| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
| |
This allows us to run both the Libpod and Server handlers at the
same time without unregistering one.
Also, pass the signal that killed us into the handlers, in case
they want to use it to determine what to do (e.g. what exit code
to set).
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Expand the use of the Shutdown package such that we now use it
to handle signals any time we run Libpod. From there, add code to
container creation to use the Inhibit function to prevent a
shutdown from occuring during the critical parts of container
creation.
We also need to turn off signal handling when --sig-proxy is
invoked - we don't want to catch the signals ourselves then, but
instead to forward them into the container via the existing
sig-proxy handler.
Fixes #7941
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need a unified package for handling signals that shut down
Libpod and Podman. We need to be able to do different things on
receiving such a signal (`system service` wants to shut down the
service gracefully, while most other commands just want to exit)
and we need to be able to inhibit this shutdown signal while we
are waiting for some critical operations (e.g. creating a
container) to finish. This takes the first step by defining the
package that will handle this.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
APIv2 tests: get them passing again
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In the new-Cirrus transition, APIv2 tests were inadvertently
disabled. As expected when tests get disabled, they break.
This commit fixes some failing tests, and comments out others
(with big FIXMEs) because I have neither the expertise nor
time to figure out the real problems.
The big change to test-apiv2 is due to a recently-added
test that looks for an '=' sign in json output. My '=' vs '~'
detector completely barfed on that, and there's just no
way to make it work in a bash 'case' statement. So, switch
to an 'if' with 'expr'.
And, unrelated, fix a longstanding (harmless) bug that was
issuing spurious "expected" messages to the test log; those
should've been going to the full results log.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Add support for resource limits to play kube
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|\ \ \
| | | |
| | | | |
tests/e2e: Add Toolbox-specific test cases
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In the past, Toolbox[0] has been affected by several of Podman's
bugs/changes of behaviour. This is one of the steps to assure that as
Podman progresses, Podman itself and subsequently Toolbox do not regress.
One of the other steps is including Toolbox's system tests in Podman's
gating systems (which and to what extent is yet to be decided on).
The tests are trying to stress parts of Podman that Toolbox needs for
its functionality: permission to handle some system files, correct
values/permissions/limits in certain parts, management of users and
groups, mounting of paths,.. The list is most likely longer and
therefore more commits will be needed to control every aspect of the
Toolbox/Podman relationship :).
Some test cases in test/e2e/toolbox_test.go rely on some tools being
present in the base image[1]. That is not the case with the common
ALPINE image or the basic Fedora image.
Some tests might be duplicates of already existing tests. I'm more in
favour of having those duplicates. Thanks to that it will be clear what
functionality/behaviour Toolbox requires.
[0] https://github.com/containers/toolbox
[1] https://github.com/containers/toolbox/#image-requirements
Signed-off-by: Ondřej Míchal <harrymichal@seznam.cz>
|
|\ \ \ \
| |_|_|/
|/| | | |
Include CNI networks in inspect output when not running
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We were only including the CNI Network fields in the output of
`podman inspect` when the container was not running. It's simple
enough to fix (populate with empty structs, since we can't fill
anything without a CNI response to get IP address assigned, etc).
This is necessary for Docker compatibility.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Search repository tags using --list-tags
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For fix of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1684263
Add --list-tags to podman search to return a table the repository tags.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Resolve #7860 - add time.RFC3339 format
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: 3sky <3sky@protonmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
pkg/spec: fix a confusing error message
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When we try, but fail, to load the default seccomp profile, say that,
instead of suggesting that we tried to load a profile with no name.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
system tests: cleanup, and add more tests
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- images test: add test for 'table' and '\t' formatting
- image mount test: check output from 'umount', test
repeat umount (NOP), and test invalid-umount
- kill test: remove kludgy workaround for crun signal bug
ref: #5004 -- code is no longer needed (fingers crossed),
and the workaround involved pulling an expensive image.
