summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Add username to /etc/passwd inside of container if --userns keep-idDaniel J Walsh2020-07-07
| | | | | | | | | | If I enter a continer with --userns keep-id, my UID will be present inside of the container, but most likely my user will not be defined. This patch will take information about the user and stick it into the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6693 from goochjj/libpod-sd-notify-cmdlineOpenShift Merge Robot2020-07-06
|\ | | | | Implement --sdnotify cmdline option to control sd-notify behavior
| * BATS system tests for new sdnotifyEd Santiago2020-07-06
| | | | | | | | Signed-off-by: Ed Santiago <santiago@redhat.com>
| * Implement --sdnotify cmdline option to control sd-notify behaviorJoseph Gooch2020-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --sdnotify container|conmon|ignore With "conmon", we send the MAINPID, and clear the NOTIFY_SOCKET so the OCI runtime doesn't pass it into the container. We also advertise "ready" when the OCI runtime finishes to advertise the service as ready. With "container", we send the MAINPID, and leave the NOTIFY_SOCKET so the OCI runtime passes it into the container for initialization, and let the container advertise further metadata. This is the default, which is closest to the behavior podman has done in the past. The "ignore" option removes NOTIFY_SOCKET from the environment, so neither podman nor any child processes will talk to systemd. This removes the need for hardcoded CID and PID files in the command line, and the PIDFile directive, as the pid is advertised directly through sd-notify. Signed-off-by: Joseph Gooch <mrwizard@dok.org>
* | Merge pull request #6570 from rhatdan/remoteOpenShift Merge Robot2020-07-06
|\ \ | | | | | | Change buildtag for remoteclient to remote for testing
| * | Change buildtag for remoteclient to remote for testingDaniel J Walsh2020-07-06
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6868 from mheon/fix_mount_rootlessOpenShift Merge Robot2020-07-06
|\ \ \ | |/ / |/| | Fix bug where `podman mount` didn't error as rootless
| * | Disable mount tests as rootlessMatthew Heon2020-07-06
| | | | | | | | | | | | | | | | | | | | | | | | As rootless, `podman mount` must be run inside `podman unshare`. We don't really have a testing harness that can do this right now. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Fix bug where `podman mount` didn't error as rootlessMatthew Heon2020-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We require that rootless `podman mount` be run inside a shell spawned by `podman unshare` (which gives us a mount namespace which actually lets other commands use the mounted filesystem). The fix is simple - we need to mark the command as requiring the rootless user namespace not be configured, so we can test for it later as part of the mount code and error if we needed to make one. Fixes #6856 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #6812 from chuanchang/add_apiv2_testOpenShift Merge Robot2020-07-06
|\ \ \ | |_|/ |/| | test.apiv2: add testing for container initializing
| * | test.apiv2: add testing for container initializingAlex Jia2020-07-01
| | | | | | | | | | | | Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
* | | Merge pull request #6836 from ashley-cui/tzlibpodOpenShift Merge Robot2020-07-06
|\ \ \ | |_|/ |/| | Add --tz flag to create, run
| * | Add --tz flag to create, runAshley Cui2020-07-02
| | | | | | | | | | | | | | | | | | | | | --tz flag sets timezone inside container Can be set to IANA timezone as well as `local` to match host machine Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #6864 from vrothberg/v2-moduleOpenShift Merge Robot2020-07-06
|\ \ \ | | | | | | | | move go module to v2
| * | | move go module to v2Valentin Rothberg2020-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the advent of Podman 2.0.0 we crossed the magical barrier of go modules. While we were able to continue importing all packages inside of the project, the project could not be vendored anymore from the outside. Move the go module to new major version and change all imports to `github.com/containers/libpod/v2`. The renaming of the imports was done via `gomove` [1]. [1] https://github.com/KSubedi/gomove Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #6859 from ↵OpenShift Merge Robot2020-07-06
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/onsi/ginkgo-1.14.0 Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0
| * | | | Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0dependabot-preview[bot]2020-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v1.13.0...v1.14.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #6790 from QiWang19/set_engine_envOpenShift Merge Robot2020-07-06
|\ \ \ \ \ | | | | | | | | | | | | Set engine env from common config
| * | | | | Set engine env from common configQi Wang2020-07-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the env that is used by Podman. related issue containers/common#31 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | | Merge pull request #6855 from Luap99/ps-command-truncOpenShift Merge Robot2020-07-06
