summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Extend flags of `manifest add`Flavio Castelli2020-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Extend the flags of `podman manifest add` to include also: * cert-dir * auth-file * creds * tls-verify These options are useful when adding to a manifest an image that is not part of the local image store. The image resides on a remote registry that falls into one of these cases: it's not using tls termination, it requires authentication or it's secured with an unknown tls certificate. Consider the following scenario: a multi architecture manifest is created as part of a multi-step CI pipeline running in a containerized way. All the images referenced by the manifest live inside of a registry secured with a self-signed tls certificate. Without this patch the manifest creation step would have to pull all the multi-architecture images locally via `podman pull`. With this patch the usage of `podman pull` would not be needed because the images' digests can be requested straight to the registry. That means the execution of manifest creation step would be faster and result in less disk space and network bandwidth being used. Finally, this is a propagation of a similar fix done inside of buildah via https://github.com/containers/buildah/pull/2593 Signed-off-by: Flavio Castelli <fcastelli@suse.com>
* Merge pull request #7554 from vrothberg/follow-up-on-7444OpenShift Merge Robot2020-09-07
|\ | | | | make image parent check more robust
| * make image parent check more robustValentin Rothberg2020-09-07
| | | | | | | | | | | | | | | | Follow up on issue #7444 and make the parent checks more robust. We can end up with an incoherent storage when, for instance, a build has been killed. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7551 from ↵OpenShift Merge Robot2020-09-07
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/onsi/ginkgo-1.14.1 Bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1
| * | Bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1dependabot-preview[bot]2020-09-07
| |/ | | | | | | | | | | | | | | | | | | Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.14.0 to 1.14.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v1.14.0...v1.14.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7539 from ↵OpenShift Merge Robot2020-09-07
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.23.4 Bump github.com/containers/storage from 1.23.2 to 1.23.4
| * | Bump github.com/containers/storage from 1.23.2 to 1.23.4dependabot-preview[bot]2020-09-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.23.2 to 1.23.4. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.23.2...v1.23.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7524 from TomSweeneyRedHat/dev/tsweeney/fusemod2OpenShift Merge Robot2020-09-07
|\ \ \ | | | | | | | | [CI:DOCS] Add note on run image fuse problem - try 2
| * | | [CI:DOCS] Add note on run image fuse problem - try 2TomSweeneyRedHat2020-09-04
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We've recently had a number of issues reported against our pre-fabricated images on quay.io and a couple of rhel repositories throwing a fuse error when run: ``` fuse: device not found, try 'modprobe fuse' first ``` The tip on modprobe fuse is not always seen by or displayed to the end user. Adding a couple of doc pointers to hopefully help. Arises from this BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1867892 and several others. Replaces: 7453 where I was going crazy with whitespace and merge issues. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | Merge pull request #7540 from QiWang19/system-dfOpenShift Merge Robot2020-09-07
|\ \ \ | | | | | | | | Fix system df inconsistent
| * | | Fix system df inconsistentQi Wang2020-09-04
| |/ / | | | | | | | | | | | | | | | Use RWSzir as system df verbose containers size to remain consistent with the summery. Volume is reclaimable only if not used by container. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #7553 from saschagrunert/apparmor-fixOpenShift Merge Robot2020-09-07
|\ \ \ | |_|/ |/| | Fix unconfined AppArmor profile usage for unsupported systems
| * | Fix unconfined AppArmor profile usage for unsupported systemsSascha Grunert2020-09-07
|/ / | | | | | | | | | | | | | | If we select "unconfined" as AppArmor profile, then we should not error even if the host does not support it at all. This behavior has been fixed and a corresponding e2e test has been added as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #7437 from openSUSE/rmOpenShift Merge Robot2020-09-06
