summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Add log rotation based on log sizeNiall Crowe2022-04-14
| | | | | | | | | | | | Add new functions to logfile.go for rotating and truncating the events log file once the log file and its contents exceed the maximum size limit while keeping 50% of the log file's content Also add tests to verify log rotation and truncation Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #13867 from rhatdan/commonOpenShift Merge Robot2022-04-14
|\ | | | | Update containers/common to main branch
| * Update containers/common to main branchDaniel J Walsh2022-04-13
| | | | | | | | | | | | Want to add support for Machine.Volumes Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13863 from mheon/stopped_can_attachOpenShift Merge Robot2022-04-14
|\ \ | |/ |/| Allow HTTP attach to stopped containers
| * Allow HTTP attach to stopped containersMatthew Heon2022-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's a potential race condition where we attempt to attach to a container immediately after it's been stopped, but before the cleanup process has run on it. The existing code doesn't allow an attach to containers in the Stopped state (cleanup process has not run) but does allow an attach to containers in the Exited state (cleanup process has run). This doesn't make very much sense and there's no technical reason to restrict attach to only Exited containers, so allow attaching to Stopped containers. [NO NEW TESTS NEEDED] Testing this is very racy - we need to get in before the cleanup process runs, which isn't really deterministic when we're invoked from a script - like the CI tests. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #13844 from Luap99/compat-netmodeOpenShift Merge Robot2022-04-13
|\ \ | | | | | | compat api: use network mode bridge as default
| * | compat api: use network mode bridge as defaultPaul Holzinger2022-04-13
| |/ | | | | | | | | | | | | | | | | | | | | For better docker compatibility we should use the bridge network mode as default for rootless. This was already done previously but commit 535818414c2a introduced this regression in v4.0. Since the apiv2 test are only run rootful we cannot catch this problem in CI. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13853 from ↵OpenShift Merge Robot2022-04-13
|\ \ | | | | | | | | | | | | chuanchang/fix_typo_in_podman_container_clone_docs [CI:DOCS] fix typo in podman-container-clone.1.md
| * | docs: fix typo in podman-container-clone.1.mdAlex Jia2022-04-13
| | | | | | | | | | | | Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
* | | Merge pull request #13829 from baude/machineinspectOpenShift Merge Robot2022-04-13
|\ \ \ | |_|/ |/| | Introduce machine inspect
| * | Introduce machine inspectBrent Baude2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow users to inspect their podman virtual machines. This will be helpful for debug and development alike, because more details about the machine can be collected. Signed-off-by: Brent Baude <bbaude@redhat.com> [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #13852 from elezar/bump-cdi-0.3.2OpenShift Merge Robot2022-04-13
|\ \ \ | |_|/ |/| | build(deps) bump github.com/container-orchestrated-devices/container-device-interface from 0.3.0 to 0.3.2
| * | build(deps) bump CDI dependency from 0.3.0 to 0.3.2Evan Lezar2022-04-13
|/ / | | | | | | | | | | bump github.com/container-orchestrated-devices/container-device-interface from 0.3.0 to 0.3.2 Signed-off-by: Evan Lezar <elezar@nvidia.com>
* | Merge pull request #13841 from lsm5/main-cve-2022-27191OpenShift Merge Robot2022-04-12
|\ \ | | | | | | Bump golang.org/x/crypto to 7b82a4e
| * | Bump golang.org/x/crypto to 7b82a4eLokesh Mandvekar2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resolves: GHSA-8c26-wmh5-6g9v - CVE-2022-27191 Podman doesn't seem to be directly affected as the logic in question is not called. golang.org/x/crypto@1baeb1ce contains the actual CVE fix. Using the latest upstream commit to also include support for SHA-2. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #13846 from edsantiago/batsOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | System tests: fix oops in start --filter tests
| * | | System tests: fix oops in start --filter testsEd Santiago2022-04-12
