summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* ISSUE TEMPLATE: remove `--debug` from `podman info`Valentin Rothberg2022-08-10
| | | | | | `--debug` is a NOP and will be hidden in a later commit. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Cirrus: use dnf instead of rpm to install packagesLokesh Mandvekar2022-08-10
| | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Cirrus: Fix e2e tests for "mount_rootless_test"Toshiki Sonoda2022-08-10
| | | | | | | | | | | | | | | | | | | | | e2e `mount_rootless_test` did not load `podman binary path` successfully. This PR fix this problem. [It] podman unshare podman mount: ``` [+1596s] Running: ... unshare mount <cid> [+1596s] Error: exec: no command [+1596s] output: ``` [It] podman unshare image podman mount: ``` [+1599s] Running: ... unshare image mount quay.io/libpod/alpine:latest [+1599s] Error: exec: no command [+1599s] output: ``` Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* podman generate systemd --new: allow -h hostnamePaul Holzinger2022-08-10
| | | | | | | | | | podman run/create can accept `-h <hostname>` as argument. When parsing flags -h throws an help requested error from pflag. To prevent this error we have to define the help flag. Fixes #15124 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* test: verify manifest inspect must contain OCI annotationsAditya R2022-08-10
| | | | Signed-off-by: Aditya R <arajan@redhat.com>
* podman-volume-import: Reword "precendence"Felix Stupp2022-08-10
| | | Signed-off-by: Felix Stupp <me+github@banananet.work>
* man podman-volume-import: Clarify that merge happensFelix Stupp2022-08-10
| | | | | Current directories and files stay the same with the current implementation as long as the tarball does not contain a directories or files with the same name. Signed-off-by: Felix Stupp <me+github@banananet.work>
* podman generate systemd: handle --sdnotify correctlyPaul Holzinger2022-08-10
| | | | | | | | | | | | When a container was created with `--sdnotify value` we would remove this arg instead of using it like with `--sdnotfiy=value`. Also when the arg is set to ignore we should force conmon in order to make the resulting Type=notify units work. Fixes #15052 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Bump google.golang.org/protobuf from 1.28.0 to 1.28.1dependabot[bot]2022-08-10
| | | | | | | | | | | | | | | Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.28.0 to 1.28.1. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Use 8k buffer to help clients w/ broken parsingJason T. Greene2022-08-10
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* With --rm option remove container if podman run failsDaniel J Walsh2022-08-10
| | | | | | | | | | Fixes https://github.com/containers/podman/issues/15049 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> <MH: Fixed cherry-pick conflicts> Signed-off-by: Matthew Heon <mheon@redhat.com>
* Bump golang.org/x/tools from 0.1.11 to 0.1.12 in /test/toolsdependabot[bot]2022-08-10
| | | | | | | | | | | | | | Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.11 to 0.1.12. - [Release notes](https://github.com/golang/tools/releases) - [Commits](https://github.com/golang/tools/compare/v0.1.11...v0.1.12) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* syncContainer: transition from `stopping` to `exited`Valentin Rothberg2022-08-10
| | | | | | | | | | | | | | | | | | | | | | | | Allow the cleanup process (and others) to transition the container from `stopping` to `exited`. This fixes a race condition detected in #14859 where the cleanup process kicks in _before_ the stopping process can read the exit file. Prior to this fix, the cleanup process left the container in the `stopping` state and removed the conmon files, such that the stopping process also left the container in this state as it could not read the exit files. Hence, `podman wait` timed out (see the 23 seconds execution time of the test [1]) due to the unexpected/invalid state and the test failed. Further turn the warning during stop to a debug message since it's a natural race due to the daemonless/concurrent architecture and nothing to worry about. [NO NEW TESTS NEEDED] since we can only monitor if #14859 continues flaking or not. [1] https://storage.googleapis.com/cirrus-ci-6707778565701632-fcae48/artifacts/containers/podman/6210434704343040/html/sys-remote-fedora-36-rootless-host.log.html#t--00205 Fixes: #14859 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Fix: manifest push --rm removes a correct manifest listToshiki Sonoda2022-08-10
| | | | | | | | | | | | | | | | | | | This bug is reproduced when we execute the following command: 1. podman manifest add <manifest list> <images exist on local storage> 2. podman manifest push --rm <manifest list> dir:<directory> If pushing succeeds, it is expected to remove only a manifest list. However, manifest list remains on local storage and images are removed. This commit fixes `podman manifest push --rm` to remove only a manifest list. And, supports `manifest push --rm option` in remote environment, like host environment. Fixes: https://github.com/containers/podman/issues/15033 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* Fix: Restore a container which name is equal to a image nameToshiki Sonoda2022-08-10
