summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* namespaces: by default create cgroupns on cgroups v2Giuseppe Scrivano2019-11-05
| | | | | | | | | | | | | | | | change the default on cgroups v2 and create a new cgroup namespace. When a cgroup namespace is used, processes inside the namespace are only able to see cgroup paths relative to the cgroup namespace root and not have full visibility on all the cgroups present on the system. The previous behaviour is maintained on a cgroups v1 host, where a cgroup namespace is not created by default. Closes: https://github.com/containers/libpod/issues/4363 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #4415 from rhatdan/rootlessOpenShift Merge Robot2019-11-04
|\ | | | | Update rootless shortcomings with cgroup V2 information
| * Update rootless shortcomings with cgroup V2 informationDaniel J Walsh2019-11-01
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4430 from rst0git/logo-light-sourceOpenShift Merge Robot2019-11-04
|\ \ | | | | | | logo: correct light source reflection
| * | logo: correct light source reflectionRadostin Stoyanov2019-11-03
| | | | | | | | | | | | Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
* | | Merge pull request #4389 from TomSweeneyRedHat/dev/tsweeney/contextdirMatthew Heon2019-11-04
|\ \ \ | | | | | | | | Validate contextdir on build
| * | | Validate contextdir on buildTomSweeneyRedHat2019-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We never verified that the context directory passed into the build command was a valid directory. When we then slapped a default Containerfile name onto it, things went south fast if the user had passed us a file and not a directory. Fixes: #4383 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | Merge pull request #4423 from giuseppe/fix-cpu-statsOpenShift Merge Robot2019-11-04
|\ \ \ \ | | | | | | | | | | stats: report correctly CPU usage
| * | | | stats: fix calculation for the CPU timeGiuseppe Scrivano2019-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes: https://github.com/containers/libpod/issues/4409 Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
| * | | | cgroups: read correctly the CPU statsGiuseppe Scrivano2019-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the two values were incorrectly switched. Signed-off-by: Giuseppe Scrivano <giuseppe@scrivano.org>
* | | | | Merge pull request #4428 from Foxboron/morten/fix-docker-docsOpenShift Merge Robot2019-11-03
|\ \ \ \ \ | |_|_|/ / |/| | | | [Makefile] Fix docker documentation install and generation
| * | | | [docs] Ensure we include section 5 documentationMorten Linderud2019-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Section 5 documentation is missing from the documentation restructure. Signed-off-by: Morten Linderud <morten@linderud.pw>
| * | | | [Makefile] Fix docker documentation install and generationMorten Linderud2019-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The final versions of the documentation has been shifted from `docs/` to `docs/build/man`. Most of the Makefile has been changed accordingly, but the docker documentation generation was not. Introduced by #4354 Signed-off-by: Morten Linderud <morten@linderud.pw>
* | | | | Merge pull request #4424 from rhatdan/srp33OpenShift Merge Robot2019-11-02
|\ \ \ \ \ | | | | | | | | | | | | Update link to Commands documentation
| * | | | | Update link to Commands documentationStephen Piccolo2019-11-01
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous link pointed to the Markdown file, but the links are broken on that page. This pull request points to the actual documentation. Grabbed from @srp33 PR https://github.com/containers/libpod/pull/4407 to help the merge process. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4425 from rst0git/fix-typoOpenShift Merge Robot2019-11-02
|\ \ \ \ \ | |_|/ / / |/| | | | runtime: Fix typo
| * | | | runtime: Fix typoRadostin Stoyanov2019-11-02
|/ / / / | | | | | | | | | | | | Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
* | | | Merge pull request #4402 from baude/onlydocsOpenShift Merge Robot2019-11-01
|\ \ \ \ | |/ / / |/| | | [CI:DOCS] make docsonly prs
| * | | [CI:DOCS] make docs only prsbaude2019-11-01
| | | | | | | | | | | | | | | | | | | | | | | | skips certain aspects of prs for testing. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #4405 from umohnani8/fipsOpenShift Merge Robot2019-11-01
|\ \ \ \ | |_|/ / |/| | | Vendor in latest containers/buildah
| * | | Vendor in latest containers/buildahUrvashi Mohnani2019-11-01
|/ / / | | | | | | | | | | | | | | | | | | | | | Pull in changes to pkg/secrets/secrets.go that adds the logic to disable fips mode if a pod/container has a label set. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | Merge pull request #4400 from haircommander/exec-hangOpenShift Merge Robot2019-11-01
|\ \ \ | | | | | | | | Switch to bufio Reader for exec streams
| * | | Switch to bufio Reader for exec streamsPeter Hunt2019-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were many situations that made exec act funky with input. pipes didn't work as expected, as well as sending input before the shell opened. Thinking about it, it seemed as though the issues were because of how os.Stdin buffers (it doesn't). Dropping this input had some weird consequences. Instead, read from os.Stdin as bufio.Reader, allowing the input to buffer before passing it to the container. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #4412 from ↵OpenShift Merge Robot2019-11-01
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/onsi/ginkgo-1.10.3 Bump github.com/onsi/ginkgo from 1.10.1 to 1.10.3
| * | | Bump github.com/onsi/ginkgo from 1.10.1 to 1.10.3dependabot-preview[bot]2019-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.10.1 to 1.10.3. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v1.10.1...v1.10.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4404 from jwhonce/wip/panicOpenShift Merge Robot2019-11-01
|\ \ \ \ | |/ / / |/| | | Refactor test to prevent panic
| * | | Refactor test to prevent panicJhon Honce2019-10-31
| | | | | | | | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #4399 from giuseppe/tail-0OpenShift Merge Robot2019-10-31
|\ \ \ \ | | | | | | | | | | logs: support --tail 0
| * | | | logs: support --tail 0Giuseppe Scrivano2019-10-31
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | change the default to -1, so that we can change the semantic of "--tail 0" to not print any existing log line. Closes: https://github.com/containers/libpod/issues/4396 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #4384 from cevich/turn_off_f29OpenShift Merge Robot2019-10-31
|\ \ \ \ | |/ / / |/| | | Cirrus: Disable F29 testing
| * | | Cirrus: Disable F29 testingChris Evich2019-10-30
| | |/ | |/| | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #4354 from baude/newdocsstructOpenShift Merge Robot2019-10-31
|\ \ \ | | | | | | | | Restructure documentation dir
| * | | Update document formatting and packaging codeJhon Honce2019-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactored code and Makefile to support new docs layout * Removed some old code packaging code * Add Readme.md to document what we're doing Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: baude <bbaude@redhat.com>
| * | | Restructure documentation dirbaude2019-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restructuring the docs dir to make integration with sphinx easier. man pages now exist in docs/source/man and the sphinx make files exists in docs. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #4352 from vrothberg/config-packageOpenShift Merge Robot2019-10-31
|\ \ \ \ | | | | | | | | | | refactor libpod config into libpod/config
| * | | | add libpod/configValentin Rothberg2019-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the `RuntimeConfig` along with related code from libpod into libpod/config. Note that this is a first step of consolidating code into more coherent packages to make the code more maintainable and less prone to regressions on the long runs. Some libpod definitions were moved to `libpod/define` to resolve circular dependencies. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #4394 from vrothberg/fix-startOpenShift Merge Robot2019-10-31
|\ \ \ \ \ | |_|/ / / |/| | | | container start: fix regression when using name
| * | | | container start: fix regression when using nameValentin Rothberg2019-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When starting a container by using its name as a reference, we should print the name instead of the ID. We regressed on this behaviour with commit b4124485ae7e which made it into Podman v1.6.2. Kudos to openSUSE testing for catching it. To prevent future regressions, extend the e2e tests to check the printed container name/ID. Reported-by: @sysrich Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #4382 from AlekseyChudov/masterOpenShift Merge Robot2019-10-31
|\ \ \ \ \ | | | | | | | | | | | | Podman cp does not work when stdin is a pipe
| * | | | | Fix cp from pipeAleksey Chudov2019-10-30
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aleksey Chudov <aleksey.chudov@gmail.com>
* | | | | | Merge pull request #4395 from rhatdan/execOpenShift Merge Robot2019-10-31
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Fix selinux test for exec
| * | | | | Fix selinux test for execDaniel J Walsh2019-10-31
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | We want to make sure that the process label of pid 1 is the same as the process label of a process execed into the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4380 from giuseppe/rootless-create-cgroup-for-conmonOpenShift Merge Robot2019-10-30
|\ \ \ \ \ | | | | | | | | | | | | libpod, rootless: create cgroup for conmon
| * | | | | libpod, rootless: create cgroup for conmonGiuseppe Scrivano2019-10-30
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | always create a new cgroup for conmon also when running as rootless. We were previously creating one only when necessary, but that behaves differently than root containers. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #4379 from cevich/fix_upload_release_archiveOpenShift Merge Robot2019-10-30
|\ \ \ \ \ | | | | | | | | | | | | Cirrus: Fix upload_release_archive on branch or tag
| * | | | | Cirrus: Fix upload_release_archive on branch or tagChris Evich2019-10-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Cirrus-CI only sets `$CIRRUS_BASE_SHA` when testing PRs since the destination and it's state is easy to discover. However, when post-merge and/or tag-push testing, the previous state is not easily discoverable (changes have already merged). The `upload_release_archive` script incorrectly assumed this variable was always set, causing a constant stream of post-merge testing failures. Tweak the `is_release()` function to properly handle an empty `$CIRRUS_BASE_SHA` whether or not `$CIRRUS_TAG` is also set. Also update the unit-tests to check for this. Also account for a corner case where hack/get_ci_vm.sh is running on a VM w/o git. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #4305 from mheon/fix_volume_mountOpenShift Merge Robot2019-10-30
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Wait for `mount` command to finish when mounting volume
| * | | | | Wait for `mount` command to finish when mounting volumeMatthew Heon2019-10-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | command.Start() just starts the command. That catches some errors, but the nasty ones - bad options and similar - happen when the command runs. Use CombinedOutput() instead - it waits for the command to exit, and thus catches non-0 exit of the `mount` command (invalid options, for example). STDERR from the `mount` command is directly used, which isn't necessarily the best, but we can't really get much more info on what went wrong. Fixes #4303 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #4365 from cevich/safe_loadOpenShift Merge Robot2019-10-30
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Cirrus: Fix minor python deprecation warning
| * | | | | Cirrus: Fix minor python deprecation warningChris Evich2019-10-29
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>