summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Update release notes for v0.12.1.1Matthew Heon2018-12-07
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Merge pull request #1955 from mheon/fix_hooks_not_existOpenShift Merge Robot2018-12-07
|\ | | | | Fix errors where OCI hooks directory does not exist
| * Fix errors where OCI hooks directory does not existMatthew Heon2018-12-07
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #1953 from baude/podstoptimeoutOpenShift Merge Robot2018-12-07
|\ \ | | | | | | add timeout to pod stop
| * | add timeout to pod stopbaude2018-12-07
| | | | | | | | | | | | | | | | | | | | | | | | like podman stop of containers, we should allow the user to specify a timeout override when stopping pods; otherwise they have to wait the full timeout time specified during the pod/container creation. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #1893 from jwhonce/bug/1869OpenShift Merge Robot2018-12-07
|\ \ \ | | | | | | | | Refactor CLI booleans to be consistent and defined behavior
| * | | Refactor BooleanAction to mimic golang interfaceJhon Honce2018-12-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change all store_true or store_false to use store_bool. New behavior documented in BooleanAction docstring. * Remove any extraneous code identified by pylint in files from above. Fixes #1869 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #1928 from baude/podtokubeOpenShift Merge Robot2018-12-07
|\ \ \ \ | | | | | | | | | | generate kube
| * | | | generate kubebaude2018-12-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to generate kubernetes pod and service yaml representations of libpod containers and pods. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #1788 from cevich/cirrus_base_imagesOpenShift Merge Robot2018-12-07
|\ \ \ \ \ | |_|_|/ / |/| | | | Codify and document base-image production + Enable testing with Fedora
| * | | | Cirrus: Document and codify base-image productionChris Evich2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A number of images required for future testing are not present in GCE. Importing them is a long proscribed process prone to errors and complications. Improve this situation by documenting, and encoding the majority of the steps required. Due to the required complexity, these are clearly identified as 'semi-automated'. This means a discerning eye is sometimes needed to address unforeseen problems (networking issues, format or packaging changes, etc). Nevertheless, having these steps in writing, will reduce current and future maintenance burden while supporting future testing needs of RHEL, Fedora and Fedora Atomic Host. Also: * Add necessary configuration, scripts, and Makefile updates needed to prepare RHEL, Fedora, & FAH cloud images for use in GCE. This is a complex, multi-step process where the cloud image is booted un a local user-mod qemu-kvm instance, where it can be modified. From there, it's converted into a specific format, and imported into GCE. Lastly, the imported raw disk data is made available as a GCE VM image. Note: As of this commit, the RHEL base-image builds (CentOS has native image), however neither RHEL or CentOS cache-images build correctly. * Left testing on FAH disabled, the GCE/Cirrus integration needs needs more work. Specifically, the python3-based google startup script service throws a permission-denied (as root) when trying to create a temp. directory. Did not investigate further, though manually running the startup script does allow the libpod tests to start running. * Enabled Fedora 29 image to execute tests and general use. * Utilize the standardized F28-based container image for gating of more the intensive unit and integration testing. Update documentation to reflect this as the standard platform for these checks. Rename tasks with shorter names and to better reflect their purpose. * Cirrus: Trim unnecessary env vars before testing since the vast majority are only required for orchestration purposes. Since most are defined within `.cirrus.yml`, it's a good place to store the list of undesirables. Since each of the cirrus-scripts runs in it's own shell, unsetting these near the end will have no consequence. Also trim down the number of calls to show_env_vars() Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Use Makefile for image-buildingChris Evich2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The packer tool takes JSON as input for the details of producing VM images to be used for PR CI-testing. JSON is not a very human-friendly format, without support for comments and frequently containing lots of duplicate data. Fix this by using a Makefile + simple python one-liner to convert from a human-friendly YAML format into packer-native JSON. This allows use of anchors/aliases to reduce duplication, and allows inline comments for easier maintainability. This also allows separating the 'test' action from the 'build' action, for earlier and better syntax problem detection. Lastly, there are some minor ``lib.sh`` and ``integration_test.sh`` updates to support future work, and slightly improve the build and test environments. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #1930 from mtrmac/sysregistriesv2OpenShift Merge Robot2018-12-06
|\ \ \ \ \ | |_|_|_|/ |/| | | | Update c/image for sysregistriesv2 changes and automatic docker:// insecure configuration
| * | | | Remove manual handling of insecure registries in (podman search)Miloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead, just set SystemRegistriesConfPath and let the transport do it. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Fix reporting the registries.conf path on errorMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | i.e. actually reflect the environment variable and/or rootless mode instead of always using the default path. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Remove manual handling of insecure registries in doPullImageMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead, just set SystemRegistriesConfPath and let the transport do it. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Remove the forceSecure parameter on the pull call stackMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DockerRegistryOptions.DockerInsecureSkipTLSVerify as an types.OptionalBool can now represent that value, so forceSecure is redundant. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Remove manual handling of insecure registries in PushImageToReferenceMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead, just set SystemRegistriesConfPath and let the transport do it. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Factor out the registries.conf location code in pkg/registriesMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The newly introduced SystemRegistriesConfPath somewhat decreases duplication, but more importantly will allow future callers to set just a types.SystemContext.SystemRegistriesConfPath and not call GetRegistries / GetInsecureRegistries at all. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Remove the forceSecure parameter of Image.PushImageTo*Miloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DockerRegistryOptions.DockerInsecureSkipTLSVerify as an types.OptionalBool can now represent that value, so forceSecure is redundant. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Minimally update for the DockerInsecureSkipTLSVerify type changeMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Following SystemContext.DockerInsecureSkipTLSVerify, make the DockerRegistryOne also an OptionalBool, and update callers. Explicitly document that --tls-verify=true and --tls-verify unset have different behavior in those commands where the behavior changed (or where it hasn't changed but the documentation needed updating). Also make the --tls-verify man page sections a tiny bit more consistent throughout. This is a minimal fix, without changing the existing "--tls-verify=true" paths nor existing manual insecure registry lookups. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Fix build on non-LinuxMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unrelated to the rest of the PR. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Remove some unused data structures and codeMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... instead of unnecessarily adapting it for the DockerInsecureSkipTLSVerify type change. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Vendor buildah after merging https://github.com/containers/buildah/pull/1214Miloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This updates buildah for the sysregistriesv2 changes. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * | | | Update containers/image to 63a1cbdc5e6537056695cf0d627c0a33b334df53Miloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* | | | | Merge pull request #1954 from mheon/bump-0.12.1Matthew Heon2018-12-06
|\ \ \ \ \ | | | | | | | | | | | | Bump to v0.12.1
| * | | | | Bump gitvalidation epochMatthew Heon2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | | | Bump to v0.12.2-devMatthew Heon2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * | | | | Bump to v0.12.1v0.12.1Matthew Heon2018-12-06
|/ / / / / | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | | | | Merge pull request #1952 from mheon/release_notes_0.12.1Matthew Heon2018-12-06
|\ \ \ \ \ | |/ / / / |/| | | | Update release notes for 0.12.1
| * | | | Update release notes for 0.12.1Matthew Heon2018-12-06
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | | | | Merge pull request #1951 from baude/podcontainernetOpenShift Merge Robot2018-12-06
|\ \ \ \ \ | |_|/ / / |/| | | | bind mount /etc/resolv.conf|hosts in pods
| * | | | bind mount /etc/resolv.conf|hosts in podsbaude2018-12-06
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | containers inside pods need to make sure they get /etc/resolv.conf and /etc/hosts bind mounted when network is expected Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #1905 from umohnani8/loginOpenShift Merge Robot2018-12-06
|\ \ \ \ | |/ / / |/| | | Pick registry to login from full image name as well
| * | | Pick registry to login from full image name as wellUrvashi Mohnani2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman login reg.io/username/image works as well now. It picks the registry and checks for authentication, if none exist it will prompt for username and password. If the credentials exist but are not valid, it will prompt the user for new valid credentials. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | | Merge pull request #1904 from umohnani8/volumeOpenShift Merge Robot2018-12-06
|\ \ \ \ | | | | | | | | | | Add "podman volume" command
| * | | | Tests for podman volume commandsUrvashi Mohnani2018-12-06
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
| * | | | Add "podman volume" commandumohnani82018-12-06
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for podman volume and its subcommands. The commands supported are: podman volume create podman volume inspect podman volume ls podman volume rm podman volume prune This is a tool to manage volumes used by podman. For now it only handle named volumes, but eventually it will handle all volumes used by podman. Signed-off-by: umohnani8 <umohnani@redhat.com>
* | | | Merge pull request #1912 from baude/pruneOpenShift Merge Robot2018-12-06
|\ \ \ \ | | | | | | | | | | Add ability to prune containers and images
| * | | | Add ability to prune containers and imagesbaude2018-12-05
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow user to prune unused/unnamed images, the layer images from building, via podman rmi --prune. Allow user to prune stopped/exiuted containers via podman rm --prune. This should resolve #1910 Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #1887 from mheon/rm_syncOpenShift Merge Robot2018-12-06
|\ \ \ \ | | | | | | | | | | Add --sync option to podman rm
| * | | | Remove --sync flag from `podman rm`Matthew Heon2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per discussion with Dan, it would be better to automatically handle potential runtime errors by automatically syncing if they occur. Retaining the flag for `ps` makes sense, as we won't even be calling the OCI runtime and as such won't see errors if the state desyncs, but rm can be handled automatically. The automatic desync handling code will take some additional work so we'll land this as-is (sync on ps is enough to solve most desync issues). Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | | Add locking to Sync() on containersMatthew Heon2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously not needed as it only worked inside of Batch(), but now that it can be called anywhere we need to add mutual exclusion on its config changes. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | | Add --sync flag to podman psMatthew Heon2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous commit added support for --sync to podman rm to ensure state inconsistencies would not prevent containers from being removed. Add the flag to podman ps as well, so that all containers can be forcibly synced and all state inconsistencies resolved. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | | Add --sync option to podman rmMatthew Heon2018-12-06
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the changes made recently to ensure Podman does not hit the OCI runtime as often to sync state, we can find ourselves in a situation where the runtime's state does not match ours. Add a --sync flag to podman rm to ensure we can still remove containers when this happens. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #1944 from giuseppe/update-tutorialOpenShift Merge Robot2018-12-06
|\ \ \ \ | | | | | | | | | | tutorial: add ostree dependency
| * | | | tutorial: add ostree dependencyGiuseppe Scrivano2018-12-06
| |/ / / | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #1946 from rhatdan/vendorOpenShift Merge Robot2018-12-06
|\ \ \ \ | |/ / / |/| | | Vendor in latest containers/storage
| * | | Merge branch 'vendor' of github.com:rhatdan/libpod into vendorDaniel J Walsh2018-12-06
| |\ \ \
| | * | | Vendor in latest containers/storageDaniel J Walsh2018-12-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This should improve performance on vfs images on top of xfs/reflink drives. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>