summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Bump github.com/rootless-containers/rootlesskit from 1.0.0 to 1.0.1dependabot[bot]2022-05-03
| | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Use simulated dual-stack binds when using WSLJason T. Greene2022-05-03
| | | | | | Resolves a WSL problem where traffic from only one stack is relayed Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* libpod: host netns keep same /etc/resolv.confPaul Holzinger2022-05-03
| | | | | | | | | | | | When a container is run in the host network namespace we have to keep the same resolv.conf content and not use the systemd-resolve detection logic. But also make sure we still allow --dns options. Fixes #14055 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* fix incorrect permissions for /etc/resolv.conf in usernsPaul Holzinger2022-05-03
| | | | | | | | | | | | | | The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always be owned by the root user in the container. This worked correct for /etc/hostname and /etc/hosts but not for /etc/resolv.conf. A container run with --userns keep-id would have the reolv.conf file owned by the current container user which is wrong. Consolidate some common code in a new helper function to make the code more cleaner. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* pkg/api: do not register decoder in endpoint handlerPaul Holzinger2022-05-03
| | | | | | | | | | | | Since the decoder is shared registering the decoder inside a single endpoint will also register it for all others. Also the problem with that is the it will register it everytime this endpoint is called which is wrong. Instead we should register it once like the other custom decoder functions. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* fix broken hooks-dir testPaul Holzinger2022-05-03
| | | | | | | The test has been broken since it was added 4 years ago. Instead of using hardcoded paths we should use tmp files. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* enable errcheck linterPaul Holzinger2022-05-03
| | | | | | | | The errcheck linter makes sure that errors are always check and not ignored by accident. It spotted a lot of unchecked errors, mostly in the tests but also some real problem in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* libpod: unlock containers when removing podGiuseppe Scrivano2022-05-03
| | | | | | | | | | | | | | | | | It solves a race where a container cleanup process launched because of the container process exiting normally would hang. It also solves a problem when running as rootless on cgroup v1 since it is not possible to force pids.max = 1 on conmon to limit spawning the cleanup process. Partially copied from https://github.com/containers/podman/pull/13403 Related to: https://github.com/containers/podman/issues/14057 [NO NEW TESTS NEEDED] it doesn't add any new functionality Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* remove unused codepath for creating/running ctr in a podcdoern2022-05-03
| | | | | | | | | | `pod.CgroupPath()` currently includes a codepath that is never accessed, which is supposed to start the infra ctr and obtain the cgroup path from there that is never necessary/safe because p.state.CgroupPath is never empty [NO NEW TESTS NEEDED] Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Refactor machine inspectBrent Baude2022-05-03
| | | | | | | | | | I was asked to refactor machine inspect output to represent more common and basic information. machine inspect now has information that would be appropriate for different machines. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* image search --format: add completion for go templatePaul Holzinger2022-05-03
| | | | | | | podman image search accepts a go template, we can use the same shell completion logic which is used everywhere else in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* shell completion --format: use structs by referencePaul Holzinger2022-05-03
| | | | | | | | | | | | For the AutocompleteFormat function we expect the correct template struct which is used in the golang template. The function can handle both struct and pointer to a struct. Using the reference is more efficient since it doe snot have to copy the whole struct. Also change some structs to use he actual type from the template instead of some nested one to make sure it has to correct fields. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* image --format: fix add completion for go templatePaul Holzinger2022-05-03
| | | | | | | | It used the wrong struct so not all fields were listed in the completion. Fixes podman images --format and podman image history --format Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* shell completion --format: use anonymous struct field oncePaul Holzinger2022-05-03
| | | | | | | | | | We should not include the anonymous twice in the suggestions. one example is `podman network ls --format {{.` it will also show `{{.Network` but since Network is the actual struct all fields are already shown so there is no need for it to be suggested. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* network inspect --format: add completion for go templatePaul Holzinger2022-05-03
| | | | | | Make sure to autocomplete the go template for network inspect. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* shell completion --format: work with nil structsPaul Holzinger2022-05-03