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Bad code got committed by accident: test description on run_podman line, not test line. Did not seem to affect tests, but fix it anyway. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #13814 from rhatdan/systemdOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | Pretty print systemd services file
| * | | Pretty print systemd services fileAbhijeet Kasurde2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: #13337 I added newline only on options IE Begin with "-" [NO NEW TESTS NEEDED] Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13787 from Luap99/nohost-apiOpenShift Merge Robot2022-04-12
|\ \ \ \ | | | | | | | | | | API: use no_hosts from containers.conf
| * | | | API: use no_hosts from containers.confPaul Holzinger2022-04-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The API endpoints should properly honour the `no_hosts=true` setting in containers.conf. Fixes #13719 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #13788 from flouthoc/support-volume-optsOpenShift Merge Robot2022-04-12
|\ \ \ \ \ | |_|_|/ / |/| | | | run, mount: allow setting driver specific option using `volume-opt=`
| * | | | run, mount: allow setting driver specific option using volume-optAditya R2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `--mount` should allow setting driver specific options using `volume-opt` when `type=volume` is set. This ensures parity with docker's `volume-opt`. Signed-off-by: Aditya R <arajan@redhat.com>
* | | | | Merge pull request #13837 from rhatdan/VENDOROpenShift Merge Robot2022-04-12
|\ \ \ \ \ | |_|_|_|/ |/| | | | Update vendor of storage,common,image
| * | | | Update vendor of storage,common,imageDaniel J Walsh2022-04-12
| | |_|/ | |/| | | | | | | | | | | | | | | | | | Preparing for release candidate. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13836 from flouthoc/machine-rm-ignore-enoentOpenShift Merge Robot2022-04-12
|\ \ \ \ | | | | | | | | | | machine,rm: Ignore `ENOENT` while cleaning machine paths
| * | | | machine,rm: Ignore ENOENT while cleaning machineAditya R2022-04-12
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Certain paths like `../containers/podman/machine/my-test/podman.sock` do not exist when machine is not started, so removing a machine before starting it will result in ENOENT which we should ignore cause these paths do not exists Closes: https://github.com/containers/podman/issues/13834 [NO TESTS NEEDED] [NO NEW TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #13828 from cevich/fix_cron_checkOpenShift Merge Robot2022-04-12
|\ \ \ \ | |/ / / |/| | | [CI:BUILD] Cirrus: Fix unsupported cirrus-cron build status
| * | | Cirrus: Fix unsupported cirrus-cron build statusChris Evich2022-04-11
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Every weekday when the `check_cirrus_cron` github-actions workflow runs. It checks the status of all cirrus-cron jobs. If a build is found with a 'FAILED' status, it triggers an alert e-mail to be sent. However, the `test_image_build` is marked as a manually-triggered, resulting in a perpetual status of 'EXECUTING', even if there were failures. Fix this by only allowing the problematic task to run in pull requests without the `[CI:DOCS]` magic keyword. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #13821 from eriksjolund/fix_userns_auto_docsOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | [CI:DOCS] Rewrite rootless --userns=auto docs
| * | | [CI:DOCS] Rewrite rootless --userns=auto docsErik Sjölund2022-04-12
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove the statement that rootless --userns=auto does not work. * Mention that --userns=keep-id consumes all subuids and subgids. Co-authored-by: Tom Sweeney <tsweeney@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | Merge pull request #13093 from 0xC0ncord/selinux-conmon-agnosticOpenShift Merge Robot2022-04-12
|\ \ \ | | | | | | | | selinux: remove explicit range transition when starting conmon
| * | | selinux: remove explicit range transition when starting conmonKenton Groombridge2022-03-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not explicitly transition to s0 when starting conmon. Instead, the policy should implement this behavior. [NO NEW TESTS NEEDED] This is dependent on the SELinux policy to implement the desired behavior. Additionally, entirely custom SELinux policies may choose to implement the behavior differently. Signed-off-by: Kenton Groombridge <me@concord.sh>
