summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.confAkihiro Suda2021-07-15
| | | | | | | | | | | | | | | Fix issue 10929 : `[Regression in 3.2.0] CNI-in-slirp4netns DNS gets broken when running a rootful container after running a rootless container` When /etc/resolv.conf on the host is a symlink to /run/systemd/resolve/stub-resolv.conf, we have to mount an empty filesystem on /run/systemd/resolve in the child namespace, so as to isolate the directory from the host mount namespace. Otherwise our bind-mount for /run/systemd/resolve/stub-resolv.conf is unmounted when systemd-resolved unlinks and recreates /run/systemd/resolve/stub-resolv.conf on the host. [NO TESTS NEEDED] Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* Merge pull request #10901 from rsevilla87/manifest-create-argsOpenShift Merge Robot2021-07-13
|\ | | | | manifest create subcommand should accept more than 2 arguments
| * Update USE in order to fix testsRaul Sevilla2021-07-13
| | | | | | | | Signed-off-by: Raul Sevilla <rsevilla@redhat.com>
| * Manifest create subcommand should accept more than 2 argumentsRaul Sevilla2021-07-12
| | | | | | | | Signed-off-by: Raul Sevilla <rsevilla@redhat.com>
* | Merge pull request #10921 from ↵OpenShift Merge Robot2021-07-13
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/google/uuid-1.3.0 Bump github.com/google/uuid from 1.2.0 to 1.3.0
| * | Bump github.com/google/uuid from 1.2.0 to 1.3.0dependabot[bot]2021-07-13
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/google/uuid/releases) - [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #10849 from cevich/fix_cron_mailOpenShift Merge Robot2021-07-12
|\ \ | | | | | | [CI:DOCS] Fix cirrus-cron failure notification GH workflow
| * | Fix cirrus-cron failure notification GH workflowChris Evich2021-07-12
| | | | | | | | | | | | | | | | | | | | | The master->main rename broke this. Also update the runtime along with a comment w/ link to the actual job definitions. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #10905 from matejvasek/fix-mountOpenShift Merge Robot2021-07-12
|\ \ \ | | | | | | | | fix: uid/gid for volume mounted to existing dir
| * | | fix: uid/gid for volume mounted to existing dirMatej Vasek2021-07-12
| | |/ | |/| | | | | | | | | | | | | | | | If mounting to existing directory the uid/gid should be preserved. Primary uid/gid of container shouldn't be used. Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | Merge pull request #10903 from ↵OpenShift Merge Robot2021-07-12
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.32.6 Bump github.com/containers/storage from 1.32.5 to 1.32.6
| * | | Bump github.com/containers/storage from 1.32.5 to 1.32.6dependabot[bot]2021-07-12
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.5 to 1.32.6. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.5...v1.32.6) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #10896 from hshiina/pod-psOpenShift Merge Robot2021-07-12
|\ \ \ | |_|/ |/| | Restore headers of optional information in 'podman pod ps'
| * | Restore headers of optional information in 'podman pod ps'Hironori Shiina2021-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | When optional information such as container IDs and names in pods, the headers are not displayed. This fix restored the headers. Documentation of this subcommand is also updated. Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
* | | Merge pull request #10890 from rhatdan/mainOpenShift Merge Robot2021-07-12
|\ \ \ | |_|/ |/| | Don't exclude Dockerfile, Containerfiles from tar content
| * | Don't exclude Dockerfile, Containerfiles from tar contentDaniel J Walsh2021-07-10
|/ / | | | | | | | | | | | | | | | | | | | | | | | | If the user specifies "*" in a .dockerignore or a .containerignore then podman-remote build should not exclude the Dockerfile or Containerfile or any content pointed to by `-f` in the context directory. We still need these files on the server side to complete the build. Fixes: https://github.com/containers/podman/issues/9867 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10868 from cdoern/untilLogOpenShift Merge Robot2021-07-10
|\ \ | |/ |/| Implemented Until Query Parameter for Containers/logs
| * Implemented Until Query Parameter for Containers/logscdoern2021-07-09
| | | | | | | | | | | | | | | | compat containers/logs was missing actual usage of until query param. fixes #10859 Signed-off-by: cdoern <cdoern@redhat.com>
* | Merge pull request #10881 from mheon/remove_getstoreOpenShift Merge Robot2021-07-09
|\ \ | | | | | | Remove GetStore function from Libpod
