summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #14912 from edsantiago/ci_confirm_runtimeopenshift-ci[bot]2022-07-12
|\ | | | | [CI:DOCS] CI: sanity check for desired runtime
| * CI: sanity check for desired runtimeEd Santiago2022-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're still not testing runc in CI (#14833), and it may be weeks or months before we can, due to criu/glibc nightmare, but one day we'll be back on track, then later on we'll update VMs again, and screw it up, and lose runc, and not notice, and RHEL will break, and oh noes headless chicken again, repeat repeat. We can do better. Use .cirrus.yml to explicitly define which VMs should use which runtimes, and enforce it early in the CI build step. This should never fail (uh huh) in a PR, only in one of the update-VM PRs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #14911 from ↵Daniel J Walsh2022-07-12
|\ \ | | | | | | | | | | | | eriksjolund/remove_builtin_volume_option_from_man_pages [CI:DOCS] man pages: remove non-existent option builtin-volume
| * | [CI:DOCS] man pages: remove non-existent option builtin-volumeErik Sjölund2022-07-12
| |/ | | | | | | | | | | Closes #14906 Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | Merge pull request #14893 from Luap99/machine-proxyopenshift-ci[bot]2022-07-12
|\ \ | |/ |/| podman machine: do not commit proxies into config file
| * podman machine: do not commit proxies into config filePaul Holzinger2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu fails when the same `fw_cfg` options is used more than once. Since the current logic always adds a new option on each machine load this will fail on the second start. We can fix this by checking if the option is already set and replace but I think it is easier to just not commit the option in the config and add it dynamically on start. User that hit this bug have to recreate the machine. [NO NEW TESTS NEEDED] Fixes #14636 Fixes #14837 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14896 from edsantiago/logformatter_by_taskopenshift-ci[bot]2022-07-12
|\ \ | | | | | | logformatter: link by *task ID*, not build ID
| * | logformatter: link by *task ID*, not build IDEd Santiago2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | Reason: task IDs are unique and permanent; linking by build ID and task name is non-unique, because Re-run. Fixes: #14863 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14901 from tyler92/fix-trace-logopenshift-ci[bot]2022-07-12
|\ \ \ | | | | | | | | fix wrong log message on Trace level
| * | | fix wrong log message on Trace levelMikhail Khachayants2022-07-12
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Empty path to runtime binary was printed instead of a real path. Before fix: TRAC[0000] found runtime "" TRAC[0000] found runtime "" After: TRAC[0000] found runtime "/usr/bin/crun" TRAC[0000] found runtime "/usr/bin/runc" Signed-off-by: Mikhail Khachayants <khachayants@arrival.com>
* | | Merge pull request #14898 from ↵openshift-ci[bot]2022-07-11
|\ \ \ | |/ / |/| | | | | | | | eriksjolund/improve_language_and_fix_spelling_and_typos [CI:DOCS] Improve language. Fix spelling and typos.
| * | [CI:DOCS] Improve language. Fix spelling and typos.Erik Sjölund2022-07-11
|/ / | | | | | | | | | | | | | | | | * Correct spelling and typos. * Improve language. Co-authored-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | Merge pull request #14181 from umohnani8/kube-hostnameopenshift-ci[bot]2022-07-11
|\ \ | |/ |/| Add ports and hostname correctly in kube yaml
| * Add ports and hostname correctly in kube yamlUrvashi Mohnani2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | If a pod is created without net sharing, allow adding separate ports for each container to the kube yaml and also set the pod level hostname correctly if the uts namespace is not being shared. Add a warning if the default namespace sharing options have been modified by the user. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | Merge pull request #14874 from vrothberg/fix-14859openshift-ci[bot]2022-07-11
|\ \ | | | | | | exit code improvements
| * | libpod: read exit code when cleaning up the runtimeValentin Rothberg2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While for some call paths we may be doing this redundantly we need to make sure the exit code is always read at this point. [NO NEW TESTS NEEDED] as I do not manage to reproduce the issue which is very likely caused by a code path not writing the exit code when running concurrently. Fixes: #14859 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | podman wait: return 0 if container never ranValentin Rothberg2022-07-11
| | | | | | | | | | | | | | | | | | | | | Make sure to return/exit with 0 when waiting for a container that never ran. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
| * | test/system/130-kill.bats: use $IMAGEValentin Rothberg2022-07-11
| | | | | | | | | | | | | | | | | | A copy-paste error led to use `alpine` instead. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14889 from eriksjolund/rewrite_gidmap_option_docsopenshift-ci[bot]2022-07-11
|\ \ \ | | | | | | | | [CI:DOCS] Rewrite the --gidmap option docs
| * | | [CI:DOCS] Rewrite the --gidmap option docsErik Sjölund2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Reference --uidmap in --gidmap docs for additional information * Remove --gidmap example "groupname -> 100000 / 30000 -> 0" Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #14826 from sstosh/net-pruneopenshift-ci[bot]2022-07-11
|\ \ \ \ | |/ / / |/| | | Refactored networkPrune function
