summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* play kube default log driverNiall Crowe2022-05-05
| | | | | | | | | The default log driver is not used when using play kube without --log-driver. The LogDriver function needs to be called in order to use the default log driver. fixes #13781 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* Merge pull request #14127 from rhatdan/v4.1OpenShift Merge Robot2022-05-05
|\ | | | | Vendor in containers/buildah@v1.26.1
| * Cirrus: Fix ownership of repos. to keep git happyChris Evich2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Newer versions of git are much more pedantic about who owns the repository files. When setting up to run rootless, prior to this commit, the repo. ownership was changed from root. This causes all subsequent git-operations as root to fail: ``` fatal: unsafe repository ('<$GOSRC>' is owned by someone else) ``` Fix this by re-ordering operations, such that the change in ownership is done immediately before executing as a user. Also disable the git-ownership check on the source repository assuming the CI environment is disposable. Signed-off-by: Chris Evich <cevich@redhat.com>
| * build: disable --output for podman-remote clientsAditya R2022-05-05
| | | | | | | | | | | | | | | | | | | | Disable `build --output` for remote clients and update docs. [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Vendor in containers/buildah@v1.26.1Daniel J Walsh2022-05-05
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Temporarily skip netavark/aardvark e2e testChris Evich2022-05-05
| | | | | | | | | | | | Ref: https://github.com/containers/podman/issues/13931 Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Temporarily update netavark/aardvark-dnsChris Evich2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | Normally installing/updating packages at test runtime is highly discouraged for reliability and efficiency reasons. However, in this specific case, development work of these packages is still fairly hot. As a compromise to support podman test development, temporarily update these two specific packages at runtime. At a future date, when updates are less frequent, this commit can/should be safely reverted. At that point, the versions installed at VM image build time will persist. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Test w/ netavark/aardvark-dns in F36+Chris Evich2022-05-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that netavark and aardvark are packaged and default in F36, support CNI-based testing in F35 and Ubuntu. * Remove the temporary/special `$TEST_ENVIRON=host-netavark` construct. * Remove dedicated/special integration and system testing tasks. * Update test-config setup to properly handle CNI vs netavark/aardvark environments. * Update package-version logging to operate based on installed packages (along with some other minor script cleanups). * Update global environment setup to force `$NETWORK_BACKEND=netavark` in F36 and later. Except when `upgrade_test` task runs. * Discontinue installing netavark and aardvark-dns binaries from upstream build artifacts. * Drop CGV1-vs-2 policy check. Ubuntu VMs now exclusively test CGv1, Fedora VMs test CGv2, with F35 testing CNI and F36 testing Netavark. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Update to F36 CI VM ImagesChris Evich2022-05-05
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #14119 from ↵OpenShift Merge Robot2022-05-05
|\ | | | | | | | | openshift-cherrypick-robot/cherry-pick-14037-to-v4.1 [v4.1] Report correct RemoteURI
| * Report correct RemoteURIDaniel J Walsh2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | Rather than assuming a filesystem path, the API service URI is recorded in the libpod runtime configuration and then reported as requested. Note: All schemes other than "unix" are hard-coded to report URI exists. Fixes #12023 Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14116 from mheon/bump_410_rc2OpenShift Merge Robot2022-05-04
|\ \ | | | | | | [CI:DOCS] Bump to v4.1.0-RC2
| * | Add 4.1 branch to API documentationMatthew Heon2022-05-04
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Misc readme update to retrigger CIMatthew Heon2022-05-04
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Bump to v4.1.0-devMatthew Heon2022-05-04
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Bump to v4.1.0-rc2v4.1.0-rc2Matthew Heon2022-05-04
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Update release notes for v4.1.0 RC2Matthew Heon2022-05-04
| |/ | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #14117 from ↵OpenShift Merge Robot2022-05-04
|\ \ | |/ |/| | | | | openshift-cherrypick-robot/cherry-pick-14066-to-v4.1 [v4.1] podman system reset removed machines incorrectly
| * podman system reset removed machines incorrectlyAshley Cui2022-05-04
|/ | | | | | | podman system reset did not clean up machines fully, leaving some config files, and breaking machines. Now it removes all machines files fully. Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #14114 from ↵OpenShift Merge Robot2022-05-04
|\ | | | | | | | | openshift-cherrypick-robot/cherry-pick-14108-to-v4.1 [v4.1] machine events: only open sockets when needed
| * machine events: only open sockets when neededPaul Holzinger2022-05-04
|/ | | | | | | | We should only open the socket when needed and not always at init time. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14112 from ↵OpenShift Merge Robot2022-05-04
|\ | | | | | | | | openshift-cherrypick-robot/cherry-pick-14085-to-v4.1 [v4.1] Add podman machine events
| * Add podman machine eventsJhon Honce2022-05-04
| | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #14111 from ↵OpenShift Merge Robot2022-05-04
|\ \ | |/ |/| | | | | openshift-cherrypick-robot/cherry-pick-14099-to-v4.1 [v4.1] Implement --format for machine inspect
| * Implement --format for machine inspectJhon Honce2022-05-04
|/ | | | | | * Fix issue of nil pointer derefence Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #14100 from mheon/incremental_backportsOpenShift Merge Robot2022-05-03
|\ | | | | [v4.1] Incremental backports
| * Release notes for more v4.1.0 backportsMatthew Heon2022-05-03
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Additional stats for podman infoBrent Baude2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In support of podman machine and its counterpart desktop, we have added new stats to podman info. For storage, we have added GraphRootAllocated and GraphRootUsed in bytes. For CPUs, we have added user, system, and idle percents based on /proc/stat. Fixes: #13876 Signed-off-by: Brent Baude <bbaude@redhat.com>
| * libpod: unset networks before storing container confPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | Since networks must always be read from the db bucket directly we should unset them in config to avoid caller from accidentally using them. I already tried this but it didn't work because the networks were unset after the config was marshalled. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * Implement machine inspect for WSLJason T. Greene2022-05-03
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * Bump github.com/rootless-containers/rootlesskit from 1.0.0 to 1.0.1dependabot[bot]2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
