summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* new uidmap BATS test: fixEd Santiago2019-04-11
| | | | | | | | | | | | | | | | | | | | | | | | Various problems, one of which was causing the test to fail completely (otherwise I wouldn't have caught the others): - option is --uidmap, not --uidmapping - run_podman cannot be piped (| grep /sys/kernel). That's an unfortunate limitation of BATS. Any invocation of 'run' saves results to $output, which then has to be tested in a separate step. - do so, using 'run' and 'grep' and 'is' to produce readable messages on failure - remove "$expected_rc", that looks like a copy/paste bug from a few lines above. Skip entire test if rootless. (The one without --net=host passes, but it also passes with older podman as both root and rootless. I don't think it's actually testing anything, but agree with leaving it in to catch weird regressions). We really need to get these tests running in CI. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #2885 from kunalkushwaha/image-dangling-filter-fixOpenShift Merge Robot2019-04-11
|\ | | | | imagefilter dangling handling corrected
| * imagefilter dangling handling correctedKunal Kushwaha2019-04-11
| | | | | | | | | | | | | | imagefilter dangling=<value> shall not be ignored. this PR handles the value and returns images accordingly. Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
* | Merge pull request #2902 from baude/remoteattachfixesOpenShift Merge Robot2019-04-11
|\ \ | | | | | | Fixes for podman-remote run and attach
| * | Fixes for podman-remote run and attachbaude2019-04-11
| | | | | | | | | | | | | | | | | | | | | | | | Fixes the ability to run (create,start) a container and attach to its console correctly. We can now also exit from the console without hanging the remote client. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2895 from mheon/commit_no_default_include_volumesOpenShift Merge Robot2019-04-11
|\ \ \ | | | | | | | | Add --include-volumes flag to 'podman commit'
| * | | Add --include-volumes flag to 'podman commit'Matthew Heon2019-04-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 'docker commit' will never include a container's volumes when committing, without an explicit request through '--change'. Podman, however, defaulted to including user volumes as image volumes. Make this behavior depend on a new flag, '--include-volumes', and make the default behavior match Docker. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #2879 from mheon/header_on_no_imagesOpenShift Merge Robot2019-04-11
|\ \ \ \ | | | | | | | | | | Print header for 'podman images' even with no images present
| * | | | Print header for 'podman images' even with no imagesMatthew Heon2019-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #2877 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #2901 from mheon/improve_debug_on_cleanup_errOpenShift Merge Robot2019-04-11
|\ \ \ \ \ | | | | | | | | | | | | Expand debugging for container cleanup errors
| * | | | | Expand debugging for container cleanup errorsMatthew Heon2019-04-11
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #2899 from giuseppe/prevent-sys-fs-kernel-paths-in-usernsOpenShift Merge Robot2019-04-11
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | userns: prevent /sys/kernel/* paths in the container
| * | | | | spec: mask /sys/kernel when bind mounting /sysGiuseppe Scrivano2019-04-11
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | oci: add /sys/kernel to the masked pathsGiuseppe Scrivano2019-04-11
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | userns: prevent /sys/kernel/* paths in the containerGiuseppe Scrivano2019-04-11
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when we run in a user namespace, there are cases where we have not enough privileges to mount a fresh sysfs on /sys. To circumvent this limitation, we rbind /sys from the host. This carries inside of the container also some mounts we probably don't want to. We are also limited by the kernel to use rbind instead of bind, as allowing a bind would uncover paths that were not previously visible. This is a slimmed down version of the intermediate mount namespace logic we had before, where we only set /sys to slave, so the umounts done to the storage by the cleanup process are propagated back to the host. We also don't setup any new directory, so there is no additional cleanup to do. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #2893 from TomSweeneyRedHat/dev/tsweeney/commandsfixOpenShift Merge Robot2019-04-11
|\ \ \ \ \ | |_|/ / / |/| | | | Add demo script and cast to images
| * | | | Add demo script and cast to imagesTomSweeneyRedHat2019-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a pointer to the script and asciinema cast for the images command to the commands.md file. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #2896 from giuseppe/fix-segfault-reloadOpenShift Merge Robot2019-04-11
|\ \ \ \ \ | | | | | | | | | | | | rootless: fix segfault on refresh if there are containers
| * | | | | rootless: fix segfault on refresh if there are containersGiuseppe Scrivano2019-04-10
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | create immediately a namespace if we need a refresh. This is necessary to access the rootless storage. Closes: https://github.com/containers/libpod/issues/2894 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #2883 from baude/remoteclifixesOpenShift Merge Robot2019-04-11
|\ \ \ \ \ | |/ / / / |/| | | | Initial remote flag clean up
| * | | | Initial remote flag clean upbaude2019-04-10
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The remote client should not honor most of the local podman "global" options. Many of them are only applicable to where the podman backend is actually running. Also, removing some options for push and pull that also are not applicable to the remote client environment. Additionally, take some of the code from main and pop it into functions that can be called whether local or not. This helps the remote client and darwin builds. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2892 from edsantiago/healthcheck_typo_fixOpenShift Merge Robot2019-04-10
|\ \ \ \ | |/ / / |/| | | (minor): fix misspelled 'Healthcheck'
| * | | (minor): fix misspelled 'Healthcheck'Ed Santiago2019-04-10
| | | | | | | | | | | | | | | | Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #2874 from baude/varlinktermOpenShift Merge Robot2019-04-10