- selinux test: add new tests for shared context in:
* pods , w/ and w/o infra container (ref: #7902)
* containers with namespace sharing: --ipc, --pid, --net
- selinux test: new test for --pid=host (disabled pending
propagation of container-selinux-2.146, ref: #7939)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add more APIv2 tests for images.
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | | |
Signed-off-by: Edward Shen <weshen@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
[CI:DOCS] Fix documentation link and typo
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Stefan Rua <stefan.rua@iki.fi>
|
|\ \ \ \ \ \ \
| |_|/ / / / /
|/| | | | | | |
Monitor for client closing stream
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes #7946
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Print the correct underlying cause for OCI errors
|
| | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Previously, the order of OCI error messages was reversed, so that the
type of error was listed as the cause. For example:
Error: writing file `cpu.cfs_quota_us`: Invalid argument: OCI runtime error
This error message makes it seem like "OCI runtime error" is the
argument that was invalid. In fact, "OCI runtime error" is the error and
"writing file ..." is the cause. With this change, the above message
reads:
Error: OCI runtime error: writing file `cpu.cfs_quota_us`: Invalid argument
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Restore --format table...
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Following commands:
* systemd generate
* networks inspect
* pod stats
* Fixed test where format was quoted and then quoted again
* Fixed bug where output never printed '--' on missed reads
* pod ps
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Port V1 --format table to V2 podman
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* volume ls
* container ps
* updated broken tests when skip removed
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|_|/
|/| | | | | |
This PR allows users to remove external containers directly
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Currenly if a user specifies the name or ID of an external storage
container, we report an error to them.
buildah from scratch
working-container-2
podman rm working-container-2
Error: no container with name or ID working-container-2 found: no such container
Since the user specified the correct name and the container is in storage we
force them to specify --storage to remove it. This is a bad experience for the
user.
This change will just remove the container from storage. If the container
is known by libpod, it will remove the container from libpod as well.
The podman rm --storage option has been deprecated, and removed from docs.
Also cleaned documented options that are not available to podman-remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Cirrus: Fix obtaining a CI VM
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Also removed automatic exection of setup_environment.sh since most
people using this script are podman developers (not automation/CI
folks). If executing the automation scripts is necessary, manual
attendance to required variables like `$TEST_FLAVOR` is mandatory.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Also, check the contents of hack/get_ci_vm.sh
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
andylibrian/kube-generate-support-resource-limits-7855
Add support for resource cpu limit to generate kube
|
| | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
fixes #7855
Signed-off-by: Andy Librian <andylibrian@gmail.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Update nix pin with `make nixpkgs`
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
|
|\ \ \ \ \ \ \
| |_|_|_|_|_|/
|/| | | | | | |
Enable k8s configmaps as flags for play kube
|
| | |_|/ / /
| |/| | | |
| | | | | |
| | | | | | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
BlobInfoCacheDir is set incorrectly when copying images
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It is not set based on the root image directory, and always
points at the defaults. This change will get it to follow
filepath.Join(ir.store.GraphRoot(), "cache") set from libpod.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
--format updates for images/diff.go
|
| |/ / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
add compatibility endpoint for exporting multiple images
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
with the recent inclusion of dealing with multiple images in a tar archive, we can now add a compatibility endpoint that was missing images/get?names=one,two.
Fixes: #7950
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Store cgroup manager on a per-container basis
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When we create a container, we assign a cgroup parent based on
the current cgroup manager in use. This parent is only usable
with the cgroup manager the container is created with, so if the
default cgroup manager is later changed or overridden, the
container will not be able to start.
To solve this, store the cgroup manager that created the
container in container configuration, so we can guarantee a
container with a systemd cgroup parent will always be started
with systemd cgroups.
Unfortunately, this is very difficult to test in CI, due to the
fact that we hard-code cgroup manager on all invocations of
Podman in CI.
Fixes #7830
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|