summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* CI: fix rootless permission errorEd Santiago2020-07-23
| | | | | | | | | | | | | CI runs are failing in special_testing_rootless: mkdir /var/tmp/go/pkg: permission denied Probable cause: #6822, which universally set GOPATH. Solution: in rootless setup, chown -R GOPATH as well as GOSRC (the latter was already being chowned). Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #7042 from rhatdan/remoteOpenShift Merge Robot2020-07-22
|\ | | | | Enable --remote flag
| * Enable --remote flagDaniel J Walsh2020-07-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7053 from ashley-cui/kubeipOpenShift Merge Robot2020-07-22
|\ \ | | | | | | Publish IP from YAML (podman play kube)
| * | Publish IP from YAML (podman play kube)Ashley Cui2020-07-22
| | | | | | | | | | | | | | | | | | podman play kube didn't set host ip correctly from YAML Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #7050 from edsantiago/logformat_trim_remoteOpenShift Merge Robot2020-07-22
|\ \ \ | | | | | | | | logformatter: handle podman-remote
| * | | logformatter: handle podman-remoteEd Santiago2020-07-22
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Oops! Logs of podman-remote tests are unreadable, they have multiple (useless) --remote options plus '--url /something/long' that makes it impossible to read the actual command being run. This commit strips off '--remote' entirely, and hides '--url' and its arg in the only-on-mouse-hover '[options]' text. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #7048 from rhatdan/remotetestOpenShift Merge Robot2020-07-22
|\ \ \ | | | | | | | | Turn on a bunch more remote tests
| * | | Turn on a bunch more remote testsDaniel J Walsh2020-07-22
| |/ / | | | | | | | | | | | | | | | We need to be more specific about the remote tests we turn off. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7047 from edsantiago/ci_login_flake_fixOpenShift Merge Robot2020-07-22
|\ \ \ | | | | | | | | CI: attempt to fix flake in login test
| * | | CI: attempt to fix flake in login testEd Santiago2020-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: #5212 ...or at least I hope it does. The symptom seems to be that INTEGRATION_ROOT is not being defined in some code flows. This PR blindly implements a suggestion from Miloslav, setting INTEGRATION_ROOT in one more place. We won't actually know for a long time if this works or not, because the test failure is a flake. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #6822 from cevich/add_htpasswdOpenShift Merge Robot2020-07-22
|\ \ \ \ | |_|/ / |/| | | Cirrus: Add packages that provide htpasswd
| * | | Cirrus: Switch to freshly built imageChris Evich2020-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Note: The libpod -> podman change in the image name comes by way of an intentional repository rename. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | Cirrus: Add packages that provide htpasswdChris Evich2020-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mainly needed for buildah testing: the htpasswd command was removed from the upstream registry container image. Making it available on the host-side enables configuring details needed by the registry during it's initial setup. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | Cirrus: Ensure GOPATH is properly set during image-buildsChris Evich2020-07-22
|/ / / | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #6992 from rhatdan/apparmorOpenShift Merge Robot2020-07-22
|\ \ \ | |/ / |/| | Support default profile for apparmor
| * | Support default profile for apparmorDaniel J Walsh2020-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently you can not apply an ApparmorProfile if you specify --privileged. This patch will allow both to be specified simultaniosly. By default Apparmor should be disabled if the user specifies --privileged, but if the user specifies --security apparmor:PROFILE, with --privileged, we should do both. Added e2e run_apparmor_test.go Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6955 from edsantiago/logformatter_fix_bucket_nameOpenShift Merge Robot2020-07-22
|\ \ \ | | | | | | | | logformatter: update MAGIC BLOB string
| * | | logformatter: update MAGIC BLOB stringEd Santiago2020-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fallout from libpod->podman repo name move: the HTML logs created by logformatter are no longer accessible. They render as: https://storage.googleapis.com/SECRET-5385732420009984-fcae48/artifacts/containers/podman/6313596734930944/html/integration_test.log.html (yes, "SECRET" instead of "cirrus-ci". Possibly because the GCE_SSH_USERNAME key, "cirrus-ci", was overzealously encrypted, making Cirrus censor any instances of the string in output. Let's see if this fixes it. But anyway this is a secondary unrelated bug). Reason: it looks like Cirrus "generated a new magic blob" when we renamed libpod -> podman. Chris was kind enough to locate the new magic blob and to give me a link to where we can discover it ourselves. I added that as a code comment. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #7044 from rhatdan/remotetestOpenShift Merge Robot2020-07-22
|\ \ \ \ | | | | | | | | | | Enable a bunch of remote tests
| * | | | Enable a bunch of remote testsDaniel J Walsh2020-07-21
| | |_|/ | |/| | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #7045 from ↵OpenShift Merge Robot2020-07-22
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.21.2 Bump github.com/containers/storage from 1.21.1 to 1.21.2
| * | | | Bump github.com/containers/storage from 1.21.1 to 1.21.2dependabot-preview[bot]2020-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.21.1 to 1.21.2. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.21.1...v1.21.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7046 from ↵OpenShift Merge Robot2020-07-22
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.17.0 Bump github.com/containers/common from 0.16.0 to 0.17.0
| * | | | | Bump github.com/containers/common from 0.16.0 to 0.17.0dependabot-preview[bot]2020-07-22
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.16.0 to 0.17.0. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.16.0...v0.17.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7032 from vrothberg/coverageOpenShift Merge Robot2020-07-22
|\ \ \ \ \ | |_|_|_|/ |/| | | | make localunit: record coverage
