summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* network create: add warning for deprecated macvlan flagPaul Holzinger2021-09-07
| | | | | | | | | | | | The macvlan driver is not deprecated, only the --macvlan flag is. Remove the flag from the man page since it is deprecated and add a warning to podman network create if it is used. [NO TESTS NEEDED] Fixes #11400 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #11395 from edsantiago/batsOpenShift Merge Robot2021-09-02
|\ | | | | System tests: add cleanup & debugging output
| * System tests: add cleanup & debugging outputEd Santiago2021-09-01
| | | | | | | | | | | | | | | | | | | | | | | | Cleanup: the final 'play' test wasn't cleaning up after itself, leading to angry warning messages when rerunning tests (in my environment; never in CI) Debug: I'm seeing a lot of "Could not parse READY=1 as MAINPID=nnn" flakes in the sdnotify:container test (nine in the past month). Add debug traces to help diagnose in future flakes. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #11368 from giuseppe/fix-man-formatDaniel J Walsh2021-09-01
|\ \ | |/ |/| [CI:DOCS] fix indentation for userns modes
| * docs: fix indentation for userns modesGiuseppe Scrivano2021-08-31
| | | | | | | | | | | | Closes: https://github.com/containers/podman/issues/11364 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #11391 from Luap99/rootlessport-socketOpenShift Merge Robot2021-09-01
|\ \ | | | | | | rootlessport: allow socket paths with more than 108 chars
| * | rootlessport: allow socket paths with more than 108 charsPaul Holzinger2021-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Creating the rootlessport socket can fail with `bind: invalid argument` when the socket path is longer than 108 chars. This is the case for users with a long runtime directory. Since the kernel does not allow to use socket paths with more then 108 chars use a workaround to open the socket path. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11388 from Luap99/stop-cleanupOpenShift Merge Robot2021-09-01
|\ \ \ | | | | | | | | podman stop always cleanup
| * | | podman stop always cleanupPaul Holzinger2021-09-01
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a container is configured for auto removal podman stop should still do cleanup, there is no guarantee the the cleanup process spawned by conmon will be successful. Also a user expects after podman stop that the network/mounts are cleaned up. Therefore podman stop should not return early and instead do the cleanup and ignore errors if the container was already removed. [NO TESTS NEEDED] I don't know how to test this. Fixes #11384 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11376 from ashley-cui/envsecOpenShift Merge Robot2021-09-01
|\ \ \ | | | | | | | | Make secret env var available to exec session
| * | | Make secret env var available to exec sessionAshley Cui2021-08-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Secret environment variables were only available to a podman run/start. This commit makes sure that exec sessions can see them as well. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #11371 from vrothberg/fix-11370OpenShift Merge Robot2021-09-01
|\ \ \ \ | |_|/ / |/| | | [CI:DOCS] generate systemd: clarify limitations of `--new`
| * | | generate systemd: clarify limitations of `--new`Valentin Rothberg2021-09-01
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `generate systemd --new` is looking at the "create command" of the container/pod which is simply the os.Args at creation time. It does not work on containers or pods created via the REST API since the create command is not set. `--new` does work on such containers and pods since there is no reliable way to reverse-map their configs to command-line arguments of podman. Fixes: #11370 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11375 from vrothberg/fix-11346OpenShift Merge Robot2021-08-31
