summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #13306 from Luap99/flag-errorOpenShift Merge Robot2022-02-21
|\ | | | | provide better error on invalid flag
| * provide better error on invalid flagPaul Holzinger2022-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a extra `See 'podman command --help'` to the error output. With this patch you now get: ``` $ podman run -h Error: flag needs an argument: 'h' in -h See 'podman run --help' ``` Fixes #13082 Fixes #13002 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13307 from edsantiago/bats_infoOpenShift Merge Robot2022-02-21
|\ \ | | | | | | System tests: show one-line config overview
| * | System tests: show one-line config overviewEd Santiago2022-02-21
| |/ | | | | | | | | | | | | | | | | | | | | | | | | We're running into problems that are impossible to diagnose because we have no idea if the SUT is using netavark or CNI. We've previously run into similar problems with runc/crun, or cgroups 1/2. This adds a one-line 'echo' with important system info. Now, when viewing a full test log, it will be possible to view system settings in one glance. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #13305 from nalind/troubleshootingOpenShift Merge Robot2022-02-21
|\ \ | | | | | | [CI:DOCS] troubleshooting.md: tweak subuid paragraph, encryption
| * | troubleshooting.md: tweak subuid paragraph, encryptionNalin Dahyabhai2022-02-21
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Expand the bit about needing to allocate UIDs so that we don't appear to imply that adding a range of 10000 IDs to /etc/subuid will allow people to use UID 1000000, which isn't in the range that we'd map a range of that size to. TLS is an acronym, so capitalize when we're talking about the protocol. TLS verification is about encryption, not authentication. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | Merge pull request #13284 from ↵OpenShift Merge Robot2022-02-21
|\ \ | |/ |/| | | | | eriksjolund/troubleshooting_mention_rootfs_overlay_option [CI:DOCS] troubleshooting: mention overlay option for --rootfs
| * [CI:DOCS] troubleshooting: mention overlay option for --rootfsErik Sjölund2022-02-18
| | | | | | | | | | | | | | | | * Mention overlay option for --rootfs. Overlay description text is from commit 020d81f113ea1e11398ea77495cc4b8e05a91d38 by Qi Wang Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | Merge pull request #12918 from dgibson/propagate-conf-envOpenShift Merge Robot2022-02-21
|\ \ | |/ |/| Propagate CONTAINERS_CONF to conmon
| * Propagate $CONTAINERS_CONF to conmonDavid Gibson2022-02-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CONTAINERS_CONF environment variable can be used to override the configuration file, which is useful for testing. However, at the moment this variable is not propagated to conmon. That means in particular, that conmon can't propagate it back to podman when invoking its --exit-command. The mismatch in configuration between the starting and cleaning up podman instances can cause a variety of errors. This patch also adds two related test cases. One checks explicitly that the correct CONTAINERS_CONF value appears in conmon's environment. The other checks for a possible specific impact of this bug: if we use a nonstandard name for the runtime (even if its path is just a regular crun), then the podman container cleanup invoked at container exit will fail. That has the effect of meaning that a container started with -d --rm won't be correctly removed once complete. Fixes #12917 Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
| * tests: Remove inaccurate commentDavid Gibson2022-02-18
|/ | | | | | | | This comment refers to overiding $PODMAN although the code below does nothing of the sort. Presumbly the comment has been outdated by altering the containers.conf / $CONTAINERS_CONF instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* Merge pull request #13278 from mheon/bump_main_40OpenShift Merge Robot2022-02-17
|\ | | | | [CI:DOCS] Update release notes with v4.0.0 additions
| * Update release notes with v4.0.0 additionsMatthew Heon2022-02-17
|/ | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #13241 from edsantiago/logformatter_do_pythonOpenShift Merge Robot2022-02-17
|\ | | | | [CI:DOCS] logformatter: handle python logs
