summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Revert "rootful: unset XDG_RUNTIME_DIR"Paul Holzinger2021-09-24
| | | | | | | | | | | | This reverts commit 91e21bed48a2ab11049ef20e9150b5be531bc50a. XDG_RUNTIME_DIR is required for the authfile path. We cannot unset it. [NO TESTS NEEDED] Fixes #11725 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #11675 from baude/playkubebuildcontextdirOpenShift Merge Robot2021-09-23
|\ | | | | Set context dir for play kube build
| * Set context dir for play kube buildBrent Baude2021-09-23
| | | | | | | | | | | | | | | | When performing an image build with play kube, we need to set the context directory so things like file copies have the correct input path. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #11716 from dilyanpalauzov/makefile_go_ldflagsOpenShift Merge Robot2021-09-23
|\ \ | | | | | | Makefile: use -ldflags/-gccgoflags depending on the go implemenatiton
| * | Makefile: use -ldflags/-gccgoflags depending on the go implemenatitonДилян Палаузов2021-09-23
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Insisting on “DCO” imposes formalities, that serve self-purpose. One cannot assume that the submitter has time or will to read texts about symbolism in software contributions. If the system wants to see the text nrEAUIEUAIe eanuitdnuae EAIUEAUIAIE »ℓ§444.3.72b)°»°ℓ§euaieauuae in each commit, people will write this, or any other text, that the system wants to see. All such text, which presence is mandated by the system, has the same value. Signed-off-by: Дилян Палаузов <git-dpa@aegee.org>
* | Merge pull request #11654 from Luap99/health-dockerOpenShift Merge Robot2021-09-23
|\ \ | | | | | | podman inspect add State.Health field for docker compat
| * | podman inspect add State.Health field for docker compatPaul Holzinger2021-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman inspect shows the healthcheck status in `.State.Healthcheck`, docker uses `.State.Health`. To make sure docker scripts work we should add the `Health` key. Because we do not want to display both keys by default we only use the new `Health` key. This is a breaking change for podman users but matches what docker does. To provide some form of compatibility users can still use `--format {{.State.Healthcheck}}`. IT is just not shown by default. Fixes #11645 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11721 from Luap99/image-completionOpenShift Merge Robot2021-09-23
|\ \ \ | |_|/ |/| | shell completion: do not show images without tag
| * | shell completion: do not show images without tagPaul Holzinger2021-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The shell completion should only suggest arguments that work. Using a image without tag does not work in many cases. Having both the version with and without tag also forces users to press one key more because tab completion will always stop at the colon. Fixes #11673 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11722 from nalind/build-platform-docsOpenShift Merge Robot2021-09-23
|\ \ \ | | | | | | | | [CI:DOCS] update docs for --platform in podman-build.1
| * | | Update docs for --platform in podman-build.1Nalin Dahyabhai2021-09-23
| |/ / | | | | | | | | | | | | | | | | | | | | | Update the descriptions of the --arch, --os, --variant, and --platform options, since the last of those hasn't been a no-op for some time, and it was recently extended to accept multiple values. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | | Merge pull request #11714 from vrothberg/save-remove-signaturesOpenShift Merge Robot2021-09-23
|\ \ \ | |/ / |/| | podman save: enforce signature removal
| * | podman save: enforce signature removalValentin Rothberg2021-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enforce the removal of signatures in `podman save` to restore behavior prior to the migration to libimage. We may consider improving on that in the future. For details, please refer to the excellent summary by @mtrmac [1]. [NO TESTS NEEDED] - manually verified but exisiting tests need some further investigation (see [1]). [1] https://github.com/containers/podman/pull/11669#issuecomment-925250264 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11647 from EduardoVega/11491-U-suffix-mount-optionOpenShift Merge Robot2021-09-23
|\ \ \ | | | | | | | | Add support for :U flag with --mount option
| * | | Add support for :U flag with --mount optionEduardo Vega2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The :U flag can be used to change the ownership of source volumes based on the UID, GID of the container. This is only supported by the --volume option, this will allow to use --mount option as well. Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | | | Merge pull request #11174 from TomSweeneyRedHat/dev/tsweeney/docpodimageOpenShift Merge Robot2021-09-23
|\ \ \ \ | |_|/ / |/| | | [CI:DOCS] Add link to running ctrimage on enablesysadm
| * | | [CI:DOCS] Add link to running ctrimage on enablesysadmTomSweeneyRedHat2021-09-22
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Add a link to the podman images readme.md to Dan's recent post on Enable Sysadm about running containers inside of Podman Fixes: https://github.com/containers/buildah/issues/3119 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | Merge pull request #11704 from rhatdan/kubeOpenShift Merge Robot2021-09-23
|\ \ \ | | | | | | | | podman generate kube should not include images command
