summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Update docs/source/markdown/podman-build.1.mdDaniel J Walsh2020-03-02
| | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Allow devs to set labels in container images for default capabilities.Daniel J Walsh2020-03-02
| | | | | | | | | | | | | | | | This patch allows users to specify the list of capabilities required to run their container image. Setting a image/container label "io.containers.capabilities=setuid,setgid" tells podman that the contained image should work fine with just these two capabilties, instead of running with the default capabilities, podman will launch the container with just these capabilties. If the user or image specified capabilities that are not in the default set, the container will print an error message and will continue to run with the default capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #5347 from baude/apiv2waitOpenShift Merge Robot2020-03-02
|\ | | | | rework apiv2 wait endpoint|binding
| * rework apiv2 wait endpoint|bindingBrent Baude2020-02-28
| | | | | | | | | | | | | | | | added the ability to wait on a condition (stopped, running, paused...) for a container. if a condition is not provided, wait will default to the stopped condition which uses the original wait code paths. if the condition is stopped, the container exit code will be returned. also, correct a mux issue we discovered. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5365 from ↵OpenShift Merge Robot2020-03-02
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/selinux-1.3.3 Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3
| * | Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3dependabot-preview[bot]2020-03-02
| | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.3.2 to 1.3.3. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.3.2...v1.3.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* | | Merge pull request #5343 from lsm5/fix-exists-urlOpenShift Merge Robot2020-03-02
|\ \ \ | | | | | | | | container Exists: fix URL
| * | | container Exists: fix URLLokesh Mandvekar2020-02-27
| | | | | | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | Merge pull request #5320 from sujil02/podtestOpenShift Merge Robot2020-03-02
|\ \ \ \ | |_|/ / |/| | | Add test to validate prune pod apiv2 binding.
| * | | Update pod bindings and Add test to validate prune pod apiv2 binding.Sujil022020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modify the pod inspect bindings to hold current pod status. Includes test to validate on pod status and added test to check no or few pods are pruned,if the pods are in exited state. Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | Merge pull request #5342 from cevich/runc_in_f30OpenShift Merge Robot2020-02-28
|\ \ \ \ | | | | | | | | | | Force using runc in F30
| * | | | Fix wrong condition in bindings testChris Evich2020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Thanks for Brent Baude <bbaude@redhat.com> for the fix. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Update VM imagesChris Evich2020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Main intended signifant change is forced-removal of crun from F30 and disabling updates-testing (only enabled on F31). Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Force runc use in F30Chris Evich2020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Suspect crun might be sneaking in during VM image build via podman RPM dependency. Add it to the removal list when building, then also force use of runc at runtime in F30. Also quote all true/false vars to force them as strings instead of booleans (which will become capitalized) Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Remove unnecessary handle_crun workaroundChris Evich2020-02-28
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Print env. vars at end of setup.Chris Evich2020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a number of env. vars set during the setup script. Therefore displaying them at end of the script is more helpful for debugging. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Fix not growing Fedora rootChris Evich2020-02-28
| | |_|/ | |/| | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #5349 from mheon/ensure_exec_suppgroupsOpenShift Merge Robot2020-02-28
|\ \ \ \ | | | | | | | | | | Ensure that exec sessions inherit supplemental groups
| * | | | Ensure that exec sessions inherit supplemental groupsMatthew Heon2020-02-28
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | This corrects a regression from Podman 1.4.x where container exec sessions inherited supplemental groups from the container, iff the exec session did not specify a user. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #5346 from mheon/bump-1.8.1-rc2OpenShift Merge Robot2020-02-28
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Bump to v1.8.1-RC2
| * | | | Bump to v1.8.1-devMatthew Heon2020-02-27
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | | Bump to v1.8.1-rc2v1.8.1-rc2Matthew Heon2020-02-27
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #5244 from Akasurde/i4962OpenShift Merge Robot2020-02-28
|\ \ \ \ \ | | | | | | | | | | | | Add cmd flag to show container name in log
| * | | | | Review commentsAbhijeet Kasurde2020-02-19
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
| * | | | | [WIP] Add cmd flag to show container name in logAbhijeet Kasurde2020-02-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This flag allows user to show container name in podman log command Fixes: #4962 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | | | | | Merge pull request #5354 from giuseppe/fix-build-using-100-cpuOpenShift Merge Robot2020-02-28
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | build: specify input fd to buildah
| * | | | | build: specify input fd to buildahGiuseppe Scrivano2020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It solves a tight loop with poll as stdin will be initialized to /dev/null in buildah/imagebuildah/StageExecutor.Run. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #5348 from baude/cninetfixOpenShift Merge Robot2020-02-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | Cninetfix
