summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix network mode in play kubePaul Holzinger2021-11-12
| | | | | | | | | | We need to use the config network mode when no network mode was set. To do so we have to keep the nsmode empty, MakeContainer() will use the correct network mode from the config when needed. Fixes #12248 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #12261 from rhatdan/DockerfileOpenShift Merge Robot2021-11-11
|\ | | | | [CI:DOCS] VOLUME must be declared after RUN chown command
| * VOLUME must be declared after RUN chown commandJindrich Novy2021-11-10
| | | | | | | | | | | | | | | | | | | | Podman and Docker will not commit changes via RUN command of a VOLUME directory, so we need to chown path first. Not doing do will cause: https://bugzilla.redhat.com/show_bug.cgi?id=2009266 Signed-off-by: Jindrich Novy <jnovy@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12240 from umohnani8/tableOpenShift Merge Robot2021-11-10
|\ \ | | | | | | Print headers for system connection ls
| * | Print headers for system connection lsUrvashi Mohnani2021-11-10
| |/ | | | | | | | | | | | | Print out the headers even if the system connection list is empty to match the behavior of other list commands. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | Merge pull request #12242 from Luap99/port-reloadOpenShift Merge Robot2021-11-10
|\ \ | | | | | | network reload without ports should not reload ports
| * | network reload return error if we cannot reload portsPaul Holzinger2021-11-10
| | | | | | | | | | | | | | | | | | | | | As rootless we have to reload the port mappings. If it fails we should return an error instead of the warning. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | network reload without ports should not reload portsPaul Holzinger2021-11-10
| |/ | | | | | | | | | | | | | | | | When run as rootless the podman network reload command tries to reload the rootlessport ports because the childIP could have changed. However if the containers has no ports we should skip this instead of printing a warning. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #12258 from edsantiago/xref_manpages_see_alsoOpenShift Merge Robot2021-11-10
|\ \ | |/ |/| [CI:DOCS] Add CI check for SEE ALSO in man pages
| * [CI:DOCS] Add CI check for SEE ALSO in man pagesEd Santiago2021-11-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new CI check to confirm that links and references in SEE ALSO sections are properly formatted and that links are valid (at least in theory: we do no actual URL fetching to test for 404). The check is piggybacked into existing xref-helpmsgs-manpages script. It could conceivably be more elegant to write a separate tool for this purpose, but I don't wish to duplicate the logic for finding and reading markdown files. Script identified various problems, which I fix in this PR: . missing '**' (asterisks) around some references, or '**' in the wrong place. . links pointing to github.com/.../tree/ instead of /blob/ (github redirects those automatically, but I like consistency) . a few copy-paste errors, e.g. subgid linking to subuid. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #12255 from vrothberg/fix-11970OpenShift Merge Robot2021-11-10
|\ \ | |/ |/| podman load: support downloading files
| * podman load: support downloading filesValentin Rothberg2021-11-10
| | | | | | | | | | | | | | | | | | | | | | | | Support downloading files, for instance via `podman load -i server.com/image.tar`. The specified URL is downloaded in the frontend and stored as a temp file that gets passed down to the backend. Also vendor in c/common@main to use the new `pkg/download`. Fixes: #11970 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #12241 from rhatdan/manOpenShift Merge Robot2021-11-10
|\ \ | | | | | | [CI:DOCS] Add links to all SEE ALSO sections
| * | Add links to all SEE ALSO sectionsDaniel J Walsh2021-11-10
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #12250 from vrothberg/fix-12245OpenShift Merge Robot2021-11-10
|\ \ | |/ |/| pod create: read infra image from containers.conf
| * pod create: read infra image from containers.confValentin Rothberg2021-11-10
|/ | | | | | | | | Fix a bug where pods would be created with the hard-coded default infra image instead of the custom one from containers.conf. Add a simple regression test. Fixes: #12245 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #12227 from Luap99/net-setupOpenShift Merge Robot2021-11-09