|\ \ \ | | | | | | | | [CI:DOCS] podman cp: highlight globbing and multi-file copy
| * | | [CI:DOCS] podman cp: highlight globbing and multi-file copyValentin Rothberg2021-08-31
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman cp` does not allow for globbing or filtering copied data in any form. `docker cp` does not either, so Podman remains compatible. Due to a number of requests, highlight how users can effectively achieve that by means of chaining with tools such as xargs(1) or find(1), or by making use of `podman mount`. Closes: #11346 Closes: #11194 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11372 from cevich/apiv2_updateOpenShift Merge Robot2021-08-31
|\ \ \ | | | | | | | | Cirrus: Reduce APIv2 task timeout
| * | | Cirrus: Reduce APIv2 task timeoutChris Evich2021-08-31
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At the time of this commit, a significant problem has been identified (introduced in f5ce02b227f4). The effect is, `podman pull` has a chance of hanging, especially when re-pulling an existing image. While a fix is in the works, there's no reason to make developers wait the full (default) 1-hour timeout for the APIv2 task. Reduce it to 2x nominal test runtime, so if the hang/flake is hit, the task can be re-run more quickly. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #11316 from vrothberg/fix-10443OpenShift Merge Robot2021-08-31
|\ \ \ | |/ / |/| | pass LISTEN_* environment into container
| * | pass LISTEN_* environment into containerValentin Rothberg2021-08-31
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that Podman passes the LISTEN_* environment into containers. Similar to runc, LISTEN_PID is set to 1. Also remove conditionally passing the LISTEN_FDS as extra files. The condition was wrong (inverted) and introduced to fix #3572 which related to running under varlink which has been dropped entirely with Podman 3.0. Note that the NOTIFY_SOCKET and LISTEN_* variables are cleared when running `system service`. Fixes: #10443 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #11373 from mtrmac/mpb-replaceOpenShift Merge Robot2021-08-31
|\ \ | | | | | | Use UNMERGED vbauerster/mpb PR to fix a pull deadlock
| * | Use UNMERGED vbauerster/mpb PR to fix a pull deadlockMiloslav Trmač2021-08-31
| |/ | | | | | | | | | | | | | | | | | | > go mod edit -replace github.com/vbauerster/mpb/v7=github.com/mtrmac/mpb/v7@abort-deadlock > make vendor See https://github.com/vbauerster/mpb/issues/100 and https://github.com/vbauerster/mpb/pull/101 . Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* | Merge pull request #11374 from cevich/no_api2_cidocsOpenShift Merge Robot2021-08-31
|\ \ | | | | | | Cirrus: Skip APIv2 tests for [CI:DOCS]
| * | Cirrus: Skip APIv2 tests for [CI:DOCS]Chris Evich2021-08-31
| |/ | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #11009 from edsantiago/upgrade_test_3OpenShift Merge Robot2021-08-31
|\ \ | |/ |/| Upgrade test: add new baseline
| * upgrade test: add new baselineEd Santiago2021-08-30
| | | | | | | | | | | | Add a new reference point against which to test upgrades. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #11357 from vrothberg/fix-11171OpenShift Merge Robot2021-08-31
|\ \ | | | | | | auto-update: fix authfile label
| * | auto-update: fix authfile labelValentin Rothberg2021-08-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that the container's authfile label is used when pulling down a new image. [NO TESTS NEEDED] since it would require some larger rewrite of the auto-update system tests that I currently have no time for. I added a reminder to have some breadcrumbs when there is more time. Fixes: #11171 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11353 from flouthoc/resolve-workdir-after-mountsOpenShift Merge Robot2021-08-30
|\ \ \ | |_|/ |/| | container: resolve workdir during initialization after all the mounts are completed.