| * [CI:DOCS] logformatter: handle python logsEd Santiago2022-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We've got some python tests running in CI, and they're really hard to troubleshoot. This PR: 1) colorizes python unittest lines (ok / skipped / fail), and 2) links to source files The color is nice for skimming, but it's the linking that might make it much easier to diagnose future failures. (Context: failure today in test/python/docker/compat/test_images.py) Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #13264 from mheon/fix_plugin_flakeOpenShift Merge Robot2022-02-17
|\ \ | | | | | | Fix a potential flake in volume plugins tests
| * | Fix a potential flake in volume plugins testsMatthew Heon2022-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | We could remove the container running the volume plugins, before the containers using the volume plugins; this could cause unmounting the volumes to fail because the plugin could not be contacted. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #13263 from giuseppe/update-c-storageOpenShift Merge Robot2022-02-17
|\ \ \ | | | | | | | | vendor: update c/storage to 26c561f9
| * | | vendor: update c/storage to 26c561f9Giuseppe Scrivano2022-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | update c/storage to commit 26c561f9a64585d9a25d340e1ae5479eca8008a1. It contains an important fix for partial pulls. [NO NEW TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #13260 from ↵OpenShift Merge Robot2022-02-17
|\ \ \ \ | |/ / / |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/buildah-1.24.2 Bump github.com/containers/buildah from 1.24.1 to 1.24.2
| * | | Bump github.com/containers/buildah from 1.24.1 to 1.24.2dependabot[bot]2022-02-17
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.24.1 to 1.24.2. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/main/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.24.1...v1.24.2) --- updated-dependencies: - dependency-name: github.com/containers/buildah dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #13252 from chmouel/increase-subuid-subgidOpenShift Merge Robot2022-02-17
|\ \ \ | | | | | | | | increase subuid and subgid in image
| * | | increase subuid and subgid in imageChmouel Boudjnah2022-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | increase the number of ids available to the podman users when running as rootless. Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>
* | | | Merge pull request #13228 from giuseppe/idmap-optionsOpenShift Merge Robot2022-02-17
|\ \ \ \ | | | | | | | | | | pkg: support passing down options for idmap
| * | | | pkg: support passing down options for idmapGiuseppe Scrivano2022-02-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] the feature is still being worked in crun: https://github.com/containers/crun/pull/874 also needs: https://github.com/containers/common/pull/927 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #13258 from robbmanes/bitshift_st_rdevOpenShift Merge Robot2022-02-17
|\ \ \ \ \ | |_|_|/ / |/| | | | Calculate device major/minor using bitshift
| * | | | Calculate device major/minor using bitshiftRobb Manes2022-02-16
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, devices with a major/minor number >256 would fail to be detected. Switch to using bitwise conversion (similar to sys/sysmacros in C). [NO NEW TESTS NEEDED] Signed-off-by: Robb Manes <robbmanes@protonmail.com>
* | | | Merge pull request #13075 from n1hility/mac-forward-helperOpenShift Merge Robot2022-02-16
|\ \ \ \ | |_|/ / |/| | | Mac API forwarding using a privileged docker socket claim helper
| * | | Update to podman4 copr streamJason T. Greene2022-02-16
| | | | | | | | | | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * | | Introduce podman machine init --root=t|f and podman machine set --root=t|fJason T. Greene2022-02-16
| | | | | | | | | | | | | | | | | | | | | | | | Switch default to rootless for mac and windows Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * | | Initial implementation of mac forwarding using a privileged docker sock ↵Jason T. Greene2022-02-16
| |/ / | | | | | | | | | | | | | | | claim helper Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | | Merge pull request #13243 from patrycja-guzik/docs2OpenShift Merge Robot2022-02-16
|\ \ \ | | | | | | | | [CI:DOCS] Unify ls --filter docs for networks and pods
| * | | Unify ls --filter docs for networks and podsPatrycja Guzik2022-02-15
| | |/ | |/| | | | | | | | | | | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com> #13078 follow-up
* | | Merge pull request #13244 from vrothberg/merge-filter-testsOpenShift Merge Robot2022-02-16
|\ \ \ | |_|/ |/| | e2e: merge after/since image-filter tests
| * | e2e: merge after/since image-filter testsValentin Rothberg2022-02-16
