would unconditionally remove volumes from the DB, even if they failed to be removed from the volume plugin; this was a safety measure to ensure that `volume rm` can always remove a volume from the database, even if the plugin is misbehaving. However, this is a significant deivation from Docker, which refuses to remove if the plugin errors. These errors can be legitimate configuration issues which the user should address before the volume is removed, so Podman should also use this behaviour. Fixes #11214 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #11258 from ↵OpenShift Merge Robot2021-08-18
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-0.14.5 Bump github.com/rootless-containers/rootlesskit from 0.14.4 to 0.14.5
| * | | | | Bump github.com/rootless-containers/rootlesskit from 0.14.4 to 0.14.5dependabot[bot]2021-08-18
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.4 to 0.14.5. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.4...v0.14.5) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | Merge pull request #11180 from baude/buildplaykubeOpenShift Merge Robot2021-08-18
|\ \ \ \ \ | | | | | | | | | | | | Add ability to build images in play kube
| * | | | | Add ability to build images in play kubeBrent Baude2021-08-18
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When playing a kube YAML file, it can be desirable to be able to build an image on the fly. This is good for development of an image and YAML files and somewhat mocks what compose does. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #10829 from cevich/update_imagesOpenShift Merge Robot2021-08-18
|\ \ \ \ \ | |/ / / / |/| | | | Update images
| * | | | Cirrus: Confirm CGv1 / CGv2 VM expectationsChris Evich2021-08-18
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Skip stats test in CGv1 container environmentsChris Evich2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These tests were originally enabled in a situation where CI provided false-positive results. Now that has been corrected, these tests all fail under a CGv1 container environment with the error: ``` Error: unable to load cgroup at /machine.slice/libpod-e4f...086.scope/libpod_parent/libpod-fbd...425: cgroup deleted ``` This commit simply disables the tests under this specific environment. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Fix AVC denials in tests of volume mountsChris Evich2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This becomes a problem on hosts with upgraded policies. Ref: https://github.com/containers/podman/issues/10522 Also, made a small change to compose-test setup to reduce runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Restore buildah-bud test requiring new imagesChris Evich2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ref: https://github.com/containers/podman/pull/10829#issuecomment-881355983 Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Revert ".cirrus.yml: use fresh images for all VMs"Chris Evich2021-08-18
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 404d5edb1557e3d2cb255d38bd89274586c4c100. The replacement (updated) images include a fix for: https://github.com/containers/common/issues/631 Also minor update to an unrelated FIXME comment. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #11212 from flouthoc/check-valid-systemd-sessionopenshift-ci[bot]2021-08-17
|\ \ \ \ | | | | | | | | | | cgroup-manager-systemd: Warn early if user is rootless and no relevent user session is present.
| * | | | cgroup-manager-systemd:Fail early if user:rootless and relevent session is ↵flouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | not present. [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | | Merge pull request #11252 from cevich/remove_todoopenshift-ci[bot]2021-08-17
|\ \ \ \ \ | | | | | | | | | | | | Cirrus: Resolve two upgrade-test FIXMEs
| * | | | | Cirrus: Resolve two upgrade-test FIXMEsChris Evich2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I attempted to run the tests in a loop (one VM) but it fails with: ``` not ok 8 exec (from function `is' in file test/upgrade/../system/helpers.bash, line 474, in test file test/upgrade/test-upgrade.bats, line 222) `is "$output" "$RANDOM_STRING_1" "exec into myrunningcontainer"' failed /var/tmp/go/src/github.com/containers/podman/bin/podman exec myrunningcontainer cat /var/www/index.txt time="2021-08-17T13:34:21-05:00" level=warning msg="Failed to add conmon to systemd sandbox cgroup: Invalid unit name '/libpod_parent'" uagHtpYnA47bkz3 /vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv | FAIL: exec into myrunningcontainer | expected: 'uagHtpYnA47bkz3' | actual: 'time="2021-08-17T13:34:21-05:00" level=warning msg="Failed to add conmon to systemd sandbox cgroup: Invalid unit name '/libpod_parent'"' | > 'uagHtpYnA47bkz3' \^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ``` Since the current implementation doesn't reproduce this error, the change isn't worth the cost of debugging/fixing. OTOH, making the job only run from the daily cirrus-cron builds is a simple change. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #11192 from ashley-cui/darwinwarn3openshift-ci[bot]2021-08-17
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | [NO TESTS NEEDED] Change connection error to be helpful for machine users
| * | | | | Change connection error to be helpful for machine usersAshley Cui2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a podman-remote connection fails, remind the user to check their linux system and podman machine vm Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | | Merge pull request #11231 from flouthoc/move-volume-dest-to-serveropenshift-ci[bot]2021-08-17
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | volume: move validating volume dest from client to server.
| * | | | | fix: unifiedOverlays should be assigned if no conflicts found.flouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>