summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* enable short-name aliasingValentin Rothberg2020-12-05
| | | | | | | | | | | | Short-name aliasing was introduced with Podman 2.2 as an opt-in preview by enabling an environment variable. Now, as we're preparing for the 3.0 release, we can enable short-name aliasing by default. Opting out can be done by configuring the `registries.conf` config file. Please refer to the following blog post for more details: https://www.redhat.com/sysadmin/container-image-short-names Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #8489 from ashley-cui/commonslirpOpenShift Merge Robot2020-12-05
|\ | | | | Add ability to set system wide options for slirp4netns
| * Add ability to set system wide options for slirp4netnsAshley Cui2020-12-04
| | | | | | | | | | | | Wire in containers.conf options for slirp Signed-off-by: Ashley Cui <acui@redhat.com>
| * Vendor in containers/common v0.30.0Ashley Cui2020-12-04
| | | | | | | | Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #8603 from jwhonce/jira/RUN-1106-volumesOpenShift Merge Robot2020-12-05
|\ \ | | | | | | Jira RUN-1106 Volumes handlers updates
| * | Jira RUN-1106 Volumes handlers updatesJhon Honce2020-12-04
|/ / | | | | | | | | | | * Add tests to verify required fields in responses Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #8601 from jwhonce/jira/RUN-1106-networksOpenShift Merge Robot2020-12-04
|\ \ | | | | | | Jira RUN-1106 Network handlers updates
| * | Jira RUN-1106 Network handlers updatesJhon Honce2020-12-04
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | * Add network API tests * Update network create endpoint to return ID not Name Audit: - GET /networks ListNetworks - GET /networks/{id} InspectNetwork - DELETE /networks/{id} RemoveNetwork - POST /networks/create CreateNetwork - POST /networks/prune 405 not implemented Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #8597 from QiWang19/rawsoureceOpenShift Merge Robot2020-12-04
|\ \ | | | | | | Close image rawSource when each loop ends
| * | Close image rawSource when each loop endsQi Wang2020-12-04
| | | | | | | | | | | | | | | | | | | | | Previously close rawSouce in the middle makes future use of rawSource invalid. Move the rawSource.Close() to the end of each loop. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #8494 from mlegenovic/masterOpenShift Merge Robot2020-12-04
|\ \ \ | | | | | | | | More docker compat API fixes
| * | | More docker compat API fixesMilivoje Legenovic2020-12-04
| |/ / | | | | | | | | | | | | | | | Fixes wrong VirtualSize, ParentId, Architecture, Author, Os and OsVersion value Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | Merge pull request #8596 from afbjorklund/password-callbackOpenShift Merge Robot2020-12-04
|\ \ \ | | | | | | | | Use PasswordCallback instead of Password for ssh
| * | | Use PasswordCallback instead of Password for sshAnders F Björklund2020-12-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently asking for login password, even if not supported by the ssh server. So wait with prompt until actually requested. Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | | | Merge pull request #8598 from rzlourenco/masterOpenShift Merge Robot2020-12-04
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Clarify uid range requirements
| * | | | Clarify uid range requirementsRodrigo Lourenço2020-12-04
| | |_|/ | |/| | | | | | | | | | Signed-off-by: Rodrigo Lourenço <rzl@rzl.ooo>
* | | | Merge pull request #8570 from vrothberg/run-950OpenShift Merge Robot2020-12-04
|\ \ \ \ | |/ / / |/| | | rewrite container copy
| * | | rewrite podman-cpValentin Rothberg2020-12-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add a new `pkg/copy` to centralize all container-copy related code. * The new code is based on Buildah's `copier` package. * The compat `/archive` endpoints use the new `copy` package. * Update docs and an several new tests. * Includes many fixes, most notably, the look-up of volumes and mounts. Breaking changes: * Podman is now expecting that container-destination paths exist. Before, Podman created the paths if needed. Docker does not do that and I believe Podman should not either as it's a recipe for masking errors. These errors may be user induced (e.g., a path typo), or internal typos (e.g., when the destination may be a mistakenly unmounted volume). Let's keep the magic low for such a security sensitive feature. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | e2e: bump pull timeout to 240 secondsValentin Rothberg2020-12-04
| |/ / | | | | | | | | | | | | | | | | | | I am constantly hitting the 90 seconds limit with my very slow connection. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #8476 from rhatdan/containerenvOpenShift Merge Robot2020-12-04
|\ \ \ | | | | | | | | Add containerenv information to /run/.containerenv