| | | | | | | | If there is a match for both container and image, we restore the container. Fixes: https://github.com/containers/podman/issues/15055 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* When removing objects specifying --force,podman should exit with 0Daniel J Walsh2022-08-10
| | | | | | | | | | | | This Patch will cause podman COMMAND rm --force bogus not fail This is how Docker works, so Podman should follow this to allow existing scripts to convert from Docker to Podman. Fixes: #14612 Oprignal version of this patch came from wufan 1991849113@qq.com Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* test: update apply-podman-deltas for new testsAditya R2022-08-10
| | | | | | | | | | Skip some newly added test for remote and modify error output of a test case which is reporter early in case of podman. [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* build: implement --cache-to,--cache-from and --cache-ttlAditya R2022-08-10
| | | | | | | [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* vendor: bump buildah to v1.27.0Aditya R2022-08-10
| | | | | | | | Bump buildah to v1.27.0 [NO NEW TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* Merge pull request #15214 from ashley-cui/backport4.2OpenShift Merge Robot2022-08-09
|\ | | | | [4.2] Backport WSL Machine fixes
| * Fixes #15154 Change order when config and connections are writtenGerard Braad2022-08-08
| | | | | | | | | | | | | | | | | | | | When the break out or the WSL environment fails to start, the config and connections should not be written. Placing them at the end of the provisioning step will mitigate the issue. [NO NEW TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
| * Add support, and default to rootless w/WSL promptJason T. Greene2022-08-08
| | | | | | | | | | | | Also force installation to use WSL2 to prevent accidental usage of WSL1 Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * Disable F36 service that is incompat with WSL kernJason T. Greene2022-08-08
| | | | | | | | | | | | (requires psi) Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Merge pull request #15240 from ↵OpenShift Merge Robot2022-08-09
|\ \ | |/ |/| | | | | openshift-cherrypick-robot/cherry-pick-15235-to-v4.2 [CI:DOCS] [v4.2] pkginstaller: use correct GOARCH value in case of arm build
| * pkginstaller: use correct GOARCH value in case of arm buildAnjan Nath2022-08-08
| | | | | | | | | | | | | | | | | | to compile arm bits the GOARCH should be set to amd64 script was wrongly using aarch64 instead [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
* | Merge pull request #15216 from cevich/v4.2_image_searchOpenShift Merge Robot2022-08-08
|\ \ | |/ |/| [v4.2] Cirrus: Improve CI VM image updates for EC2
| * Cirrus: Update DEST_BRANCH to v4.2Chris Evich2022-08-05
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Improve CI VM image updates for EC2Chris Evich2022-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | AWS EC2 keys VM images by an utterly unreadable, horrible to use, generated "AMI ID" value. This is very error prone for humans in practice, since it's impossible to tell one image from the next by eye. Worse, EC2 permits duplicate name-tag values, complicating image specification further. However fortunately, Cirrus-CI recently implemented a feature by which AMI's may be referenced by a name-tag search - choosing the most recent AMI found. Since the `containers/automation_images` build workflow always assigns a unique name + `$IMAGE_SUFFIX` value, we can simply re-use it for both AWS and GCP image specification. In other words as of this commit, specifying new CI VM images can be done by simply updating the `$IMAGE_SUFFIX` value as we've always done. No need to call out a specific AMI ID just for EC2 tasks. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #15202 from lsm5/v420RC3-releaseopenshift-ci[bot]2022-08-05
|\ \ | |/ |/| Bump to v4.2.0-rc3
| * Bump back to v4.2.0-devLokesh Mandvekar2022-08-05
| | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
| * Bump to v4.2.0-rc3v4.2.0-rc3Lokesh Mandvekar2022-08-05
|/ | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Merge pull request #15201 from lsm5/v420RC3openshift-ci[bot]2022-08-05
|\ | | | | [CI:DOCS] v4.2.0-rc3 release notes
| * v4.2.0-rc3 release notesLokesh Mandvekar2022-08-05
|/ | | | | Co-authored-by: Valentin Rothberg <vrothberg@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Merge pull request #15194 from ashley-cui/backportsopenshift-ci[bot]2022-08-04
|\ | | | | [CI:DOCS] [4.2] Backport MacOS pkginstaller
| * pkginstaller: use correct GOARCH while building podman binariesAnjan Nath2022-08-04
| | | | | | | | | | | | | | | | | | | | we were not using the correct GOARCH to build the podman remote and podman-mac-helper binaries, this uses the ARCH value passed to the make invocation to set the GORACH [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
