summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix "podman run port forward range" flakePaul Holzinger2022-06-27
| | | | | | | | | | The test must ensure that all ports in the range are free not just the first. This flakes often because port 5355 is always in use by systemd-resolved on fedora. Fixes #14716 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14685 from mheon/gitlabopenshift-ci[bot]2022-06-27
|\ | | | | Followon to #14559
| * Two fixes for DB exit code handlingMatthew Heon2022-06-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Firstly: don't prune exit codes after a refresh - instead, clear the table entirely. We are guaranteed that all containers are gone after a refresh, we should not worry about exit codes given this. Secondly: alter the way pruning was done. We were updating the DB by calling Update from within an existing View, and stacking an RW transaction on top of an existing RO one seems dodgy; further, modifying a bucket while iterating over it with ForEach is undefined behavior. Hopefully this will resolve our CI issues. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * libpod: fix wait and exit-code logicValentin Rothberg2022-06-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit addresses three intertwined bugs to fix an issue when using Gitlab runner on Podman. The three bug fixes are not split into separate commits as tests won't pass otherwise; avoidable noise when bisecting future issues. 1) Podman conflated states: even when asking to wait for the `exited` state, Podman returned as soon as a container transitioned to `stopped`. The issues surfaced in Gitlab tests to fail [1] as `conmon`'s buffers have not (yet) been emptied when attaching to a container right after a wait. The race window was extremely narrow, and I only managed to reproduce with the Gitlab runner [1] unit tests. 2) The clearer separation between `exited` and `stopped` revealed a race condition predating the changes. If a container is configured for autoremoval (e.g., via `run --rm`), the "run" process competes with the "cleanup" process running in the background. The window of the race condition was sufficiently large that the "cleanup" process has already removed the container and storage before the "run" process could read the exit code and hence waited indefinitely. Address the exit-code race condition by recording exit codes in the main libpod database. Exit codes can now be read from a database. When waiting for a container to exit, Podman first waits for the container to transition to `exited` and will then query the database for its exit code. Outdated exit codes are pruned during cleanup (i.e., non-performance critical) and when refreshing the database after a reboot. An exit code is considered outdated when it is older than 5 minutes. While the race condition predates this change, the waiting process has apparently always been fast enough in catching the exit code due to issue 1): `exited` and `stopped` were conflated. The waiting process hence caught the exit code after the container transitioned to `stopped` but before it `exited` and got removed. 3) With 1) and 2), Podman is now waiting for a container to properly transition to the `exited` state. Some tests did not pass after 1) and 2) which revealed the third bug: `conmon` was executed with its working directory pointing to the OCI runtime bundle of the container. The changed working directory broke resolving relative paths in the "cleanup" process. The "cleanup" process error'ed before actually cleaning up the container and waiting "main" process ran indefinitely - or until hitting a timeout. Fix the issue by executing `conmon` with the same working directory as Podman. Note that fixing 3) *may* address a number of issues we have seen in the past where for *some* reason cleanup processes did not fire. [1] https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27119#note_970712864 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com> [MH: Minor reword of commit message] Signed-off-by: Matthew Heon <mheon@redhat.com>
| * conmon: silence json-file errorValentin Rothberg2022-06-23
| | | | | | | | | | | | | | We should just silently fall through. The log was flooding the system-service logs when running Gitlab runner. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #14703 from cdoern/connectionopenshift-ci[bot]2022-06-25
|\ \ | | | | | | fix system connection and scp testing
| * | fix system connection and scp testingCharlie Doern2022-06-23
| |/ | | | | | | | | | | | | | | | | | | | | podman image scp and podman system connection tests were querying an existing website during testing. Change to a URL that will never exist given an improper domain extension also just generally clean up a few things in both scp and connection testing resolves #14699 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #14726 from cevich/podmanimage_docsopenshift-ci[bot]2022-06-24
|\ \ | | | | | | [CI:DOCS] Minor update to podmanimage upstream docs
| * | [CI:DOCS] Minor update to podmanimage upstream docsChris Evich2022-06-24
|/ / | | | | | | | | | | | | Add a reference to where/how podman is compiled for the 'upstream' flavored image. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #14718 from edsantiago/flake_workaround_14653openshift-ci[bot]2022-06-24
