summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Cirrus: Build multi-arch images + manifestsChris Evich2022-03-28
| | | | | | | | | | | Github-actions for large/complex tasks is hard to read and maintain. Reimplement the multi-arch image build workflow into a set of bash scripts that use all native contrainer-org tooling. This requires a special VM image setup with emulation to build foreign architectures. It also requires renaming the `helloimage` directory, because the build script uses the directory name in the image FQIN. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #13564 from naveensrinivasan/naveen/feat/pin-actionsOpenShift Merge Robot2022-03-28
|\ | | | | [CI:DOCS] Pin actions to a full length commit SHA
| * Pin actions to a full length commit SHAnaveensrinivasan2022-03-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions >Pin actions to a full length commit SHA >Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions Also dependabot supports upgrades based on SHA. Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* | Merge pull request #13565 from naveensrinivasan/naveen/feat/dependabot-updateOpenShift Merge Robot2022-03-28
|\ \ | | | | | | Updated dependabot to GitHub actions
| * | Updated dependabot to GitHub actionsnaveensrinivasan2022-03-19
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Updated dependabot to get updates for GitHub actions. GitHub sends Dependabot alerts when we detect vulnerabilities affecting your repository as well as when there are new updates to the dependency. https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts A vulnerability is a problem in a project's code that could be exploited to damage the confidentiality, integrity, or availability of the project or other projects that use its code. Vulnerabilities vary in type, severity, and method of attack. When your code depends on a package that has a security vulnerability, this vulnerable dependency can cause a range of problems for your project or the people who use it. Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* | Merge pull request #13674 from baude/refactor1OpenShift Merge Robot2022-03-28
|\ \ | | | | | | Machine refactor - part 1
| * | Machine refactor - part 1Brent Baude2022-03-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the way machine was written was very adjunct and as such is in dire need of refactoring to better structures and structure methods where appropriate. the weekest part is specifically around all the files that machine requires and how some are just dynamically built on the fly. this pr defines a new machinefile type which allows us to work with the file and also takes into account the use of symlinks which are going to be needed on macos due to its relatively short file length restriction. also, added unit tests for new methods as well as anywhere else I saw a need. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #13640 from Luap99/slirp4netns-failOpenShift Merge Robot2022-03-28
|\ \ \ | |/ / |/| | network setup: fail if slirp4netns is not installed
| * | network setup: fail if slirp4netns is not installedPaul Holzinger2022-03-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | I do not see why we should only log an error. If slirp4netns is requested but not installed we should error. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #13651 from jwmatthews/fix13650OpenShift Merge Robot2022-03-28
|\ \ \ | | | | | | | | Fixes errors from 'manifest push' being dropped in remote case
| * | | Fixes errors from 'manifest push' being dropped in remote caseJohn Matthews2022-03-27
| | | | | | | | | | | | | | | | Signed-off-by: John Matthews <jwmatthews@gmail.com>
* | | | Merge pull request #13677 from flouthoc/rename-eventOpenShift Merge Robot2022-03-28
|\ \ \ \ | | | | | | | | | | libpod, event: generate a valid event on container `rename` operation
| * | | | event: generate a valid event on container rename operationAditya R2022-03-28
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Following commit ensures that podman generates a valid event on `podman container rename` where event specifies that it is a rename event and container name swtichted to the latest name. Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #13668 from rhatdan/walkOpenShift Merge Robot2022-03-28
|\ \ \ \ | | | | | | | | | | Switch all calls to filepath.Walk to filepath.WalkDir
| * | | | Switch all calls to filepath.Walk to filepath.WalkDirDaniel J Walsh2022-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WalkDir should be faster the Walk, since we often do not need to stat files. [NO NEW TESTS NEEDED] Existing tests should find errors. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13592 from ↵OpenShift Merge Robot2022-03-28
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/google.golang.org/protobuf-1.28.0 build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0
| * | | | | build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0dependabot[bot]2022-03-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.27.1 to 1.28.0. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.27.1...v1.28.0) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | Merge pull request #13648 from adamaze/mainDaniel J Walsh2022-03-28
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | [CI:DOCS] clarifying "loginctl enable-linger" section in doc
| * | | | | clarifying "loginctl enable-linger" section in docAdam Maryniuk2022-03-24
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Adam Maryniuk <adamaze@gmail.com>
* | | | | | Merge pull request #13611 from rvandernoort/vendor_filtersOpenShift Merge Robot2022-03-28
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Vendor c/common for filters
| * | | | | Vendor commonrvandernoort2022-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added patch provided by rhatdan to add support for shareable [NO NEW TESTS NEEDED] Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
* | | | | | Merge pull request #13607 from rvandernoort/filter_docsOpenShift Merge Robot2022-03-27
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | [CI:DOCS]: Update docs for image filters
| * | | | | Update filter docs with missing entries and add negation option.rvandernoort2022-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
* | | | | | Merge pull request #13653 from jmontleon/fix-manifest-push-headerOpenShift Merge Robot2022-03-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | Resolves #13629 Add RegistryAuthHeader to manifest push
