summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #13841 from lsm5/main-cve-2022-27191OpenShift Merge Robot2022-04-12
|\ | | | | Bump golang.org/x/crypto to 7b82a4e
| * Bump golang.org/x/crypto to 7b82a4eLokesh Mandvekar2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | Resolves: GHSA-8c26-wmh5-6g9v - CVE-2022-27191 Podman doesn't seem to be directly affected as the logic in question is not called. golang.org/x/crypto@1baeb1ce contains the actual CVE fix. Using the latest upstream commit to also include support for SHA-2. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #13846 from edsantiago/batsOpenShift Merge Robot2022-04-12
|\ \ | | | | | | System tests: fix oops in start --filter tests
| * | System tests: fix oops in start --filter testsEd Santiago2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bad code got committed by accident: test description on run_podman line, not test line. Did not seem to affect tests, but fix it anyway. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #13814 from rhatdan/systemdOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | Pretty print systemd services file
| * | | Pretty print systemd services fileAbhijeet Kasurde2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: #13337 I added newline only on options IE Begin with "-" [NO NEW TESTS NEEDED] Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13787 from Luap99/nohost-apiOpenShift Merge Robot2022-04-12
|\ \ \ \ | | | | | | | | | | API: use no_hosts from containers.conf
| * | | | API: use no_hosts from containers.confPaul Holzinger2022-04-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The API endpoints should properly honour the `no_hosts=true` setting in containers.conf. Fixes #13719 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #13788 from flouthoc/support-volume-optsOpenShift Merge Robot2022-04-12
|\ \ \ \ \ | |_|_|/ / |/| | | | run, mount: allow setting driver specific option using `volume-opt=`
| * | | | run, mount: allow setting driver specific option using volume-optAditya R2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `--mount` should allow setting driver specific options using `volume-opt` when `type=volume` is set. This ensures parity with docker's `volume-opt`. Signed-off-by: Aditya R <arajan@redhat.com>
* | | | | Merge pull request #13837 from rhatdan/VENDOROpenShift Merge Robot2022-04-12
|\ \ \ \ \ | |_|_|_|/ |/| | | | Update vendor of storage,common,image
| * | | | Update vendor of storage,common,imageDaniel J Walsh2022-04-12
| | |_|/ | |/| | | | | | | | | | | | | | | | | | Preparing for release candidate. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13836 from flouthoc/machine-rm-ignore-enoentOpenShift Merge Robot2022-04-12
|\ \ \ \ | | | | | | | | | | machine,rm: Ignore `ENOENT` while cleaning machine paths
| * | | | machine,rm: Ignore ENOENT while cleaning machineAditya R2022-04-12
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Certain paths like `../containers/podman/machine/my-test/podman.sock` do not exist when machine is not started, so removing a machine before starting it will result in ENOENT which we should ignore cause these paths do not exists Closes: https://github.com/containers/podman/issues/13834 [NO TESTS NEEDED] [NO NEW TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #13828 from cevich/fix_cron_checkOpenShift Merge Robot2022-04-12
|\ \ \ \ | |/ / / |/| | | [CI:BUILD] Cirrus: Fix unsupported cirrus-cron build status
| * | | Cirrus: Fix unsupported cirrus-cron build statusChris Evich2022-04-11
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Every weekday when the `check_cirrus_cron` github-actions workflow runs. It checks the status of all cirrus-cron jobs. If a build is found with a 'FAILED' status, it triggers an alert e-mail to be sent. However, the `test_image_build` is marked as a manually-triggered, resulting in a perpetual status of 'EXECUTING', even if there were failures. Fix this by only allowing the problematic task to run in pull requests without the `[CI:DOCS]` magic keyword. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #13821 from eriksjolund/fix_userns_auto_docsOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | [CI:DOCS] Rewrite rootless --userns=auto docs
| * | | [CI:DOCS] Rewrite rootless --userns=auto docsErik Sjölund2022-04-12
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove the statement that rootless --userns=auto does not work. * Mention that --userns=keep-id consumes all subuids and subgids. Co-authored-by: Tom Sweeney <tsweeney@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | Merge pull request #13093 from 0xC0ncord/selinux-conmon-agnosticOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | selinux: remove explicit range transition when starting conmon
| * | | selinux: remove explicit range transition when starting conmonKenton Groombridge2022-03-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not explicitly transition to s0 when starting conmon. Instead, the policy should implement this behavior. [NO NEW TESTS NEEDED] This is dependent on the SELinux policy to implement the desired behavior. Additionally, entirely custom SELinux policies may choose to implement the behavior differently. Signed-off-by: Kenton Groombridge <me@concord.sh>
* | | | Merge pull request #13826 from stevekuznetsov/skuznets/update-docOpenShift Merge Robot2022-04-11
|\ \ \ \ | | | | | | | | | | [CI:DOCS] pkg/bindings: document requirements for use
| * | | | pkg/bindings: document requirements for useSteve Kuznetsov2022-04-11
|/ / / / | | | | | | | | | | | | Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
* | | | Merge pull request #13804 from cevich/auto_update_bpOpenShift Merge Robot2022-04-11
|\ \ \ \ | | | | | | | | | | Cirrus: Multi-arch build auto-update + tagging update
