summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* userns: support --userns=autoGiuseppe Scrivano2020-04-06
| | | | | | | automatically pick an empty range and create an user namespace for the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #5727 from ↵OpenShift Merge Robot2020-04-06
|\ | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.8.1 build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1
| * build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1dependabot-preview[bot]2020-04-06
| | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.8.0 to 0.8.1. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.8.0...v0.8.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #5689 from sujil02/v2-pod-inspectOpenShift Merge Robot2020-04-06
|\ \ | | | | | | podmanv2 pod inspect
| * | podmanv2 pod inspectSujil022020-04-01
| | | | | | | | | | | | | | | | | | Add the ability to inspect pod in podmanv2 Signed-off-by: Sujil02 <sushah@redhat.com>
* | | Merge pull request #5714 from baude/v2attachOpenShift Merge Robot2020-04-06
|\ \ \ | | | | | | | | v2podman attach
| * | | v2podman attach and execBrent Baude2020-04-05
| | |/ | |/| | | | | | | | | | | | | | | | | | | add the ability to attach to a running container. the tunnel side of this is not enabled yet as we have work on the endpoints and plumbing to do yet. add the ability to exec a command in a running container. the tunnel side is also being deferred for same reason. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5713 from baude/v2versionOpenShift Merge Robot2020-04-06
|\ \ \ | |/ / |/| | podmanv2 version
| * | podmanv2 versionBrent Baude2020-04-03
| | | | | | | | | | | | | | | | | | this is only for the abi side and does not print out the remote information yet. the remote information will need to be worked on and agreed upon later. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5710 from baude/v2createOpenShift Merge Robot2020-04-03
|\ \ \ | | | | | | | | v2podman container create
| * | | v2podman container createBrent Baude2020-04-03
|/ / / | | | | | | | | | | | | | | | create a container in podmanv2 using specgen approach. this is the core implementation and still has quite a bit of code commented out specifically around volumes, devices, and namespaces. need contributions from smes on these parts. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5672 from baude/v2saveOpenShift Merge Robot2020-04-03
|\ \ \ | | | | | | | | podmanv2 save image
| * | | podmanv2 save imageBrent Baude2020-04-03
| |/ / | | | | | | | | | | | | | | | add ability to save an image for podman v2 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5638 from baude/v2containercheckOpenShift Merge Robot2020-04-03
|\ \ \ | | | | | | | | podmanv2 checkpoint and restore
| * | | podmanv2 checkpoint and restoreBrent Baude2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | add the ability to checkpoint and restore containers on v2podman Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5707 from adrianreber/crun-checkpoint-1OpenShift Merge Robot2020-04-03
|\ \ \ \ | | | | | | | | | | Prepare for crun checkpoint support
| * | | | checkpoint: handle XDG_RUNTIME_DIRAdrian Reber2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For (almost) all commands which podman passes on to a OCI runtime XDG_RUNTIME_DIR is set to the same value. This does not happen for the checkpoint command. Using crun to checkpoint a container without this change will lead to crun using XDG_RUNTIME_DIR of the currently logged in user and so it will not find the container Podman wants to checkpoint. This bascially just copies a few lines from on of the other commands to handle 'checkpoint' as all the other commands. Thanks to Giuseppe for helping me with this. For 'restore' it is not needed as restore goes through conmon and for calling conmon Podman already configures XDG_RUNTIME_DIR correctly. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | checkpoint: change runtime checkpoint support testAdrian Reber2020-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman was checking if the runtime support checkpointing by running 'runtime checkpoint -h'. That works for runc. crun, however, does not use '-h, --help' for help output but, '-?, --help'. This commit switches both checkpoint support detection from 'runtime checkpoint -h' to 'runtime checkpoint --help'. Podman can now correctly detect if 'crun' also support checkpointing. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | Merge pull request #5712 from rhatdan/pathOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | | | | | | | | | | | | Pass path environment down to the OCI runtime
| * | | | | Pass path environment down to the OCI runtimeDaniel J Walsh2020-04-03
| | |/ / / | |/| | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #5676 from kolyshkin/volume-flags-altOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | |_|_|/ / |/| | | | Fix/improve pkg/storage.InitFSMounts
| * | | | pkg/spec.InitFSMounts: optimizeKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of getting mount options from /proc/self/mountinfo, which is very costly to read/parse (and can even be unreliable), let's use statfs(2) to figure out the flags we need. [v2: move getting default options to pkg/util, make it linux-specific] Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * | | | pkg/spec.InitFSMounts: fix mount opts in placeKir Kolyshkin2020-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... rather than create a new slice and then make the caller replace the original with the new one. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * | | | pkg/spec/initFSMounts: fixKir Kolyshkin2020-03-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | > $ ./bin/podman run -v /tmp:/tmp alpine true; echo $? > 0 > $ ./bin/podman run -v /tmp:/tmp:ro alpine true; echo $? > 0 > $ ./bin/podman run -v /tmp:/w0w:ro alpine true; echo $? > Error: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/tmp\\\" to rootfs \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged\\\" at \\\"/home/kir/.local/share/containers/storage/overlay/7636ef3650fc91ee4996ccc026532bb3cff7182c0430db662fffb933e0bcadc9/merged/w0w\\\" caused \\\"operation not permitted\\\"\"": OCI runtime permission denied error > 126 The last command is not working because in-container mount point is used to search for a parent mount in /proc/self/mountinfo. And yet the following > $ ./bin/podman run -v /tmp:/run/test:ro alpine true; echo $? > 0 still works fine! Here's why: > $ mount | grep -E '/run |/tmp ' > tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755) > tmpfs on /tmp type tmpfs (rw,nosuid,nodev,seclabel) This is the reason why previous commit modified in-container mount point. Fixes: 0f5ae3c5af Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | | | | Merge pull request #5701 from vrothberg/v2-pushOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | | | | | | | | | | | | podmanV2: implement push