| * | | Refactored networkPrune functionToshiki Sonoda2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactored the networkPrune function to improve readability. This commit changes the `networkPrune` function to use the `PrintNetworkPruneResults` function. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | | Merge pull request #14887 from eriksjolund/podman_info_command_completion_docopenshift-ci[bot]2022-07-11
|\ \ \ \ | |_|/ / |/| | | [CI:DOCS] podman-info.1.md: update examples (now also shell completion and jq)
| * | | [CI:DOCS] podman-info.1.md: Update examplesErik Sjölund2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add example "Extracting the list of container registries with a Go template". (The example was already present but in a much shorter form) * Add example "Extracting the list of container registries from JSON with jq". * Add shell completion instructions Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #14818 from rhatdan/waitopenshift-ci[bot]2022-07-11
|\ \ \ \ | |/ / / |/| | | podman wait can take multiple conditions
| * | | podman wait can take multiple conditionsDaniel J Walsh2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman wait should not be defaulting to just stopped. By default wait API waits for stopped and exited. We should not override this on the client side. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14219 from mheon/bump_versionopenshift-ci[bot]2022-07-08
|\ \ \ \ | | | | | | | | | | Bump Compat API maximum version to v1.41
| * | | | Bump Compat API maximum version to v1.41Matthew Heon2022-05-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker bumped their API, so we should do the same. Fixes #14204 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #14870 from vrothberg/fix-14846Daniel J Walsh2022-07-08
|\ \ \ \ \ | | | | | | | | | | | | improve pull-policy documentation
| * | | | | improve pull-policy documentationValentin Rothberg2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that the docs for pull policies is consistent with Buildah and reflects the implementation. Further improve the help messages and auto completions. [NO NEW TESTS NEEDED] Fixes: #14846 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | | | Merge pull request #14853 from baude/machinetestsfixopenshift-ci[bot]2022-07-08
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix machine tests
| * | | | | | Fix machine testsBrent Baude2022-07-08
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Catch up with regressions that have occurred since the tests were originally written. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | | Merge pull request #14872 from edsantiago/deferred_deferopenshift-ci[bot]2022-07-08
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Manifest test cleanup: use defer()
| * | | | | Manifest test cleanup: use defer()Ed Santiago2022-07-08
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #14845: use defer(), not fragile global context, to stop registry and clean up temporary envariable. Thanks to mitr for the suggestion. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #14839 from saschagrunert/errors-pkgopenshift-ci[bot]2022-07-08
|\ \ \ \ \ | |_|/ / / |/| | | | pkg: switch to golang native error wrapping
| * | | | pkg: switch to golang native error wrappingSascha Grunert2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | | | Merge pull request #14845 from edsantiago/registry_sanitizeopenshift-ci[bot]2022-07-08
|\ \ \ \ \ | | | | | | | | | | | | manifest_test: safer registry setup and teardown
| * | | | | manifest_test: safer registry setup and teardownEd Santiago2022-07-07
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | manifest_test:authenticated_push() is the final test left to fix before merging #14397. The reason it's failing _seems_ to be that podman is running with a mix of netavark and CNI, and that _seems_ to be because this test invokes hack/podman-registry which invokes plain podman without whatever options used in e2e. Starting a registry directly from the test is insane: there is no reusable code for doing that (see login_logout_test.go and push_test.go. Yeesh.) Solution: set $PODMAN, by inspecting the podmanTest object which includes both a path and a list of options. podman-registry will invoke that. (It will also override --root and --runroot. This is the desired behavior). Also: add cleanup. If auth-push test fails, stop the registry. Also: add a sanity check to podman-registry script, have it wait for the registry port to activate. Die if it doesn't. That could've saved us a nice bit of debugging time. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #14850 from Luap99/e2e-machineopenshift-ci[bot]2022-07-08
|\ \ \ \ \ | |_|/ / / |/| | | | pkg/machine/e2e: do not import from cmd/podman
