summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* infra: downgrade warning to debugGiuseppe Scrivano2021-02-17
| | | | | | | | | | if the current process could not be moved to a different systemd cgroup do not raise a warning but debug message. [NO TESTS NEEDED] Closes: https://github.com/containers/podman/issues/9353 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #9240 from rhatdan/resetOpenShift Merge Robot2021-02-16
|\ | | | | Do not reset storage when running inside of a container
| * Do not reset storage when running inside of a containerDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if the host shares container storage with a container running podman, the podman inside of the container resets the storage on the host. This can cause issues on the host, as well as causes the podman command running the container, to fail to unmount /dev/shm. podman run -ti --rm --privileged -v /var/lib/containers:/var/lib/containers quay.io/podman/stable podman run alpine echo hello * unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy * unlinkat /var/lib/containers/storage/overlay-containers/a7f3c9deb0656f8de1d107e7ddff2d3c3c279c11c1635f233a0bffb16051fb2c/userdata/shm: device or resource busy Since podman is volume mounting in the graphroot, it will add a flag to /run/.containerenv to tell podman inside of container whether to reset storage or not. Since the inner podman is running inside of the container, no reason to assume this is a fresh reboot, so if "container" environment variable is set then skip reset of storage. Also added tests to make sure /run/.containerenv is runnig correctly. Fixes: https://github.com/containers/podman/issues/9191 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9367 from ↵OpenShift Merge Robot2021-02-16
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-0.13.1 Bump github.com/rootless-containers/rootlesskit from 0.13.0 to 0.13.1
| * | Bump github.com/rootless-containers/rootlesskit from 0.13.0 to 0.13.1dependabot-preview[bot]2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.13.0 to 0.13.1. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.13.0...v0.13.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9401 from rhatdan/stopOpenShift Merge Robot2021-02-16
|\ \ \ | |_|/ |/| | podman kill should report rawInput not container id
| * | podman kill should report rawInput not container idDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | Docker always reports back the users input, not the full id, we should do the same. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9399 from vrothberg/home-sweet-homeOpenShift Merge Robot2021-02-16
|\ \ \ | |/ / |/| | do not set empty $HOME
| * | do not set empty $HOMEValentin Rothberg2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure to not set an empty $HOME for containers and let it default to "/". https://github.com/containers/crun/pull/599 is required to fully address #9378. Partially-Fixes: #9378 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #9396 from rhatdan/stopOpenShift Merge Robot2021-02-16
|\ \ \ | | | | | | | | When stopping a container, print rawInput
| * | | When stopping a container, print rawInputDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we stop a container we are printing the full id, this does not match Docker behaviour or the start behavior. We should be printing the users rawInput when we successfully stop the container. Fixes: https://github.com/containers/podman/issues/9386 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #9380 from baude/podinfraOpenShift Merge Robot2021-02-16
|\ \ \ \ | | | | | | | | | | Fix panic in pod creation
| * | | | Fix panic in pod creationbaude2021-02-16
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when creating a pod with --infra-image and using a untagged image for the infra-image (none/none), the lookup for the image's name was creating a panic. Fixes: #9374 Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #9397 from vrothberg/fix-9232OpenShift Merge Robot2021-02-16
|\ \ \ \ | | | | | | | | | | images/create: always pull image
| * | | | images/create: always pull imageValentin Rothberg2021-02-16
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `images/create` endpoint should always attempt to pull a newer image. Previously, the local images was used which is not compatible with Docker and caused issues in the Gitlab CI. Fixes: #9232 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #9368 from vrothberg/fix-9365OpenShift Merge Robot2021-02-16
|\ \ \ \ | | | | | | | | | | podman build: pass runtime to buildah