| * | Remove GetStore function from LibpodMatthew Heon2021-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We should not be exposing the store outside of Libpod. We want to encapsulate it as an internal implementation detail - there's no reason functions outside of Libpod should directly be manipulating container storage. Convert the last use to invoke a method on Libpod instead, and remove the function. [NO TESTS NEEDED] as this is just a refactor. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #10879 from ↵OpenShift Merge Robot2021-07-09
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/onsi/gomega-1.14.0 Bump github.com/onsi/gomega from 1.13.0 to 1.14.0
| * | | Bump github.com/onsi/gomega from 1.13.0 to 1.14.0dependabot[bot]2021-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.14.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | Merge pull request #10892 from rugk/patch-2OpenShift Merge Robot2021-07-09
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Mention new hostname for loopback IP
| * | | | Mention new hostname for loopback IPrugk2021-07-09
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The hostname `host.containers.internal` is way easier to remember and should IMHO be preferred to be used, as it is: a) easier to remember than some random IP b) if the IP changes some time in the future the container will continue to work And explain hostname adding in more detail As per @mheon's suggestion. And explain hostname adding *reason* Also implies an suggestion for using the hostname instead. And port change from podman-create man page to podman-run, too Signed-off-by: rugk <rugk+git@posteo.de>
* | | | Merge pull request #10893 from baude/issue10795OpenShift Merge Robot2021-07-09
|\ \ \ \ | | | | | | | | | | Add container config to compat image inspect
| * | | | Add container config to compat image inspectBrent Baude2021-07-09
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With docker-compose, there is a use case where you can `docker-compose up -d`, then change a file like docker-compose.yml and run up again. This requires a ContainerConfig with at least Volumes be populated in the inspect data. This PR adds just that. Fixes: #10795 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #10872 from ebb-earl-co/rootless_tutorial_revisionOpenShift Merge Robot2021-07-09
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Update docs/tutorials/rootless_tutorial.md:
| * | | | Update docs/tutorials/rootless_tutorial.md:Colin Eberl Coe2021-07-08
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change references of 'master' to 'main' in URLs e.g. https://github.com/containers/podman/blob/main/install.md * Wrap names of files or programs by '`' e.g. `dnf`, `containers.conf`, `/etc/subuid`, etc. * Change sentence with ambiguous subject to 'Root privileges are required to add or update entries within these files' * Link to kernel.org documentation for the `getpwent` command * Change sentence: 'Note that the values for each user must be unique ~and without any overlap~' * Make references to the Podman project upper-case instead of lower-case * Reorder sentence 'Update the `/etc/subuid` and `/etc/subgid` with fields for each user' to emphasize 'For each user' * Remove reference to asciiart demos and update README.md link Signed-off-by: Colin Eberl Coe <ebb-earl-co@pm.me>
* | | | Merge pull request #10883 from rugk/patch-1OpenShift Merge Robot2021-07-09
|\ \ \ \ | |_|/ / |/| | | [CI:DOCS] fix: logo not loading after barnch renaming
| * | | fix: logo not loading after barnch renamingrugk2021-07-09
|/ / / | | | | | | | | | | | | | | | You've renamed your branch from master to main and thus this URL here did not work anymore and caused a glitch in displaying the image in the docs. Signed-off-by: rugk <rugk+git@posteo.de>
* | | Merge pull request #10867 from baude/issue9334OpenShift Merge Robot2021-07-08
|\ \ \ | |_|/ |/| | Replace old RESTful tutorial with updated README
| * | Replace old RESTful tutorial with updated READMEBrent Baude2021-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove outdated information on go bindings. Moved the tips for debugging into the REAME and tidied up relevant links. Fixes: #9334 [CI_DOCS] [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #10865 from Luap99/rootless-cniOpenShift Merge Robot2021-07-08
|\ \ \ | |_|/ |/| | Make rootless-cni setup more robust
| * | Make rootless-cni setup more robustPaul Holzinger2021-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rootless cni namespace needs a valid /etc/resolv.conf file. On some distros is a symlink to somewhere under /run. Because the kernel will follow the symlink before mounting, it is not possible to mount a file at exactly /etc/resolv.conf. We have to ensure that the link target will be available in the rootless cni mount ns. Fixes #10855 Also fixed a bug in the /var/lib/cni directory lookup logic. It used `filepath.Base` instead of `filepath.Dir` and thus looping infinitely. Fixes #10857 [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #10870 from vrothberg/manifest-push-rmOpenShift Merge Robot2021-07-07
