| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix bad design decision (mine) by adding a simple usage check to 'skip'
and 'skip_if_remote' functions: if invoked without test-name args,
fail loudly and immediately.
Background: yeah, their usage is not intuitive. Making the first arg
be a comment helps with _reading_ the code, but not _writing_ new
additions. A developer in a hurry could write "skip this-test" and,
until now, that would be a silent NOP.
Tested by adding broken skip/skip_if_remote calls inline; I confirm
that the line number and funcname usage is correct.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command
Previously, if a container was not running, and the user ran the `podman
stats` command, an error would be reported: `Error: container state
improper`.
Podman now reports stats as the fields' default values for their
respective type if the container is not running:
```
$ podman stats --no-stream demo
ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU %
4b4bf8ce84ed demo 0.00% 0B / 0B 0.00% 0B / 0B 0B / 0B 0 0s 0.00%
```
Closes: #14498
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| |
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/13939
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Running `podman machine start` twice at the same time in different
terminals, for example, will make the second invocation fail and the
first one hang.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- The State() function now returns machine.Starting status instead of an
empty string if the VM is in the process of starting.
- The `CheckExclusiveActiveVM()` function returns `true` to prevent
starting a VM while another is in the process of starting.
- `podman machine ls` displays "Currently starting" under "Last Up" for
the starting VM
- `podman machine ls` supports `{{.Starting}}` boolean field in the format
- `podman machine inspect` displays "starting" in the "State" field for
the starting VM
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
APIv2 tests are flaky after this morning's merge of #14543.
Symptom:
test-apiv2: Timed out (10s) waiting for service (/dev/tcp/localhost/5564)
journal shows:
registry[7421]: panic: unable to configure authorization (htpasswd):
no access controller registered with name: none
Possible cause:
Mix of REGISTRY_AUTH=none with REGISTRY_AUTH_HTPASSWD_* vars.
https://github.com/distribution/distribution/issues/1168
Solution:
only set _HTPASSWD_* vars when AUTH=htpasswd
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
| |
Fixes #14184
Docs: https://onsi.github.io/gomega/#making-asynchronous-assertions
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
this patch included additonal host namespace checks when creating a ctr as well
as fixing of the tests to check /proc/self/ns/net
see #14461
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason commit 5b79cf15a022 moved the container create options
parsing from cmd/podman/common to pkg/api/handlers. However it did not
remove the old code. Unfortunately it moved the code from an outdated
version and did not update it before this commit was merged.
Therefore a couple of regressions were introduced. I manually compared
both versions and found three missing bugfixes.
I fixed the network test again that was changed in bce97a3b5dd1. We
want bridge as default even as rootless. Sine the test is not run as
rootless in CI the regression was not caught.
Also the no hosts test never worked since it was missing the import
check if the hosts file exists.
I don't think we can check for the volume parsing change since this only
works on windows/wsl.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previous PR #12394 tried to address this, but made a mistake:
containers that have just exited do not move to the Exited state
but rather the Stopped state - as such, the code would never have
run (there is no way we start `podman kill`, and the container
transitions to Exited while we are doing it - that requires
holding the container lock, which Kill already does).
Fix the code to check Stopped as well (we omit Exited entirely
but it's a cheap check and our state logic could change in the
future). Also, return an error, instead of exiting cleanly - the
Kill failed, after all. ErrCtrStateInvalid is already handled by
the sig-proxy logic so there won't be issues.
[NO NEW TESTS NEEDED] This fixes a race that I cannot reproduce
myself, and I have no idea how we'd repro in CI.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
| |
`podman container restore --file-locks` does not restore file locks
because this option is not passed to OCI runtime. This patch fixes this
issue.
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Mostly fix a bad design decision I made early on, re: registry.
old: registry starts once, runs to the end
new: registry is brought up on demand, then stopped
Reason: there are times when we need a password-controlled
registry, and times when we need it open.
As long as I'm in here, I've also cleaned up some confusing code
and fixed things so tests can run rootless again.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Also:
- It fixes a regression in parsing "images" parameter in
ManifestAddV3 handler.
- Refactors 12-imagesMore.at to use start_registry helper.
- Removes some unsafe "exit 1" statements which skip clean up.
