| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
Make sure containers created via API have the correct umask from
containers.conf set.
Fixes #15036
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
| |
The network backend always has default config in memory so there is no
need to copy it. Also netavark cannot use it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Fix some network option parsing logic to use constants.
Always use the isolate option since this is what docker does.
Remove the icc option, this is different from isolate and it is not
implemented.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Docker uses "bridge" as default network name so some tools expect this
to work with network list or inspect. To fix this we change "bridge" to
the podman default ("podman") name.
Fixes #14983
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Progress bar in JSONMessage is missing compared to docker output both in
pull and push. Additionaly, pull was not using JSONMessage while push
was using the type.
[NO NEW TESTS NEEDED]
Signed-off-by: Jakub Guzik <jguzik@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`podman-remote push` has shown absolutely no progress at all. Fix that
by doing essentially the same as the remote-pull code does.
The get-free-out-of-jail-card for backwards compatibility is to let the
`quiet` parameter default to true. Since the --quioet flag wasn't
working before either, older Podman clients do not set it.
Also add regression tests to make sure we won't regress again.
Fixes: #11554
Fixes: #14971
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The memory both local and in the CI test is converted to 3822. I don't
know why this changed but I want to have this working again. For the
future we should look at a more robust solution.
Fixes #15012
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The same problem again as 4374038cc67405e3f5555b1870d5bb7f6570fa5d.
Also fix the incorrect --format autocompletion struct.
It should be avoided to import cmd/podman/... packages from outside of
cmd/podman. This can lead in weird hard to debug import paths but also
can have negative consequences when imported in unit tests. In this case
it will set XDG_CONFIG_HOME and thus the machine tests this dir over the
tmp HOME env variable which is set at a later point. This caused machine
files to be leaked into the actual users home dir.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
| |
Also fix the machine ssh code order to provide a better error message.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Rename all files to _test.go and rename the package to e2e_test. This
makes the linter less strict about things like dot imports.
Add some unused nolint directives to silence some warnings, these can be
used to find untested options so someone could add tests for them.
Fixes #14996
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
| |
It was not obvious enough in the scripts how much of a snowflake this
environment is. Fix that with lots of capitalized words and asterisks.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
create the /etc/passwd and /etc/group files if they are missing in the
image.
Closes: https://github.com/containers/podman/issues/14966
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
| |
To make debugging easier we should see the command and its output when a
failure happens.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running a single podman logs this is not really important since we
will exit when we finish reading the logs. However for the system
service this is very important. Leaking goroutines will cause an
increased memory and CPU ussage over time.
Both the the event and log backend have goroutine leaks with both the
file and journald drivers.
The journald backend has the problem that journal.Wait(IndefiniteWait)
will block until we get a new journald event. So when a client closes
the connection the goroutine would still wait until there is a new
journal entry. To fix this we just wait for a maximum of 5 seconds,
after that we can check if the client connection was closed and exit
correctly in this case.
For the file backend we can fix this by waiting for either the log line
or context cancel at the same time. Currently it would block waiting for
new log lines and only check afterwards if the client closed the
connection and thus hang forever if there are no new log lines.
[NO NEW TESTS NEEDED] I am open to ideas how we can test memory leaks in
CI.
To test manually run a container like this:
`podman run --log-driver $driver --name test -d alpine sh -c 'i=1; while [ "$i" -ne 1000 ]; do echo "line $i"; i=$((i + 1)); done; sleep inf'`
where `$driver` can be either `journald` or `k8s-file`.
Then start the podman system service and use:
`curl -m 1 --output - --unix-socket $XDG_RUNTIME_DIR/podman/podman.sock -v 'http://d/containers/test/logs?follow=1&since=0&stderr=1&stdout=1' &>/dev/null`
to get the logs from the API and then it closes the connection after 1 second.
Now run the curl command several times and check the memory usage of the service.
Fixes #14879
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
| |
By vendoring the fixes from containers/image. Also add a test (thanks
@edsantiago) to make sure we won't regress in the future again.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
| |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Some deps cleaned by `make vendor`
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
|
|
|
| |
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Since no pkg now containers this path
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Podman is using pkg/hooks from c/common and following man page is moved
to c/common
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
PR https://github.com/containers/common/pull/1071 moved `pkg/hooks` to
`c/common` hence remove that from podman and use `pkg/hooks` from
`c/common`
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
|
|
| |
DownloadVMImage takes an extra argument.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
[CI:DOCS]
document the podman network create -o=isolate which allows networks to cut themselves off
from external connections.
resolves #5805
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
When we pause `rootless cgroups v1 container`, podman returns error from `libpod.(*Container).pause`.
Podman does not need to return error from `containers.pause` because of duplicate.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is a possibility that podman does not output expected error message.
(e.g. When pause rootless cgroups v1 container on host)
This problem is solved by appending `report.Errs` to `reports` before `continue`.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #14957, which added a new test that doesn't
actually belong in the 250-systemd.bats file. It was
copy-pasted from another test that doesn't belong there.