| * pkginstaller: makefile improvements to avoid redownloadingAnjan Nath2022-08-04
| | | | | | | | | | | | | | | | | | | | this updates downloading of gvproxy and qemu using a standard makefile rule which will avoid downloading them again if its already downloaded [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
| * pkginstaller: add makefile target to notarize the built pkgAnjan Nath2022-08-04
| | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
| * pkginstaller: sign qemu-system-* binary for the pkgAnjan Nath2022-08-04
| | | | | | | | | | | | | | | | | | add file hvf.entitlements which has the com.apple.security.hypervisor entitlement needed for qemu [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
| * Add support for building macOS pkg installerAnjan Nath2022-08-04
|/ | | | | | | | | | | | | | it installs podman and supporting binaries along with qemu to have a functioning podman install using a pkg podman and podman-mac-helper is compiled from source gvproxy binary is downloaded from its github releases and qemu from github release of containers/podman-machine-qemu [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
* Merge pull request #15142 from mtrmac/sigstore-sign-4.2openshift-ci[bot]2022-08-02
|\ | | | | [v4.2] Sigstore sign
| * Add support for creating sigstore signatures, and providing passphrasesMiloslav Trmač2022-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Allow creating sigstore signatures via --sign-by-sigstore-private-key . Like existing --sign-by, it does not work remote (in this case because we would have to copy the private key to the server). - Allow passing a passphrase (which is mandatory for sigstore private keys) via --sign-passphrase-file; if it is not provided, prompt interactively. - Also, use that passphrase for --sign-by as well, allowing non-interactive GPG use. (But --sign-passphrase-file can only be used with _one of_ --sign-by and --sign-by-sigstore-private-key.) Note that unlike the existing code, (podman build) does not yet implement sigstore (I'm not sure why it needs to, it seems not to push images?) because Buildah does not expose the feature yet. Also, (podman image sign) was not extended to support sigstore. The test for this follows existing (podman image sign) tests and doesn't work rootless; that could be improved by exposing a registries.d override option. The test for push is getting large; I didn't want to start yet another registry container, but that would be an alternative. In the future, Ginkgo's Ordered/BeforeAll would allow starting a registry once and using it for two tests. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Hide podman manifest push --sign-by on remoteMiloslav Trmač2022-08-02
| | | | | | | | | | | | ... because it is documented to be ignored. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Use signByFlagName instead of copy&pasting the stringMiloslav Trmač2022-08-02
| | | | | | | | Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Remove libpod/commonMiloslav Trmač2022-08-02
| | | | | | | | | | | | AFAICS it is not used anywhere. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Update c/common to an unreleased versionMiloslav Trmač2022-08-02
| | | | | | | | | | | | ... to get https://github.com/containers/common/pull/1106 . Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Update the registry server we test against from 2.6 to 2.8Miloslav Trmač2022-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | ... primarily so that it can support OCI artifacts. 2.8 already seems to exist in the repo. This requires changing WaitContainerReady to also check stderr (ultimately because docker/distribution was updated to a more recent sirupsen/logrus, which logs by default to stderr instead of stdout). Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Use existing REGISTRY_IMAGE variables in more placesMiloslav Trmač2022-08-02
| | | | | | | | | | | | | | | | | | ... instead of hard-coding a copy of the value. Notably this makes hack/podman_registry actually support the documented -i option. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * Use httpasswd from the surrouding OS instead of the registry imageMiloslav Trmač2022-08-02
| | | | | | | | | | | | | | | | | | | | | | htpasswd is no longer included in docker.io/library/distribution after 2.7.0, per https://github.com/docker/distribution-library-image/issues/107 , and we want to upgrade to a recent version. At least system tests currently execute htpasswd from the OS, so it seems that it is likely to be available. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
| * fix e2e sign testsValentin Rothberg2022-08-02
|/ | | | | | | The key used in the tests has expired. Remove the expiration date to turn CI happy and green. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #15076 from mheon/bump_420_rc2OpenShift Merge Robot2022-07-27
|\ | | | | Bump to v4.2.0-RC2
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-17 12:35:14 +0000