| * | | podman generate kube should not include images commandDaniel J Walsh2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the command came from the underlying image, then we should not include it in the generate yaml file. Fixes: https://github.com/containers/podman/issues/11672 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #11691 from afbjorklund/machine-listOpenShift Merge Robot2021-09-22
|\ \ \ \ | | | | | | | | | | Add more information about the VM to podman machine list
| * | | | Also show the (initial) disk sizeAnders F Björklund2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
| * | | | Show cpus and memory in machine listAnders F Björklund2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | | | | Merge pull request #11604 from rhatdan/deleteContainerOpenShift Merge Robot2021-09-22
|\ \ \ \ \ | | | | | | | | | | | | Ignore mount errors except ErrContainerUnknown when cleaningup container
| * | | | | Ignore mount errors except ErrContainerUnknown when cleaningup containerDaniel J Walsh2021-09-22
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/11207 [NO TESTS NEEDED] Since I don't know how to get into this situation. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #11701 from ashley-cui/streamOpenShift Merge Robot2021-09-22
|\ \ \ \ \ | | | | | | | | | | | | Fix machine image
| * | | | | Fix machine imageAshley Cui2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure setting machine image to `testing` pulls down the testing stream, and not the next stream Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | | | Merge pull request #11693 from rhatdan/cleanupOpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | standardize logrus messages to upper case
| * | | | | standardize logrus messages to upper caseDaniel J Walsh2021-09-22
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove ERROR: Error stutter from logrus messages also. [ NO TESTS NEEDED] This is just code cleanup. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #11689 from Luap99/con-stateOpenShift Merge Robot2021-09-22
|\ \ \ \ \ | |_|_|/ / |/| | | | sync container state before reading the healthcheck
| * | | | sync container state before reading the healthcheckPaul Holzinger2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The health check result is stored in the container state. Since the state can change or might not even be set we have to retrive the current state before we try to read the health check result. Fixes #11687 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #11694 from edsantiago/prevent_port_collisionsOpenShift Merge Robot2021-09-22
|\ \ \ \ \ | | | | | | | | | | | | Eighty-six eighty-eighty
| * | | | | Eighty-six eighty-eightyEd Santiago2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (Sorry, couldn't resist). CI flakes have been coming down - thank you to everyone who has been making them a priority. This leaves a noisy subset that I've just been ignoring for months: Running: podman ... -p 8080:something ...cannot listen on the TCP port: listen tcp4 :8080: bind: address already in use Sometimes these are one-time errors resolved on 2nd try; sometimes they fail three times, forcing CI user to hit Rerun. In all cases they make noise in my flake logs, which costs me time. My assumption is that this has to do with ginkgo running random tests in parallel. Since many e2e tests simplemindedly use 8080, collisions are inevitable. Solution: simplemindedly replace 8080 with other (also arbitrarily picked) numbers. This is imperfect -- it requires human developers to pick a number NNNN and 'grep NNNN test/e2e/*' before adding new tests, which I am 100% confident ain't gonna happen -- but it's better than what we have now. Side note: I considered writing and using a RandomAvailablePort() helper, but that would still be racy. Plus, it would be a pain to interpolate strings into so many places. Finally, with this hand-tooled approach, if/when we _do_ get conflicts on port NNNN, it should be very easy to grep for NNNN, find the offending tests that reuse that port, and fix one of them. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #11657 from ↵OpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/k8s.io/api-0.22.2 Bump k8s.io/api from 0.22.1 to 0.22.2
| * | | | | | Bump k8s.io/api from 0.22.1 to 0.22.2dependabot[bot]2021-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.1 to 0.22.2. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.22.1...v0.22.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | | Merge pull request #11629 from Luap99/CNI-1.0OpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | Bump CNI to v1.0.1
| * | | | | | Bump CNI to v1.0.1Paul Holzinger2021-09-22
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update CNI so we can match wrapped errors. This should silence ENOENT warnings when trying to read the cni conflist files. Fixes #10926 Because CNI v1.0.0 contains breaking changes we have to change some import paths. Also we cannot update the CNI version used for the conflist files created by `podman network create` because this would require at least containernetwork-plugins v1.0.1 and a updated dnsname plugin. Because this will take a while until it lands in most distros we should not use this version. So keep using v0.4.0 for now. The update from checkpoint-restore/checkpointctl is also required to make sure it no longer uses CNI to read the network status. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #11692 from Luap99/nettypesOpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ | | | | | | | | | | | | | | net types: remove omitempty from required fields