|\ \ | |/ |/| Workaround for bug 14653 (checkpoint flake)
| * Workaround for bug 14653 (checkpoint flake)Ed Santiago2022-06-23
|/ | | | | | | | | | | | | | Since it may be a while before we get a true fix: add a workaround for podman-remote checkpoint tests, in which we pause until the 'run --rm' container is truly truly gone. I've tried to make it as easy as possible to clean up the workaround code once the bug is fixed. Oh, also, remove "-it" from a podman-run. It makes no sense and only results in nasty orange warning messages. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #14608 from edsantiago/logformatter_new_urlopenshift-ci[bot]2022-06-22
|\ | | | | logformatter: link to logs using Cirrus API
| * logformatter: link to logs using Cirrus APIEd Santiago2022-06-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | One day we may use AWS for part of CI. Do you want to maintain two separate code paths in this script for linking to artifacts in multiple cloud providers? Can you say no? I knew you could. Cirrus already knows the location of the artifacts and provides a transparent mechanism for accessing them. Use it. This PR exposed a nasty bug in our environment-variable handling: envariables passed through to the containerized environment were being double-space-escaped, so "FOO=a b" ended up as "FOO=a\ b" (with a backslash), with one consequence being invalid URLs. The solution is simple: run 'podman -e FOO', not '-e FOO=value'. Finally, reinstate the environment-variable dump (in comments). I had removed this in a moment of panic over leaking secrets, but no, that doesn't happen. Exclude scary-sounding vars anyway. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #14658 from eriksjolund/setup_to_set_upopenshift-ci[bot]2022-06-22
|\ \ | |/ |/| "setup" -> "set up" and similar
| * Fix spelling "setup" -> "set up" and similarErik Sjölund2022-06-22
|/ | | | | | | | | | * Replace "setup", "lookup", "cleanup", "backup" with "set up", "look up", "clean up", "back up" when used as verbs. Replace also variations of those. * Improve language in a few places. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Merge pull request #14688 from rhatdan/docsopenshift-ci[bot]2022-06-22
|\ | | | | [CI:DOCS] Update basic_networking.md
| * Update basic_networking.mdgunnar2022-06-21
| | | | | | | | | | | | | | | | | | a little enhancement based on the [comment by @TomSweeneyRedHat](https://github.com/containers/podman/pull/14290#pullrequestreview-979316099) Replaces: https://github.com/containers/podman/pull/14290 Thanks to @vrms Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14660 from rhatdan/bindingsopenshift-ci[bot]2022-06-22
|\ \ | | | | | | Remove logrus.Infof on bindings start and attach
| * | Remove lorgus.Infof on bindings start and attachDaniel J Walsh2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We are only doing logrus.Info on a couple of bindings. I see no reason to only do this on a couple, seems like debugging information more then useful to the caller. We had a complaint about this so removing. Fixes: https://github.com/containers/podman/issues/13504 [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #14690 from sstosh/prune-messageopenshift-ci[bot]2022-06-22
|\ \ \ | | | | | | | | Fix system prune output message
| * | | Fix system prune output messageToshiki Sonoda2022-06-22
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | 'podman system prune' command always outputs "Deleted Images" message, even though there is no dangling or unused image to remove. This message should be output only if dangling or unused image exists. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #14631 from n1hility/opendoc-after-installopenshift-ci[bot]2022-06-22
|\ \ \ | |/ / |/| | Open Windows tutorial after MSI installation
| * | Open Windows tutorial after MSI installationJason T. Greene2022-06-16
| | | | | | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | | Merge pull request #13384 from flouthoc/podman-remote-add-with-annotateopenshift-ci[bot]2022-06-21
|\ \ \ | |_|/ |/| | bindings: manifest should follow `es_model` naming convention while marshalling `OSVersion` and `OSFeatures`
| * | bindings: add manifest should follow es_model while marshalling OSVersion ↵Aditya R2022-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and OSFeatures It seems API needs json names for OSVersion and OSFeatures in es_model ref: https://github.com/containers/podman/blob/main/pkg/domain/entities/manifest.go#L42 So at bindings end ensure that we honor es_model naming convention when we perform marshalling otherwise API will ignore these fields Signed-off-by: Aditya R <arajan@redhat.com>
* | | Merge pull request #14642 from rhatdan/VENDORopenshift-ci[bot]2022-06-21
|\ \ \ | | | | | | | | Update to use gopkg.in/yaml.v3
| * | | Update to use gopkg.in/yaml.v3Daniel J Walsh2022-06-17
| | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14643 from clobrano/feature/network/list/dangling/devopenshift-ci[bot]2022-06-21
|\ \ \ \ | | | | | | | | | | allow filter networks by dangling status