| * | | | | | Resolves #13629 Add RegistryAuthHeader to manifest pushjason2022-03-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Montleon <jmontleo@redhat.com>
* | | | | | | Merge pull request #13660 from rhatdan/errorOpenShift Merge Robot2022-03-27
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Remove error stutter
| * | | | | | | Remove error stutterDaniel J Walsh2022-03-25
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When podman gets an error it prints out "Error: " before printing the error string. If the error message starts with error, we end up with Error: error ... This PR Removes all of these stutters. logrus.Error() also prints out that this is an error, so no need for the error stutter. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #13639 from ↵Daniel J Walsh2022-03-27
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/docker/docker-20.10.14incompatible build(deps): bump github.com/docker/docker from 20.10.13+incompatible to 20.10.14+incompatible
| * | | | | | | build(deps): bump github.com/docker/dockerdependabot[bot]2022-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.13+incompatible to 20.10.14+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.13...v20.10.14) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | | | Merge pull request #13659 from rhatdan/codespellOpenShift Merge Robot2022-03-26
|\ \ \ \ \ \ \ \ | |_|/ / / / / / |/| | | | | | | Run codespell to cleanup typos
| * | | | | | | Run codespell to cleanup typosDaniel J Walsh2022-03-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | | Merge pull request #13658 from ↵OpenShift Merge Robot2022-03-25
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-1.0.0 build(deps): bump github.com/rootless-containers/rootlesskit from 0.14.6 to 1.0.0
| * | | | | | | build(deps): bump github.com/rootless-containers/rootlesskitdependabot[bot]2022-03-25
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.6 to 1.0.0. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.6...v1.0.0) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | | Merge pull request #13662 from giuseppe/fix-ci-test-runMatt Heon2022-03-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | test: fix podman run test as rootless
| * | | | | | | test: fix podman run test as rootlessGiuseppe Scrivano2022-03-25
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | aafa80918a245edcbdaceb1191d749570f1872d0 introduced the regression. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | Merge pull request #13657 from Akasurde/misc_spellDaniel J Walsh2022-03-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Misc typo fixes
| * | | | | | | Misc typo fixesAbhijeet Kasurde2022-03-25
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | | | | | | Merge pull request #13656 from giuseppe/drop-rhel-7-docDaniel J Walsh2022-03-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | [CI:DOCS] docs: drop note about upcoming RHEL 7.7
| * | | | | | | [CI:DOCS] docs: drop note about upcoming RHEL 7.7Giuseppe Scrivano2022-03-25
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it was released more than two years ago. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | Merge pull request #13531 from cdoern/buildOpenShift Merge Robot2022-03-24
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add Context Directory to tar
| * | | | | | | add contextDir to tar on remotecdoern2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman build fails on remote build when using a relative context directory. This is because the context dir was not being added to the tar, so when remote the compat build function would not be able to stat the contextDir. resolves #13293 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | | | | | Merge pull request #13622 from rhatdan/systemd1OpenShift Merge Robot2022-03-24
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | When running systemd in a container set container_uuid
| * | | | | | | | When running systemd in a container set container_uuidDaniel J Walsh2022-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | systemd expects the container_uuid environment variable be set when it is running in a container. Fixes: https://github.com/containers/podman/issues/13187 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | | | Merge pull request #13636 from Luap99/machine-port-proxyDaniel J Walsh2022-03-24
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | podman machine: fix port forwarding with proxy
| * | | | | | | | | podman machine: fix port forwarding with proxyPaul Holzinger2022-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a user has a http proxy configured the VM will use it. However since gvproxy can only be reached internally from within the VM the port forwarding HTTP API call should not be redirected to the proxy. [NO NEW TESTS NEEDED] Fixes #13628 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | | | | Merge pull request #13647 from lsm5/main-cve-2022-21698Daniel J Walsh2022-03-24
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Bump github.com/prometheus/client_golang to v1.11.1
| * | | | | | | | | | Bump github.com/prometheus/client_golang to v1.11.1Lokesh Mandvekar2022-03-24
| | |_|_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resolves: CVE-2022-21698 Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | | | | | | | Merge pull request #13637 from Luap99/conmon-errOpenShift Merge Robot2022-03-24
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | readConmonPipeData: try to improve error
| * | | | | | | | | | readConmonPipeData: try to improve errorPaul Holzinger2022-03-24
| | |/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Issue #10927 reports `container create failed (no logs from conmon): EOF` errors. Since we do not know the root cause it would be helpful to try to get as much info as possible out of the error. (buffer).ReadBytes() will return the bytes read even when an error occurs. So when we get an EOF we could still have some valuable information in the buffer. Lets try to unmarshal them and if this fails we add the bytes to the error message. This does not fix the issue but it might help us getting a better error. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | | | | Merge pull request #13621 from Luap99/doc-libpodOpenShift Merge Robot2022-03-24
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | [CI:DOCS] document that using libpod package directly is not supported