| * | | | | podmanV2: implement pushValentin Rothberg2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement `podman-push` and `podman-image-push` for the podmanV2 client. * Tests for `pkg/bindings` are not possible at the time of writing as we don't have a local registry running. * Implement `/images/{name}/push` compat endpoint. Tests are not implemented for this v2 endpoint. It has been tested manually. General note: The auth config extraction from the http header is not implement for push. Since it's not yet supported for other endpoints either, I deferred it to future work. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #5700 from ↵OpenShift Merge Robot2020-04-03
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.8.0 Bump github.com/containers/common from 0.6.1 to 0.8.0
| * | | | | Bump github.com/containers/common from 0.6.1 to 0.8.0dependabot-preview[bot]2020-04-03
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.6.1 to 0.8.0. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.6.1...v0.8.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #5702 from kolyshkin/test-nitpicksOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | |_|_|/ / |/| | | | test/e2e/run_volume_test nitpicks
| * | | | test/e2e/run_volume_test: use unique mount pointKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For volume and bind mount tests, use the in-container mount point path that has no common ancestor with any host path (except for root). This might help to uncover bugs like [1]. Even if not, it seems lile a good cleanup regardless. [1] https://github.com/containers/libpod/pull/5676 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * | | | test/e2e/run_volume_test.go: mv dockerfile declKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move declaration of a dockerfile closer to its use. Since it is used only once, there's no sense in having it declared globally. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
| * | | | test/e2e/run_volume_test: only create dir onceKir Kolyshkin2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove repeated mountPath directory creation. * For the first two hunks it is the same dir ("secrets") that was already created before. * For the last hunk ("scratchpad") it is not used at all. Add an empty line after Mkdir for cases where dir is used more than once. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | | | | Merge pull request #5696 from rhatdan/ccOpenShift Merge Robot2020-04-03
|\ \ \ \ \ | |/ / / / |/| | | | Fix environment handling from containers.conf
| * | | | Fix environment handling from containers.confDaniel J Walsh2020-04-02
|/ / / / | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #5677 from giuseppe/avoid-lock-ttyOpenShift Merge Robot2020-04-02
|\ \ \ \ | |/ / / |/| | | exec: fix hang if control path is deleted
| * | | utils: delete dead codeGiuseppe Scrivano2020-04-02
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | attach: skip shutdown on errorsGiuseppe Scrivano2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | skip doing a socket shutdown on an error, since we are not sure the socket was already closed and we end up using the wrong fd. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | attach: fix hang if control path is deletedGiuseppe Scrivano2020-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if the control path file is deleted, libpod hangs waiting for a reader to open it. Attempt to open it as non blocking until it returns an error different than EINTR or EAGAIN. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #5516 from cevich/remove_dupe_gate_crossOpenShift Merge Robot2020-04-02
|\ \ \ \ | | | | | | | | | | Cirrus: Remove darwin/windows builds in gate-job
| * | | | Cirrus: Remove darwin/windows builds in gate-jobChris Evich2020-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's advisable to have the initial gating job execute as quickly as possible, weeding out simple mistakes early on, when possible. However, over time it has bloated to duplicate some more specific testing which occurs in other tasks. In this specific case the `special_testing_cross` task. Remove these duplicate items from the gate job to speed things up for everyone. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #5688 from baude/v2importOpenShift Merge Robot2020-04-02
|\ \ \ \ \ | |_|/ / / |/| | | | podmanv2 import
| * | | | podmanv2 importBrent Baude2020-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to import a container image from a container export Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5687 from TomSweeneyRedHat/dev/tsweeney/fixmaillistOpenShift Merge Robot2020-04-02
|\ \ \ \ \ | | | | | | | | | | | | Touch up mailing list address in README.md
| * | | | | Touch up mailing list address in README.mdTomSweeneyRedHat2020-03-31
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | | Merge pull request #5699 from edsantiago/podmanv2-retryOpenShift Merge Robot2020-04-02
|\ \ \ \ \ \ | | | | | | | | | | | | | | podmanv2-retry - new helper for testing v2
| * | | | | | podmanv2-retry - new helper for testing v2Ed Santiago2020-04-01
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ./hack/podmanv2-retry will first invoke $PODMAN_V2 with given arguments. If that fails with any of the following errors: unrecognized command unknown flag unknown shorthand ...it will run $PODMAN_FALLBACK with the same arguments. Output and exit code will be those of the final podman command, although be aware that stderr and stdout are combined. This is a quick-hack script intended for use in v2 testing, to test implemented commands without noise from unimplemented ones. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #5697 from baude/v2exportOpenShift Merge Robot2020-04-02
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | podmanv2 export
| * | | | | podmanv2 exportBrent Baude2020-04-01
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | add ability to export a container to a tarball Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5686 from baude/v2loadOpenShift Merge Robot2020-04-01
|\ \ \ \ \ | |/ / / / |/| | | | podmanv2 load
| * | | | podmanv2 loadBrent Baude2020-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | enable podman load for v2 add reexec into main add systemd build flag to v2 makefile Signed-off-by: Brent Baude <bbaude@redhat.com>