| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Upgrade tests: reexamine cross-testing matrix
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- removed: v1.9.0, v2.0.6
+ added: v3.4.0
(Cannot add v4 because there's no such image on quay. As soon
as one appears, we should add it.)
Add a workaround for a UTS namespace conflict new in v3.4
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Machine refactor part 2
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This PR further implements a more structured approach to handling the
files needed by machine. More files are now made as MachineFile which
can then have a symlink (using a shorter path) to them. Also added Set
and Get methods for many of the files.
The next part of the refactor will implement the use of symlinks on
MacOS.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
fix slirp4netns port forwarding with ranges
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The slirp4netns port forwarder was not updated to make use of the new
port format. This results in a problem when port ranges are used since
it does not read the range field from the port.
Update the logic to iterate through all ports with the range and
protocols. Also added a system test for port ranges with slirp4netns,
rootlesskit and the bridge network mode.
Fixes #13643
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
systemd: enable all cgroups when running as a service
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
enable cgroup delegation when running as a systemd service so all the
available controllers are correctly detected.
Closes: https://github.com/containers/podman/issues/13710
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
rootless netns: move process to scope only with systemd
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When you run podman on a non systemd system we should not try to move the
process under a new systemd scope.
[NO NEW TESTS NEEDED]
Ref #13703
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Add 'Os' to be queried via 'version' output
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: John Matthews <jwmatthews@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Cirrus: Build multi-arch images + manifests
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Github-actions for large/complex tasks is hard to read and maintain.
Reimplement the multi-arch image build workflow into a set of bash
scripts that use all native contrainer-org tooling. This requires
a special VM image setup with emulation to build foreign architectures.
It also requires renaming the `helloimage` directory, because the build
script uses the directory name in the image FQIN.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
size-check: display binary size and growth
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This won't actually be seen except by someone who takes the
time to clickety-click into Cirrus - but that's better than
not showing it at all.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
upgrade tests: fix networking problems
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With podman4 we support netavark, however old versions will still use
cni. Since netavark and cni can conflict we should not mix them.
Remove the network setup from the inital podman command and create the
directories manually to prevent such conflicts.
Also the update to 4.0 changes the network db structure. While it is
compatible from 3.X to 4.0 it will fail the other way around. In this
test it will happen because the cleanup process still uses the old
podman while the network connect/disconnect test already changed the db
format. Therefore the cleanup process cannot see any networks and will
not tear it down. The following start will fail because the ip address
is already assigned.
Fixes #13679
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
replace hpcloud/tail with nxadm/tail
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The hpcloud is not maintained anymore. nxadm is already part of the
dependency chain, so it won't add work for downstream packages.
While testing upcoming changes to the events-file backend, I noticed
that nxadm is shipping required fixes.
[NO NEW TESTS NEEDED]
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Set systemd mode if entrypoint begins with /bin/sh -c
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes: https://github.com/containers/podman/issues/13324
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Migrate machine configs
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If podman detects a Machinev1 config, it will automatically migrate it
to the new format.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
|
|\ \ \ \
| |_|_|/
|/| | | |
[CI:DOCS] Unify examples section across several man pages
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
This commit adjusts example sections across several man pages
to the format seen in other pages.
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
|\ \ \
| |_|/
|/| | |
[CI:DOCS] Pin actions to a full length commit SHA
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
>Pin actions to a full length commit SHA
>Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.
https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
Also dependabot supports upgrades based on SHA.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
|
|\ \ \
| |_|/
|/| | |
Updated dependabot to GitHub actions
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Updated dependabot to get updates for GitHub actions.
GitHub sends Dependabot alerts when we detect vulnerabilities affecting your repository
as well as when there are new updates to the dependency.
https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts
A vulnerability is a problem in a project's code that could be exploited to damage the confidentiality, integrity, or availability of the project or other projects that use its code. Vulnerabilities vary in type, severity, and method of attack.
When your code depends on a package that has a security vulnerability, this vulnerable dependency can cause a range of problems for your project or the people who use it.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
|
|\ \
| | |
| | | |
Machine refactor - part 1
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
the way machine was written was very adjunct and as such is in dire need
of refactoring to better structures and structure methods where
appropriate. the weekest part is specifically around all the files that
machine requires and how some are just dynamically built on the fly.
this pr defines a new machinefile type which allows us to work with the
file and also takes into account the use of symlinks which are going to
be needed on macos due to its relatively short file length restriction.
also, added unit tests for new methods as well as anywhere else I saw a
need.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |/ /
|/| | |
network setup: fail if slirp4netns is not installed
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I do not see why we should only log an error. If slirp4netns is
requested but not installed we should error.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fixes errors from 'manifest push' being dropped in remote case
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: John Matthews <jwmatthews@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
libpod, event: generate a valid event on container `rename` operation
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Following commit ensures that podman generates a valid event on `podman
container rename` where event specifies that it is a rename event and
container name swtichted to the latest name.
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Switch all calls to filepath.Walk to filepath.WalkDir
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
WalkDir should be faster the Walk, since we often do
not need to stat files.
[NO NEW TESTS NEEDED] Existing tests should find errors.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/google.golang.org/protobuf-1.28.0
build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.27.1 to 1.28.0.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash)
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.27.1...v1.28.0)
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
[CI:DOCS] clarifying "loginctl enable-linger" section in doc
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Adam Maryniuk <adamaze@gmail.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
Vendor c/common for filters
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Added patch provided by rhatdan to add support for shareable
[NO NEW TESTS NEEDED]
Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
[CI:DOCS]: Update docs for image filters
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
[NO NEW TESTS NEEDED]
Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Resolves #13629 Add RegistryAuthHeader to manifest push
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Jason Montleon <jmontleo@redhat.com>
|