|\ \ | | | | | | Just use `rm` for helper command to remove storage
| * | Just use `rm` for helper command to remove storageSascha Grunert2020-08-28
| | | | | | | | | | | | | | | | | | This allows to use any kind of `rm` in `$PATH` for the system tests. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #7329 from Luap99/generate-systemd-remoteOpenShift Merge Robot2020-09-05
|\ \ \ | | | | | | | | APIv2 add generate systemd endpoint
| * | | APIv2 add generate systemd endpointPaul Holzinger2020-09-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for generating systemd units via the api and podman-remote. Change the GenerateSystemdReport type to return the units as map[string]string with the unit name as key. Add `--format` flag to `podman generate systemd` to allow the output to be formatted as json. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | Merge pull request #7542 from ashley-cui/cimacbuildOpenShift Merge Robot2020-09-05
|\ \ \ \ | |_|_|/ |/| | | [CI:DOCS] Add macos build to ci
| * | | [CI:DOCS] Add macos build to ciAshley Cui2020-09-04
|/ / / | | | | | | | | | | | | | | | Adding a mac build to ci for native builds Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #7532 from rhatdan/runOpenShift Merge Robot2020-09-02
|\ \ \ | | | | | | | | We should not be mounting /run as noexec when run with --systemd
| * | | We should not be mounting /run as noexec when run with --systemdDaniel J Walsh2020-09-02
| |/ / | | | | | | | | | | | | | | | | | | The system defaults /run to "exec" mode, and we default --read-only mounts on /run to "exec", so --systemd should follow suit. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7422 from ↵OpenShift Merge Robot2020-09-02
|\ \ \ | |/ / |/| | | | | | | | containers/dependabot/go_modules/github.com/gorilla/mux-1.8.0 Bump github.com/gorilla/mux from 1.7.4 to 1.8.0
| * | Bump github.com/gorilla/mux from 1.7.4 to 1.8.0Daniel J Walsh2020-09-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0. - [Release notes](https://github.com/gorilla/mux/releases) - [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7519 from jjzmajic/fix/vestigial-mkdirOpenShift Merge Robot2020-09-02
|\ \ \ | | | | | | | | Don't create ~/.config after removing storage.conf
| * | | Don't create ~/.config after removing storage.confjjzmajic2020-09-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #7509. There is no need to create a ~/.config directory now that ~/.config/containers/storage.conf is not created automatically. Podman has no use for it if it does not exist already. Signed-off-by: jjzmajic <uros.m.perisic@gmail.com>
* | | | Merge pull request #7426 from Edward5hen/apiv2-containers-testOpenShift Merge Robot2020-09-02
|\ \ \ \ | |_|/ / |/| | | APIv2 test: add more tests for containers
| * | | APIv2 test: add more tests for containersEdward Shen2020-09-01
| |/ / | | | | | | | | | Signed-off-by: Edward Shen <weshen@redhat.com>
* | | Merge pull request #7528 from mheon/update_master_206_realOpenShift Merge Robot2020-09-02
|\ \ \ | | | | | | | | [CI:DOCS] Update master with release notes for v2.0.6
| * | | Update master with release notes for v2.0.6Matthew Heon2020-09-01
|/ / / | | | | | | | | | | | | | | | Also update README to reflect the new release. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #7517 from baude/crioruncOpenShift Merge Robot2020-09-01
|\ \ \ | | | | | | | | use crio runc on CICID ubuntu
| * | | use crio runc on CICID ubuntuBrent Baude2020-08-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | when running CICD on Ubuntu where no cgroups v2, we need to use a newer runc for things like seccomp and the default ubuntu runc is not new enough. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #7470 from containers/dependabot/go_modules/k8s.io/api-0.19.0OpenShift Merge Robot2020-09-01
|\ \ \ \ | | | | | | | | | | Bump k8s.io/api from 0.18.8 to 0.19.0
| * | | | Bump k8s.io/api from 0.18.8 to 0.19.0Daniel J Walsh2020-08-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.18.8 to 0.19.0. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.18.8...v0.19.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7516 from mheon/handle_no_passwd_fileOpenShift Merge Robot2020-09-01
|\ \ \ \ \ | |_|_|/ / |/| | | | Ensure rootless containers without a passwd can start