| * | | | | | network create should use firewall pluginBrent Baude2020-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when creating a network, podman should add the firewall plugin to the config but not specify a backend. this will allow cni to determine whether it should use an iptables|firewalld backend. Signed-off-by: Brent Baude <bbaude@redhat.com>
| * | | | | | add firewall plugin (no backend) to default cni configBrent Baude2020-02-27
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | in order for the fall back mechanisms to work in containernetworking-plugins, the firewall plugin must still be called via the cni configuration file. however, no backend will be specified as we will rely on cni to do the right thing. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | | Merge pull request #5319 from baude/apiv2volumestestsOpenShift Merge Robot2020-02-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | binding tests for volumes
| * | | | | | binding tests for volumesBrent Baude2020-02-27
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add binding tests for volumes: inspect(get), create, remove, prune, and list implement filters ability for volumes Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | | Merge pull request #5337 from edsantiago/logcollector_include_hostinfoOpenShift Merge Robot2020-02-27
|\ \ \ \ \ \ | |/ / / / / |/| | | | | CI: package_versions: include hostinfo, kernel
| * | | | | CI: package_versions: include hostinfo, kernelEd Santiago2020-02-27
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the package_versions CI step, include Fedora/Ubuntu version, uname -r, and cgroups version. Cgroups version is simply the FS type of /sys/fs/cgroup, which shows 'tmpfs' for v1 and 'cgroup2fs' for v2. I don't think it's worth the effort to prettify those into 'v1/v2' - I think our readers are sophisticated enough to figure it out from context - but am willing to add that feature if requested. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #5345 from mheon/update_release_notes_181_rc2OpenShift Merge Robot2020-02-27
|\ \ \ \ \ | |_|_|/ / |/| | | | [CI:DOCS] Update release notes for v1.8.1-rc2
| * | | | Update release notes for v1.8.1-rc2Matthew Heon2020-02-27
|/ / / / | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #5338 from umohnani8/vendor-buildahOpenShift Merge Robot2020-02-27
|\ \ \ \ | |/ / / |/| | | Vendor in latest containers/buildah
| * | | Vendor in latest containers/buildahUrvashi Mohnani2020-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in fix that sets the correct ownership on the working directory during the build process. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | | | Merge pull request #5295 from mheon/advanced_network_inspectOpenShift Merge Robot2020-02-27
|\ \ \ \ | | | | | | | | | | Add support for multiple CNI networks in podman inspect
| * | | | Add support for multiple CNI networks in podman inspectMatthew Heon2020-02-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When inspecting containers, info on CNI networks added to the container by name (e.g. --net=name1) should be displayed separately from the configuration of the default network, in a separate map called Networks. This patch adds this separation, improving our Docker compatibility and also adding the ability to see if a container has more than one IPv4 and IPv6 address and more than one MAC address. Fixes #4907 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #5334 from edsantiago/batsOpenShift Merge Robot2020-02-27
|\ \ \ \ \ | | | | | | | | | | | | kill test: clean up warnings; document better
| * | | | | kill test: clean up warnings; document betterEd Santiago2020-02-26
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 9f69c4eca (part of the f31 pr, #3091) semi-broke the kill test, there's now an ugly warning: setup(): removing stray images quay.io/libpod/fedora-minimal:latest 7bb5a60e8a78 The comments also didn't actually explain the problem being addressed, and included a misleading reference to busybox. Here we switch to using fedora-minimal only with podman-remote, clean it up (rmi) when finished, and include an explanation in the comments about why this is needed; making it clear that this workaround can be removed once we get rid of podman-remote. We also reformat back to 80 columns. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #5332 from giuseppe/uts-lookup-containerOpenShift Merge Robot2020-02-26
|\ \ \ \ \ | | | | | | | | | | | | spec: allow container alias name in lookup
| * | | | | spec: allow container alias name in lookupGiuseppe Scrivano2020-02-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously --uts=container: expected the full container ID. Closes: https://github.com/containers/libpod/issues/5289 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #5330 from baude/flakefixesforedOpenShift Merge Robot2020-02-26
|\ \ \ \ \ \ | |/ / / / / |/| | | | | curb flakes in integration tests
| * | | | | curb flakes in integration testsBrent Baude2020-02-26
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of searching the fedora registry which is error prone, we instead search a local registry for the empty set search. when running two containers with the same IP, i suspect the first container has not fully gotten its ip information back from cni when the second container fires. rework this test such that we use nginx to make sure the container is up and running before continues which should pace the subsequent test. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5329 from baude/contribspecepochOpenShift Merge Robot2020-02-26
|\ \ \ \ \ | | | | | | | | | | | | add epoch for specfile
| * | | | | add epoch for specfileBrent Baude2020-02-25
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | to get the copr rpms to jive better with the fedora rpms, we need to set an epoch. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5328 from lsm5/trivial-typo-correctionOpenShift Merge Robot2020-02-25
|\ \ \ \ \ | | | | | | | | | | | | fix trivial typo
| * | | | | fix trivial typoLokesh Mandvekar2020-02-25
| | |/ / / | |/| | | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-16 22:34:41 +0000