| * | | | | | net types: remove omitempty from required fieldsPaul Holzinger2021-09-22
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will make reading the fields easier in rust because we can guarantee that the fields will be present in the json output. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #11678 from vrothberg/fix-11613OpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ | |/ / / / / |/| | | | | podman save: add `--uncompressed`
| * | | | | podman save: add `--uncompressed`Valentin Rothberg2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an option to `podman save` to allow uncompressed layers when copying OCI images. Do the neccessary plumbing for the remote client, add tests and vendor in the latest commit from c/common to fetch the neccessary changes in libimage. Closes: #11613 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #11659 from vrothberg/psgoOpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ | |/ / / / / |/| | | | | vendor c/psgo@v1.7.1
| * | | | | vendor c/psgo@v1.7.1Valentin Rothberg2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | psgo added support for listing supplementary groups via two new descriptors: * `groups` for supplementary groups inside the container * `hgroups` for the counterpart on the host Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #11681 from mheon/retry_event_lookupOpenShift Merge Robot2021-09-22
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Add a backoff and retries to retrieving exited event
| * | | | | Add a backoff and retries to retrieving exited eventMatthew Heon2021-09-21
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's a potential race around extremely short-running containers and events with journald. Events may not be written for some time (small, but appreciable) after they are received, and as such we can fail to retrieve it if there is a sufficiently short time between us writing the event and trying to read it. Work around this by just retrying, with a 0.25 second delay between retries, up to 4 times. [NO TESTS NEEDED] because I have no idea how to reproduce this race in CI. Fixes #11633 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #11641 from TomSweeneyRedHat/dev/tsweeney/myaliasOpenShift Merge Robot2021-09-21
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] Add network alias note in man pages
| * | | | | [CI:DOCS] Add network alias note in man pagesTomSweeneyRedHat2021-09-21
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds a note about the limitation of network aliases to the man pages This should satisfy https://issues.redhat.com/browse/RUN-1189 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #11579 from cevich/add_cross_releaseOpenShift Merge Robot2021-09-21
|\ \ \ \ \ | |/ / / / |/| | | | Cross-build linux releases w/ arch in filename
| * | | | Cross-build release-archives w/ arch in filenameChris Evich2021-09-21
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #11417 Cross-building the podman-remote documentation requires a functional native architecture executable. However `make` only deals with files/timestamps, it doesn't understand if an existing binary will function on the system or not. This makes building cross-platform releases incredibly accident-prone and fragile. A practical way to deal with this, is via multiple conditional (nested) `make` calls along with careful manipulation of `$GOOS` and `$GOARCH`. Also, when cross-building releases be kind to humans and cleanup any non-native binaries left behind. Update the `Alt Arch. Cross` Cirrus-CI task to build release archives for all Linux architectures supported by golang and podman. Update the `OSX Cross` task to additionally build for the M1 (arm64) architecture. Finally, update the release process documentation to reflect the new locations (Cirrus-CI task names) for the release archives. Include a note about additional manual work being required to produce the signed `.dmg` file for MacOS. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #11631 from cevich/replace_hack-get_release_infoOpenShift Merge Robot2021-09-21
|\ \ \ \ | | | | | | | | | | Fix Error, empty output for info: 'VERSION'
| * | | | Fix Error, empty output for info: 'VERSION'Chris Evich2021-09-21
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When building releases, the definitive canonical version of podman (or podman-remote) is needed. Previously this was accomplished by scraping `version/version.go`. However, due to tooling differences across platforms, this has proven problematic, unreliable, and hard to maintain. Fix this by building and caching a small golang binary who's only purpose is to print the version number to stdout. This not only provides a quick and reliable way to determine the current version, it also acts as a check on the version API vs tooling that relies on it. Lastly, remove several `RELEASE_*` Makefile definitions which aren't actually used anywhere. These were originally added a very long time ago to serve as part of a long since retired release process. The remaining items, were updated to make use of the new `.podmanversion` binary on an as-required basis (i.e. not every time `make` is run). Signed-off-by: Chris Evich <cevich@redhat.com>