| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
add support for podman-remote image scp as well as direct access via the API. This entailed
a full rework of the layering of image scp functions as well as the usual API plugging and type creation
also, implemented podman image scp tagging. which makes the syntax much more readable and allows users t tag the new image
they are loading to the local/remote machine:
allow users to pass a "new name" for the image they are transferring
`podman tag` as implemented creates a new image im `image list` when tagging, so this does the same
meaning that when transferring images with tags, podman on the remote machine/user will load two images
ex: `podman image scp computer1::alpine computer2::foobar` creates alpine:latest and localhost/foobar on the remote host
implementing tags means removal of the flexible syntax. In the currently released podman image scp, the user can either specify
`podman image scp source::img dest::` or `podman image scp dest:: source::img`. However, with tags this task becomes really hard to check
which is the image (src) and which is the new tag (dst). Removal of that streamlines the arg parsing process
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\
| |
| | |
pod: ps does not race with rm
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
the "pod ps" command first retrieves the list of all pods, then
iterates over the list to inspect each pod. This introduce a race
since a pod could be deleted in the meanwhile by another process.
Solve it by ignoring the define.ErrNoSuchPod error.
Closes: https://github.com/containers/podman/issues/14736
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
it is a preparatory change for the next commit.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
Show starting state when machine is starting
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently podman machine list never shows the starting state.
Fixes: https://github.com/containers/podman/issues/14738
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Use Regexp in volume ls --filter name
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| |\ \ \
| | | |
| | | | |
add podman volume reload to sync volume plugins
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Libpod requires that all volumes are stored in the libpod db. Because
volume plugins can be created outside of podman, it will not show all
available plugins. This podman volume reload command allows users to
sync the libpod db with their external volume plugins. All new volumes
from the plugin are also created in the libpod db and when a volume from
the db no longer exists it will be removed if possible.
There are some problems:
- naming conflicts, in this case we only use the first volume we found.
This is not deterministic.
- race conditions, we have no control over the volume plugins. It is
possible that the volumes changed while we run this command.
Fixes #14207
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add 4 new subcommands to the testvol binary, instead of just serving the
volume api it now also can create/list/remove plugins. This is required
to test new functionality where volumes are create outside of podman in
the plugin. Podman should then be able to pick up the new volumes.
The new testvol commands are:
- serve: serve the podman api like the the testvol command before
- create: create a volume with the given name
- list: list all volume names
- remove: remove the volume with the given name
Also make a small update to the testvol Containerfile so that it can
build correctly.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update the golang verion for the testvol image to the latest version
1.18. This requires us to build with GO111MODULE=off.
Use the FQDN to prevent the shortnames prompt.
Also add --network none to the podman build command to make sure we are
only using the copied deps and nothing else.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I think it is confusion to have this Containerfile in the repo root. It
is used for the tests only so we should move it into the same dir.
Also adapt the Makefile target to use the new path and add the current
date as tag instead of using latest which can break CI easily when we
have to update the image.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
There is no need for an extra parameter if the body is set. We can just
check to interface for not nil.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Show Health Status events
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously, health status events were not being generated at all. Both
the API and `podman events` will generate health_status events.
```
{"status":"health_status","id":"ae498ac3aa6c63db8b69a37583a6eae1a9cefbdbdbeeadcf8e1d66d745f0df63","from":"localhost/healthcheck-demo:latest","Type":"container","Action":"health_status","Actor":{"ID":"ae498ac3aa6c63db8b69a37583a6eae1a9cefbdbdbeeadcf8e1d66d745f0df63","Attributes":{"containerExitCode":"0","image":"localhost/healthcheck-demo:latest","io.buildah.version":"1.26.1","maintainer":"NGINX Docker Maintainers \u003cdocker-maint@nginx.com\u003e","name":"healthcheck-demo"}},"scope":"local","time":1656082205,"timeNano":1656082205882271276,"HealthStatus":"healthy"}
```
```
2022-06-24 11:06:04.886238493 -0400 EDT container health_status ae498ac3aa6c63db8b69a37583a6eae1a9cefbdbdbeeadcf8e1d66d745f0df63 (image=localhost/healthcheck-demo:latest, name=healthcheck-demo, health_status=healthy, io.buildah.version=1.26.1, maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>)
```
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
Add missing criu symbols to criu_unsupported.go
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
go.sum: run make vendor
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The CI is currently broken. Update go.sum.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Implement CatchAll and StopCatch in signal_unix.go
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is part of a set of changes to port podman to the FreeBSD platform.
The pkg/signal parts are needed to enable ABI mode on FreeBSD. No tests
are needed here because it should be a functional no-op for linux.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
podman cgroup enhancement
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
currently, setting any sort of resource limit in a pod does nothing. With the newly refactored creation process in c/common, podman ca now set resources at a pod level
meaning that resource related flags can now be exposed to podman pod create.
cgroupfs and systemd are both supported with varying completion. cgroupfs is a much simpler process and one that is virtually complete for all resource types, the flags now just need to be added. systemd on the other hand
has to be handeled via the dbus api meaning that the limits need to be passed as recognized properties to systemd. The properties added so far are the ones that podman pod create supports as well as `cpuset-mems` as this will
be the next flag I work on.
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\ \ \ \ \ \
| |_|_|_|_|/
|/| | | | | |
Fix "podman run port forward range" flake
|
| | | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The test must ensure that all ports in the range are free not just
the first. This flakes often because port 5355 is always in use by
systemd-resolved on fedora.