| | | | | | | | | | | | | AutocompleteFormat() takes the format struct as argument. Often the structs are deeply nested and contain other structs. Up until now if there was a pointer to a struct the logic was not able to get the field names from that, simply because the pointer was nil. However it is possible to create a new initialized type with reflect.New(). This allows us to complete all struct fields/functions even when there nil pointers. Therefore we can drop the extra initialization which was done by some callers. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* podman machine starting testcdoern2022-05-03
| | | | | | | | | | | | add a test to make sure machines are not running while still starting in order to do this, I added a parameter to `run()` to delineate whether or not the command should block or not. The non blocking run allows for tests to get and use the `machineSession` pointer and check the exit code to see if it has finished. also fix a bug (created by #13996) that before started, the machines would always say "LastUp" and "Created" Less than one second ago Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Report properly whether pod shares host networkDaniel J Walsh2022-05-03
| | | | | | Fixes: https://github.com/containers/podman/issues/14028 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Bump github.com/containernetworking/cni from 1.0.1 to 1.1.0dependabot[bot]2022-05-03
| | | | | | | | | | | | | | Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/containernetworking/cni/releases) - [Commits](https://github.com/containernetworking/cni/compare/v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: github.com/containernetworking/cni dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Three manual fixesEd Santiago2022-05-03
| | | | | | | | | | Two for this error: invalid indirect of pod.Spec.DNSConfig.Options[0] ...and one for a gofmt error (spaces). Signed-off-by: Ed Santiago <santiago@redhat.com>
* Ginkgo: use HaveField() for better error checkingEd Santiago2022-05-03
| | | | | | | | | | | | | This is a very late followup to my ginkgo-improving work of 2021. It has been stuck since December because it requires gomega 1.17, which we've just enabled. This commit is simply a copy-paste of a command I saved in my TODO list many months ago: sed -i -e 's/Expect(\([^ ]\+\)\.\([a-zA-Z0-9]\+\))\.To(Equal(/Expect(\1).To(HaveField(\"\2\", /' test/e2e/*_test.go Signed-off-by: Ed Santiago <santiago@redhat.com>
* volume: add new option -o o=noquotaGiuseppe Scrivano2022-05-03
| | | | | | | | | | | | | | | | | add a new option to completely disable xfs quota usage for a volume. xfs quota set on a volume, even just for tracking disk usage, can cause weird errors if the volume is later re-used by a container with a different quota projid. More specifically, link(2) and rename(2) might fail with EXDEV if the source file has a projid that is different from the parent directory. To prevent such kind of issues, the volume should be created beforehand with `podman volume create -o o=noquota $ID` Closes: https://github.com/containers/podman/issues/14049 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* podman search: truncate by defaultValentin Rothberg2022-05-03
| | | | | | | | | | Truncate by default to avoid long descriptions from rendering the output unreadable. [NO NEW TESTS NEEDED] Fixes: #14044 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Produce better test error messagesBrent Baude2022-05-03
| | | | | | | As Ed has pointed out, the form of Expect(session).To(Exit(0)) provides much better error messages. Let's make Ed happy. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Add CreatedSince & CreatedAt format fields to podman image historyDaniel J Walsh2022-05-03
| | | | | | Fixes: https://github.com/containers/podman/issues/14012 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Allow changing of CPUs, Memory, and Disk SizeAshley Cui2022-05-03
| | | | | | | | | Allow podman machine set to change CPUs, Memory and Disk size of a QEMU machine after its been created. Disk size can only be increased. If one setting fails to be changed, the other settings will still be applied. Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #14094 from ↵OpenShift Merge Robot2022-05-03
|\ | | | | | | | | openshift-cherrypick-robot/cherry-pick-14078-to-v4.1 [v4.1] CI: emergency fix for broken go get
| * CI: emergency fix for broken go getPaul Holzinger2022-05-03
|/ | | | | | | | | | go get is deprecated, we should use go install instead. Also for some reason go get -u golang.org/x/tools/cmd/goimports is broken at the moment, thus failing CI jobs where we have to install this. Switching to go install seems to fix it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14042 from mheon/release_notes_410_rc1OpenShift Merge Robot2022-04-28
|\ | | | | [CI:DOCS] Bump to v4.1.0-rc1
| * Bump to v4.1.0-devMatthew Heon2022-04-28
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Bump to v4.1.0-rc1v4.1.0-rc1Matthew Heon2022-04-28
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add release notes for v4.1.0-RC1Matthew Heon2022-04-28
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #13698 from Luap99/versionOpenShift Merge Robot2022-04-27
|\ | | | | Bump version to v4.1.0-dev
