| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0-rc94 to 1.0.0-rc95.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Commits](https://github.com/opencontainers/runc/compare/v1.0.0-rc94...v1.0.0-rc95)
Signed-off-by: dependabot[bot] <support@github.com>
|
|\
| |
| | |
update c/common
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update containers common to the latest HEAD. Some bug fixes in libimage
forced us to have a clearer separation between ordinary images and
manifest lists. Hence, when looking up manifest lists without recursing
into any of their instances, we need to use `LookupManifestList()`.
Also account for some other changes in c/common (e.g., the changed order
in the security labels).
Further vendor the latest HEAD from Buildah which is required to get the
bud tests to pass.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| |/
|/| |
Add support for podman manifest rm command
|
| |
| |
| |
| |
| |
| | |
This is mainly to match command line of Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/|
| |
| | |
containers/dependabot/go_modules/k8s.io/api-0.21.1
Bump k8s.io/api from 0.21.0 to 0.21.1
|
| |
| |
| |
| |
| |
| |
| | |
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.21.0...v0.21.1)
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| | |
| | | |
[CI:DOCS] docs: generate systemd: XDG_RUNTIME_DIR
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A conversation on the customer portal suggests that to add an extra note
about the requirement of XDG_RUNTIME_DIR to be set.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix problem copying files when container is in host pid namespace
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When attempting to copy files into and out of running containers
within the host pidnamespace, the code was attempting to join the
host pidns again, and getting an error. This was causing the podman
cp command to fail. Since we are already in the host pid namespace,
we should not be attempting to join. This PR adds a check to see if
the container is in NOT host pid namespace, and only then attempts to
join.
Fixes: https://github.com/containers/podman/issues/9985
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
fix: response of containers wait endpoint
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The `Error` part of response must be nil (or omitted) if no error occurred.
Before this commit a zero value for the struct was returned.
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/vbauerster/mpb/v6-6.0.4
Bump github.com/vbauerster/mpb/v6 from 6.0.3 to 6.0.4
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/vbauerster/mpb/v6](https://github.com/vbauerster/mpb) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/vbauerster/mpb/releases)
- [Commits](https://github.com/vbauerster/mpb/compare/v6.0.3...v6.0.4)
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
containers/dependabot/go_modules/k8s.io/apimachinery-0.21.1
Bump k8s.io/apimachinery from 0.21.0 to 0.21.1
|
|/ /
| |
| |
| |
| |
| |
| | |
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/kubernetes/apimachinery/releases)
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.0...v0.21.1)
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| |/
|/| |
Fix formatting and indentation in network http api docs
|
| |
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| | |
| | | |
Break up python APIv2 tests
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Tests broken up into areas of concern
* Introduced fixtures to reduce duplicated code
* Introduced new assert methods with APITestCase
* General cleanup of code while visiting
* Tests now targeting quay.io
Known issues:
* is-official against quay.io not working
Fixes: #9238
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add script for identifying commits in release branches
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
One of the worst parts of a Podman release is writing the release
notes. It requires manually going through all merged commits
since the last release, figuring out what was actually done, and
writing a small blurb about what was fixed. The worst part of
this is the difficulty in finding the commits that were actually
included in previous releases - our extensive backports to prior
releases mean that there are usually dozens of commits that were
included in a prior release, but do not have a matching SHA (as
the original author did not do the backport, and often the commit
required massaging to cherry-pick in).
This script automates the job of finding commits in one release
branch that are not in another, with filtering to remove most
cherry-picked commits. It makes my life a lot easier during
releases, so I figured I'd include it in hack/ so anyone else
stuck with the enjoyable task of writing release notes can have a
slightly easier life.
The script is written in absolutely terrible Ruby and its
performance is absolutely terrible, but you only need to run it
once per major release and a 30-second wait to generate the list
of commits to include isn't bad.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| | | |
| | | | |
Ensure that :Z/:z/:U can be used with named volumes
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Docker allows relabeling of any volume passed in via -v, even
including named volumes. This normally isn't an issue at all,
given named volumes get the right label for container access
automatically, but this becomes an issue when volume plugins are
involved - these aren't managed by Podman, and may well be
unaware of SELinux labelling. We could automatically relabel
these volumes on creation, but I'm still reluctant to do that
(feels like it could break things). Instead, let's allow :z and
:Z to be used with named volumes, so users can explicitly request
relabel of a volume plugin-backed volume.
We also get :U at the same time. I don't see any real need for it
but it also doesn't seem to hurt, so I didn't bother disabling
it.
Fixes #10273
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Support automatic labeling of kube volumes
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Allow users to specify options on the volume mount path.
This will trigger relabels of user specifies :z,:Z
Also will handle User Relabels if the user specifies :U
Fixes: https://github.com/containers/podman/issues/9371
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Support uid,gid,mode options for secrets
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Support UID, GID, Mode options for mount type secrets. Also, change
default secret permissions to 444 so all users can read secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Create the /etc/mtab file if does not exists
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We should create the /etc/mtab->/proc/mountinfo link
so that mount command will work within the container.
Docker does this by default.
Fixes: https://github.com/containers/podman/issues/10263
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
Several shell completion fixes
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- fix network filters
- add prune filters
- pod create --share support comma separated namespaces
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
image prune: remove unused images only with `--all`
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix a regression in `podman image prune` where unused images were
accidentally removed even when `--all=false`. Extend and partially
rewrite the e2e tests to make sure we're not regressing again in the
future.
Fixing the aforementioned issue revealed another issue in the default
prune filter. While prune should remove all "dangling" images (i.e.,
those without tag), it removed only "intermediate" ones; dangling images
without children. Remove the mistaken comment from the libimage
migration.
Also clarify the help message and man page.
Fixes: #10350
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add host.containers.internal entry into container's etc/hosts
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This change adds the entry `host.containers.internal` to the `/etc/hosts`
file within a new containers filesystem. The ip address is determined by
the containers networking configuration and points to the gateway address
for the containers networking namespace.
Closes #5651
Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
podman network reload add rootless support
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Allow podman network reload to be run as rootless user. While it is
unlikely that the iptable rules are flushed inside the rootless cni
namespace, it could still happen. Also fix podman network reload --all
to ignore errors when a container does not have the bridge network mode,
e.g. slirp4netns.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Update to actions/stale@v3
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
… as currently with `v1`, `remove-stale-when-updated` is set but isn't causing labels to be updated when comments are added.
Signed-off-by: Stuart Shelton <stuart@shelton.me>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] network tutorial: update with rootless cni changes
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Starting with podman v3.2 rootless cni will work without the
rootless-cni-infra container. Update the network tutorial to reflect the
latest changes and mention that the infra container can be removed.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
[CI:DOCS] Update first line in intro page
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove the word `consumption` and give a better description for the
first line of the introduction page.
Fixes: #10325
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
auto-update service: prune images
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Extend the systemd auto-update service to prune images after an update
has run. As reported by a user [1], auto updates can over time cause
the disk to run out of space. With Edge being a target use case, we
need to make sure that systems can run without much supervision, so
let's make sure to run `podman image prune` to clean up dangling images.
[1] https://twitter.com/r_isc_y/status/1388981737011793921
Fixes: #10190
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Use updated VM images + updated automation tooling
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Both the `containers/automation` and `containers/automation_images` have
been updated with a default 'main' branch, renamed from 'master`. These
images include adjusted tooling in addition to a refresh of all
packages.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | /
| | |/
| |/| |
Add support for cli network prune --filter flag
|