| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
- use --timestamp option to produce 'created' stamps
that can be reliably tested in the image-history test
- podman now supports manifest & multiarch run, so we
no longer need buildah
- bump up base alpine & busybox images
This turned out to be WAY more complicated than it should've been,
because:
- alpine 3.14 fixed 'date -Iseconds' to include a colon in
the TZ offset ("-07:00", was "-0700"). This is now consistent
with GNU date's --iso-8601 format, yay, so we can eliminate
a minor workaround.
- with --timestamp, all ADDed files are set to that timestamp,
including the custom-reference-timestamp file that many tests
rely on. So we need to split the build into two steps. But:
- ...with a two-step build I need to use --squash-all, not --squash, but:
- ... (deep sigh) --squash-all doesn't work with --timestamp (#14536)
so we need to alter existing tests to deal with new image layers.
- And, long and sordid story relating to --rootfs. TL;DR that option
only worked by a miracle relating to something special in one
specific test image; it doesn't work with any other images. Fix
seems to be complicated, so we're bypassing with a FIXME (#14505).
And, unrelated:
- remove obsolete skip and workaround in run-basic test (dating
back to varlink days)
- add a pause-image cleanup to avoid icky red warnings in logs
Fixes: #14456
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Update release notes and README on Main for v4.1.1
|
| | |
| |
| |
| |
| |
| | |
Redirect links to the new release, and update the release notes.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | | |
giuseppe/move-conmon-different-cgroup-system-service
libpod: improve check to create conmon cgroup
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
commit 1951ff168a63157fa2f4711fde283edfc4981ed3 introduced a check so
that conmon is not moved to a new cgroup when podman is running inside
of a systemd service. This is helpful to integrate podman in systemd
so that the spawned conmon lives in the same cgroup as the service
that created it.
Unfortunately this breaks when podman daemon is running in a systemd
service since the same check is in place thus all the conmon processes
end up in the same cgroup as the podman daemon. When the podman
daemon systemd service stops the conmon processes are also terminated
as well as the containers they monitor.
Improve the check to exclude podman running as a daemon.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2052697
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
systemd socket activation: check listener to prevent panic
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The merge of both 528739cef3d2 and 1b62e4543845 at the same time created
a lint error on main.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Commit 5fa6f686db added a regression which was fixed in eb71712626f9.
Apply the same fix again to prevent a panic and return a proper error
instead.
To not regress again I added a e2e test which makes sure we do not panic.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| | | |
| | | | |
golangci-lint: add systemd build tag
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Lint the systemd code and fix the reported problems.
The remoteclient tag is no longer used so I just removed it.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
golangci-lint: enable nolintlint
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The nolintlint linter does not deny the use of `//nolint`
Instead it allows us to enforce a common nolint style:
- force that a linter name must be specified
- do not add a space between `//` and `nolint`
- make sure nolint is only used when there is actually a problem
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
container: do not create .containerenv with -v SRC:/run
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
if /run is on a volume do not create the file /run/.containerenv as it
would leak outside of the container.
Closes: https://github.com/containers/podman/issues/14577
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[macos: podman-machine] look for firmware (edk2-code-fd) based on the path of qemu binary
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
this allows users to use a qemu installation that is
not in the default /usr/local/bin location
a user can configure engine.helper_binaries_dir key
or update PATH to include the installation location
to find the qemu binary
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
CI: APIv2 tests: add rootless
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This would've caught a regression that #14549 had to fix.
Let's try to prevent the next regression.
This requires some hackery to get namespaces initialized
before the service is started; otherwise the service itself
initializes namespaces, which basically ends up with a
server process that runs forever.
Also: in stop_service(), reset service_pid, because that's
the correct thing to do.
Also: add some debug statements to try to figure out a
CI failure. (And leave them in place, because they might
be useful for future problems).
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \ \
| |_|_|_|_|_|/
|/| | | | | | |
buildah-bud tests: reenable skipped 'bud' tests
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Sigh. Buildah PR https://github.com/containers/buildah/pull/3368
changed 'bud' to 'build' in tests. Podman #11585 well-intentionedly
did the same for run-buildah-bud tests ... but did so by *replacing*
'bud' with 'build', not by *adding* 'build' to the list of commands
handled by podman-build. Hence, all tests invoking 'run_buildah bud'
have been completely untested since then.
This remedies that, and deals with all the fallout. Principal among
which is the discovery that our exit-code changes are no longer
necessary: that thing we did where buildah exit status 1 or 2 became
podman exit status 125? That no longer applies. podman now exits
with the same status as buildah. This simplifies our diffs, and
lets us enable a bunch more tests.
Also:
- in run-buildah-bud-tests script, run 'sudo --validate' early on.
