summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #14625 from cdoern/podShmopenshift-ci[bot]2022-06-21
|\ | | | | podman pod create --shm-size
| * podman pod create --shm-sizecdoern2022-06-20
| | | | | | | | | | | | | | | | | | expose the --shm-size flag to podman pod create and add proper handling and inheritance for the option. resolves #14609 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #14683 from Luap99/bump-cobraopenshift-ci[bot]2022-06-21
|\ \ | | | | | | bump github.com/spf13/cobra from 1.4.0 to 1.5.0
| * | bump github.com/spf13/cobra from 1.4.0 to 1.5.0Paul Holzinger2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | Update cobra to latest version. Remove workaround for podman -h. Also regenerate the completion scripts. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14662 from Luap99/api-jsonopenshift-ci[bot]2022-06-21
|\ \ \ | | | | | | | | API: containers/json always set application/json content type
| * | | API: containers/json always set application/json content typePaul Holzinger2022-06-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we return no containers we just return `[]` but we still have to keep the content type header `application/json` so external tools can correctly parse the output. Fixes #14647 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #14677 from giuseppe/memory-limit-ctr-handlersopenshift-ci[bot]2022-06-21
|\ \ \ \ | | | | | | | | | | api: show the memory limit specified for the container
| * | | | api: show the memory limit specified for the containerGiuseppe Scrivano2022-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use the memory limit specified for the container instead of reading it from the cgroup. It is not reliable to read it from the cgroup since the container could have been moved to a different cgroup and in general the OCI runtime might create a sub-cgroup (like crun does). Closes: https://github.com/containers/podman/issues/14676 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #14672 from sbmthakur/patch-1openshift-ci[bot]2022-06-21
|\ \ \ \ \ | |_|_|/ / |/| | | | [CI:DOCS] Fix typos
| * | | | Fix typosShubham Thakur2022-06-20
| |/ / / | | | | | | | | Signed-off-by: Shubham Thakur <sbmthakur@gmail.com>
* | | | Merge pull request #14680 from ↵openshift-ci[bot]2022-06-21
|\ \ \ \ | |/ / / |/| | | | | | | | | | | containers/dependabot/go_modules/github.com/stretchr/testify-1.7.4 Bump github.com/stretchr/testify from 1.7.2 to 1.7.4
| * | | Bump github.com/stretchr/testify from 1.7.2 to 1.7.4dependabot[bot]2022-06-21
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.4. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.7.4) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #14556 from sstosh/system-prune-networkopenshift-ci[bot]2022-06-20
|\ \ \ | |/ / |/| | podman system prune support prune unused networks
| * | podman system prune support prune unused networksToshiki Sonoda2022-06-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an enhancement for the podman system prune feature. In this issue, it is mentioned that 'network prune' should be wired into 'podman system prune' https://github.com/containers/podman/issues/8673 Therefore, I add the function to remove unused networks. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #14657 from eriksjolund/rewrite_env_docsopenshift-ci[bot]2022-06-19
|\ \ \ | |_|/ |/| | [CI:DOCS] Rewrite --env docs
| * | [CI:DOCS] Rewrite --env docsErik Sjölund2022-06-19
|/ / | | | | | | | | | | | | | | | | | | * Add docs about trailing * functionality in podman-exec.1.md * Rewrite --env description in podman-create.1.md and podman-run.1.md * Rewrite the --env examples in podman-create.1.md and podman-run.1.md Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | Merge pull request #14637 from edigaryev/fix-matrix-expansionopenshift-ci[bot]2022-06-17
|\ \ | | | | | | .cirrus.yml: fix matrix expansion by properly merging YAML mappings
| * | .cirrus.yml: fix matrix expansion by properly merging YAML mappingsNikolay Edigaryev2022-06-17
| | | | | | | | | | | | Signed-off-by: Nikolay Edigaryev <edigaryev@gmail.com>
* | | Merge pull request #14592 from cevich/more_fix_404openshift-ci[bot]2022-06-17
|\ \ \ | | | | | | | | Cirrus: Fix build. dep. missed in #14521
| * | | Cirrus: Fix build. dep. missed in #14521Chris Evich2022-06-16
| | | | | | | | | | | | | | | | | | | | | | | | This is causing the remote system tests to fail when run on on `main`. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #14599 from rhatdan/VENDORopenshift-ci[bot]2022-06-17
|\ \ \ \ | |_|/ / |/| | | Vendor in latest containers/image
| * | | vendor in latests containers/imageDaniel J Walsh2022-06-17
|/ / / | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #14622 from rhatdan/storageopenshift-ci[bot]2022-06-17