| * | | | Cirrus: Multi-arch build auto-update + tagging updateChris Evich2022-04-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This new VM image brings in two important updates to multi-arch image build operations: 1. Future operational changes will no-longer require also updating VM images. Updates to build-push made in `containers/automation_images` will automatically be picked up at runtime. ref: https://github.com/containers/automation_images/pull/123 2. On the next run, both `vX` and `vX.Y` tagged manifest-lists will be pushed. This is now also reflected in the README. ref: https://github.com/containers/automation_images/pull/125 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #13822 from edsantiago/buildah_3544_fixedOpenShift Merge Robot2022-04-11
|\ \ \ \ \ | | | | | | | | | | | | System tests: reenable ps --external test
| * | | | | System tests: reenable ps --external testEd Santiago2022-04-11
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Buildah issue 3544 has been fixed and vendored into podman. We can reenable a long-skipped test. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #13701 from Luap99/ipam-noneOpenShift Merge Robot2022-04-11
|\ \ \ \ \ | |/ / / / |/| | | | network create: add support for ipam-driver none
| * | | | network create: add support for ipam-driver nonePaul Holzinger2022-04-11
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new flag to set the ipam-driver. Also adds a new ipam driver none mode which only creates interfaces but does not assign addresses. Fixes #13521 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #13794 from rhatdan/newuidmapOpenShift Merge Robot2022-04-08
|\ \ \ \ | | | | | | | | | | If newuidmap or newgidmap fail, then check their permissions
| * | | | If newuidmap or newgidmap fail, then check their permissionsDaniel J Walsh2022-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Often distributions to not have newuidmap and netgidmap configured to be setuid. If Podman fails to setup the user namespace, check to see if these files doe not have the proper protection and tell the user. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13811 from flouthoc/container_inspect_entrypointOpenShift Merge Robot2022-04-08
|\ \ \ \ \ | |/ / / / |/| | | | container,inspect: convert `Entrypoint` to an array instead of a string
| * | | | container,inspect: convert Entrypoint to array instead of a stringAditya R2022-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Convert container entrypoint from string to an array inorder to make sure there is parity between `podman inspect` and `docker inspect` Signed-off-by: Aditya R <arajan@redhat.com>
* | | | | Merge pull request #13687 from rhatdan/VENDOROpenShift Merge Robot2022-04-08
|\ \ \ \ \ | |/ / / / |/| | | | Vendor in new opencontainers/selinux
| * | | | Vendor in new opencontainers/selinuxDaniel J Walsh2022-04-08
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also update vendor of containers/common,buildah,storage,image Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13810 from vrothberg/images-sizeOpenShift Merge Robot2022-04-08
|\ \ \ \ | | | | | | | | | | images --size
| * | | | images --sizeValentin Rothberg2022-04-08
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a --size option to podman images to allow for disabling computing the size of listed images. If listing images is critical to performance, user may chose to turn off size computation to speed things up. Context: #13755 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | Merge pull request #13773 from TomSweeneyRedHat/dev/tsweeney/helloOpenShift Merge Robot2022-04-07
|\ \ \ \ | |/ / / |/| | | [CI:DOCS] Add Podman Hello to readme.md
| * | | Add Podman Hello to readme.mdtomsweeneyredhat2022-04-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As the title says. Adds a Podman hello image to the home page. I ran it on windows, so had to have a blue screen to honor that! [NO NEW TESTS NEEDED] Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* | | | Merge pull request #13798 from n1hility/fix-docker-sockOpenShift Merge Robot2022-04-07
|\ \ \ \ | | | | | | | | | | Fix mac docker socket handling
| * | | | Fix docker socket handlingJason T. Greene2022-04-06
| |/ / / | | | | | | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | | | Merge pull request #13796 from n1hility/no-live-setOpenShift Merge Robot2022-04-07
|\ \ \ \ | |/ / / |/| | | Prevent set command from updating a running instance
| * | | Prevent set command from updating a running instanceJason T. Greene2022-04-06
|/ / / | | | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | | Merge pull request #13776 from ↵OpenShift Merge Robot2022-04-06
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/BurntSushi/toml-1.1.0 build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
| * | build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0dependabot[bot]2022-04-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #13786 from patrycja-guzik/docu3OpenShift Merge Robot2022-04-06
|\ \ \ | | | | | | | | [CI:DOCS] Unify examples section across several man pages: pod rm/start/unpause
| * | | Unify examples section across several man pages: pod rm/start/unpausePatrycja Guzik2022-04-05
| | | | | | | | | | | | | | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
* | | | Merge pull request #13750 from baude/refactor3OpenShift Merge Robot2022-04-06
|\ \ \ \ | |_|/ / |/| | | machine refactor 3: add symlinks for sockets
| * | | machine refactor 3: add symlinks for socketsBrent Baude2022-04-05
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to avoid errors on macos, we use symlinks to long socket names. Fixes: #12751 Fixes: #13609 Signed-off-by: Brent Baude <bbaude@redhat.com> [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #13771 from patrycja-guzik/docu3OpenShift Merge Robot2022-04-05
|\| | | | | | | | [CI:DOCS] Unify examples section across several man pages: init/kill
| * | Unify examples section across several man pages: init/killPatrycja Guzik2022-04-04
|/ / | | | | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-07 13:00:22 +0000