summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* document isolate option for network createCharlie Doern2022-07-18
| | | | | | | | | | | [CI:DOCS] document the podman network create -o=isolate which allows networks to cut themselves off from external connections. resolves #5805 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Merge pull request #14777 from rhatdan/nfsopenshift-ci[bot]2022-07-18
|\ | | | | Use SafeChown rather then chown for volumes on NFS
| * Use SafeChown rather then chown for volumes on NFSDaniel J Walsh2022-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NFS Servers will thrown ENOTSUPP error if you attempt to chown a directory to the same UID and GID as the directory already has. If volumes are stored on NFS directories this throws an ugly error and then works on the next try. Bottom line don't chown directories that already have the correct UID and GID. Fixes: https://github.com/containers/podman/issues/14766 [NO NEW TESTS NEEDED] Difficult to setup an NFS Server in testing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14951 from ↵openshift-ci[bot]2022-07-17
|\ \ | | | | | | | | | | | | eriksjolund/add_socket_activation_entry_to_tutorial_list [CI:DOCS] Tutorials.rst: add socket activation
| * | [CI:DOCS] socket_activation.md: fix typo and layoutErik Sjölund2022-07-16
| | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
| * | [CI:DOCS] Tutorials.rst: add socket activationErik Sjölund2022-07-15
| | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | Merge pull request #14900 from ashley-cui/machcacheopenshift-ci[bot]2022-07-16
|\ \ \ | | | | | | | | Clean up cached machine images
| * | | Clean up cached machine imagesAshley Cui2022-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When initing machines, we download a machine image, and uncompress and copy the image for the actual vm image. When a user constantly pulls new machines, there may be a buildup of old, unused machine images. This commit cleans ups the unused cached images. Changes: - If the machine is pulled from a URL or from the FCOS releases, we pull them into XDG_DATA_HOME/containers/podman/machine/vmType/cache - Cache cleanups only happen if there is a cache miss, and we need to pull a new image - For Fedora and FCOS, we actually use the cache, so we go through the cache dir and remove any images older than 2 weeks (FCOS's release cycle), on a cache miss. - For generic files pulled from a URL, we don't actually cache, so we delete the pulled file immediately after creating a machine image - For generic files from a local path, the original file will never be cleaned up Note that because we cache in a different dir, this will not clean up old images pulled before this commit. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #14952 from ashley-cui/sshopenshift-ci[bot]2022-07-15
|\ \ \ \ | |_|/ / |/| | | Machine init: create .ssh dir if not exist
| * | | Machine init: create .ssh dir if not existAshley Cui2022-07-15
|/ / / | | | | | | | | | | | | | | | | | | When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there is not .ssh dir, we should create it, so the init does not fail. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #14932 from jakecorrenti/pull-all-tags-shorthandopenshift-ci[bot]2022-07-15
|\ \ \ | |/ / |/| | Podman pull --all-tags shorthand option
| * | Podman pull --all-tags shorthand optionJake Correnti2022-07-14
| | | | | | | | | | | | | | | | | | | | | I added the shorthand option for `podman pull --all-tags`. Like Docker, Podman can now do `podman pull -a`. Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | | Merge pull request #14909 from eriksjolund/add_socket_activation_tutorialopenshift-ci[bot]2022-07-15
|\ \ \ | | | | | | | | [CI:DOCS] Add socket_activation.md
| * | | [CI:DOCS] Update docs/tutorials/socket_activation.mdErik Sjölund2022-07-14
| | | | | | | | | | | | | | | | | | | | Co-authored-by: Valentin Rothberg <vrothberg@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
| * | | [CI:DOCS] Add socket activation tutorialErik Sjölund2022-07-14
| | | | | | | | | | | | | | | | | | | | | | | | Closes #14908 Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #14944 from cevich/machine-label-taskopenshift-ci[bot]2022-07-15
|\ \ \ \ | | | | | | | | | | Cirrus: Trigger podman-machine task by label
| * | | | Cirrus: Trigger podman-machine task by labelChris Evich2022-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of requiring developers to search for a magic button, make the task trigger at the time a special PR label is added. Update comments accordingly. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #14927 from cevich/fix_error_grepopenshift-ci[bot]2022-07-14
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] GHA: Fix dumb error check
| * | | | | GHA: Fix dumb error checkChris Evich2022-07-14
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously the reply JSON was examined for the literal presence of the string 'error'. This was intended to catch server or query errors and the like. However it's not a sound design as valid/legitimate contents could potentially contain the string. Fix this by using the `-e` option to `jq`, with a filter that should always result in a non-empty/null match. If this fails or returns null for some reason, then it's safe to throw a real error code & message. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #14832 from karthikelango137/filterFlagStopopenshift-ci[bot]2022-07-14
|\ \ \ \ \ | | | | | | | | | | | | Podman stop --filter flag
| * | | | | Podman stop --filter flagKarthik Elango2022-07-14
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy. Signed-off-by: Karthik Elango <kelango@redhat.com>
* | | | | Merge pull request #14938 from nicrowe00/12475remixopenshift-ci[bot]2022-07-14
|\ \ \ \ \ | |/ / / / |/| | | | fix tests for "podman kube play"
| * | | | fix tests for "podman kube play"Niall Crowe2022-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a follow up to fix some of the apiv2 tests related to "podman kube play" while also removing reduntant system tests. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | | | | Merge pull request #14935 from saschagrunert/semver-v4openshift-ci[bot]2022-07-14
|\ \ \ \ \ | | | | | | | | | | | | Switch to `github.com/blang/semver/v4`
| * | | | | Switch to `github.com/blang/semver/v4`Sascha Grunert2022-07-14
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Switch to the latest version of the now go module compatible release. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | | | Merge pull request #14914 from edsantiago/xref_manpages_stricteropenshift-ci[bot]2022-07-14