| * | | | podman build: pass runtime to buildahValentin Rothberg2021-02-16
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that Podman's default OCI runtime is passed to Buildah in `podman build`. In theory, Podman and Buildah should use the same defaults but the projects move at different speeds and it turns out we caused a regression in v3.0. Fixes: #9365 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #9372 from matejvasek/fix_host_portOpenShift Merge Robot2021-02-16
|\ \ \ \ | | | | | | | | | | Docker [APIv2] create container: handle empty host port
| * | | | fix create container: handle empty host portMatej Vasek2021-02-16
| |/ / / | | | | | | | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | | Merge pull request #9369 from vrothberg/startup-errorsOpenShift Merge Robot2021-02-16
|\ \ \ \ | | | | | | | | | | correct startup error message
| * | | | correct startup error messageValentin Rothberg2021-02-16
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The error message when failing to create an image engine unconditionally pointed to the Podman socket which is quite confusing when running locally. Move the error message to the point where the first ping to the service fails. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #9391 from rhatdan/workdirOpenShift Merge Robot2021-02-16
|\ \ \ \ | |_|_|/ |/| | | Don't chown workdir if it already exists
| * | | Don't chown workdir if it already existsDaniel J Walsh2021-02-16
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Currently podman is always chowning the WORKDIR to root:root This PR will return if the WORKDIR already exists. Fixes: https://github.com/containers/podman/issues/9387 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9394 from paranlee/patch-1OpenShift Merge Robot2021-02-16
|\ \ \ | |_|/ |/| | [CI:DOCS] Fix typo podman run doc in flag -pid=mode "efault"
| * | Fix typo podman run doc in flag -pid=mode "efault"paranlee2021-02-16
|/ / | | | | | | Signed-off-by: paranlee <paran.lee@mail.uk>
* | Merge pull request #9375 from Luap99/fix-9373OpenShift Merge Robot2021-02-16
|\ \ | |/ |/| Fix broken podman generate systemd --new with pods
| * Fix broken podman generate systemd --new with podsPaul Holzinger2021-02-16
|/ | | | | | | | | | | The unit generation accidentally escaped the %t in the pod id file path. This is a regression caused by #9178. This was not caught by the tests because the test itself was wrong. It used a full path instead of the systemd variable %t like the actual code does. Fixes #9373 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #9385 from baude/fixciOpenShift Merge Robot2021-02-16
|\ | | | | Fixci
| * fix dns resolution on ubuntubaude2021-02-15
| | | | | | | | | | | | ubuntu's dns seems a little odd and requires a fq name in its tests. Signed-off-by: baude <bbaude@redhat.com>
| * e2e: fix network alias testValentin Rothberg2021-02-15
| | | | | | | | | | | | | | | | | | | | | | The logic in the e2e test for multiple network aliases is indicating the test should wait for the containerized nginx to be ready. As this may take some time, the test does an exponential backoff starting at 2050ms. Fix the logic by removing the `Expect(...)` call during the exponential backoff. Otherwise, the test errors immediately. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * fix failing image e2e testValentin Rothberg2021-02-15
| | | | | | | | | | | | | | | | The timestamps of some images must have changed changing the number of expected filtered images. The test conditions seem fragile but for now it's more important to get CI back. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #9348 from matejvasek/refactor_gen_codeOpenShift Merge Robot2021-02-15
|\ \ | | | | | | Refactor generated code
| * | [NO TESTS NEEDED] Refactor generated codeMatej Vasek2021-02-14
| | | | | | | | | | | | | | | | | | Extracted common functionality to util function. Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | Merge pull request #9366 from xatier/patch-1OpenShift Merge Robot2021-02-15
|\ \ \ | |_|/ |/| | [CI:DOCS] Update troubleshooting.md for registries.conf v2
| * | Update troubleshooting.mdxatier2021-02-15
|/ / | | | | | | | | | | | | | | | | Note that `[registries.search]` (the v1 format) is still supported, but `registries.conf` can not mix v1 with v2 syntax. [1] https://github.com/containers/image/commit/c04fa245754dc2c250424445f4190f348401f27b#diff-968a44bf11ad55a626a0d13a78ade8944ade3a36f53c7a3f985a9036cd64f5a5 Signed-off-by: xatier <xatierlike@gmail.com>
* | Merge pull request #9342 from Luap99/lintOpenShift Merge Robot2021-02-13
