| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Cirrus: Print images that should be pruned
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Over time unless they're removed, the project could grow quite a large
collection of VM images. While generally cheap (less than a penny each,
per month), these will become a significant cost item if not kept
in-check.
Add a specialized container for handling image-pruning, but limit
it to only finding and printing (not actually deleting) images.
Also update the image-building workflow so that base-images used to
compose cache-images are also labeled with metadata.
N/B: As an additional safeguard, the service account which
executes the new container in production *DOES NOT*
have access to delete images. This can be enabled
by adding the GCE IAM role: CustomComputeImagePrune
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| | |
| | | |
Cirrus: Disable most periodic services/timers
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For CI testing, it's important to remove as much variability from the
overall system as possible. This permits focusing just on problems
closely related to code-changes. To this end, and because VMs are very
short-lived (2 hours at most), disable all systemd services and timers
which perform periodic activities.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Make the healthcheck flags compatible with Docker CLI
|
| | |
| | |
| | |
| | | |
Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Docker CLI calls the healthcheck flags "--health-*", instead of
"--healthcheck-*".
Introduce the former, in order to keep compatibility, and alias
the later, in order to avoid breaking current usage.
Change "--healthcheck-*" to "--health-*" in the docs and tests.
Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Cirrus: Abstract destination branch refs.
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Various tasks and scripts behave differently depending on whether or not
the build is running against a PR or on a branch, post-merge. However,
a great number of them are hard-coded to the string 'master' as the
destination. Since this is not always the case (there are other
relevant branches), it makes sense to abstract the references with a
single definition.
Add a top-level `$DEST_BRANCH` variable to CI, and otherwise
default to 'master' when unset. This enables running CI builds on
additional branches without the overhead of updating all the static
references to 'master'. Simply update `$DEST_BRANCH` at the top-level
and all branch-conditional logic will function as intended.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix handling of healthcheck from image
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
An image with "HEALTHCHECK CMD ['']" is valid but as there is no command
defined the healthcheck will fail. Reject such a configuration.
Fixes #3507
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the image was built with "HEALTHCHECK NONE" then we should create a
container without healthcheck configuration. Otherwise executing the
healthcheck on the container will return "unhealthy" instead of the
correct error message that the container doesn't have a healthcheck.
We also ignore the healthcheck configuration if the command list is
empty or the command string is empty.
Fixes #3525
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the image doesn't provide any options, e.g. interval, timeout, etc.,
then apply the Docker defaults when creating the container. Otherwise
the defaults will be left 0 and podman doesn't schedule the healtcheck
service & timer for the container or incorrectly reports unhealthy state
when the check is executed.
Fixes #3525
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- remove duplicate check, already called in HealthCheck()
- reject zero-length command list and empty command string as errorneous
- support all Docker command list keywords: NONE, CMD or CMD-SHELL
- use Docker default "/bin/sh -c" for CMD-SHELL
Fixes #3507
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Binary bloat analyses
|
| | |
| | |
| | |
| | |
| | |
| | | |
Credits to bash wizard @edsantiago for the changes.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Change the script to generate two files. One including direct
dependencies, the other including direct and transitive dependencies.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove a blank line to make code examples more consistent and fix the
path of the 2nd example.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new analysis script to print the dependency tree.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Move the analyses scripts to the dependencies directory to avoid
scattering of the dependency management.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Believe it or not:
`sort -ruh` is loosing data while `sort -u | sort -rh` does not.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The script allows for analyzing the symbols of a go binary passed as an
argument. The tabular output looks as follows:
336 unicode/utf8.DecodeLastRune
323 unicode/utf8.DecodeLastRuneInString
518 unicode/utf8.DecodeRune
518 unicode/utf8.DecodeRuneInString
337 unicode/utf8.EncodeRune
The first column indicates the size in bytes of the symbol in the second
column. Note that only text symbols are considered, other symbols from
the data or the bss segment are ignored to avoid information overload.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Analyse the size of all go-packages used during the build process via
the newly added `hack/analyses/go-archive-analysis.sh` script. The
script expects the `WORK` environment variable to be set, which points
to a temporary work directory generated by `go build`. To generate such
a work directory, set the `BUILDFLAGS="-work -a"`:
* `-work` for creating the work directory
* `-a` to force rebuilding all packages even when already cached
The workflow may look as follows:
```
$ BUILDFLAGS="-work -a" make podman
[...]
WORK=/tmp/go-build127001249
$ WORK=/tmp/go-build127001249 ./hack/analyses/go-archive-analysis.sh
```
The output of the script has the format `$SIZE $PACKAGE` where $SIZE is
the size of the compiled version of the go package (i.e., `.a` file) and
$PACKAGE for the corresponding package, for instance, `math/big` for a
stdlib package or vendor/... for vendored packages.
Credits to the authors of https://github.com/jondot/goweight, which
inspired this work.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Improve parser for --healthcheck-command
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix Docker CLI compatibility issue: the "--healthcheck-command" option
value should not be split but instead be passed as single string to
"CMD-SHELL", i.e. "/bin/sh -c <opt>".
On the other hand implement the same extension as is already available
for "--entrypoint", i.e. allow the option value to be a JSON array of
strings. This will make life easier for tools like podman-compose.
Updated "--healthcheck-command" option values in tests accordingly.
Continuation of #3455 & #3507
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
|\ \ \
| |_|/
|/| | |
Fix the double replySendFile()
|
| | |
| | |
| | |
| | | |
Signed-off-by: Harald Hoyer <harald@redhat.com>
|
|\ \ \
| | | |
| | | | |
Ensure we have a valid store when we refresh
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes #3520
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |_|_|/
|/| | | |
Improves STD output/readability in combination
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
with debug output.
Added \n char to specific standard output
Signed-off-by: dom finn <dom.finn00@gmail.com>
|
|\ \ \
| | | |
| | | | |
cgroupsv2: do not enable controllers for the last component
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
do not automatically enable the controllers for the last path
component. It is necessary as once there are enabled controllers in a
cgroup, it won't possible to add processes to it.
Fix conmon being moved to the correct cgroup path when using
--cgroup-manager cgroupfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
spec: fix userns with less than 5 gids
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
when the container is running in a user namespace, check if gid=5 is
available, otherwise drop the option gid=5 for /dev/pts.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
fix bug convert volume host path to absolute
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
fix #3504 If --volume host:dest host is not a named volume, convert the host to a absolute directory path.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Cirrus: Execute system-tests during image-validation
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | | |
This was originally intended, but somehow omitted from #1936
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add support for --env-host
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Sometimes you want to add a few environmen variables based on the last field being a "*".
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This flag passes the host environment into the container. The basic idea is to
leak all environment variables from the host into the container.
Environment variables from the image, and passed in via --env and --env-file
will override the host environment.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|