| * | | Add containerenv information to /run/.containerenvDaniel J Walsh2020-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have been asked to leak some information into the container to indicate: * The name and id of the container * The version of podman used to launch the container * The image name and ID the container is based on. * Whether the container engine is running in rootless mode. Fixes: https://github.com/containers/podman/issues/6192 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #8584 from jwhonce/jira/RUN-1106-containersOpenShift Merge Robot2020-12-04
|\ \ \ \ | |_|_|/ |/| | | Jira RUN-1106 Container handlers updates
| * | | Jira RUN-1106 Container handlers updatesJhon Honce2020-12-03
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mostly audit and minor changes to nil from "" Audit: - GET /containers/json ListContainers - POST /containers/create CreateContainer - GET /containers/{id}/json GetContainer - GET /containers/{id}/top TopContainer - GET /containers/{id}/logs LogsFromContainer - GET /containers/{id}/changes Changes - GET /containers/{id}/export ExportContainer - GET /containers/{id}/stats StatsContainer - POST /containers/{id}/resize ResizeTTY - POST /containers/{id}/start StartContainer - POST /containers/{id}/stop StopContainer - POST /containers/{id}/restart RestartContainer - POST /containers/{id}/kill KillContainer - POST /containers/{id}/update 404 not supported - POST /containers/{id}/rename 404 not supported - POST /containers/{id}/pause PauseContainer - POST /containers/{id}/unpause UnpauseContainer - POST /containers/{id}/attach AttachContainer - GET /containers/{id}/attach/ws 404 not supported - POST /containers/{id}/wait WaitContainer - DELETE /containers/{id} RemoveContainer - HEAD /containers/{id}/archive Archive - GET /containers/{id}/archive Archive - PUT /containers/{id}/archive Archive - POST /containers/prune PruneContainers Images etc PR's will follow. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #8569 from zhangguanzhang/fix-nitOpenShift Merge Robot2020-12-04
|\ \ \ | | | | | | | | Fix some nit in code and comment
| * | | Fix some nitzhangguanzhang2020-12-04
| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | Merge pull request #8589 from yan12125/container-logs-unix-timestampsOpenShift Merge Robot2020-12-04
|\ \ \ \ | | | | | | | | | | Support Unix timestamps for `podman logs --since`
| * | | | Support Unix timestamps for `podman logs --since`Chih-Hsuan Yen2020-12-04
| | |/ / | |/| | | | | | | | | | | | | | | | | | To match what podman-logs(1) describes --since Signed-off-by: Chih-Hsuan Yen <yan12125@gmail.com>
* | | | Merge pull request #8587 from jwhonce/jira/RUN-1106-imagesOpenShift Merge Robot2020-12-04
|\ \ \ \ | | | | | | | | | | Jira RUN-1106 Image handlers updates
| * | | | Jira RUN-1106 Image handlers updatesJhon Honce2020-12-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Audit and add tests for required fields. * Added issue for /images/load implementation Audit: - GET /images/json GetImages - POST /build BuildImage - POST /build/prune 404 not found - POST /images/create CreateImageFromImage/CreateImageFromSrc - GET /images/{name}/json GetImage - GET /images/{name}/history HistoryImage - POST /images/{name}/push PushImage - POST /images/{name}/tag TagImage - DELETE /images/{name} RemoveImage - POST /images/prune PruneImages - POST /commit CommitContainer - GET /images/{name}/get ExportImage - GET /images/get ExportImages - POST /images/load LoadImages See https://github.com/containers/podman/issues/8586 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #8590 from vrothberg/ownersOpenShift Merge Robot2020-12-04
|\ \ \ \ | |/ / / |/| | | add @Luap99 to OWNERS file
| * | | add @Luap99 to OWNERS fileValentin Rothberg2020-12-04
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | @Luap99 is a long-term contributor, does a lot of reviews, contributed many non-trivial patches, and is very active in the community. Being in the OWNERS file gives privileges to approve (/approve) and merge (/lgtm) pull requests. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #8479 from rhatdan/logOpenShift Merge Robot2020-12-03
|\ \ \ | |_|/ |/| | Drop default log-level from error to warn
| * | Drop default log-level from error to warnDaniel J Walsh2020-12-03
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Our users are missing certain warning messages that would make debugging issues with Podman easier. For example if you do a podman build with a Containerfile that contains the SHELL directive, the Derective is silently ignored. If you run with the log-level warn you get a warning message explainging what happened. $ podman build --no-cache -f /tmp/Containerfile1 /tmp/ STEP 1: FROM ubi8 STEP 2: SHELL ["/bin/bash", "-c"] STEP 3: COMMIT --> 7a207be102a 7a207be102aa8993eceb32802e6ceb9d2603ceed9dee0fee341df63e6300882e $ podman --log-level=warn build --no-cache -f /tmp/Containerfile1 /tmp/ STEP 1: FROM ubi8 STEP 2: SHELL ["/bin/bash", "-c"] STEP 3: COMMIT WARN[0000] SHELL is not supported for OCI image format, [/bin/bash -c] will be ignored. Must use `docker` format --> 7bd96fd25b9 7bd96fd25b9f755d8a045e31187e406cf889dcf3799357ec906e90767613e95f These messages will no longer be lost, when we default to WARNing level. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #8565 from jwhonce/wip/testingOpenShift Merge Robot2020-12-03