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] man page checker: enforce stricter options format
| * | | | | man page checker: enforce stricter options formatEd Santiago2022-07-14
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #14906, in which a nonexistent option was found in a man page. The xref script was designed to catch that, but I was too lax in my parsing: the option was documented using wrong syntax, and the script didn't catch it. Solution: do not allow *any* unrecognized cruft in the option description lines. And fix all improperly-written entries to conform to the rule: **--option**=*value(s)* Two asterisks around option, which must have two dashes. One asterisk around value(s). This is going to cause headaches for some people adding new options, but I don't think I can fix that: there are many factors that make an unparseable line. Adding 'hint' code would make the script even more complex than it is. I have to assume that our contributors are smart enough to look at surrounding context and figure out the right way to specify options. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #14919 from gbraad/fedorawslopenshift-ci[bot]2022-07-14
|\ \ \ \ \ | |/ / / / |/| | | | Use prepared image for WSL machine init
| * | | | Fixes #14698 Use prepared image for WSL2 machine initGerard Braad2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a prepared image for setting up the WSL2 environment. This means that the deployment will take considerable less time to finish (as it does not need to run an update and package install), but also allows to rely on a cached image to re-init the environment without the need for an internet connection. [NO NEW TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
* | | | | Merge pull request #14923 from rhatdan/eventsopenshift-ci[bot]2022-07-14
|\ \ \ \ \ | |_|/ / / |/| | | | Add podman events -f to be alias for --filter
| * | | | Add podman events -f to be alias for --filterDaniel J Walsh2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Needed for Docker compatibility. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #14772 from nicrowe00/12475openshift-ci[bot]2022-07-13
|\ \ \ \ \ | | | | | | | | | | | | Add "podman kube play" cmd
| * | | | | Add "podman kube play" cmdNiall Crowe2022-07-13
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "podman kube play" command is designed to be a replacement for the "podman play kube" command. It performs the same function as "play kube" while also still working with the same flags and options. The "podman play kube" command is still functional as an alias of "kube play". Closes #12475 Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | | Merge pull request #14915 from eriksjolund/rename_c_to_cpu_sharesopenshift-ci[bot]2022-07-13
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] man pages: replace -c with --cpu-shares
| * | | | | [CI:DOCS] man pages: replace -c with --cpu-sharesErik Sjölund2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
| * | | | | [CI:DOCS] podman-create.md: replace -c with --cpu-sharesErik Sjölund2022-07-12
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | | | Merge pull request #14895 from baude/machinewipopenshift-ci[bot]2022-07-13
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Fix machine test for list
| * | | | | Fix last machine testBrent Baude2022-07-12
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The list --format json test case had a typo like error. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #14904 from giuseppe/move-to-subcgroup-in-a-containeropenshift-ci[bot]2022-07-13
|\ \ \ \ \ | | | | | | | | | | | | abi: create new cgroup when running in a container
| * | | | | abi: create new cgroup when running in a containerGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if podman is running in the root cgroup, it will create a new subcgroup and move itself there. [NO NEW TESTS NEEDED] it needs nested podman Closes: https://github.com/containers/podman/issues/14884 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | podman: always call into SetupRootlessGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | utils: call MaybeMoveToSubCgroup onceGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | memoize its result and use it for subsequent calls. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | podman: move MaybeMoveToSubCgroup to utils/Giuseppe Scrivano2022-07-13
| | |_|/ / | |/| | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #14916 from rhatdan/dockeropenshift-ci[bot]2022-07-13
|\ \ \ \ \ | |/ / / / |/| | | | Docker uses "-c" to mean "--cpu-shares" in create and run
| * | | | Docker uses "-c" to mean "--cpu-shares" in create and runDaniel J Walsh2022-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for -c as an alias for --cpu-shares to be compatible with Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #14910 from flouthoc/fix-testopenshift-ci[bot]2022-07-12
|\ \ \ \ \ | |_|/ / / |/| | | | test,manifest-run: declare `TARGETPLATFORM` in test containerfile.
| * | | | test,manifest-run: declare TARGETPLATFORM before using itAditya R2022-07-12
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of fix for https://github.com/openshift/imagebuilder/issues/231 `FROM` does not expands `ARGS` which are not declared so `TARGETPLATFORM` Note: I think a patch should be added at imagebuilder to allow using inbuilt ARGS in FROM without declaring it as well but it is something to be discussed so lets declare it manually in our tests [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #14905 from eriksjolund/remove_rootless_considerationsopenshift-ci[bot]2022-07-12
|\ \ \ \ | | | | | | | | | | [CI:DOCS] rootless_tutorial: Remove incorrect advice regarding volume…
| * | | | [CI:DOCS] rootless_tutorial: Remove incorrect advice regarding volumes and ↵Erik Sjölund2022-07-12
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mount points * Remove the instruction "The mount point must exist in the container" as it is incorrect which is shown by this example ``` $ mkdir dir1 $ podman run --rm -v ./dir1:/dir1:Z docker.io/library/fedora:36 touch /dir1/file $ ls dir1 file $ podman run --rm docker.io/library/fedora:36 ls -l /dir1 ls: cannot access '/dir1': No such file or directory $ podman --version podman version 4.1.1 $ ``` * Rewrite the advice "You should always give the full path to the volume you'd like to mount" so that it also mentions relative paths starting with a dot. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #14912 from edsantiago/ci_confirm_runtimeopenshift-ci[bot]2022-07-12
|\ \ \ \ | |_|_|/ |/| | | [CI:DOCS] CI: sanity check for desired runtime