summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* compat API: /images/json prefix image id with sha256Paul Holzinger2021-09-22
| | | | | | | | | Docker adds the `sha256:` prefix to the image ID, so our compat endpoint has to do this as well. Fixes #11623 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* [CI:DOCS] Add link to skopeo delete in podman rmiUrvashi Mohnani2021-09-22
| | | | | | | Add a note pointing to skopeo delete for when users want to delete an image in a remote registry. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* remote untag: support digestsValentin Rothberg2021-09-22
| | | | | | | | | Fix a bug when remotely untagging an image via tag@digest. The digest has been lost in the remote client and hence led to a wrong behaviour on the server. Fixes: #11557 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* System tests: cleanup, and remove obsolete skipsEd Santiago2021-09-22
| | | | | | | | | | | | | | | | * 070-build: - remove workaround for #9567, which is closed. - add many more cases to the ignorefile test, to test complicated special cases of Buildah PR 3486. * 160-volumes: - remove a skip_if_remote, volumes now work on remote - use a random name for tarball, and clean up when done using it. This fixes a gating-test failure (test runs as root, then rootless, and rootless can't clobber root's file). Signed-off-by: Ed Santiago <santiago@redhat.com>
* Remove unused code from libpodPaul Holzinger2021-09-22
| | | | | | | | | | | | | The libpod package should only compile on linux. The remote client should never try to import this package. Since these files do not add any value we should remove them, this prevents people from accidentally importing this package because it would fail to compile on windows/macos. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* [CI:DOCS] markdown cleanupEd Santiago2021-09-22
| | | | | | | | | | | | | | | | | | | | | * podman-inspect: make references be live links, not a static list. Also, remove container- and image-inspect, because those are NOPs. * podman-pull: add a missing right-paren * podman-search, podman: remove unwanted indentation from some file descriptions. Markdown indentation renders as one very very long line, requiring the user to use a horizontal scroll bar to read the text. I searched using grep '^ ' and eyeball-looking for text that doesn't look like one-line code examples, and see no more, but eyeball checks are fragile. One bug remains: MyST renders mailto: links uglily. I can find no way to fix this other than patching the source code. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Only add 127.0.0.1 entry to /etc/hosts with --net=nonePaul Holzinger2021-09-22
| | | | | | | | | | | The check for net=none was wrong. It just assumed when we do not create the netns but have one set that we use the none mode. This however also applies to a container which joins the pod netns. To correctly check for the none mode use `config.NetMode.IsNone()`. Fixes #11596 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* container runlabel remove image tag from namePaul Holzinger2021-09-22
| | | | | | | | | | | When no name is given for podman container runlabel it will default to the image base name. However this can contain a tag. Since podman does not accept container names with a colon the run command will fail if it contains something like `podman run --name NAME ...`. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2004263 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Fix /auth compat endpointMatej Vasek2021-09-22
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* fix inverted conditionMatej Vasek2021-09-22
| | | | | | [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* Merge pull request #11624 from giuseppe/3.4-fix-pause-processDaniel J Walsh2021-09-20
|\ | | | | [3.4] runtime: move pause process to scope
| * utils: return error message from StartTransientUnitGiuseppe Scrivano2021-09-20
| | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit eea5d251267d070d7920008056e3e4d603cae204)
| * utils: raise warning only on cgroupv2Giuseppe Scrivano2021-09-20
| | | | | | | | | | | | | | | | | | | | | | | | if it is not running on cgroup v2, print only a debug message since rootless users cannot create the cgroup. commit 9c1e27fdd536f6026efe3da4360755a3e9135ca8 introduced the regression. [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit 4caca0969863f5b8d13ff377ed1cc24d4033ed1a)
| * runtime: move pause process to scopeGiuseppe Scrivano2021-09-17
| | | | | | | | | | | | | | | | | | | | | | | | make sure the pause process is moved to its own scope as well as what we do when we join an existing user+mount namespace. Closes: https://github.com/containers/podman/issues/11560 [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit a2c8b5d9d6d6e46679fe9540619d4303d4b4601d)
| * system: move MovePauseProcessToScope to utilsGiuseppe Scrivano2021-09-17
| | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit 72534a74b3c2ff35ae1711a890406a6bce5fa44f)
| * system: always move pause process when running on systemdGiuseppe Scrivano2021-09-17
| | | | | | | | | | | | | | | | when running on a systemd with systemd, always try to move the pause process to its own scope. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit 9c1e27fdd536f6026efe3da4360755a3e9135ca8)
| * system: avoid reading pause pid fileGiuseppe Scrivano2021-09-17
| | | | | | | | | | | | | | | | we already know the path to the pause PID file, no need to calculate it again. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit fa9728c5509f1ef3bb1c80055e89b910d9740efd)
* | Merge pull request #11655 from vrothberg/3.4-vendor-commonOpenShift Merge Robot2021-09-20
|\ \ | |/ |/| [3.4] vendor c/common@v0.44.1
| * test/apiv2: set main version back to 3Valentin Rothberg2021-09-20
| | | | | | | | | | | | Must have slipped through when creating the 3.4 branch. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * [3.4] vendor c/common@v0.44.1Valentin Rothberg2021-09-20
|/ | | | | | | | | | | Finalizes the linked BZ to fix passing down custom authfiles during auto updates. Also fixes the if-newer pull policy. [NO TESTS NEEDED] for now validated manually. A new system test will be added to the main branch shortly. BZ: bugzilla.redhat.com/show_bug.cgi?id=2000943 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #11616 from mheon/bump_340rc1OpenShift Merge Robot2021-09-16
|\ | | | | [CI:DOCS] Bump to v3.4.0-RC1