|\ \ | | | | | | hack/podman-socat captures the API stream
| * | hack/podman-socat captures the API streamJhon Honce2020-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | * verify socat and podman binaries exist * setup a sandboxed podman service * run podman service with socat proxy to capture API stream * clean up sandbox leaving the log files for review Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #8576 from Luap99/docs-network-rootlessOpenShift Merge Robot2020-12-03
|\ \ \ | | | | | | | | [CI:DOCS] Correct which network commands can be run as rootless
| * | | Correct which network commands can be run as rootlessPaul Holzinger2020-12-03
| | |/ | |/| | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #8551 from rhatdan/defaultOpenShift Merge Robot2020-12-03
|\ \ \ | |/ / |/| | Support --network=default as if it was private
| * | Support --network=default as if it was privateDaniel J Walsh2020-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker defines an option of "default" which means to use the default network. We should support this with the same code path as --network="". This is important for compatibility with the Docker API. Fixes: https://github.com/containers/podman/issues/8544 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8563 from giuseppe/exec-cgroup-createOpenShift Merge Robot2020-12-03
|\ \ \ | | | | | | | | podman, exec: move conmon to the correct cgroup
| * | | podman, exec: move conmon to the correct cgroupGiuseppe Scrivano2020-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | move the conmon process to the conmon cgroup also on exec. The previous implementation would fail to move the conmon process as the systemd unit already exists so its creation would fail. When the unit cannot be created, attempt to directly join the cgroup instead. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #8566 from jwhonce/wip/double_pingOpenShift Merge Robot2020-12-03
|\ \ \ \ | | | | | | | | | | Change bindings to stop two API calls for ping
| * | | | Change bindings to stop two API calls for pingJhon Honce2020-12-02
| | |_|/ | |/| | | | | | | | | | | | | | | | | | * existing code caused an unnecessary 301 redirect Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #8564 from edsantiago/batsOpenShift Merge Robot2020-12-03
|\ \ \ \ | | | | | | | | | | BATS: add new load test
| * | | | BATS: add new load testEd Santiago2020-12-02
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Looks like #7337 was fixed (by #8112). Reenable a disabled test for it; and make it actually work. Confirmed that newly-added test fails on d45676549 (the commit before #8112). Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #8408 from umohnani8/sec-optOpenShift Merge Robot2020-12-03
|\ \ \ \ | |/ / / |/| | | Add mask and unmask option to --security-opt
| * | | Add mask and unmask option to --security-optUrvashi Mohnani2020-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the mask and unmask option to the --security-opt flag to allow users to specify paths to mask and unmask in the container. If unmask=ALL, this will unmask all the paths we mask by default. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | | Merge pull request #8556 from mheon/fix_8539OpenShift Merge Robot2020-12-02
|\ \ \ \ | | | | | | | | | | Use Libpod tmpdir for pause path
| * | | | Use Libpod tmpdir for pause pathMatthew Heon2020-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we always computed pause path from the Rootless runtime directory. Problem: this does not match the behavior of Libpod when the directory changes. Libpod will continue to use the previous directory, cached in the database; Pause pidfiles will swap to the new path. This is problematic when the directory needs to exist to write the pidfile, and Libpod is what creates the directory. There are two potential solutions - allow the pause pidfile to move and just make the directory when we want to write it, or use the cached Libpod paths for a guaranteed location. This patch does the second, because it seems safer - we will never miss a previously-existing pidfile because the location is now consistent. Fixes #8539 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #8112 from QiWang19/load-optional-nameOpenShift Merge Robot2020-12-02
|\ \ \ \ \ | | | | | | | | | | | | Drop name argument from Load API