summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Update to use new common machine APIJason T. Greene2022-04-25
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Merge pull request #13999 from Luap99/go1.18-deprecatedOpenShift Merge Robot2022-04-25
|\ | | | | [CI:DOCS] fix staticcheck linter warning for deprecated function
| * fix staticcheck linter warning for deprecated functionPaul Holzinger2022-04-25
| | | | | | | | | | | | | | | | go1.18 deprecates `strings.Title()`. However for our use case this is still fine. The recommended replacement is adding about 400kb binary size so lets keep using this for now. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13978 from Luap99/unparamOpenShift Merge Robot2022-04-25
|\ \ | | | | | | enable unparam linter
| * | enable unparam linterPaul Holzinger2022-04-25
| | | | | | | | | | | | | | | | | | | | | The unparam linter is useful to detect unused function parameters and return values. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #13998 from cevich/fix_docker-py_testOpenShift Merge Robot2022-04-25
|\ \ \ | | | | | | | | Cirrus: Fix cirrus cache race on bin/podman
| * | | Cirrus: Fix cirrus cache race on bin/podmanChris Evich2022-04-25
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | A suspected race on uploading gopath cache is causing the docker-py (and possibly other) tasks to fail unpredictably with an error from `make` regarding missing `bin/podman`. Since this failure is affecting all development activity, apply a quick/dirty fix to the failing task, by simply rebuilding the binary. A more comprehensive/long-term fix will be worked in a future PR. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #13995 from ashley-cui/revrootfulOpenShift Merge Robot2022-04-25
|\ \ \ | |/ / |/| | Rootfull -> Rootful
| * | Docs rootfull -> rootfulAshley Cui2022-04-25
| | | | | | | | | | | | | | | | | | | | | | | | Some docs say roofull. Change to rootful. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
| * | Revert "Switch all rootful to rootfull"Ashley Cui2022-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee. We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #13993 from aonoa/mainOpenShift Merge Robot2022-04-25
|\ \ \ | | | | | | | | Modify the pod name suffix '_pod' to '-pod'
| * | | Modify the pod name suffix '_pod' to '-pod'aonoa2022-04-25
| |/ / | | | | | | | | | Signed-off-by: aonoa <1991849113@qq.com>
* | | Merge pull request #13981 from rhatdan/volumeOpenShift Merge Robot2022-04-25
|\ \ \ | |/ / |/| | Add support for passing --volumepath
| * | Add support for passing --volumepathDaniel J Walsh2022-04-23
| | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13860 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #13988 from rhatdan/apiv2OpenShift Merge Robot2022-04-25
|\ \ \ | |/ / |/| | Allow filtering of "removing", it is a valid status
| * | Allow filtering of "removing", it is a valid statusDaniel J Walsh2022-04-24
|/ / | | | | | | | | | | | | | | | | Do not use a list of statuses outside of libpod to validate container statuses. Removing status was never added to the list. Fixes: https://github.com/containers/podman/issues/13986 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13980 from lsm5/switch-sha256OpenShift Merge Robot2022-04-23
|\ \ | | | | | | libpod/networking_linux.go: switch to sha256 hash generation
| * | libpod/networking_linux.go: switch to sha256 hashesLokesh Mandvekar2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SHA-1 is prone to collisions. This will likely break connectivity between old containers started before update and containers started after update. It will also fail to cleanup old netns. A reboot will fix this, so a reboot is recommended after update. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #13973 from Luap99/linter-reviveOpenShift Merge Robot2022-04-23
|\ \ \ | | | | | | | | replace golint with revive linter
| * | | replace golint with revive linterPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | golint, scopelint and interfacer are deprecated. golint is replaced by revive. This linter is better because it will also check for our error style: `error strings should not be capitalized or end with punctuation or a newline` scopelint is replaced by exportloopref (already endabled) interfacer has no replacement but I do not think this linter is important. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #13959 from cevich/fix_apiv2OpenShift Merge Robot2022-04-23
|\ \ \ \ | |_|/ / |/| | | Fix hang in apiv2 test_connect
| * | | Fix hang in test_connectChris Evich2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Starting the podman service in debug-mode causes aardvark to run in debug mode. This does unexpected things with file-descriptors leading to a test-hang. Thanks to @Luap99 for the fix. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | Increase verbosity and sequencing of APIv2 testingChris Evich2022-04-22
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The default verbosity level does not show the classes or function names. This makes it difficult to debug problems like hangs. Also, separate the bats and python-based tests into two sections. This allows for easier debugging, since isolation can be done in `runner.sh` rather than mucking with the `Makefile`. Lastly, update the logformatter script to `autoflush stdout` (thanks @edsantiago). Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #13976 from rhatdan/rootlessOpenShift Merge Robot2022-04-22
|\ \ \ | | | | | | | | Update test to run network check in both rootless and rootfull mode
| * | | Update test to run network check in both rootless and rootfull modeDaniel J Walsh2022-04-22
| | |/ | |/| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #13975 from ↵OpenShift Merge Robot2022-04-22
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/fsnotify/fsnotify-1.5.3 Bump github.com/fsnotify/fsnotify from 1.5.2 to 1.5.3
| * | | Bump github.com/fsnotify/fsnotify from 1.5.2 to 1.5.3dependabot[bot]2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) from 1.5.2 to 1.5.3. - [Release notes](https://github.com/fsnotify/fsnotify/releases) - [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md) - [Commits](https://github.com/fsnotify/fsnotify/compare/v1.5.2...v1.5.3) --- updated-dependencies: - dependency-name: github.com/fsnotify/fsnotify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | Merge pull request #13974 from ↵OpenShift Merge Robot2022-04-22
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/container-orchestrated-devices/container-device-interface-0.4.0 Bump github.com/container-orchestrated-devices/container-device-interface from 0.3.2 to 0.4.0
| * | | Bump github.com/container-orchestrated-devices/container-device-interfacedependabot[bot]2022-04-22