| * Bump to v3.4.0-devMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Bump to v3.4.0-rc1v3.4.0-rc1Matthew Heon2021-09-16
|/ | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #11598 from mheon/34_backportsreleasenotesOpenShift Merge Robot2021-09-16
|\ | | | | Backports and release notes for v3.4.0-RC1
| * Fix buildah-bud tests by using main's diff fileMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Fix podman-build manpages by using version from mainMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Fix release notesMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Remove Pod CPU testsMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Set DEST_BRANCH in cirrus to fix CIMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Final release notes for v3.4.0 RC1Matthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * libpod: honor --cgroups=split also with podsGiuseppe Scrivano2021-09-16
| | | | | | | | | | | | Honor --cgroups=split also when the container is running in a pod. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * build: take advantage of --platform listsNalin Dahyabhai2021-09-16
| | | | | | | | | | | | | | | | | | | | | | The builder can take a list of platforms in the Platforms field of its BuildOptions argument, and we should definitely take advantage of that. The `bud-multiple-platform-values` test from buildah exercises support for this, so [NO TESTS NEEDED] Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
| * build.bats: fix copy tests after containers/buildah#3486Aditya Rajan2021-09-16
| | | | | | | | | | | | | | | | Fix copy tests after https://github.com/containers/buildah/pull/3486 [NO TESTS NEEDED] Signed-off-by: Aditya Rajan <arajan@gmail.com>
| * build: mirror --authfile to filesystem if pointing to FD instead of fileAditya Rajan2021-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Following commit makes sure that podman mirrors --authfile to a temporary file in filesystem if arg is pointing to an FD instead of actual file as FD can be only consumed once. Reference: * https://github.com/containers/buildah/pull/3498 * https://github.com/containers/buildah/issues/3070 [NO TESTS NEEDED] Signed-off-by: Aditya Rajan <arajan@redhat.com>
| * Bump to Buildah v1.23.0Matthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Further release notes updatesMatthew Heon2021-09-16
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Show variant and codename of the distributionAnders F Björklund2021-09-16
| | | | | | | | | | | | | | | | | | | | | | | | Along with the name (id) and the version(_id) But only show the information if is available Examples: Fedora CoreOS, Ubuntu Focal [NO TESTS NEEDED] Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
| * api: handle nil pointer dereference in rest endpointsJelle van der Waa2021-09-16
| | | | | | | | | | | | | | | | When `?all=garbage` is passed to an API endpoint schema validation fails and err is nil. Wrapf uses err to create an error message causing a nil pointer dereference. Signed-off-by: Jelle van der Waa <jvanderwaa@redhat.com>
| * Fix example in podman machine init man pagePaul Holzinger2021-09-16
| | | | | | | | | | | | Fixes #11582 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * Document `all` query parameter for /libpod/images/pruneJelle van der Waa2021-09-16
| | | | | | | | Signed-off-by: Jelle van der Waa <jvanderwaa@redhat.com>
| * tests: enable --cgroups=disabled test for rootlessGiuseppe Scrivano2021-09-16
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * tests: simplify --cgroups=disabled testGiuseppe Scrivano2021-09-16
| | | | | | | | | | | | read the cgroup directly from the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * Enhance bindings for IDE hintsJhon Honce2021-09-16
| | | | | | | | | | | | | | | | | | | | | | * Follow https://pkg.go.dev/cmd/go#hdr-Generate_Go_files_by_processing_source for leading comment * Add godoc strings for all exposed methods for IDE support * Copy field godoc strings into generated code as function godoc string * Remove unused/unnecessary fields from generator.go structures * Cleanup code regarding template usage Signed-off-by: Jhon Honce <jhonce@redhat.com>
| * Cirrus: NM/CNI workaround + Remove prior-UbuntuChris Evich2021-09-16
| | | | | | | | | | | | Ref: https://github.com/containers/automation_images/pull/88 Signed-off-by: Chris Evich <cevich@redhat.com>
| * libpod: rootful close binded portsPaul Holzinger2021-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For rootful users ports are forwarded via iptables. To make sure no other process tries to use them, libpod will bind the ports and pass the fds to conmon. There seems to be race when a container is restarted because libpod tries to bind the port before the conmon process exited. The problem only hapens with the podman service because it keeps the connection open. Once we have the fd and passed it to conmon the podman service should close the connection. To verify run `sudo ss -tulpn` and check that only the conmon process keeps the port open. Previously you would also see the podman server process listed. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * fix restart always with rootlessportPaul Holzinger2021-09-16
| | | | | | | | | | | | | | | | When a container is automatically restarted due its restart policy and the container uses rootless cni networking with ports forwarded we have to start a new rootlessport process since it exits with conmon. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * remove rootlessport socket to prevent EADDRINUSEPaul Holzinger2021-09-16
| | | | | | | | | | | | | | | | | | When we restart a container via podman restart or restart policy the rootlessport process fails with `address already in use` because the socketfile still exists. This is a regression and was introduced in commit abdedc31a25e. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * test: enable --cgroup-parent testGiuseppe Scrivano2021-09-16
| | | | | | | | | | | | | | | | and fix it for running with runc. Closes: https://github.com/containers/podman/issues/11165 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * Search gvproxy with config.FindHelperBinary()Hyeon Kim2021-09-16
| | | | | | | | | | | | | | | | Closes #11531 [NO TESTS NEEDED] Signed-off-by: Hyeon Kim <simnalamburt@gmail.com>
| * Add deprecated fields for 1.22+ clients that still expect themJason T. Greene2021-09-16
| | | | | | | | Signed-off-by: Jason Greene <jason.greene@redhat.com>