|\ | | | | Fix rootless networking with userns and ports
| * Fix rootless networking with userns and portsPaul Holzinger2021-11-09
| | | | | | | | | | | | | | | | A rootless container created with a custom userns and forwarded ports did not work. I refactored the network setup to make the setup logic more clear. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #12195 from boaz0/closes_11998OpenShift Merge Robot2021-11-09
|\ \ | | | | | | podman-generate-kube - remove empty structs from YAML
| * | podman-generate-kube - remove empty structs from YAMLBoaz Shuster2021-11-07
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Merge pull request #12239 from vrothberg/fix-12226OpenShift Merge Robot2021-11-09
|\ \ \ | | | | | | | | support health checks from image configs
| * | | support health checks from image configsValentin Rothberg2021-11-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Health checks may be defined in the container config or the config of an image. So far, Podman only looked at the container config. The plumbing happened in libimage but add a regression test to Podman as well to make sure the glue code will not regress. Note that I am pinning github.com/onsi/gomega to v1.16.0 since v1.17.0 requires go 1.16 which in turn is breaking CI. Fixes: #12226 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #12235 from saschagrunert/fix-static-buildOpenShift Merge Robot2021-11-09
|\ \ \ \ | | | | | | | | | | Exclude already built sources for static build
| * | | | Exclude already built sources for static buildSascha Grunert2021-11-09
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now do not copy the `bin` directory to the target nix sources to avoid skipping the build because "everything is up to date". Fixes https://github.com/containers/podman/issues/12198 Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | | Merge pull request #12232 from ianw/make-c-filesOpenShift Merge Robot2021-11-09
|\ \ \ \ | | | | | | | | | | Match .c files in Makefile
| * | | | Match .c files in MakefileIan Wienand2021-11-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure that rebuilds happen when .c files are updated in the source tree. Signed-off-by: Ian Wienand <iwienand@redhat.com>
* | | | | Merge pull request #12233 from ianw/shm-lock-failure-messageOpenShift Merge Robot2021-11-09
|\ \ \ \ \ | |_|/ / / |/| | | | shm_lock: Handle ENOSPC better in AllocateSemaphore
| * | | | shm_lock: Handle ENOSPC better in AllocateSemaphoreIan Wienand2021-11-09
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When starting a container libpod/runtime_pod_linux.go:NewPod calls libpod/lock/lock.go:AllocateLock ends up in here. If you exceed num_locks, in response to a "podman run ..." you will see: Error: error allocating lock for new container: no space left on device As noted inline, this error is technically true as it is talking about the SHM area, but for anyone who has not dug into the source (i.e. me, before a few hours ago :) your initial thought is going to be that your disk is full. I spent quite a bit of time trying to diagnose what disk, partition, overlay, etc. was filling up before I realised this was actually due to leaking from failing containers. This overrides this case to give a more explicit message that hopefully puts people on the right track to fixing this faster. You will now see: $ ./bin/podman run --rm -it fedora bash Error: error allocating lock for new container: allocation failed; exceeded num_locks (20) [NO NEW TESTS NEEDED] (just changes an existing error message) Signed-off-by: Ian Wienand <iwienand@redhat.com>
* | | | Merge pull request #12230 from rhatdan/manOpenShift Merge Robot2021-11-09
|\ \ \ \ | | | | | | | | | | [ci:docs] Add links to podman build see also
| * | | | Add links to podman build,run, create see alsoDaniel J Walsh2021-11-08
|/ / / / | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #12222 from Luap99/pod-create-netOpenShift Merge Robot2021-11-09
|\ \ \ \ | | | | | | | | | | pod create: read network mode from config
| * | | | pod create: read network mode from configPaul Holzinger2021-11-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we create a pod we have to parse the network mode form the config file. This is a regression in commit d28e85741f. Fixes #12207 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #12229 from edsantiago/minor_test_tweaksOpenShift Merge Robot2021-11-08