| * | | | make localunit: record coverageValentin Rothberg2020-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Inspirsed by CRI-O's coverage logic. Initial coverage is at 15.7 percent. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #7006 from ashley-cui/umaskOpenShift Merge Robot2020-07-22
|\ \ \ \ \ | | | | | | | | | | | | Add --umask flag for create, run
| * | | | | Add --umask flag for create, runAshley Cui2020-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --umask sets the umask inside the container Defaults to 0022 Co-authored-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | | Merge pull request #7002 from zhangguanzhang/masterOpenShift Merge Robot2020-07-22
|\ \ \ \ \ \ | | | | | | | | | | | | | | fix podman play kube doesn't override dockerfile ENTRYPOINT
| * | | | | | fix play kube doesn't override dockerfile ENTRYPOINTzhangguanzhang2020-07-22
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | | | Merge pull request #7040 from mheon/no_exec_errmsgOpenShift Merge Robot2020-07-22
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Do not print an error message on non-0 exec exit code
| * | | | | Do not print an error message on non-0 exec exit codeMatthew Heon2020-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This was added with an earlier exec rework, and honestly is very confusing. Podman is printing an error message, but the error had nothing to do with Podman; it was the executable we ran inside the container that errored, and per `podman run` convention we should set the Podman exit code to the process's exit code and print no error. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | | Merge pull request #7025 from mheon/readme_updatesOpenShift Merge Robot2020-07-21
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Update the README to reflect the libpod move
| * | | | | Update the README to reflect the libpod moveMatthew Heon2020-07-21
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We no longer have to dance around the fact that the repo is named "libpod" which simplifies the opening a bit. Also, refresh our scope section and to-do section a bit. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #7036 from rhatdan/dockerOpenShift Merge Robot2020-07-21
|\ \ \ \ \ | | | | | | | | | | | | Add noop function disable-content-trust
| * | | | | Add noop function disable-content-trustDaniel J Walsh2020-07-21
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | People who use docker scripts with Podman see failures if they use disable-content-trust flag. This flag already existed for podman build, adding it to pull/push/create/run. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7037 from edsantiago/batsOpenShift Merge Robot2020-07-21
|\ \ \ \ \ | | | | | | | | | | | | BATS help-message test: improve diagnostics
| * | | | | BATS help-message test: improve diagnosticsEd Santiago2020-07-21
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The error messages from the 'podman xxx --help' cross-check test are unhelpful, and cause much wasted time when they trigger. Solution: instead of using the built-in exit-status check in run_podman, do an explicit check outside of run_podman. This lets us die() with a custom, hopefully useful, message. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #7028 from xordspar0/patch-1OpenShift Merge Robot2020-07-21
|\ \ \ \ \ | | | | | | | | | | | | docs: Fix formatting mistake
| * | | | | Document proxy env var precedenceJordan Christiansen2020-07-21
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
| * | | | | docs: Clarify how env var overriding worksJordan Christiansen2020-07-21
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
| * | | | | docs: Fix formatting mistakeJordan Christiansen2020-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Part of this section was a code block, and part of it was absorbed into the preceding normal paragraph. Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* | | | | | Merge pull request #7035 from ashley-cui/api_genOpenShift Merge Robot2020-07-21
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Fix Generate API swagger title/description
| * | | | | Fix Generate API title/descriptionAshley Cui2020-07-21
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | generate kube title and descritopn was same as play kube for apiv2 docs Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | Merge pull request #6902 from vrothberg/events-endpointOpenShift Merge Robot2020-07-21
|\ \ \ \ \ | |_|_|_|/ |/| | | | events endpoint: fix panic and race condition
| * | | | events endpoint: backwards compat to old typeValentin Rothberg2020-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The versions Docker that the compat endpoints currently support are using another type for the `filters` parameter than later versions of Docker, which the libpod/events endpoint is also using. To prevent existing deplopyments from breaking while still achieving backward compat, we now support both types for the filters parameter. Tested manually. Fixes: #6899 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | events endpoint: fix panic and race conditionValentin Rothberg2020-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a potential panic in the events endpoint when parsing the filters parameter. Values of the filters map might be empty, so we need to account for that instead of uncondtitionally accessing the first item. Also apply a similar for race conditions as done in commit f4a2d25c0fca: Fix a race that could cause read errors to be masked. Masking such errors is likely to report red herrings since users don't see that reading failed for some reasons but that a given event could not be found. Another race was the handler closing event channel, which could lead to two kinds of panics: double close, send to close channel. The backend takes care of that. However, make sure that the backend stops working in case the context has been cancelled. Fixes: #6899 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #7031 from vrothberg/root-checkOpenShift Merge Robot2020-07-21
|\ \ \ \ \ | |_|_|_|/ |/| | | | unit tests: root check
| * | | | unit tests: root checkValentin Rothberg2020-07-21
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The unit tests currently require running as root. This has caused some confusion that justifies adding a root check to `make localunit` and error out for non-root users instead of starting the tests deemed to fail. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>