* | | | Merge pull request #13826 from stevekuznetsov/skuznets/update-docOpenShift Merge Robot2022-04-11
|\ \ \ \ | | | | | | | | | | [CI:DOCS] pkg/bindings: document requirements for use
| * | | | pkg/bindings: document requirements for useSteve Kuznetsov2022-04-11
|/ / / / | | | | | | | | | | | | Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
* | | | Merge pull request #13804 from cevich/auto_update_bpOpenShift Merge Robot2022-04-11
|\ \ \ \ | | | | | | | | | | Cirrus: Multi-arch build auto-update + tagging update
| * | | | Cirrus: Multi-arch build auto-update + tagging updateChris Evich2022-04-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This new VM image brings in two important updates to multi-arch image build operations: 1. Future operational changes will no-longer require also updating VM images. Updates to build-push made in `containers/automation_images` will automatically be picked up at runtime. ref: https://github.com/containers/automation_images/pull/123 2. On the next run, both `vX` and `vX.Y` tagged manifest-lists will be pushed. This is now also reflected in the README. ref: https://github.com/containers/automation_images/pull/125 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #13822 from edsantiago/buildah_3544_fixedOpenShift Merge Robot2022-04-11
|\ \ \ \ \ | | | | | | | | | | | | System tests: reenable ps --external test
| * | | | | System tests: reenable ps --external testEd Santiago2022-04-11
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Buildah issue 3544 has been fixed and vendored into podman. We can reenable a long-skipped test. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #13701 from Luap99/ipam-noneOpenShift Merge Robot2022-04-11
|\ \ \ \ \ | |/ / / / |/| | | | network create: add support for ipam-driver none
| * | | | network create: add support for ipam-driver nonePaul Holzinger2022-04-11
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new flag to set the ipam-driver. Also adds a new ipam driver none mode which only creates interfaces but does not assign addresses. Fixes #13521 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #13794 from rhatdan/newuidmapOpenShift Merge Robot2022-04-08
|\ \ \ \ | | | | | | | | | | If newuidmap or newgidmap fail, then check their permissions
| * | | | If newuidmap or newgidmap fail, then check their permissionsDaniel J Walsh2022-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Often distributions to not have newuidmap and netgidmap configured to be setuid. If Podman fails to setup the user namespace, check to see if these files doe not have the proper protection and tell the user. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13811 from flouthoc/container_inspect_entrypointOpenShift Merge Robot2022-04-08
|\ \ \ \ \ | |/ / / / |/| | | | container,inspect: convert `Entrypoint` to an array instead of a string
| * | | | container,inspect: convert Entrypoint to array instead of a stringAditya R2022-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Convert container entrypoint from string to an array inorder to make sure there is parity between `podman inspect` and `docker inspect` Signed-off-by: Aditya R <arajan@redhat.com>
* | | | | Merge pull request #13687 from rhatdan/VENDOROpenShift Merge Robot2022-04-08
|\ \ \ \ \ | |/ / / / |/| | | | Vendor in new opencontainers/selinux
| * | | | Vendor in new opencontainers/selinuxDaniel J Walsh2022-04-08
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also update vendor of containers/common,buildah,storage,image Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13810 from vrothberg/images-sizeOpenShift Merge Robot2022-04-08
|\ \ \ \ | | | | | | | | | | images --size
| * | | | images --sizeValentin Rothberg2022-04-08
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a --size option to podman images to allow for disabling computing the size of listed images. If listing images is critical to performance, user may chose to turn off size computation to speed things up. Context: #13755 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | Merge pull request #13773 from TomSweeneyRedHat/dev/tsweeney/helloOpenShift Merge Robot2022-04-07
|\ \ \ \ | |/ / / |/| | | [CI:DOCS] Add Podman Hello to readme.md
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-07 20:34:26 +0000