|\ \ \ \ \ | |_|/ / / |/| | | | Minor test tweaks
| * | | | Minor test tweaksEd Santiago2021-11-08
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - remove 'NO TESTS NEEDED' as a valid bypass string. Henceforth only 'NO NEW TESTS NEEDED' will work. - add a debugging aid for #11871, in which bodhi tests time out in nslookup. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #12223 from cevich/bump_catatonitOpenShift Merge Robot2021-11-08
|\ \ \ \ | |_|_|/ |/| | | Bump Catatonit up to v0.1.7
| * | | Bump Catatonit up to v0.1.7Chris Evich2021-11-08
| | | | | | | | | | | | | | | | | | | | | | | | Ref: https://github.com/containers/podman/pull/12218 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #12036 from jwhonce/issues/11984OpenShift Merge Robot2021-11-08
|\ \ \ \ | | | | | | | | | | test connection add
| * | | | test connection addJhon Honce2021-11-08
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix connection JSON encoding * Add custom ginkgo matchers for connection testing * Cleanup code Fixes #11984 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #11953 from markusthoemmes/help-defaultOpenShift Merge Robot2021-11-08
|\ \ \ \ | |/ / / |/| | | Display help text on empty subcommand by default
| * | | Keep error semantics intactMarkus Thömmes2021-11-05
| | | | | | | | | | | | | | | | Signed-off-by: Markus Thömmes <markusthoemmes@me.com>
| * | | Adjust tests to verify all subcommands show the help messageMarkus Thömmes2021-10-14
| | | | | | | | | | | | | | | | Signed-off-by: Markus Thömmes <markusthoemmes@me.com>
| * | | Display help text on empty subcommand by defaultMarkus Thömmes2021-10-13
| | | | | | | | | | | | | | | | Signed-off-by: Markus Thömmes <markusthoemmes@me.com>
* | | | Merge pull request #12213 from flouthoc/system-connection-rm-allOpenShift Merge Robot2021-11-08
|\ \ \ \ | | | | | | | | | | system: Adds support for removing all named destination via `--all`
| * | | | system: Adds support for removing all named destination via --allAditya Rajan2021-11-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds support of dropping all named destination from system connections via `--all`. Closes: https://github.com/containers/podman/issues/12018 Signed-off-by: Aditya Rajan <arajan@redhat.com>
* | | | | Merge pull request #11958 from cdoern/scpOpenShift Merge Robot2021-11-08
|\ \ \ \ \ | | | | | | | | | | | | Podman Image SCP rootful to rootless transfer
| * | | | | Podman Image SCP rootful to rootless transfercdoern2021-11-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added functionality for users to transfer images from root storage to rootless storage without using sshd. This is done through rootful podman by running `sudo podman image scp root@localhost::image user@localhost:: the user is needed in order to find and use their uid/gid to exec a new process. added necessary tests, and functions for this implementation. Created new image function Transfer so that the underlying code is majorly removed from CLI Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | | Merge pull request #12137 from vrothberg/fix-11735OpenShift Merge Robot2021-11-08
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | pod/container create: resolve conflicts of generated names
| * | | | | pod/container create: resolve conflicts of generated namesValentin Rothberg2021-11-08
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Address the TOCTOU when generating random names by having at most 10 attempts to assign a random name when creating a pod or container. [NO TESTS NEEDED] since I do not know a way to force a conflict with randomly generated names in a reasonable time frame. Fixes: #11735 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #12172 from rhatdan/manOpenShift Merge Robot2021-11-08
|\ \ \ \ \ | |/ / / / |/| | | | [CI:DOCS] Add some information about disabling SELinux when using system volumes
| * | | | Add some information about disabling SELinux when using system volumesDaniel J Walsh2021-11-06
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A comment was made on internal mailing list about confusion on SELinux labeling of volumes. This PR makes it a little more clear about when you should or should not relabel. We need a similar comment in podman pod create, but it does not support --security-opt processing yet. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>