| * | | | allow filter networks by dangling statusCarlo Lobrano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to filter networks by their dangling status via: `network ls --filter dangling=true/false` Fixes: #14595 Signed-off-by: Carlo Lobrano <c.lobrano@gmail.com>
* | | | | Merge pull request #14659 from eriksjolund/setup_to_set_up_in_codeopenshift-ci[bot]2022-06-21
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] "setup" -> "set up" in source code comments
| * | | | | [CI:DOCS] "setup" -> "set up" in source code commentsErik Sjölund2022-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Replace "setup", "lookup" with "set up", "look up" when used as verbs. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | | | Merge pull request #14638 from giuseppe/improve-error-messages-rootless-unshareopenshift-ci[bot]2022-06-21
|\ \ \ \ \ \ | | | | | | | | | | | | | | pkg/rootless: error messages improvements
| * | | | | | rootless: attempt to join all specified pathsGiuseppe Scrivano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when there are multiple paths specified, attempt to join them all before returning an error. Previously we were failing on the first pid found. [NO NEW TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | rootless: improve error messagesGiuseppe Scrivano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | rootless: do not ignore reexec_in_user_namespace_wait errorsGiuseppe Scrivano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | Merge pull request #14625 from cdoern/podShmopenshift-ci[bot]2022-06-21
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | podman pod create --shm-size
| * | | | | | | podman pod create --shm-sizecdoern2022-06-20
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | expose the --shm-size flag to podman pod create and add proper handling and inheritance for the option. resolves #14609 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | | | | Merge pull request #14683 from Luap99/bump-cobraopenshift-ci[bot]2022-06-21
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | bump github.com/spf13/cobra from 1.4.0 to 1.5.0
| * | | | | | | bump github.com/spf13/cobra from 1.4.0 to 1.5.0Paul Holzinger2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update cobra to latest version. Remove workaround for podman -h. Also regenerate the completion scripts. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | | Merge pull request #14662 from Luap99/api-jsonopenshift-ci[bot]2022-06-21
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | API: containers/json always set application/json content type
| * | | | | | | | API: containers/json always set application/json content typePaul Holzinger2022-06-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we return no containers we just return `[]` but we still have to keep the content type header `application/json` so external tools can correctly parse the output. Fixes #14647 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | | | Merge pull request #14677 from giuseppe/memory-limit-ctr-handlersopenshift-ci[bot]2022-06-21
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | api: show the memory limit specified for the container
| * | | | | | | | | api: show the memory limit specified for the containerGiuseppe Scrivano2022-06-21
| | |_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use the memory limit specified for the container instead of reading it from the cgroup. It is not reliable to read it from the cgroup since the container could have been moved to a different cgroup and in general the OCI runtime might create a sub-cgroup (like crun does). Closes: https://github.com/containers/podman/issues/14676 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | | | Merge pull request #14672 from sbmthakur/patch-1openshift-ci[bot]2022-06-21
|\ \ \ \ \ \ \ \ \ | |_|_|/ / / / / / |/| | | | | | | | [CI:DOCS] Fix typos
| * | | | | | | | Fix typosShubham Thakur2022-06-20
| |/ / / / / / / | | | | | | | | | | | | | | | | Signed-off-by: Shubham Thakur <sbmthakur@gmail.com>
* | | | | | | | Merge pull request #14680 from ↵openshift-ci[bot]2022-06-21
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/stretchr/testify-1.7.4 Bump github.com/stretchr/testify from 1.7.2 to 1.7.4
| * | | | | | | Bump github.com/stretchr/testify from 1.7.2 to 1.7.4dependabot[bot]2022-06-21
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.4. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.7.4) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | | Merge pull request #14556 from sstosh/system-prune-networkopenshift-ci[bot]2022-06-20
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | podman system prune support prune unused networks
| * | | | | | podman system prune support prune unused networksToshiki Sonoda2022-06-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an enhancement for the podman system prune feature. In this issue, it is mentioned that 'network prune' should be wired into 'podman system prune' https://github.com/containers/podman/issues/8673 Therefore, I add the function to remove unused networks. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | | | | Merge pull request #14657 from eriksjolund/rewrite_env_docsopenshift-ci[bot]2022-06-19
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | [CI:DOCS] Rewrite --env docs