| Commit message (Collapse) | Author | Age |
|\
| |
| | |
provide better error on invalid flag
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a extra `See 'podman command --help'` to the error output.
With this patch you now get:
```
$ podman run -h
Error: flag needs an argument: 'h' in -h
See 'podman run --help'
```
Fixes #13082
Fixes #13002
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
System tests: show one-line config overview
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We're running into problems that are impossible to diagnose
because we have no idea if the SUT is using netavark or CNI.
We've previously run into similar problems with runc/crun,
or cgroups 1/2.
This adds a one-line 'echo' with important system info. Now,
when viewing a full test log, it will be possible to view
system settings in one glance.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] troubleshooting.md: tweak subuid paragraph, encryption
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Expand the bit about needing to allocate UIDs so that we don't appear to
imply that adding a range of 10000 IDs to /etc/subuid will allow people
to use UID 1000000, which isn't in the range that we'd map a range of
that size to.
TLS is an acronym, so capitalize when we're talking about the protocol.
TLS verification is about encryption, not authentication.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \
| |/
|/|
| |
| | |
eriksjolund/troubleshooting_mention_rootfs_overlay_option
[CI:DOCS] troubleshooting: mention overlay option for --rootfs
|
| |
| |
| |
| |
| |
| |
| |
| | |
* Mention overlay option for --rootfs. Overlay description text
is from commit 020d81f113ea1e11398ea77495cc4b8e05a91d38
by Qi Wang
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \
| |/
|/| |
Propagate CONTAINERS_CONF to conmon
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The CONTAINERS_CONF environment variable can be used to override the
configuration file, which is useful for testing. However, at the moment
this variable is not propagated to conmon. That means in particular, that
conmon can't propagate it back to podman when invoking its --exit-command.
The mismatch in configuration between the starting and cleaning up podman
instances can cause a variety of errors.
This patch also adds two related test cases. One checks explicitly that
the correct CONTAINERS_CONF value appears in conmon's environment. The
other checks for a possible specific impact of this bug: if we use a
nonstandard name for the runtime (even if its path is just a regular crun),
then the podman container cleanup invoked at container exit will fail.
That has the effect of meaning that a container started with -d --rm won't
be correctly removed once complete.
Fixes #12917
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
|/
|
|
|
|
|
|
| |
This comment refers to overiding $PODMAN although the code below does
nothing of the sort. Presumbly the comment has been outdated by altering
the containers.conf / $CONTAINERS_CONF instead.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
|\
| |
| | |
[CI:DOCS] Update release notes with v4.0.0 additions
|
|/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
[CI:DOCS] logformatter: handle python logs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We've got some python tests running in CI, and they're really hard
to troubleshoot. This PR:
1) colorizes python unittest lines (ok / skipped / fail), and
2) links to source files
The color is nice for skimming, but it's the linking that might
make it much easier to diagnose future failures.
(Context: failure today in test/python/docker/compat/test_images.py)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Fix a potential flake in volume plugins tests
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We could remove the container running the volume plugins, before
the containers using the volume plugins; this could cause
unmounting the volumes to fail because the plugin could not be
contacted.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| | | |
| | | | |
vendor: update c/storage to 26c561f9
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
update c/storage to commit 26c561f9a64585d9a25d340e1ae5479eca8008a1.
It contains an important fix for partial pulls.
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/buildah-1.24.2
Bump github.com/containers/buildah from 1.24.1 to 1.24.2
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.24.1 to 1.24.2.
- [Release notes](https://github.com/containers/buildah/releases)
- [Changelog](https://github.com/containers/buildah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/containers/buildah/compare/v1.24.1...v1.24.2)
---
updated-dependencies:
- dependency-name: github.com/containers/buildah
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| | | |
| | | | |
increase subuid and subgid in image
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
increase the number of ids available to the podman users when running as
rootless.
Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
pkg: support passing down options for idmap
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[NO NEW TESTS NEEDED] the feature is still being worked in crun:
https://github.com/containers/crun/pull/874
also needs: https://github.com/containers/common/pull/927
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Calculate device major/minor using bitshift
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, devices with a major/minor number >256 would fail to be
detected. Switch to using bitwise conversion (similar to
sys/sysmacros in C).
[NO NEW TESTS NEEDED]
Signed-off-by: Robb Manes <robbmanes@protonmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Mac API forwarding using a privileged docker socket claim helper
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Switch default to rootless for mac and windows
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
claim helper
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Unify ls --filter docs for networks and pods
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
#13078 follow-up
|
|\ \ \
| |_|/
|/| | |
e2e: merge after/since image-filter tests
|
|/ /
| |
| |
| |
| |
| |
| | |
Merge the two tests to speed up testing. Both built the exact same
images.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| |/
|/| |
Fix images since/after tests
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It looks like some descriptions have changed on the docker registry
where we had been searching for images that include 'alpine'. We are
now seeing an image in the initial list that has 'alpine' in its
description.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
For the since and after imagve filter tests, instead of using the
read-only cache of images, we just use the empty r/w store. We then
build three images that are strictly predictable.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
[CI:DOCS] podman network: add documentation for netavark
|
|/
|
|
|
|
|
| |
Add some docs about the different network backends. Also remove the CNI
word from network since we refer to either a netavark or CNI config.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
ignition: propagate proxy settings from a host into a vm
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Set proxy settings (such as `HTTP_PROXY`, and others)
for the whole guest OS with setting up `DefaultEnvironment`
with a `systemd` configuration file `default-env.conf`,
a `profile.d` scenario file - `default-env.sh` and
a `environment.d` configuration file `default-env.conf`
The **actual** environment variables are read by podman
at a start, then they are encrypted with base64 into
a single string and after are provided into a VM through
QEMU Firmware Configuration (fw_cfg) Device
Inside a VM a systemd service `envset-fwcfg.service`
reads the providead encrypted string from fw_cfg, decrypts
and then adds to the files
- `/etc/systemd/system.conf.d/default-env.conf`
- `/etc/profile.d/default-env.sh`
- `/etc/environment.d/default-env.conf`
At the end this service execute `systemctl daemon-reload`
to propagate new variables for systemd manager
[NO NEW TESTS NEEDED]
Closes #13168
Signed-off-by: esendjer <esendjer@gmail.com>
|
|\ \
| | |
| | | |
create: Fix key=value annotation in the flag output
|
| | |
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Morten Linderud <morten@linderud.pw>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
eriksjolund/troubleshooting_userns_keep_id_uidmap_gidmap
[CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshooting
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add troubleshooting advice: "Container creates a file that is
not owned by the user's regular UID". The solution involves
using the options --uidmap and --gidmap.
* Add troubleshooting advice: "Passed-in devices or files can't be
accessed in rootless container (UID/GID mapping problem)".
The general solution involves using the options --uidmap and
--gidmap. Sometimes --userns=keep-id could be used.
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Temporarily pull machine images from side repo
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Until podman4 is in the fcos trees, we need to pull the machine images
from a side repository. There is a hard coded bit that forces the
side repo download right now. Simple comment or removal of the bit will
revert to normal download behavior.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
enable netavark specific tests
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These are copies of the CNI tests with modifications wherever
neccessary.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|