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | podman ps truncate the command
| * | | | | podman ps truncate the commandPaul Holzinger2020-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With a long create command the output from ps is basically unreadable. This is a regression that was introduced with Podman 2.0. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | | Merge pull request #6858 from vrothberg/fix-6793OpenShift Merge Robot2020-07-06
|\ \ \ \ \ \ | | | | | | | | | | | | | | auto-update: clarify systemd-unit requirements
| * | | | | | auto-update: clarify systemd-unit requirementsValentin Rothberg2020-07-06
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clarify in the help message and the man page that auto updates only work with systemd units that are similar to the ones from `generate systemd --new`. Units that merely start/stop a container do not work as they will use the same image. Fixes: #6793 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #6846 from mheon/fix_pod_errorsOpenShift Merge Robot2020-07-06
|\ \ \ \ \ \ | | | | | | | | | | | | | | Print errors from individual containers in pods
| * | | | | | Print errors from individual containers in podsMatthew Heon2020-07-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The infra/abi code for pods was written in a flawed way, assuming that the map[string]error containing individual container errors was only set when the global error for the pod function was nil; that is not accurate, and we are actually *guaranteed* to set the global error when any individual container errors. Thus, we'd never actually include individual container errors, because the infra code assumed that err being set meant everything failed and no container operations were attempted. We were originally setting the cause of the error to something nonsensical ("container already exists"), so I made a new error indicating that some containers in the pod failed. We can then ignore that error when building the report on the pod operation and actually return errors from individual containers. Unfortunately, this exposed another weakness of the infra code, which was discarding the container IDs. Errors from individual containers are not guaranteed to identify which container they came from, hence the use of map[string]error in the Pod API functions. Rather than restructuring the structs we return from pkg/infra, I just wrapped the returned errors with a message including the ID of the container. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | | Merge pull request #6848 from TomSweeneyRedHat/dev/tsweeney/ib_v1.1.6_upOpenShift Merge Robot2020-07-06
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Bump imagebuilder to v1.1.6 in upstream
| * | | | | | Bump imagebuilder to v1.1.6 in upstreamTomSweeneyRedHat2020-07-02
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump the imagebuilder package to v1.1.6 in the upstream branch. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | | Merge pull request #6852 from skorhone/fix/6803_null_portsOpenShift Merge Robot2020-07-05
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Fix container inspect endpoint returning null for network settings / ports
| * | | | | Fix issue #6803 Container inspect endpoint returns null for ↵Korhonen Sami (Samlink)2020-07-03
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NetworkSettings/Ports Implement mapping for NetworkSettings/Ports for Container inspect endpoint Signed-off-by: Sami Korhonen <skorhone@gmail.com>
* | | | | Merge pull request #6820 from containers/dependabot/go_modules/k8s.io/api-0.18.5OpenShift Merge Robot2020-07-03
|\ \ \ \ \ | |_|/ / / |/| | | | Bump k8s.io/api from 0.18.4 to 0.18.5
| * | | | Bump k8s.io/api from 0.18.4 to 0.18.5Daniel J Walsh2020-07-01
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.18.4 to 0.18.5. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.18.4...v0.18.5) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6845 from baude/v2remotetestsOpenShift Merge Robot2020-07-02
|\ \ \ \ | | | | | | | | | | stop podman service in e2e tests
| * | | | stop podman service in e2e testsBrent Baude2020-07-02
| | |/ / | |/| | | | | | | | | | | | | | | | | | when running e2e tests, each test knows to stop its service when running remote; however, during setup and teardown remote services were not being killed when we were done with them. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #6838 from mheon/fix_panic_eventsOpenShift Merge Robot2020-07-02
|\ \ \ \ | |/ / / |/| | | Fix `system service` panic from early hangup in events
| * | | Fix `system service` panic from early hangup in eventsMatthew Heon2020-07-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We weren't actually halting the goroutine that sent events, so it would continue sending even when the channel closed (the most notable cause being early hangup - e.g. Control-c on a curl session). Use a context to cancel the events goroutine and stop sending events. Fixes #6805 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #6840 from ↵OpenShift Merge Robot2020-07-02