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
| |
|
|
|
|
|
|
|
| |
infra was overriding options that it should be appending rather than resetting.
fix this by appending the given container's spec to the compatible options before marshaling/unmarshaling
resolves #14454
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a container with a userns is created the network setup is special.
Normally the netns is setup before the oci runtime container is created,
however with a userns the container is created first and then the network
is setup. In the second case we never saved the container state
afterwards. Because of it, podman inspect would not show the network info
and network teardown will not happen.
This worked with local podman because there was a save() call later in the
code path which then also saved the network status. But in the podman API
code path this save never happened thus all containers started via API had
this problem.
Fixes #14465
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
make the error clearer and state that images created by other tools
might not be visible to Podman when it overrides the graph driver.
Closes: https://github.com/containers/podman/issues/13970
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Setting the build context to a dedicated subdir makes sure that the test does not
flake when running in parallel, as the test is isolated from other tests
that may dump secrets in a higher level context dir.
This should have been done in
https://github.com/containers/podman/pull/13457, as this makes that PR
actually work.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The backend should not convert partial lines to full log lines. While
this works for most cases it cannot work when the last line is partial
since it will just be lost. The frontend logic can already display
partial lines correctly. The journald driver also works correctly since
it does not such conversion.
Fixes #14458
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
| |
Quick fix in play.go to use logDriver to set the correct
log driver rather than overwriting query.LogDriver.
[NO NEW TESTS NEEDED]
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |
|
|
|
|
|
|
| |
Save at most three images and sort them by size. The test started to
flake as _all_ local images were saved which is not neccessary.
Fixes: #14468
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
In #13466 the ability to force remove a machine while it's running was
added but it did not first stop the machine, all files get deleted but
the qemu VM would essentially be orphaned.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
the function `GetDefaultNamespaceMode` for pods checks if we are sharing each namespace
and if not, returns the default which in the case of a network is slirp.
add a switch case for explicitly checking if the pod's network mode is host
and if so, return specgen.Host for the container
resolves #13763
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The comma-separated podman load output isn't conducive for using the
subsequent images. For tarballs with multiple images, the comma
separator must be manually identified and a suitable range identified.
Docker CLI on the other hand, has one image identifier per line:
Loaded image: repo1/name1:latest
Loaded image: repo1/name1:tag1
Loaded image: repo2/name2:tag1
(as of Docker version 20.10.16, build aa7e414).
Switch `podman load` to this format for consistency and usability.
[NO NEW TESTS NEEDED]
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
|
| |
|
|
| |
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
|
| |
|
|
|
|
|
|
| |
In podman run --help, the message said megabyte, gigabyte, etc. In reality podman takes mebibytes, gibibytes, etc.
[CI:DOCS]
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With conmon-rs on the horizon, we need to disentangle Libpod from
legacy Conmon to the greatest extent possible. There are
definitely opportunities for codesharing between the two, but we
have to assume the implementations will be largely disjoint given
the different architectures.
Fortunately, most of the work has already been done in the past.
The conmon-managed OCI runtime mostly sits behind an interface,
with a few exceptions - the most notable of those being attach.
This PR thus moves Attach behind the interface, to ensure that we
can have attach implementations that don't use our existing unix
socket streaming if necessary.
Still to-do is conmon cleanup. There's a lot of code that removes
Conmon-specific files, or kills the Conmon PID, and all of it
will need to be refactored behind the interface.
[NO NEW TESTS NEEDED] Just moving some things around.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
|
|
| |
This also unifies the documentation of `--publish` for `podman create`, `podman run`, and `podman pod create`.
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When podman-remote is used we should not resolve the default network
mode on the client. Defaults should be set on the server. In this case
this is important because we have different defaults for root/rootless.
So when the client is rootless and the server is root we must pick the
root default.
Note that this already worked when --network was set since we did not
parsed the flag in this case. To reproduce you need --network=default.
Also removed a unused function.
[NO NEW TESTS NEEDED] I tested it manually but I am not sure how I can
hook a test like this up in CI. The client would need to run as rootless
and the server as root or the other way around.
Fixes #14368
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Make sure to wait for the systemd operations to finish when
starting/stopping healtcheck timers and services. Also make
sure to stop the timer before the service to avoid a race
with the timer.