| * | | | pkg/machine/qemu: start VM check if qemu is alivePaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When trying to connect to the qemu ready socket we should check if the qemu process is still running, if it is not we can just error out. There is no point in retrying. To do so we have to directly call wait with WNOHANG. Also change StartProcess to os/exec package which is higher level and allows us to use a buffer as qemu stderr fd. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | machine: qemu fix chardev id starting with letterPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu need the id to start with a letter for some reason. If this is not the case qemu will fail: ``` qemu-system-x86_64: -device virtserialport,chardev=ad053e0bb519f_ready,name=org.fedoraproject.port.0: Property 'virtserialport.chardev' can't find value 'ad053e0bb519f_ready' er Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. ``` To fix this we just add an "a" in front of it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | pkg/machine/e2e: do not import from cmd/podmanPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It should be avoided to import cmd/podman/... packages from outside of cmd/podman. This can lead in weird hard to debug import paths but also can have negative consequences when imported in unit tests. In this case it will set XDG_CONFIG_HOME and thus the machine tests this dir over the tmp HOME env variable which is set at a later point. This caused machine files to be leaked into the actual users home dir. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | | machine test: fix endless loop in testPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem is that this could loop forever as long as podman start doe snot exit (which could happen due bugs). Also since there no timeout between the machine list calls the test is using the full cpu and this causes the system to slow down making the machine start command even slower. IMO it is enough to only check the status every three seconds. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #14569 from cevich/podman_machine_pocopenshift-ci[bot]2022-07-08
|\ \ \ \ \ | |_|/ / / |/| | | | Cirrus: Add podman-machine integration test
| * | | | Cirrus: Add podman-machine integration testChris Evich2022-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman-machine integration tests are designed to execute on bare-metal, since they perform significant work with virtual-machines. This test is costly to run at scale, so it is limited to being manually triggered by developers (for now). A 'trigger' button will appear in the task status page of the Github WebUI once all test dependencies are met. In the Cirrus-CI WebUI, there is also a 'pre-trigger' button that may be pressed if a developer doesn't wish to wait. Also: * Add a `localmachine` target in the `Makefile` on the off-chance developers wish to execute locally. Update the `ginkgo-run` target to accommodate re-use by the new `localmachine` target. * Exclude `podman_machine` task from `success` dependency verification. This also involves adding an exception to `cirrus_yaml_test.py` otherwise it will complain loudly. * ***NOTE*** Inclusion of `ec2_instance` in *any* task will cause `hack/get_ci_vm.sh` to barf and be non-functional. Future updates will be made to restore functionality. Before then, simply comment out the `ec2_instance` section as a temporarily workaround. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Fix elevator workaround multi-cloud supportChris Evich2022-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to support execution on various non-GCP cloud environments, the BFQ scheduler workaround needs updating. Previously it assumed the root disk was always `/dev/sda`. With the addition of new clouds (AWS) and different environment types, the assumption is not always valid. Update the workaround to take care in looking up the block device where '/' comes from. Also update the scheduler to 'none', as all modern clouds already have highly optimized underlying storage configurations. There's no reason to complicate I/O paths further by hard-coding specific scheduler(s) for all environment types. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #14857 from edsantiago/dedup_uts_testnameopenshift-ci[bot]2022-07-07
|\ \ \ \ \ | |_|/ / / |/| | | | [minor] fix duplicate test name
| * | | | [minor] fix duplicate test nameEd Santiago2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | copy/paste error in #14501. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #14803 from bugfood/volumesopenshift-ci[bot]2022-07-07
|\ \ \ \ \ | | | | | | | | | | | | make 9p security model configurable; document
| * | | | | podman machine: make 9p security model configurable; adjust docsCorey Hickey2022-07-06
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This addresses: Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784 This change does NOT exactly fix the bug, but it does allow the user to work around it via 'podman init' option, e.g.: podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none" If the default security model were to be changed to 'none', then that would fix the bug, at the possible cost of breaking any use cases that depend on 'mapped-xattr'. The documentation of the purpose and behavior of the different security models seems to be rather light: https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly From testing, it appears that the mapped-xattr security model intends to manage symlinks such that the guest can see the symlinks but the host only sees regular files (with extended attributes). As far as I can tell, this behavior only makes sense when the guest is the only thing that ever needs to create and read symlinks. Otherwise, symlinks created on the host are unusable on the guest, and vice versa. As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5 [NO NEW TESTS NEEDED] Also document existing ro and rw options. Also remove misleading statement about /mnt. By my observation, this line is incorrect. If the intended meaning is different, then I don't understand. The default volume is mounted read/write and is not within /mnt. [core@localhost ~]$ mount | grep 9p vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio) Signed-off-by: Corey Hickey <chickey@tagged.com>