|\ \ \ \ | | | | | | | | | | Add the ability to attach remotely to a container
| * | | | Add the ability to attach remotely to a containerbaude2019-04-10
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, you can now podman-remote run -it. There are some bugs that need to be ironed out but I would prefer to merge this so we can make both progress on start and exec as well as the bugs. * when doing podman-remote run -it foo /bin/bash, you have to press enter to get the prompt to display. with the localized podman, we had to teach it connect to the console first and then start the container so we did not miss anything. * when executing "exit" in the console, we get a hard lockup likely because nobody knows what to do. * custom detach keys are not supported * podman-remote run -it alpine ls does not currently work. only dropping to a shell works. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2880 from mheon/update_allowed_regex_errorOpenShift Merge Robot2019-04-10
|\ \ \ \ | |/ / / |/| | | Update invalid name errors to report the correct regex
| * | | Update invalid name errors to report the correct regexMatthew Heon2019-04-09
| |/ / | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #2882 from baude/remotepsOpenShift Merge Robot2019-04-10
|\ \ \ | |_|/ |/| | podman-remote ps
| * | podman-remote psbaude2019-04-09
| |/ | | | | | | | | | | add the ability to run ps on containers using the remote client. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2663 from jwhonce/wip/remote_umountOpenShift Merge Robot2019-04-09
|\ \ | | | | | | Implement podman-remote umount and rm command
| * | Implement podman-remote rmJhon Honce2019-04-09
| |/ | | | | | | | | | | | | | | | | * refactor command output to use one function * Add new worker pool parallel operations * Implement podman-remote umount * Refactored podman wait to use printCmdOutput() Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #2881 from edsantiago/revert_2832OpenShift Merge Robot2019-04-09
|\ \ | |/ |/| ps: now works with --size and nonroot
| * ps: now works with --size and nonrootEd Santiago2019-04-09
|/ | | | | | | | | | Revert the error check from #2832. This is not strictly necessary, since 'podman ps --size' now works perfectly fine in nonroot because some recent change (Giuseppe's, presumably) masked os.Geteuid() return 0... but removing for maintainability's sake. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #2820 from rhatdan/rootlessOpenShift Merge Robot2019-04-09
|\ | | | | Document shortcomings with rootless podman
| * Document shortcomings with rootless podmanDaniel J Walsh2019-04-05
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2859 from giuseppe/enable-userns-tests-rootlessOpenShift Merge Robot2019-04-09
|\ \ | | | | | | test: enable userns and remote e2e tests for rootless
| * | cirrus: enable remote tests for rootlessGiuseppe Scrivano2019-04-08
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | test: fix remote tests for rootlessGiuseppe Scrivano2019-04-08
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | test: enable userns e2e tests for rootlessGiuseppe Scrivano2019-04-08
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #2873 from edsantiago/podman_command_check_usabilityOpenShift Merge Robot2019-04-09
|\ \ \ | |/ / |/| | CI check for --help vs man pages: usability fix
| * | CI check for --help vs man pages: usability fixEd Santiago2019-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The output of this CI script leaves much to be desired: it is output from 'diff' with little clarity on what exactly is wrong. The proper fix is to make the output clear and readable: podman containers --help lists a 'foo' subcommand that is not present in docs/podman-containers.1.md Doing this in bash would take many hours and be fragile gibberish code. This does not seem worth the effort: the likely case is that breakages reported by this script will be due to a newly added subcommand, and the PR author will find it obvious what to do. Ergo, plan B: if the test fails, display a blurb at the end describing how to interpret results. Three minutes' effort, plus five for writing this commit message. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #2861 from baude/varlinkimagepanicOpenShift Merge Robot2019-04-08
|\ \ \ | | | | | | | | Correct varlink pull panic
| * | | Correct varlink pull panicbaude2019-04-08
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | when pulling a non-existent image via varlink, we had a panic because when we detected a pull error we sent the error over a channel but still tried to deduce the image id on a nil object. Fixes: #2860 Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2799 from rhatdan/manOpenShift Merge Robot2019-04-08
|\ \ \ | | | | | | | | Fix location of libpod.conf
| * | | Fix location of libpod.confDaniel J Walsh2019-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | libpod.conf defaults to /usr/share/containers/libpod.conf. Clarify how administrators can override it and the location of the users version for rootless mode. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #2746 from baude/remotecreateOpenShift Merge Robot2019-04-08
|\ \ \ \ | | | | | | | | | | podman-remote create|run
| * | | | podman-remote create|runbaude2019-04-08
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to create and run containers via the podman-remote client. we now create an intermediate layer from the the create/run cli flags. the intermediate layer can be converted into a createconfig or into a varlink struct. Once transported, the varlink struct can be converted back to an intermediate layer and then to a createconfig. remote terminals are not supported yet. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2862 from baude/rmiimageeventOpenShift Merge Robot2019-04-08
|\ \ \ \ | | | | | | | | | | add image rmi event
| * | | | add image rmi eventbaude2019-04-08
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | when deleting a commited image, the path for deletion has an early exit and the image remove event was not being triggered. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2845 from QiWang19/cpdirOpenShift Merge Robot2019-04-08
|\ \ \ \ | | | | | | | | | | fix bug podman cp directory
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-16 12:31:08 +0000