| * | container: resolve workdir after all the mounts happen.flouthoc2021-08-30
| |/ | | | | | | | | | | | | | | There are use-cases where users would want to use overlay-mounts as workdir. For such cases workdir should be resolved after all the mounts are completed during the container init process. Signed-off-by: Aditya Rajan <arajan@redhat.com>
* | Merge pull request #11342 from baude/machinecleanupsMatthew Heon2021-08-30
|\ \ | | | | | | clean up socket and pid files from podman machine
| * | clean up socket and pid files from podman machineBrent Baude2021-08-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to avoid segvs, we should clean up as much of the socket and regular files from podman machine as possible on stop. also, on start, we should add logic to remove these files before starting in case the start process is stopped prematurely (due to an error for example). [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #11360 from Luap99/rootless-resolvOpenShift Merge Robot2021-08-30
|\ \ \ | |_|/ |/| | rootless cni: resolve absolute symlinks correctly
| * | rootless cni: resolve absolute symlinks correctlyPaul Holzinger2021-08-30
|/ / | | | | | | | | | | | | | | | | | | | | When /etc/resolv.conf is a symlink to an absolute path use it and not join it the the previous path. [NO TESTS NEEDED] This depends on the host layout. Fixes #11358 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11334 from jwhonce/issues/10831OpenShift Merge Robot2021-08-27
|\ \ | | | | | | Add support for mount options to API
| * | Add support for mount options to APIJhon Honce2021-08-27
| |/ | | | | | | | | | | | | | | When creating containers the specialized mount options where not populated via the API. Fixes: #10831 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #11333 from rhatdan/http-proxyOpenShift Merge Robot2021-08-27
|\ \ | | | | | | Globally replace http:// with https://
| * | Globally replace http:// with https://Daniel J Walsh2021-08-27
| | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Hopefully existing tests will find issues. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #11339 from rhatdan/subidOpenShift Merge Robot2021-08-27
|\ \ \ | |_|/ |/| | Add support for libsubid
| * | Add support for libsubidDaniel J Walsh2021-08-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | This will enable remote access to /etc/subuid and /etc/subgid information from ldap services, if shadow-utils ships with a libsubid. [NO TESTS NEEDED] Since we have no way to test this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #11102 from cdoern/infraEnhanceOpenShift Merge Robot2021-08-27
|\ \ \ | | | | | | | | InfraContainer Rework
| * | | InfraContainer Reworkcdoern2021-08-26
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | InfraContainer should go through the same creation process as regular containers. This change was from the cmd level down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state) Signed-off-by: cdoern <cdoern@redhat.com>
* | | Merge pull request #11330 from ↵OpenShift Merge Robot2021-08-27
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.16.0 Bump github.com/containers/image/v5 from 5.15.2 to 5.16.0
| * | Bump github.com/containers/image/v5 from 5.15.2 to 5.16.0dependabot[bot]2021-08-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.2 to 5.16.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.15.2...v5.16.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #11337 from Luap99/anon-templateOpenShift Merge Robot2021-08-27
|\ \ \ | |_|/ |/| | Shell completion for --format with anonymous fields
| * | Shell completion for --format with anonymous fieldsPaul Holzinger2021-08-27
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In commit d81021ed265e I introduced shell completion for the `--format` flag. This is a very nice way to complete go template field names. However it did not work correct for anonymous fields. In this case the child fields can be accessed directly from the parent. For example: ``` type Anonymous struct { Field1 string Field2 string ... } type MyType struct { Anonymous } var s = MyType{} ``` Now if you want to access a field from the Anonymous struct you can just do `s.Field1`. The same is allowed for go templates, using `{{.Field1}}` should work. This commit adds this functionality, if the field is anonymous read the child field names recursively and add them to the suggestions. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11298 from baude/kubeupdownOpenShift Merge Robot2021-08-26
|\ \ | | | | | | teardown play kube
| * | Fix swagger issueJhon Honce2021-08-25
| | | | | | | | | | | | | | | | | | Add special case for op PlayKubeDownLibpod Heuristic for guessing swagger operation id too limited for PlayKubeDownLibpod Signed-off-by: Jhon Honce <jhonce@redhat.com>
| * | teardown play kubeBrent Baude2021-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability for play kube to tear down based on the yaml used to play it. it is indicated by --down in the play kube command. volumes are NOT deleted during the teardown. pods and their containers are stopped and removed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #11318 from jmguzik/volume-ls-prune-docsOpenShift Merge Robot2021-08-26
|\ \ \ | | | | | | | | [CI:DOCS] Add filter params description to volume list/prune docs
| * | | Add filter params description to volume list/prune docsJakub Guzik2021-08-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Description adjusted to the standard seen in other man pages. [CI:DOCS] Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>