|\ \ \ | | | | | | | | Vendor in latest containers/storage
| * | | Vendor in latest containers/storageDaniel J Walsh2022-06-16
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14627 from cdoern/lint-fixopenshift-ci[bot]2022-06-16
|\ \ \ \ | | | | | | | | | | linter fix from #14299
| * | | | linter fix from #14299cdoern2022-06-16
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] podman pod clone somehow snuck by the new linter code that went in while it was in flight fix that here Signed-off-by: cdoern <cdoern@redhat.com>
* | | | Merge pull request #14299 from cdoern/podCloneopenshift-ci[bot]2022-06-16
|\ \ \ \ | |_|/ / |/| | | implement podman pod clone
| * | | podman pod clonecdoern2022-06-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implement podman pod clone, a command to create an exact copy of a pod while changing certain config elements current supported flags are: --name change the pod name --destroy remove the original pod --start run the new pod on creation and all infra-container related flags from podman pod create (namespaces etc) resolves #12843 Signed-off-by: cdoern <cdoern@redhat.com>
* | | | Merge pull request #14619 from Luap99/helpopenshift-ci[bot]2022-06-16
|\ \ \ \ | | | | | | | | | | fix "podman -h" help output
| * | | | fix "podman -h" help outputPaul Holzinger2022-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman -h` currently returns an error: `Error: pflag: help requested` This bug was introduced in 44d037898ebc, the problem is that we wrap the error and cobra lib checks with `==` for this one and not errors.Is(). I have a PR upstream to fix this but for now this also works. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #14621 from mheon/api_sec_noticeopenshift-ci[bot]2022-06-16
|\ \ \ \ \ | |_|_|/ / |/| | | | [CI:DOCS] Make it clear the REST API could be a security issue
| * | | | Make it clear the REST API could be a security issueMatthew Heon2022-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The manpage for `podman system service` should mention that this is not safe for external consumption unless you are comfortable giving anyone who accesses it full root on the system. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #14600 from edsantiago/arghopenshift-ci[bot]2022-06-16
|\ \ \ \ \ | | | | | | | | | | | | system tests: avoid rmi -a ... plus cleanup
| * | | | | system tests: avoid rmi -a ... plus cleanupEd Santiago2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I noticed 'rmi -a' in a test. I tried to fix it. Hilarity ensued. 'rmi -a' is evil: it forces a fresh pull of our test image, which in turn almost guarantees a flake some day. We avoid it, but once in a while it slips in. While fixing it, I noticed a bevy of other problems that needed cleanup. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #14613 from kolyshkin/fix-410-selinuxopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | test/system/410-selinux: fix for newer runc
| * | | | | | test/system/410-selinux: fix for newer runcKir Kolyshkin2022-06-15
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With runc 1.1, we have the following failure: # #| FAIL: podman emits useful diagnostic on failure # #| expected: 'Error.*: OCI runtime error: .*: failed to set /proc/self/attr/keycreate on procfs' (using expr) # #| actual: 'Error: OCI runtime error: runc: runc create failed: unable to start container process: error during container init: write /proc/self/attr/keycreate: invalid argument' which is caused by the fact that runc 1.1 uses newer opencontainers/selinux package, which changes custom errors to standard os.PathError instances (so that they can be unwrapped if needed). Fix the test case accordingly. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | | | | | Merge pull request #14614 from clobrano/typos/contributingopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | [CI:DOCS] fix typos in prerequisites for Fedora and make binaries sections
| * | | | | [CI:DOCS] fix typos in prerequisites for Fedora and make binaries sectionsCarlo Lobrano2022-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - prerequisites in Fedora section has libseccomp-devel.x86_64 named twice - bin/podman flag "-h" does not work, "--help" is required Signed-off-by: Carlo Lobrano <c.lobrano@gmail.com>
* | | | | | Merge pull request #14610 from shanesmith/fix-machine-start-interruptopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix interrupting machine start leaves the machine unstartable
| * | | | | | Fix interrupting machine start leaves the machine unstartableShane Smith2022-06-15