|\ \ | | | | | | Enable more golangci-lint linters
| * | Enable more golangci-lint lintersPaul Holzinger2021-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Cleanup the golangci.yml file and enable more linters. `pkg/spec` and `iopodman.io` is history. The vendor directory is excluded by default. The dependencies dir was listed twice. Fix the reported problems in `pkg/specgen` because that was also excluded by `pkg/spec`. Enable the structcheck, typecheck, varcheck, deadcode and depguard linters. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #9347 from edigaryev/fix-superfluous-writeheaderOpenShift Merge Robot2021-02-12
|\ \ \ | | | | | | | | Fix superfluous response.WriteHeader call in WaitContainerLibpod()
| * | | Fix superfluous response.WriteHeader call in WaitContainerLibpod()Nikolay Edigaryev2021-02-12
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the query decoding fails at the beginning of WaitContainerLibpod(), the Error() sets the header but doesn't returns after that. This causes the execution flow to reach the WriteResponse() at the end of WaitContainerLibpod(), which attempts to set another header, thus causing the following error: http: superfluous response.WriteHeader call from github.com/containers/podman/pkg/api/handlers/utils.WriteResponse (handler.go:124) [NO TESTS NEEDED] Signed-off-by: Nikolay Edigaryev <edigaryev@gmail.com>
* | | Merge pull request #9343 from baude/pstonanoOpenShift Merge Robot2021-02-12
|\ \ \ | |/ / |/| | change ps Created to unix
| * | change ps Created to unixbaude2021-02-12
| | | | | | | | | | | | | | | | | | | | | | | | change from unixnano to unix for ps created --format json [NO TESTS NEEDED] Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #9341 from vrothberg/layer-tree-errorsOpenShift Merge Robot2021-02-12
|\ \ \ | |/ / |/| | make layer-tree lookup errors non-fatal
| * | make layer-tree lookup errors non-fatalValentin Rothberg2021-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Internally, Podman constructs a tree of layers in containers/storage to quickly compute relations among layers and hence images. To compute the tree, we intersect all local layers with all local images. So far, lookup errors have been fatal which has turned out to be a mistake since it seems fairly easy to cause storage corruptions, for instance, when killing builds. In that case, a (partial) image may list a layer which does not exist (anymore). Since the errors were fatal, there was no easy way to clean up and many commands were erroring out. To improve usability, turn the fatal errors into warnings that guide the user into resolving the issue. In this case, a `podman system reset` may be the approriate way for now. [NO TESTS NEEDED] because I have no reliable way to force it. [1] https://github.com/containers/podman/issues/8148#issuecomment-778253474 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #9319 from ↵OpenShift Merge Robot2021-02-12
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/spf13/cobra-1.1.3 Bump github.com/spf13/cobra from 1.1.2 to 1.1.3
| * | | Bump github.com/spf13/cobra from 1.1.2 to 1.1.3dependabot-preview[bot]2021-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/spf13/cobra/releases) - [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md) - [Commits](https://github.com/spf13/cobra/compare/v1.1.2...v1.1.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #9311 from deadNightTiger/fix-pull-dockerjavaOpenShift Merge Robot2021-02-12
|\ \ \ \ | | | | | | | | | | apiv2: handle docker-java clients pulling
| * | | | apiv2: handle docker-java clients pullingIgor Korolev2021-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When docker-java calls images/create?fromImage=x, it expects two things for a successful response: that both "error" and "errorDetail" are not set, and that the "progress" message contains one of five hard-coded strings ("Download complete" being one of them). Signed-off-by: Igor Korolev <missterr@gmail.com>
* | | | | Merge pull request #9331 from Luap99/lintOpenShift Merge Robot2021-02-12
|\ \ \ \ \ | |_|_|/ / |/| | | / | | |_|/ | |/| | Enable more golangci-lint linters
| * | | Enable whitespace linterPaul Holzinger2021-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use the whitespace linter and fix the reported problems. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * | | Enable golint linterPaul Holzinger2021-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use the golint linter and fix the reported problems. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>