summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* container: do not set hostname when joining utsGiuseppe Scrivano2020-06-10
| | | | | | | do not set the hostname when joining an UTS namespace, as it could be owned by a different userns. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* container: make resolv.conf and hosts accessible in usernsGiuseppe Scrivano2020-06-10
| | | | | | | | when running in a new userns, make sure the resolv.conf and hosts files bind mounted from another container are accessible to root in the userns. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #6546 from rhatdan/lintOpenShift Merge Robot2020-06-10
|\ | | | | Turn on golint
| * Fix Id->ID where possible for lintDaniel J Walsh2020-06-10
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Fixup issues found by golintDaniel J Walsh2020-06-10
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #6193 from cevich/conmon_ci_packagesOpenShift Merge Robot2020-06-09
|\ \ | | | | | | Cirrus: Include packages for containers/conmon CI
| * | Cirrus: Include packages for containers/conmon CIChris Evich2020-06-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the containers/conmon repository to share the same VM images produced by containers/libpod. Included are several packages which are downloaded only since they might otherwise interfere with testing for some repos. This allows stable versions to be at the ready at testing runtime, avoiding any version updates surprising developers. Also, re-enable running the VM-image check test which was not working due to a logic problem in Cirrus-CI configuration. Update the neglected tests so that they pass on all distros. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #6542 from mheon/fix_pod_kill_signalerrOpenShift Merge Robot2020-06-09
|\ \ \ | |_|/ |/| | Ensure signal validation happens first in pod kill
| * | Ensure signal validation happens first in pod killMatthew Heon2020-06-09
|/ / | | | | | | | | | | | | | | | | | | | | | | | | This fixes an error in the system tests, which expect that when you try and kill a nonexistent pod with an incorrect signal, you receive an error about the signal, not the pod. At the same time, fix a missing return statement in the bindings, which could also have caused us grief. Fixes #6540 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #6533 from ↵OpenShift Merge Robot2020-06-09
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/json-iterator/go-1.1.10 Bump github.com/json-iterator/go from 1.1.9 to 1.1.10
| * | Bump github.com/json-iterator/go from 1.1.9 to 1.1.10dependabot-preview[bot]2020-06-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/json-iterator/go](https://github.com/json-iterator/go) from 1.1.9 to 1.1.10. - [Release notes](https://github.com/json-iterator/go/releases) - [Commits](https://github.com/json-iterator/go/compare/v1.1.9...v1.1.10) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6534 from ↵OpenShift Merge Robot2020-06-09
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/common-0.13.0 Bump github.com/containers/common from 0.12.0 to 0.13.0
| * | | Bump github.com/containers/common from 0.12.0 to 0.13.0dependabot-preview[bot]2020-06-09
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/common](https://github.com/containers/common) from 0.12.0 to 0.13.0. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.12.0...v0.13.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6521 from cevich/update_cors_docsOpenShift Merge Robot2020-06-09
|\ \ \ | | | | | | | | [CI:DOCS] Improve swagger+CORS metadata docs
| * | | Improve swagger+CORS metadata docsChris Evich2020-06-09
| | |/ | |/| | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #6532 from sujil02/python-testOpenShift Merge Robot2020-06-09
|\ \ \ | |_|/ |/| | Modify py test to start stop system service for each test
| * | Modify py test to start stop system service for each testSujil022020-06-07
| | | | | | | | | | | | | | | | | | | | | | | | Start stop system service for each test class to make it east to integrate to CI Adds more tests Add some common methods shared between images and containers test. Signed-off-by: Sujil02 <sushah@redhat.com>
* | | Merge pull request #6520 from mheon/no_conmon_no_errorOpenShift Merge Robot2020-06-09
|\ \ \ | | | | | | | | Ensure Conmon is alive before waiting for exit file
| * | | Ensure Conmon is alive before waiting for exit fileMatthew Heon2020-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This came out of a conversation with Valentin about systemd-managed Podman. He discovered that unit files did not properly handle cases where Conmon was dead - the ExecStopPost `podman rm --force` line was not actually removing the container, but interestingly, adding a `podman cleanup --rm` line would remove it. Both of these commands do the same thing (minus the `podman cleanup --rm` command not force-removing running containers). Without a running Conmon instance, the container process is still running (assuming you killed Conmon with SIGKILL and it had no chance to kill the container it managed), but you can still kill the container itself with `podman stop` - Conmon is not involved, only the OCI Runtime. (`podman rm --force` and `podman stop` use the same code to kill the container). The problem comes when we want to get the container's exit code - we expect Conmon to make us an exit file, which it's obviously not going to do, being dead. The first `podman rm` would fail because of this, but importantly, it would (after failing to retrieve the exit code correctly) set container status to Exited, so that the second `podman cleanup` process would succeed. To make sure the first `podman rm --force` succeeds, we need to catch the case where Conmon is already dead, and instead of waiting for an exit file that will never come, immediately set the Stopped state and remove an error that can be caught and handled. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #6513 from ↵OpenShift Merge Robot2020-06-08
|\ \ \ \ | |/ / / |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/stretchr/testify-1.6.1 Bump github.com/stretchr/testify from 1.6.0 to 1.6.1
| * | | Bump github.com/stretchr/testify from 1.6.0 to 1.6.1dependabot-preview[bot]2020-06-08
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6515 from vrothberg/v2-enable-ubuntuOpenShift Merge Robot2020-06-08
|\ \ \ | |/ / |/| | V2 enable ubuntu
| * | e2e: disable checkpoint test on UbuntuValentin Rothberg2020-06-08
| | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | force bats version to v1.1.0Valentin Rothberg2020-06-08
| | | | | | | | | | | | | | | | | | | | | | | | We experienced regression when using the latest `v1.2.0-dev` bats in Ubuntu 20.04 (see github.com/containers/libpod/pull/6418). Using bats v1.1.0 worked in the Ubuntu test VM. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | Enable Ubuntu tests in CIBrent Baude2020-06-08
|/ / | | | | | | | | | | Add updates required for ubuntu and run integration tests Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #6505 from mheon/parallel_stopOpenShift Merge Robot2020-06-08
|\ \ | |/ |/| Add parallel operation to `podman stop`
| * Add parallel operation to `podman stop`Matthew Heon2020-06-05
| | | | | | | | | | | | | | | | | | | | | | | | This is the other command that benefits greatly from being run in parallel, due to the potential 15-second timeout for containers that ignore SIGTERM. While we're at it, also clean up how stop timeout is set. This needs to be an optional parameter, so that the value set when the container is created with `--stop-timeout` will be respected. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #6417 from sujil02/py-testOpenShift Merge Robot2020-06-06
|\ \ | |/ |/| Adds docker py regression test.