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Interrupting a `podman machine start` (ex: with CTRL-C) would leave `Starting: true` in the machine's config file. Due to #14469 any subsequent starts would fail since Podman would think the machine is still in the process of starting. Fixed here by listening for the interrupt signal and setting `Starting: false` in the event. [NO NEW TESTS NEEDED] Signed-off-by: Shane Smith <shane.smith@shopify.com>
* | | | | | Merge pull request #14605 from Luap99/update-golangci-lintopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | golangci-lint: update to v1.46.2
| * | | | | | golangci-lint: update to v1.46.2Paul Holzinger2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update to the latest golangci-lint version. v1.46 added new linters. I disabled nonamedreturns and exhaustruct since they enforce a certain code style and using them would require big changes to the code base. The nosprintfhostport is new and I fixed one problem in the tests. While the test itself is fine because it uses ipv4 only the linter still looks good because the sprintf use will fail for ipv6 addresses. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | Merge pull request #14529 from edsantiago/testimage_with_consistent_timestampsopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | system test image: bump to 20220615
| * | | | | | | system test image: bump to 20220615Ed Santiago2022-06-15
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: - use --timestamp option to produce 'created' stamps that can be reliably tested in the image-history test - podman now supports manifest & multiarch run, so we no longer need buildah - bump up base alpine & busybox images This turned out to be WAY more complicated than it should've been, because: - alpine 3.14 fixed 'date -Iseconds' to include a colon in the TZ offset ("-07:00", was "-0700"). This is now consistent with GNU date's --iso-8601 format, yay, so we can eliminate a minor workaround. - with --timestamp, all ADDed files are set to that timestamp, including the custom-reference-timestamp file that many tests rely on. So we need to split the build into two steps. But: - ...with a two-step build I need to use --squash-all, not --squash, but: - ... (deep sigh) --squash-all doesn't work with --timestamp (#14536) so we need to alter existing tests to deal with new image layers. - And, long and sordid story relating to --rootfs. TL;DR that option only worked by a miracle relating to something special in one specific test image; it doesn't work with any other images. Fix seems to be complicated, so we're bypassing with a FIXME (#14505). And, unrelated: - remove obsolete skip and workaround in run-basic test (dating back to varlink days) - add a pause-image cleanup to avoid icky red warnings in logs Fixes: #14456 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | | Merge pull request #14570 from Clivar/fix-windows-ssh-key-creationopenshift-ci[bot]2022-06-16
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Fix: Use absolute path to WSL binary to create ssh keys for `machine init` on Windows (Issue #14416)
| * | | | | | Fix #14416: Use absolute path to WSL binary to create ssh keys for `machine ↵Clivar2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | init` Signed-off-by: Clivar <16317699+Clivar@users.noreply.github.com>
* | | | | | | Merge pull request #14601 from mheon/bump_main_411openshift-ci[bot]2022-06-15
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | [CI:DOCS] Update release notes and README on Main for v4.1.1
| * | | | | | | Update release notes and README on Main for v4.1.1Matthew Heon2022-06-15
| | |_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Redirect links to the new release, and update the release notes. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | | | Merge pull request #14596 from ↵openshift-ci[bot]2022-06-15
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | giuseppe/move-conmon-different-cgroup-system-service libpod: improve check to create conmon cgroup
| * | | | | | libpod: improve check to create conmon cgroupGiuseppe Scrivano2022-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit 1951ff168a63157fa2f4711fde283edfc4981ed3 introduced a check so that conmon is not moved to a new cgroup when podman is running inside of a systemd service. This is helpful to integrate podman in systemd so that the spawned conmon lives in the same cgroup as the service that created it. Unfortunately this breaks when podman daemon is running in a systemd service since the same check is in place thus all the conmon processes end up in the same cgroup as the podman daemon. When the podman daemon systemd service stops the conmon processes are also terminated as well as the containers they monitor. Improve the check to exclude podman running as a daemon. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2052697 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>