Move both tests to a new .bats file, because (1) they
need a custom cleanup, and (2) one of the tests should
very definitely run under podman-remote, and the 250
bats file has a global skip_if_remote().
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
- Also save the file using this convention.
- Change the general pull mechanism to print the local file
as opposed to the remote to enable this - no change in
observed behavior on mac
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |
|
|
|
|
| |
rme -> rm
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As you run --sync, please update this commit message with your
actual changes.
Changes since 2022-06-14:
- apply-podman-deltas: (minor) buildah 4057 changed the name
of a test; make corresponding change here
- apply-podman-deltas: buildah 4071 adds a new OCI-hook
test that's failing in remote. Skip it.
- apply-podman-deltas: buildah 4096 changed an error message
- apply-podman-deltas: buildah 4097 added a test that doesn't
work with podman-remote
- run-buildah-bud-tests: only run 'sudo --validate' if we
need to sudo later (for running tests). Otherwise, same
thing: I run the treadmill script, step away, and come
back to an unnecessary sudo prompt.
- system tests: the new containers-storage changes some
error messages; fix tests to reflect that. (And, unrelated,
fix a red cleanup warning)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Docker supports -H and --host for specify the listening socket. Podman
should support them also in order to match the CLI.
These will not be documented since Podman defaults to using the
--url option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFS Servers will thrown ENOTSUPP error if you attempt to
chown a directory to the same UID and GID as the directory
already has. If volumes are stored on NFS directories this
throws an ugly error and then works on the next try.
Bottom line don't chown directories that already have the correct
UID and GID.
Fixes: https://github.com/containers/podman/issues/14766
[NO NEW TESTS NEEDED] Difficult to setup an NFS Server in testing.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When initing machines, we download a machine image, and uncompress and
copy the image for the actual vm image. When a user constantly pulls new
machines, there may be a buildup of old, unused machine images. This
commit cleans ups the unused cached images.
Changes:
- If the machine is pulled from a URL or from the FCOS releases, we pull
them into XDG_DATA_HOME/containers/podman/machine/vmType/cache
- Cache cleanups only happen if there is a cache miss, and we need to
pull a new image
- For Fedora and FCOS, we actually use the cache, so we go through the
cache dir and remove any images older than 2 weeks (FCOS's release cycle), on a cache miss.
- For generic files pulled from a URL, we don't actually cache, so we
delete the pulled file immediately after creating a machine image
- For generic files from a local path, the original file will never be
cleaned up
Note that because we cache in a different dir, this will not clean up
old images pulled before this commit.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
| |
When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there
is not .ssh dir, we should create it, so the init does not fail.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
| |
I added the shorthand option for `podman pull --all-tags`. Like Docker,
Podman can now do `podman pull -a`.
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| |
|
|
|
|
|
|
| |
Instead of requiring developers to search for a magic button, make the
task trigger at the time a special PR label is added. Update comments
accordingly.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously the reply JSON was examined for the literal presence of the
string 'error'. This was intended to catch server or query errors and
the like. However it's not a sound design as valid/legitimate contents
could potentially contain the string. Fix this by using the `-e` option
to `jq`, with a filter that should always result in a non-empty/null
match. If this fails or returns null for some reason, then it's safe to
throw a real error code & message.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
| |
Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in
getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy.
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| |
|
|
|
|
|
|
| |
Switch to the latest version of the now go module compatible release.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #14906, in which a nonexistent option was found
in a man page. The xref script was designed to catch that,
but I was too lax in my parsing: the option was documented
using wrong syntax, and the script didn't catch it.
Solution: do not allow *any* unrecognized cruft in the
option description lines. And fix all improperly-written
entries to conform to the rule:
**--option**=*value(s)*
Two asterisks around option, which must have two dashes. One
asterisk around value(s).
This is going to cause headaches for some people adding new
options, but I don't think I can fix that: there are many
factors that make an unparseable line. Adding 'hint' code
would make the script even more complex than it is. I have
to assume that our contributors are smart enough to look
at surrounding context and figure out the right way to
specify options.
Signed-off-by: Ed Santiago <santiago@redhat.com>
<MH: Fixed cherry-pick conflicts>
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces a prepared image for setting up the WSL2
environment. This means that the deployment will take considerable
less time to finish (as it does not need to run an update and package
install), but also allows to rely on a cached image to re-init the
environment without the need for an internet connection.
[NO NEW TESTS NEEDED]
Signed-off-by: Gerard Braad <me@gbraad.nl>
|
| |
|
|
|
|
| |
Needed for Docker compatibility.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
| |
The list --format json test case had a typo like error.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
if podman is running in the root cgroup, it will create a new
subcgroup and move itself there.
[NO NEW TESTS NEEDED] it needs nested podman
Closes: https://github.com/containers/podman/issues/14884
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