|/ / | | | | | | | | | | | | Merge the two tests to speed up testing. Both built the exact same images. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #13239 from baude/e2esincebeforeOpenShift Merge Robot2022-02-16
|\ \ | |/ |/| Fix images since/after tests
| * Changes of docker descriptionsBrent Baude2022-02-15
| | | | | | | | | | | | | | | | | | It looks like some descriptions have changed on the docker registry where we had been searching for images that include 'alpine'. We are now seeing an image in the initial list that has 'alpine' in its description. Signed-off-by: Brent Baude <bbaude@redhat.com>
| * Fix images since/after testsBrent Baude2022-02-15
|/ | | | | | | | For the since and after imagve filter tests, instead of using the read-only cache of images, we just use the empty r/w store. We then build three images that are strictly predictable. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #13237 from Luap99/net-docsOpenShift Merge Robot2022-02-15
|\ | | | | [CI:DOCS] podman network: add documentation for netavark
| * podman network: add documentation for netavarkPaul Holzinger2022-02-15
|/ | | | | | | Add some docs about the different network backends. Also remove the CNI word from network since we refer to either a netavark or CNI config. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13209 from esendjer/mainOpenShift Merge Robot2022-02-14
|\ | | | | ignition: propagate proxy settings from a host into a vm
| * ignition: propagate proxy settings from a host into a vmesendjer2022-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set proxy settings (such as `HTTP_PROXY`, and others) for the whole guest OS with setting up `DefaultEnvironment` with a `systemd` configuration file `default-env.conf`, a `profile.d` scenario file - `default-env.sh` and a `environment.d` configuration file `default-env.conf` The **actual** environment variables are read by podman at a start, then they are encrypted with base64 into a single string and after are provided into a VM through QEMU Firmware Configuration (fw_cfg) Device Inside a VM a systemd service `envset-fwcfg.service` reads the providead encrypted string from fw_cfg, decrypts and then adds to the files - `/etc/systemd/system.conf.d/default-env.conf` - `/etc/profile.d/default-env.sh` - `/etc/environment.d/default-env.conf` At the end this service execute `systemctl daemon-reload` to propagate new variables for systemd manager [NO NEW TESTS NEEDED] Closes #13168 Signed-off-by: esendjer <esendjer@gmail.com>
* | Merge pull request #13223 from Foxboron/morten/fix-annotationOpenShift Merge Robot2022-02-14
|\ \ | | | | | | create: Fix key=value annotation in the flag output
| * | create: Fix key=value annotation in the flag outputMorten Linderud2022-02-14
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Morten Linderud <morten@linderud.pw>
* | | Merge pull request #13084 from ↵OpenShift Merge Robot2022-02-14
|\ \ \ | | | | | | | | | | | | | | | | eriksjolund/troubleshooting_userns_keep_id_uidmap_gidmap [CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshooting
| * | | [CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshootingErik Sjölund2022-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add troubleshooting advice: "Container creates a file that is not owned by the user's regular UID". The solution involves using the options --uidmap and --gidmap. * Add troubleshooting advice: "Passed-in devices or files can't be accessed in rootless container (UID/GID mapping problem)". The general solution involves using the options --uidmap and --gidmap. Sometimes --userns=keep-id could be used. Co-authored-by: Tom Sweeney <tsweeney@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #13220 from baude/podman4fcosOpenShift Merge Robot2022-02-14
|\ \ \ \ | |_|/ / |/| | | Temporarily pull machine images from side repo
| * | | Temporarily pull machine images from side repoBrent Baude2022-02-11
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Until podman4 is in the fcos trees, we need to pull the machine images from a side repository. There is a hard coded bit that forces the side repo download right now. Simple comment or removal of the bit will revert to normal download behavior. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #13144 from lsm5/e2e-netavarkOpenShift Merge Robot2022-02-11
|\ \ \ | | | | | | | | enable netavark specific tests
| * | | enable netavark specific testsLokesh Mandvekar2022-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | These are copies of the CNI tests with modifications wherever neccessary. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>