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opentracing/opentracing-go-1.2.0 Bump github.com/opentracing/opentracing-go from 1.1.0 to 1.2.0
| * | | | Bump github.com/opentracing/opentracing-go from 1.1.0 to 1.2.0dependabot-preview[bot]2020-07-02
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opentracing/opentracing-go](https://github.com/opentracing/opentracing-go) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/opentracing/opentracing-go/releases) - [Changelog](https://github.com/opentracing/opentracing-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/opentracing/opentracing-go/compare/v1.1.0...v1.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6736 from maybe-sybr/maybe/apiv2/volumes-compatOpenShift Merge Robot2020-07-02
|\ \ \ \ | |/ / / |/| | | APIv2: Add docker compatible volume endpoints
| * | | APIv2:fix: Handle docker volume force as expectedmaybe-sybr2020-07-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In response to input regarding the semantic difference for the `force` parameter for volume removal between Docker and us, this change ensures that we emulate the Dockr behaviour correctly when this parameter is specified. Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
| * | | APIv2: Add docker compatible volume endpointsmaybe-sybr2020-07-02
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change implements docker compatibile endpoint for interacting with volumes. The code is mostly lifted from the `libpod` API handlers but decodes and constructs data using types defined in the docker API package. Some notable support caveats with the current implementation: * we don't return the nullable `Status` or `UsageData` keys when returning volume information for inspect and create endpoints * we don't support filters when pruning * we return a fixed `0` for the `SpaceReclaimed` key when pruning since we have no insight into how much space was freed from runtime Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
* | | Merge pull request #6831 from ↵OpenShift Merge Robot2020-07-01
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.15.1 Bump github.com/containers/common from 0.14.3 to 0.15.1
| * | Bump github.com/containers/common from 0.14.3 to 0.15.1dependabot-preview[bot]2020-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.14.3 to 0.15.1. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.14.3...v0.15.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6819 from ↵OpenShift Merge Robot2020-07-01
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/k8s.io/apimachinery-0.18.5 Bump k8s.io/apimachinery from 0.18.4 to 0.18.5
| * | | Bump k8s.io/apimachinery from 0.18.4 to 0.18.5dependabot-preview[bot]2020-06-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.18.4 to 0.18.5. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.18.4...v0.18.5) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6815 from rhatdan/apiOpenShift Merge Robot2020-07-01
|\ \ \ \ | |_|/ / |/| | | Created timesptamp returned by imagelist should be in unix format
| * | | Created timestamp returned by imagelist should be in unix formatDaniel J Walsh2020-06-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the API, we are currently returning the image time of creation as a string, in time.Time format. The API is for a 64 bit integer representing Unix time. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6826 from edsantiago/test_apiv2OpenShift Merge Robot2020-06-30
|\ \ \ \ | |_|_|/ |/| | | APIv2 tests: usability: better test logging
| * | | APIv2 tests: usability: better test loggingEd Santiago2020-06-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | test-apiv2 has two basic comparisons of returned JSON: equality and likeness ('=' and '~'). When logging failures, the test runner shows both actual and expected values. When logging success, for '=' there's no need to show both actual and expected. But for '~', it can be helpful (for verifying test correctness) to show the actual returned value. To be specific: old: ok ... .MemTotal~[0-9]\+ new: ok ... .MemTotal ('33509068800') ~ [0-9]\+ old: ok ... .[0].State~\(exited\|stopped\) new: ok ... .[0].State ('exited') ~ \(exited\|stopped\) The main benefit is that a developer or end user can easily see precisely what was returned; this can help confirm that the test is working as intended, and/or help fine-tune how the test is written. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #6823 from giuseppe/allow-cgroup-with-column-nameOpenShift Merge Robot2020-06-30
|\ \ \ \ | |_|/ / |/| | | utils: fix parsing of cgroup with : in the name
| * | | utils: fix parsing of cgroup with : in the nameGiuseppe Scrivano2020-06-30
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | a cgroup can have ':' in its name. Make sure the parser doesn't split more than 3 fields and leave untouched the ':' in the cgroup name. commit 6ee5f740a4ecb70636b888e78b02065ee984636c introduced the issue. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>