|\ \ \ | |_|/ |/| | manifest push --rm: use libimage for removal
| * | manifest push --rm: use libimage for removalValentin Rothberg2021-07-07
|/ / | | | | | | | | | | | | | | | | Use libimage for removing the manifest instead of going directly through the store. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #10860 from ↵OpenShift Merge Robot2021-07-06
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/cyphar/filepath-securejoin-0.2.3 Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3
| * | Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3dependabot[bot]2021-07-05
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.2...v0.2.3) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #10788 from infiniteregrets/multi-pullOpenShift Merge Robot2021-07-06
|\ \ | |/ |/| support pulling multiple images sequentially in a single podman pull
| * multiple image pull supportMehul Arora2021-07-05
| | | | | | | | Signed-off-by: Mehul Arora <aroram18@mcmaster.ca>
* | Merge pull request #10853 from tnk4on/fixed_notation_for_macosOpenShift Merge Robot2021-07-05
|\ \ | | | | | | [CI:DOCS] Fixed notation for macOS
| * | Fixed notation for macOSShion Tanaka2021-07-03
| | | | | | | | | | | | Signed-off-by: Shion Tanaka <shtanaka@redhat.com>
* | | Merge pull request #10836 from Luap99/diffOpenShift Merge Robot2021-07-03
|\ \ \ | | | | | | | | podman diff accept two images or containers
| * | | podman diff accept two images or containersPaul Holzinger2021-07-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First, make podman diff accept optionally a second argument. This allows the user to specify a second image/container to compare the first with. If it is not set the parent layer will be used as before. Second, podman container diff should only use containers and podman image diff should only use images. Previously, podman container diff would use the image when both an image and container with this name exists. To make this work two new parameters have been added to the api. If they are not used the previous behaviour is used. The same applies to the bindings. Fixes #10649 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #10852 from Luap99/cobraOpenShift Merge Robot2021-07-03
|\ \ \ \ | |_|/ / |/| | | bump cobra to v1.2.1 and update the shell completion scripts
| * | | update shell completion scriptsPaul Holzinger2021-07-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new cobra v1.2.0 release brings a number of bug fixes for shell completion scripts. Regenerate the scripts with `make completions` to sync them with the upstream version, currently we have some custom ones to avoid some upstream bugs. Because the new cobra version has all fixes we should use the upstream scripts. Add a check to CI to ensure we always use the up to date scripts. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | Bump github.com/spf13/cobra to v1.2.1Paul Holzinger2021-07-02
| | | | | | | | | | | | | | | | | | | | | | | | Fixes #9730 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #10851 from Luap99/service-reaperOpenShift Merge Robot2021-07-02
|\ \ \ \ | | | | | | | | | | podman service reaper
| * | | | podman service reaperPaul Holzinger2021-07-02
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new service reaper package. Podman currently does not reap all child processes. The slirp4netns and rootlesskit processes are not reaped. The is not a problem for local podman since the podman process dies before the other processes and then init will reap them for us. However with podman system service it is possible that the podman process is still alive after slirp died. In this case podman has to reap it or the slirp process will be a zombie until the service is stopped. The service reaper will listen in an extra goroutine on SIGCHLD. Once it receives this signal it will try to reap all pids that were added with `AddPID()`. While I would like to just reap all children this is not possible because many parts of the code use `os/exec` with `cmd.Wait()`. If we reap before `cmd.Wait()` things can break, so reaping everything is not an option. [NO TESTS NEEDED] Fixes #9777 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #10850 from baude/issue10824OpenShift Merge Robot2021-07-02
|\ \ \ \ | | | | | | | | | | Create podman temp dir on machine start