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/container-orchestrated-devices/container-device-interface](https://github.com/container-orchestrated-devices/container-device-interface) from 0.3.2 to 0.4.0. - [Release notes](https://github.com/container-orchestrated-devices/container-device-interface/releases) - [Commits](https://github.com/container-orchestrated-devices/container-device-interface/compare/v0.3.2...v0.4.0) --- updated-dependencies: - dependency-name: github.com/container-orchestrated-devices/container-device-interface dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #13918 from Luap99/hostsOpenShift Merge Robot2022-04-22
|\ \ \ | | | | | | | | use etchosts package from c/common
| * | | test/system: add containers.conf test for new /etc/hosts optionsPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | Improve /etc/hosts documentationPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the documentation for /etc/hosts options --add-host and --no-hosts. Also make sure that all references use the same text for consistency. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | shared netns and --add-host should conflictPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because /etc/hosts is shared for all containers with a shared network namespace you should not be able to add hosts from a joined container. Only the primary netns container can set the hosts. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | network dis-/connect: update /etc/hostsPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we connect or disconnect from a network we also have to update /etc/hosts to ensure we only have valid entries in there. This also fixes problems with docker-compose since this makes use of network connect/disconnect. Fixes #12533 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | libpod: fix c.Hostname() to respect the utsNsCtrPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we lookup the hostname for a given container we have to check if the container is joined to another utsns and use this hostname then instead. This fixes a problem where the `hostname` command would use the correct name but /etc/hostname would contain a different name. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | use etchosts package from c/commonPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use the new logic from c/common to create the hosts file. This will help to better allign the hosts files between buildah and podman. Also this fixes several bugs: - remove host entries when container is stopped and has a netNsCtr - add entries for containers in a pod - do not duplicate entries in the hosts file - use the correct slirp ip when an userns is used Features: - configure host.containers.internal entry in containers.conf - configure base hosts file in containers.conf Fixes #12003 Fixes #13224 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #13881 from rhatdan/usernsOpenShift Merge Robot2022-04-22
|\ \ \ \ | |_|_|/ |/| | | Add support for --userns=nomap
| * | | Add support for --userns=nomapDaniel J Walsh2022-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From a security point of view, it would be nice to be able to map a rootless usernamespace that does not use your own UID within the container. This would add protection against a hostile process escapping the container and reading content in your homedir. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13972 from Luap99/staticcheckOpenShift Merge Robot2022-04-22
|\ \ \ \ | |_|_|/ |/| | | enable staticcheck linter
| * | | silence deprecated warnings for manifest functionsPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no reason to mark them directly as deprecated since we still have to use them as long as we want to support 3.X calls. The staticcheck linter is complaining about the Deprecated comment but that doesn't make sense in this context. There is no good way to only exclude a single check with golangci-lint. I renamed the function with a V3 suffix to make clear that we only use this for backwards compat. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | enable staticcheck linterPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix many problems reported by the staticcheck linter, including many real bugs! Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | move golang.org/x/crypto/ssh/terminal to golang.org/x/termPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | golang.org/x/crypto/ssh/terminal is deprecated. The package was moved to golang.org/x/term. golang.org/x/crypto/ssh/terminal was already just calling golang.org/x/term itslef so there are no functional changes. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #13969 from flouthoc/mount-csv-parsingOpenShift Merge Robot2022-04-22
|\ \ \ \ | | | | | | | | | | specgen-volumes: parse `--mount` using csv-reader instead of split.
| * | | | specgen-volumes: parse --mount using csv-reader instead of split by commaAditya R2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Following commit ensures that csv escaping is supported while using inline `--mount=type=......` flag with `podman run` by using `encoding/csv` to parse options instead of performing a `split.String(` by `comma`. Closes: https://github.com/containers/podman/issues/13922 Signed-off-by: Aditya R <arajan@redhat.com>
* | | | | Merge pull request #13964 from rhatdan/rootfullOpenShift Merge Robot2022-04-22
|\ \ \ \ \ | |_|_|_|/ |/| | | | Switch all rootful to rootfull
| * | | | Switch all rootful to rootfullDaniel J Walsh2022-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We are inconsistent on the name, we should stick with rootfull. [NO NEW TESTS NEEDED] Existing tests should handle this and no tests for machines exists yet. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13971 from rhatdan/codespellOpenShift Merge Robot2022-04-22
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] Run codespell on code
| * | | | | Run codespell on codeDaniel J Walsh2022-04-22
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13935 from edsantiago/bats_assertOpenShift Merge Robot2022-04-22
|\ \ \ \ \ | | | | | | | | | | | | system tests: add assert(), and start using it
| * | | | | system tests: add assert(), and start using itEd Santiago2022-04-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Problem: the system test 'is()' checker was poorly thought out. For example, there is no way to check for inequality or for absence of a substring. Solution, step 1: introduce new assert(), copied almost verbatim from buildah, where it has been successful in addressing the gaps in is(). The logical next step is to search the tests for 'die' and for 'run', looking for negative assertions which we can replace with assert(). There were a lot, and in the process I found a number of ugly bugs in the tests themselves. I've taken the liberty of fixing these. Important note: at this time we have both assert() and is(). Replacing all instances of is() would be impossible to review. Signed-off-by: Ed Santiago <santiago@redhat.com>