| * Adds docker py regression test.Sujil022020-06-04
| | | | | | | | | | | | | | | | Adds test to validate podman image endpoints. Adds readme on how to run python tests Adds contants file. Signed-off-by: Sujil02 <sushah@redhat.com>
* | Merge pull request #6504 from rhatdan/systemdOpenShift Merge Robot2020-06-05
|\ \ | | | | | | Fix handling of systemd.
| * | Fix handling of systemd.Daniel J Walsh2020-06-05
|/ / | | | | | | | | | | | | | | | | | | Systemd enablement has to happen on the server side, since we need check if the image is running systemd. Also need to make sure user setting the StopSignal is not overriden on the server side. But if not set and using systemd, we set it correctly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #6495 from mheon/parallel_executionOpenShift Merge Robot2020-06-05
|\ \ | | | | | | Add parallel execution code for container operations
| * | Add parallel execution code for container operationsMatthew Heon2020-06-05
| | | | | | | | | | | | | | | | | | | | | | | | This code will run container operations in parallel, up to a given maximum number of threads. Currently, it has only been enabled for local `podman rm` as a proof of concept. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #6500 from ↵OpenShift Merge Robot2020-06-05
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/seccomp/containers-golang-0.5.0 Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0
| * | | Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0dependabot-preview[bot]2020-06-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/seccomp/containers-golang](https://github.com/seccomp/containers-golang) from 0.4.1 to 0.5.0. - [Release notes](https://github.com/seccomp/containers-golang/releases) - [Commits](https://github.com/seccomp/containers-golang/compare/v0.4.1...v0.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6498 from mheon/fix_pod_hostnameOpenShift Merge Robot2020-06-05
|\ \ \ \ | | | | | | | | | | Ensure that containers in pods properly set hostname
| * | | | Strip defaults from namespace flagsMatthew Heon2020-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We were picking up defaults from the client's containers.conf, which broke pod namespaces. The server-side code already checks containers.conf when not explicitly overridden by the user, or by the container being part of a pod (the last bit being our bug). This only manifested on systems with a containers.conf installed, so RHEL 8 and Fedora 32 (which means our F32 CI VMs likely should have caught it, but didn't, which is concerning). This prevents defaults for these flags being shown, but they were incorrect anyways for `podman-remote`, so I'm not terribly concerned. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Ensure that containers in pods properly set hostnameMatthew Heon2020-06-04
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we moved to the new Namespace types in Specgen, we made a distinction between taking a namespace from a pod, and taking it from another container. Due to this new distinction, some code that previously worked for both `--pod=$ID` and `--uts=container:$ID` has accidentally become conditional on only the latter case. This happened for Hostname - we weren't properly setting it in cases where the container joined a pod. Fortunately, this is an easy fix once we know to check the condition. Also, ensure that `podman pod inspect` actually prints hostname. Fixes #6494 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #6501 from rhatdan/iopsOpenShift Merge Robot2020-06-05
|\ \ \ \ | |/ / / |/| | | Fix handling of ThrottleWriteIOPSDevice
| * | | Fix handling of ThrottleWriteIOPSDeviceDaniel J Walsh2020-06-05
|/ / / | | | | | | | | | | | | | | | This is causing the UBuntu tests to fail. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6338 from rhatdan/build3OpenShift Merge Robot2020-06-04
|\ \ \ | | | | | | | | Attempt to turn on special_testing_in_podman tests
| * | | Attempt to turn on special_testing_in_podman testsDaniel J Walsh2020-06-04
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6374 from rhatdan/build1OpenShift Merge Robot2020-06-04
|\ \ \ \ | |_|/ / |/| | | Turn on the podman-commands script to verify man pages
| * | | Turn on the podman-commands script to verify man pagesDaniel J Walsh2020-06-04
|/ / / | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6492 from mheon/bump-2.0.0-rc4OpenShift Merge Robot2020-06-04
|\ \ \ | |/ / |/| | [CI:DOCS] Bump to v2.0.0-RC4
| * | Bump to v2.0.0-devMatthew Heon2020-06-04
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | Bump to v2.0.0-rc4v2.0.0-rc4Matthew Heon2020-06-04
|/ / | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #6491 from vrothberg/fix-6490OpenShift Merge Robot2020-06-04
|\ \ | | | | | | /images/.../json: fix port parsing
| * | /images/.../json: fix port parsingValentin Rothberg2020-06-04
| |/ | | | | | | | | | | | | | | | | | | Fix a bug when parsing the `ExposedPorts` of the image that lead to panics when the field was set. The OCI image spec allows three valid formats: `tcp/port`, `udp/port` and `port` Fixes: #6490 Reported-by: @jgallucci32 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #6489 from edsantiago/batsOpenShift Merge Robot2020-06-04
|\ \ | | | | | | BATS and APIv2: more tests and tweaks