Reason: otherwise, the sudo step happens a few minutes after
the script starts (after the git-pull), by which time the user
may have stepped away to get coffee, then comes back ten or twenty
minutes later to find a stupid sudo prompt and no tests run.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
buildah-bud tests: add arg sanity check
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix bad design decision (mine) by adding a simple usage check to 'skip'
and 'skip_if_remote' functions: if invoked without test-name args,
fail loudly and immediately.
Background: yeah, their usage is not intuitive. Making the first arg
be a comment helps with _reading_ the code, but not _writing_ new
additions. A developer in a hurry could write "skip this-test" and,
until now, that would be a silent NOP.
Tested by adding broken skip/skip_if_remote calls inline; I confirm
that the line number and funcname usage is correct.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Update vendor of containers/buildah
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Changes since 2022-05-31:
- add --omit-history option (buildah PR 4028)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
Non-running containers now report statistics via the `podman stats`
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
command
Previously, if a container was not running, and the user ran the `podman
stats` command, an error would be reported: `Error: container state
improper`.
Podman now reports stats as the fields' default values for their
respective type if the container is not running:
```
$ podman stats --no-stream demo
ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU %
4b4bf8ce84ed demo 0.00% 0B / 0B 0.00% 0B / 0B 0B / 0B 0 0s 0.00%
```
Closes: #14498
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Fix M1 QEMU flags
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When calling QEMU, the CPU arch should be host, and highmem should be on, or else the VM start fails.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Cirrus: Fix artifact passing when dep. skipped
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When passing artifacts from one task to another, if a direct dependency
was not created due to `only_if`, a race condition can occur: The
descendent task may start running prior to the indirect (but required)
dependency (`build` in this case) completing and uploading artifacts.
Fix this by spamming a `build` dependency into all tasks which require
it (basically everything).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
podman-remote push --remove-signatures support
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
I don't see a reason why we don't support --remove-signatures
from remote push, so adding support.
Fixes: https://github.com/containers/podman/issues/14558
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
containers/dependabot/go_modules/test/tools/golang.org/x/tools-0.1.11
Bump golang.org/x/tools from 0.1.10 to 0.1.11 in /test/tools
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.10 to 0.1.11.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.1.10...v0.1.11)
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | | |
[CI:DOCS] Update remote_client.md
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Explicitly include copy-and-paste code line for `ssh-copy-id` because people like myself will easily forget this part and (repeatedly) overlook it in the text. :blush:
Supersedes #14445 and attempts to address review by @TomSweeneyRedHat there (but enforcing a filename instead of using a placeholder).
Signed-off-by: Christopher 'm4z' Holm <them4z@gmail.com>
Signed-off-by: Christopher 'm4z' Holm <them4z@googlemail.com>
|
| |\ \ \ \ \ \ \ \
| |_|/ / / / / /
|/| | | | | | | |
podman cp: do not overwrite non-dirs with dirs and vice versa
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add a new `--overwrite` flag to `podman cp` to allow for overwriting in
case existing users depend on the behavior; they will have a workaround.
By default, the flag is turned off to be compatible with Docker and to
have a more sane behavior.
Fixes: #14420
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |/ / / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Note that the bud-logfile-with-split-logfile-by-platform test is skipped
on the remote client (see #14544).
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
[CI:DOCS] Mount propagation works with named volumes
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fixes: https://github.com/containers/podman/issues/13939
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Prevent simultaneous machine starts
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
- The State() function now returns machine.Starting status instead of an
empty string if the VM is in the process of starting.
- The `CheckExclusiveActiveVM()` function returns `true` to prevent
starting a VM while another is in the process of starting.
- `podman machine ls` displays "Currently starting" under "Last Up" for
the starting VM
- `podman machine ls` supports `{{.Starting}}` boolean field in the format
- `podman machine inspect` displays "starting" in the "State" field for
the starting VM
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Running `podman machine start` twice at the same time in different
terminals, for example, will make the second invocation fail and the
first one hang.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
APIv2 tests: (try to) fix flaky registry panic
|
| | | |_|_|_|/ / / /
| |/| | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
APIv2 tests are flaky after this morning's merge of #14543.
Symptom:
test-apiv2: Timed out (10s) waiting for service (/dev/tcp/localhost/5564)
journal shows:
registry[7421]: panic: unable to configure authorization (htpasswd):
no access controller registered with name: none
Possible cause:
Mix of REGISTRY_AUTH=none with REGISTRY_AUTH_HTPASSWD_* vars.
https://github.com/distribution/distribution/issues/1168
Solution:
only set _HTPASSWD_* vars when AUTH=htpasswd
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
Fix Remote filtering embedded directory test
|
| | | |_|_|_|/ / / /
| |/| | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fixes #14184
Docs: https://onsi.github.io/gomega/#making-asynchronous-assertions
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
patch for pod host networking & other host namespace handling
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
this patch included additonal host namespace checks when creating a ctr as well
as fixing of the tests to check /proc/self/ns/net
see #14461
Signed-off-by: cdoern <cdoern@redhat.com>
|