| * manifest endpoints fix orderingPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | OK this is a pretty bad design IMO. We have to endpoints: manifest create: `POST /{name}` manifest push: `POST /{name}/registry/{destination}` So basically all push requests are valid create requests. Fortunately we can change the order in which the endpoints are matched. If the logic matches push first it will fall back to create if the request does not have the `/registry/{}` part. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * pkg/bindings: manifest remove 3.X API support conditionalPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | | | Since the minimum API version is set to 4.0.0 the endpoint will not talk to the 3.X endpoint. Therefore this logic is broken and should just be removed. 4.0 bindings should only talk to 4.0 server. This is already the case for many other endpoints. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * fix manifest modify endpoint to respect tlsverify paramPaul Holzinger2022-04-27
| | | | | | | | Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * Bump version to v4.1.0-devPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | I think we forgot to bump the version in the main branch. It should be v4.1.0-dev now. Also set the min api version to 4.0.0 as on the podman 4.0 branch. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14030 from ↵OpenShift Merge Robot2022-04-27
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/fsnotify/fsnotify-1.5.4 Bump github.com/fsnotify/fsnotify from 1.5.3 to 1.5.4
| * | Bump github.com/fsnotify/fsnotify from 1.5.3 to 1.5.4dependabot[bot]2022-04-27
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/fsnotify/fsnotify/releases) - [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md) - [Commits](https://github.com/fsnotify/fsnotify/compare/v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: github.com/fsnotify/fsnotify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #14023 from rhatdan/kubeOpenShift Merge Robot2022-04-27
|\ \ | | | | | | Truncate annotations when generating kubernetes yaml files
| * | Truncate annotations when generating kubernetes yaml filesDaniel J Walsh2022-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kubernetes only allows 63 characters in an annotation. Make sure that we only add 63 or less charaters when generating kube. Warn if containers or pods have longer length and truncate. Discussion: https://github.com/containers/podman/discussions/13901 Fixes: https://github.com/containers/podman/issues/13962 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #14029 from Luap99/kube-hostnetOpenShift Merge Robot2022-04-27
|\ \ \ | |_|/ |/| | play kube respect hostNetwork
| * | play kube respect hostNetworkPaul Holzinger2022-04-27
|/ / | | | | | | | | | | | | | | | | | | | | We need to use the host network when it is set in the config and --network was not used. This regression was added in 3e9af2029f1f. Fixes #14015 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13997 from Luap99/gocriticOpenShift Merge Robot2022-04-27
|\ \ | |/ |/| enable gocritic linter
| * play kube: do not skip containers by namePaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | We should not exclude contianers by name. If a users has a container with the name "inf" it is currently skipped. This is wrong. The k8s yaml does not contain infra containers so we do not have to skip them. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * enable gocritic linterPaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The linter ensures a common code style. - use switch/case instead of else if - use if instead of switch/case for single case statement - add space between comment and text - detect the use of defer with os.Exit() - use short form var += "..." instead of var = var + "..." - detect problems with append() ``` newSlice := append(orgSlice, val) ``` This could lead to nasty bugs because the orgSlice will be changed in place if it has enough capacity too hold the new elements. Thus we newSlice might not be a copy. Of course most of the changes are just cosmetic and do not cause any logic errors but I think it is a good idea to enforce a common style. This should help maintainability. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14009 from vrothberg/add-benchmarksOpenShift Merge Robot2022-04-26
|\ \ | | | | | | benchmarks: add more image benchmarks
| * | benchmarks: add more image benchmarksValentin Rothberg2022-04-26
| | | | | | | | | | | | | | | | | | | | | | | | Add more benchmarks for the most common and performance-critical image commands. Benchmarks for `podman build` should go into a separate section. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14013 from cevich/fix_main_archiveOpenShift Merge Robot2022-04-26
|\ \ \ | | | | | | | | Cirrus: Fix skipping all/most tests
| * | | Cirrus: Fix skipping all/most testsChris Evich2022-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The originally intent for skipping tests based on change-content was to optimize the PR workflow. However, a mistake in a conditional is causing almost all tasks running for Cron and branches to be skipped. Fix this by checking for an empty '$CIRRUS_PR' variable. This value is always empty when operating outside of PRs. Signed-off-by: Chris Evich <cevich@redhat.com>