[NO NEW TESTS NEEDED] since it is a non-functional change and existing
tests are expected to pass.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
podmans remote API does not marshal infra's spec due to
the fact that if it did, all of those options would be available to
the users on the command line. This means we need to manually map "backwards"
some container spec items -> pod spec items before calling PodCreate, this was
one of them that was forgotten
resolves #14233
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hardcoding the interface name is a bad idea. We have no control over the
actual interface name since the user can change it.
The correct thing is to read them from the network status. Since the
contianer can have more than one interface we have to add the RX/TX
values. The other values are currently not used.
For podman 5.0 we should change it so that the API can return the
statistics per interface and the client should sum the TX/RX for the
command output. This is what docker is doing.
Fixes #13824
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Libpod or packages under /pkg should never import from /cmd/...
This will quickly result in import cycles and weird code paths.
Also there is no reason to use this special code we can just use
syscall.SIGHUB as SIGNAL.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
| |
Signed-off-by: Andrin Brunner <andrin@acloud.one>
|
| |
|
|
|
|
|
|
| |
[NO NEW TESTS NEEDED] Removed `imageStream` hardcoded value that was set to
testing. Since podman4 is in the fcos trees, it should be removed. The
respective comments have also been removed.
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The test calls podman run -d followed by podman logs. There is no
guarantee the the container or conmon has written all its output.
Adding an extra podman wait should fix this.
Do not remove the -d to not print 1000 unnecessary lines in the logs.
Fixes #14362
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a container does not use the default podman netns, for example
--network none or --network ns:/path a restore would fail because the
specgen check validates that c.config.StaticMAC is nil but the
unmarshaller sets it to an empty slice.
While we could make the check use len() > 0 I feel like it is more
common to check with != nil for ip and mac addresses.
Adding omitempty tag makes the json marshal/unmarshal work correctly.
This should not cause any issues.
Fixes #14389
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In docker, the format of no-new-privileges is
"no-new-privileges:true". However, for Podman
all that's required is "no-new-privileges", leading to issues
when attempting to use features desgined for docker in podman.
Adding support for the ":" format to be used along with the "="
format, depedning on which one is entered by the user.
fixes #14133
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allowing custom flags to provider has the potential to break all the
hand-crafted commands currently in use. This could become a support
nightmare.
```release-note
NONE
```
[NO NEW TESTS NEEDED]
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
`net.IP` gets marshalled as `string` and not `[]uint8`
[NO TESTS NEEDED]
[NO NEW TESTS NEEDED]
Signed-off-by: Jakob Ahrer <jakob@ahrer.dev>
|
| |
|
|
|
|
|
|
|
|
|
| |
These two functions were doing the exact same thing just
with cidfile and pod-id-file separately. Combine the functionality
to one function to remove repetative code.
Fix the TODO in cmd/podman/validate/args.go
[NO NEW TESTS NEEDED]
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |
|
|
|
|
|
|
| |
Most were simply deleted, the main one addressed is in the
"pre-testing" `ext_svc_check.sh` script. It will now verify
accessibility of several key test images we maintain in `quay.io`.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fix up the parseEnv function to differentiate
between a label and env when parsing.
Don't do a system lookup when parsing labels.
[NO NEW TESTS NEEDED]
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |
|
|
|
|
|
|
| |
The TODO has already been fixed. Filters is now a []string
[NO NEW TESTS NEEDED]
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor test for deadlock by comparing error text vs. actual
ErrWillDeadlock constant. When running with --remote the error
constant will always be not equal to the error returned by the API.
```release-note
NONE
```
[NO NEW TESTS NEEDED]
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
I am not 100% sure if this is actually causing the problem but I was
able to reproduce locally and this change fixed it there. Without the `-n`
option iptables tries to reverse lookup the ips to domain names. This is
extremely slow for unknown reasons. Given the large amount of iptables
entries due parallel test runs it will not succeed in the default 90 sec
timeout.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
| |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |
|
|
|
|
| |
[NO NEW TESTS NEEDED] Just code cleanup for better reuse
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
| |
Match with docker API and suppress step errors when field quiet is set.
Closes: https://github.com/containers/podman/issues/14315
Signed-off-by: Aditya R <arajan@redhat.com>
|