Fixes #14716
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
podman run/create -v relative filepath support
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
podman currently does not support relative volume paths. Add parsing for relative paths in specgen, converting
whatever volume was given to an absolute path.
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Fix machine list: --format implies --noheading
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
It seems like previously if --format was changed then listFlag.noHeading is changed accordingly
however printHeader is used to determine whether to print header or not.
This patch fixes that problem.
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
podman machine init --now: respect proxy envs
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
podman machine start contains more logic than just the simple vm.Start()
call. Instead of duplicating this into inti we just call start().
[NO NEW TESTS NEEDED] I have no way to test this right now.
Fixes #14640
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \ \ \ \
| |_|_|_|/ / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | | |
containers/dependabot/go_modules/github.com/stretchr/testify-1.7.5
Bump github.com/stretchr/testify from 1.7.4 to 1.7.5
|
| | | |_|_|_|_|/
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.4...v1.7.5)
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Followon to #14559
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Firstly: don't prune exit codes after a refresh - instead, clear
the table entirely. We are guaranteed that all containers are
gone after a refresh, we should not worry about exit codes given
this.
Secondly: alter the way pruning was done. We were updating the DB
by calling Update from within an existing View, and stacking an
RW transaction on top of an existing RO one seems dodgy; further,
modifying a bucket while iterating over it with ForEach is
undefined behavior.
Hopefully this will resolve our CI issues.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This commit addresses three intertwined bugs to fix an issue when using
Gitlab runner on Podman. The three bug fixes are not split into
separate commits as tests won't pass otherwise; avoidable noise when
bisecting future issues.
1) Podman conflated states: even when asking to wait for the `exited`
state, Podman returned as soon as a container transitioned to
`stopped`. The issues surfaced in Gitlab tests to fail [1] as
`conmon`'s buffers have not (yet) been emptied when attaching to a
container right after a wait. The race window was extremely narrow,
and I only managed to reproduce with the Gitlab runner [1] unit
tests.
2) The clearer separation between `exited` and `stopped` revealed a race
condition predating the changes. If a container is configured for
autoremoval (e.g., via `run --rm`), the "run" process competes with
the "cleanup" process running in the background. The window of the
race condition was sufficiently large that the "cleanup" process has
already removed the container and storage before the "run" process
could read the exit code and hence waited indefinitely.
Address the exit-code race condition by recording exit codes in the
main libpod database. Exit codes can now be read from a database.
When waiting for a container to exit, Podman first waits for the
container to transition to `exited` and will then query the database
for its exit code. Outdated exit codes are pruned during cleanup
(i.e., non-performance critical) and when refreshing the database
after a reboot. An exit code is considered outdated when it is older
than 5 minutes.
While the race condition predates this change, the waiting process
has apparently always been fast enough in catching the exit code due
to issue 1): `exited` and `stopped` were conflated. The waiting
process hence caught the exit code after the container transitioned
to `stopped` but before it `exited` and got removed.
3) With 1) and 2), Podman is now waiting for a container to properly
transition to the `exited` state. Some tests did not pass after 1)
and 2) which revealed the third bug: `conmon` was executed with its
working directory pointing to the OCI runtime bundle of the
container. The changed working directory broke resolving relative
paths in the "cleanup" process. The "cleanup" process error'ed
before actually cleaning up the container and waiting "main" process
ran indefinitely - or until hitting a timeout. Fix the issue by
executing `conmon` with the same working directory as Podman.
Note that fixing 3) *may* address a number of issues we have seen in the
past where for *some* reason cleanup processes did not fire.
[1] https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27119#note_970712864
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
[MH: Minor reword of commit message]
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |/ / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
We should just silently fall through. The log was flooding the
system-service logs when running Gitlab runner.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | | |
fix system connection and scp testing
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
podman image scp and podman system connection tests were querying an existing website during testing.
Change to a URL that will never exist given an improper domain extension
also just generally clean up a few things in both scp and connection testing
resolves #14699
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
[CI:DOCS] Minor update to podmanimage upstream docs
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add a reference to where/how podman is compiled for the 'upstream'
flavored image.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Workaround for bug 14653 (checkpoint flake)
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Since it may be a while before we get a true fix: add a
workaround for podman-remote checkpoint tests, in which
we pause until the 'run --rm' container is truly truly gone.
I've tried to make it as easy as possible to clean up
the workaround code once the bug is fixed.
Oh, also, remove "-it" from a podman-run. It makes no sense
and only results in nasty orange warning messages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
logformatter: link to logs using Cirrus API
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
One day we may use AWS for part of CI. Do you want to maintain
two separate code paths in this script for linking to artifacts
in multiple cloud providers? Can you say no? I knew you could.
Cirrus already knows the location of the artifacts and provides
a transparent mechanism for accessing them. Use it.
This PR exposed a nasty bug in our environment-variable handling:
envariables passed through to the containerized environment were
being double-space-escaped, so "FOO=a b" ended up as "FOO=a\ b"
(with a backslash), with one consequence being invalid URLs.
The solution is simple: run 'podman -e FOO', not '-e FOO=value'.
Finally, reinstate the environment-variable dump (in comments).
I had removed this in a moment of panic over leaking secrets,
but no, that doesn't happen. Exclude scary-sounding vars anyway.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
"setup" -> "set up" and similar
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* Replace "setup", "lookup", "cleanup", "backup" with
"set up", "look up", "clean up", "back up"
when used as verbs. Replace also variations of those.
* Improve language in a few places.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
