| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
[CI:DOCS] Update swagger definition of inspect manifest
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Changed reference in swagger to correct struture that was being
returned.
* Added summary to ManifestAddLibpod to clean up generated web site
* Added serve target to Makefile, to aid in debugging generated
web site
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| | |
| | | |
Handle podman-remote --arch, --platform, --os
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman remote should be able to handle remote specification of
arches.
Requires: https://github.com/containers/buildah/pull/3116
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Handle go pseudoversions, e.g. a custom non-released buildah
used during testing of a PR. This will be something like:
v1.20.1-0.20210402144408-36a37402d0c8
...and it makes it impossible (AFAIK) to do a shallow checkout;
we need to do a full clone of buildah, then git-checkout the
SHA (last element of the long string above).
FIXME: this is great for testing, but we almost certainly
want some way to block this PR from merging, don't we?
And, while testing this, found and fixed three bugs:
- quote "$failhint" when echoing it on failure; otherwise
we lose original whitespace.
- invoke git-am with --reject! This makes it SO MUCH EASIER
to identify the failing part of our patch!
- sigh: generate the make-new-buildah-diffs helper *BEFORE*
we try git-am! Otherwise, duh, if git-am fails we have no
way to help the developer create a new diff file.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| | | |
| | | | |
System tests: special case for RHEL: require runc
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As discussed in watercooler 2021-04-06: make sure that RHEL8
and CentOS are using runc. Using crun is probably a packaging
error that should be caught early.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
Fix flaking rootless compose test
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The compose port test is flaking with an empty curl result. The curl retry
does not work properly. Given the the tests never expect an empty result
lets just wait one second and retry again.
Unfortunately there is no way for me to actually verify if this will fix
the flake.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \ \
| | | |
| | | | |
Update nix pin with `make nixpkgs`
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Bugfix `make nixpkgs` which pin with branch `nixos-20.09`
- Code lint with `nixpkgs-fmt`
- Code sync between x86\_64 and aarch64
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
|
| |\ \ \ \
| | | | |
| | | | | |
rootless cni add /usr/sbin to PATH if not present
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The CNI plugins need access to iptables in $PATH. On debian /usr/sbin
is not added to $PATH for rootless users. This will break rootless
cni completely. To prevent breaking existing users add /usr/sbin to
$PATH in podman if needed.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \ \ \
| | | | |
| | | | | |
Add --requires flag to podman run/create
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Podman has, for a long time, had an internal concept of
dependency management, used mainly to ensure that pod infra
containers are started before any other container in the pod. We
also have the ability to recursively start these dependencies,
which we use to ensure that `podman start` on a container in a
pod will not fail because the infra container is stopped. We have
not, however, exposed these via the command line until now.
Add a `--requires` flag to `podman run` and `podman create` to
allow users to manually specify dependency containers. These
containers must be running before the container will start. Also,
make recursive starting with `podman start` default so we can
start these containers and their dependencies easily.
Fixes #9250
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] swagger-check: compare operations
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Until now we've only compared operations when called with the
non-default --pedantic flag, because there were way too many
exceptions.
With the merge of #9944 the rules have become much cleaner.
Still not perfect, but it's now possible to have simple
general rules with a (semi-)manageable list of exceptions.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| | |_|_|/
| |/| | | |
[CI:DOCS] Polish swagger OperationIDs
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Renamed 4 IDs to be consistent with other endpoints.
Fixes #9951
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
Cirrus: Make use of shared get_ci_vm container
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Depends on:
https://github.com/containers/automation_images/pull/57
https://github.com/containers/automation/pull/64
https://github.com/containers/automation/pull/66
https://github.com/containers/automation/pull/67
https://github.com/containers/automation/pull/68
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
Ensure that `--userns=keep-id` sets user in config
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
One of the side-effects of the `--userns=keep-id` command is
switching the default user of the container to the UID of the
user running Podman (though this can still be overridden by the
`--user` flag). However, it did this by setting the UID and GID
in the OCI spec, and not by informing Libpod of its intention to
switch users via the `WithUser()` option. Because of this, a lot
of the code that should have triggered when the container ran
with a non-root user was not triggering. In the case of the issue
that this fixed, the code to remove capabilities from non-root
users was not triggering. Adjust the keep-id code to properly
inform Libpod of our intention to use a non-root user to fix
this.
Also, fix an annoying race around short-running exec sessions
where Podman would always print a warning that the exec session
had already stopped.
Fixes #9919
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \
| | |/ /
| |/| | |
[CI:DOCS] Set all swagger operation id's to be compatible
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Libpod operation id's changed to better match compatibile id
Builds on https://github.com/containers/podman/pull/9123 and corrects
a duplicated ID.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com>
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com>
|
| |\ \ \
| | | |
| | | | |
Initial network bindings tests
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
fix machine naming conventions
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
try to align the machine commands and their usage descriptions.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Http api tests for network prune with until filter
|
| | | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[ci:docs] Update release notes to indicate CVE fix
|
| | | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We didn't release this with the original release notes as the fix
was still under embargo.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Verify existence of auth file if specified
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes: https://github.com/containers/podman/issues/9572
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] Add transport and destination info to manifest doc
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Initially I was missing transport information on podman manifest add.
Especially the `containers-storage` transport which references the
local image store. Had a use case where this came in quite handy and it
is not stated anywhere else in the docs. Suppose it does not make sense
for podman pull & push.
I've only added containers-storage and docker transports for
manifest add since I know those work. Maybe others work too.
I then also added the destination section to manifest push as it is done
in podman push & pull. I've added all transports here, but I don't know
if all are supported. Please review.
Signed-off-by: Alexander Wellbrock <a.wellbrock@mailbox.org>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Allow users to override default storage opts with --storage-opt
|
| | | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We define in the man page that this overrides the default storage
options, but the code was appending to the existing options.
This PR also makes a change to allow users to specify --storage-opt="".
This will turn off all storage options.
https://github.com/containers/podman/issues/9852
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add support for podman --context default
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This is a noop but helps with scripting and docker-compose.
Fixes: https://github.com/containers/podman/issues/9806
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Don't relabel volumes if running in a privileged container
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Docker does not relabel this content, and openstack is running
containers in this manner. There is a penalty for doing this
on each container, that is not worth taking on a disable SELinux
container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Add default template functions
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For commands that use the golang template library directly add the
compatible template functions
[NO TESTS NEEDED]
Fixes #8773
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
rootless cni without infra container
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