| * Use simulated dual-stack binds when using WSLJason T. Greene2022-05-03
| | | | | | | | | | | | Resolves a WSL problem where traffic from only one stack is relayed Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * libpod: host netns keep same /etc/resolv.confPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | When a container is run in the host network namespace we have to keep the same resolv.conf content and not use the systemd-resolve detection logic. But also make sure we still allow --dns options. Fixes #14055 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * fix incorrect permissions for /etc/resolv.conf in usernsPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always be owned by the root user in the container. This worked correct for /etc/hostname and /etc/hosts but not for /etc/resolv.conf. A container run with --userns keep-id would have the reolv.conf file owned by the current container user which is wrong. Consolidate some common code in a new helper function to make the code more cleaner. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * pkg/api: do not register decoder in endpoint handlerPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | Since the decoder is shared registering the decoder inside a single endpoint will also register it for all others. Also the problem with that is the it will register it everytime this endpoint is called which is wrong. Instead we should register it once like the other custom decoder functions. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * fix broken hooks-dir testPaul Holzinger2022-05-03
| | | | | | | | | | | | | | The test has been broken since it was added 4 years ago. Instead of using hardcoded paths we should use tmp files. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * enable errcheck linterPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | The errcheck linter makes sure that errors are always check and not ignored by accident. It spotted a lot of unchecked errors, mostly in the tests but also some real problem in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * libpod: unlock containers when removing podGiuseppe Scrivano2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It solves a race where a container cleanup process launched because of the container process exiting normally would hang. It also solves a problem when running as rootless on cgroup v1 since it is not possible to force pids.max = 1 on conmon to limit spawning the cleanup process. Partially copied from https://github.com/containers/podman/pull/13403 Related to: https://github.com/containers/podman/issues/14057 [NO NEW TESTS NEEDED] it doesn't add any new functionality Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * remove unused codepath for creating/running ctr in a podcdoern2022-05-03
| | | | | | | | | | | | | | | | | | | | `pod.CgroupPath()` currently includes a codepath that is never accessed, which is supposed to start the infra ctr and obtain the cgroup path from there that is never necessary/safe because p.state.CgroupPath is never empty [NO NEW TESTS NEEDED] Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
| * Refactor machine inspectBrent Baude2022-05-03
| | | | | | | | | | | | | | | | | | | | I was asked to refactor machine inspect output to represent more common and basic information. machine inspect now has information that would be appropriate for different machines. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
| * image search --format: add completion for go templatePaul Holzinger2022-05-03
| | | | | | | | | | | | | | podman image search accepts a go template, we can use the same shell completion logic which is used everywhere else in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * shell completion --format: use structs by referencePaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | For the AutocompleteFormat function we expect the correct template struct which is used in the golang template. The function can handle both struct and pointer to a struct. Using the reference is more efficient since it doe snot have to copy the whole struct. Also change some structs to use he actual type from the template instead of some nested one to make sure it has to correct fields. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * image --format: fix add completion for go templatePaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | It used the wrong struct so not all fields were listed in the completion. Fixes podman images --format and podman image history --format Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * shell completion --format: use anonymous struct field oncePaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | We should not include the anonymous twice in the suggestions. one example is `podman network ls --format {{.` it will also show `{{.Network` but since Network is the actual struct all fields are already shown so there is no need for it to be suggested. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * network inspect --format: add completion for go templatePaul Holzinger2022-05-03
| | | | | | | | | | | | Make sure to autocomplete the go template for network inspect. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * shell completion --format: work with nil structsPaul Holzinger2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | AutocompleteFormat() takes the format struct as argument. Often the structs are deeply nested and contain other structs. Up until now if there was a pointer to a struct the logic was not able to get the field names from that, simply because the pointer was nil. However it is possible to create a new initialized type with reflect.New(). This allows us to complete all struct fields/functions even when there nil pointers. Therefore we can drop the extra initialization which was done by some callers. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * podman machine starting testcdoern2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | add a test to make sure machines are not running while still starting in order to do this, I added a parameter to `run()` to delineate whether or not the command should block or not. The non blocking run allows for tests to get and use the `machineSession` pointer and check the exit code to see if it has finished. also fix a bug (created by #13996) that before started, the machines would always say "LastUp" and "Created" Less than one second ago Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
| * Report properly whether pod shares host networkDaniel J Walsh2022-05-03
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/14028 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Bump github.com/containernetworking/cni from 1.0.1 to 1.1.0dependabot[bot]2022-05-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/containernetworking/cni/releases) - [Commits](https://github.com/containernetworking/cni/compare/v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: github.com/containernetworking/cni dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
| * Three manual fixesEd Santiago2022-05-03
| | | | | | | | | | | | | | | | | | | | Two for this error: invalid indirect of pod.Spec.DNSConfig.Options[0] ...and one for a gofmt error (spaces). Signed-off-by: Ed Santiago <santiago@redhat.com>