| * | | | Ensure rootless containers without a passwd can startMatthew Heon2020-08-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We want to modify /etc/passwd to add an entry for the user in question, but at the same time we don't want to require the container provide a /etc/passwd (a container with a single, statically linked binary and nothing else is perfectly fine and should be allowed, for example). We could create the passwd file if it does not exist, but if the container doesn't provide one, it's probably better not to make one at all. Gate changes to /etc/passwd behind a stat() of the file in the container returning cleanly. Fixes #7515 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #7514 from edsantiago/reenable_flaky_bindings_testOpenShift Merge Robot2020-08-31
|\ \ \ \ \ | |/ / / / |/| | | | bindings: reenable flaky(?) pause/unpause test
| * | | | bindings: reenable flaky(?) pause/unpause testEd Santiago2020-08-31
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reference: #6518, a very-frequently-flaking CI test, disabled a month ago (#7143) because it was triggering so often in CI. Unfortunately, that seems to have simply swept the problem under the rug. AFAICT nobody has bothered to look at the root bug, so let's just reenable. If the problem persists, I'll let annoyed developers squeaky-wheel 6158 so there's some incentive to fix it. If the problem has miraculously gone away in the last month, that's a win too. (This test failure does not reproduce on my laptop, nor does it lend itself to devising a simple reproducer on a test VM.) Also: since #5325 appears to have been closed as fixed, remove a 'Skip' that references it. Unfortunately this also requires removing a lot of other cruft. This was an incidental oh-by-the-way addition that I thought would be trivial but ended up causing a much larger diff. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #7496 from zhangguanzhang/play-kube-handle-hostAliasesOpenShift Merge Robot2020-08-31
|\ \ \ \ | |/ / / |/| | | handle play kube with pod.spec.hostAliases
| * | | handle play kube with pod.spec.hostAliaseszhangguanzhang2020-08-31
|/ / / | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Merge pull request #7507 from ↵OpenShift Merge Robot2020-08-31
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/google/uuid-1.1.2 Bump github.com/google/uuid from 1.1.1 to 1.1.2
| * | | Bump github.com/google/uuid from 1.1.1 to 1.1.2dependabot-preview[bot]2020-08-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.1.1 to 1.1.2. - [Release notes](https://github.com/google/uuid/releases) - [Commits](https://github.com/google/uuid/compare/v1.1.1...v1.1.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #7494 from haircommander/play-kube-socketOpenShift Merge Robot2020-08-31
|\ \ \ \ | |/ / / |/| | | play kube: handle Socket HostPath type
| * | | play kube: handle Socket HostPath typePeter Hunt2020-08-28
| | | | | | | | | | | | | | | | | | | | | | | | as well as add test cases for it and the other HostPath types we currently support Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #7132 from ↵OpenShift Merge Robot2020-08-29
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/conmon-2.0.20incompatible Bump github.com/containers/conmon from 2.0.19+incompatible to 2.0.20+incompatible
| * | | Bump github.com/containers/conmonDaniel J Walsh2020-08-28
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/conmon](https://github.com/containers/conmon) from 2.0.19+incompatible to 2.0.20+incompatible. - [Release notes](https://github.com/containers/conmon/releases) - [Changelog](https://github.com/containers/conmon/blob/master/changelog.txt) - [Commits](containers/conmon@v2.0.19...v2.0.20) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #7469 from zhangguanzhang/generate-kube-with-ExtraHostsOpenShift Merge Robot2020-08-28
|\ \ \ | | | | | | | | fix podman generate kube with HostAliases
| * | | fix podman generate kube with HostAliaseszhangguanzhang2020-08-27
| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | Merge pull request #7436 from rhatdan/variantOpenShift Merge Robot2020-08-28
|\ \ \ \ | |_|_|/ |/| | | Add support for image pull overrides
| * | | Add support for variant when pulling imagesDaniel J Walsh2020-08-28
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | Document override-arch and override-osDaniel J Walsh2020-08-28
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>