| Commit message (Collapse) | Author | Age |
|\
| |
| | |
new "image" mount type
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a new "image" mount type to `--mount`. The source of the mount is
the name or ID of an image. The destination is the path inside the
container. Image mounts further support an optional `rw,readwrite`
parameter which if set to "true" will yield the mount writable inside
the container. Note that no changes are propagated to the image mount
on the host (which in any case is read only).
Mounts are overlay mounts. To support read-only overlay mounts, vendor
a non-release version of Buildah.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Cirrus: Simplify setting/passing env. vars.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Test VMs by design are to be single-purpose, single-use, and
readily disposable. Therefore it's unnecessary to overcomplicate
storage of runtime environment variables. This commit makes these
points clear, and reorganizes all CI-related env. vars on the system
into a single location, `/etc/ci_environment`. This file is then
automatically loaded, and variables exported, (by `lib.sh`) from
`runner.sh` prior to executing all forms of testing.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| | | |
| | | | |
Move from docker.io
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Followon to #7965 (mirror registry). mirror.gcr.io doesn't
cache all the images we need, and I can't find a way to
add to its cache, so let's just use quay.io for those
images that it can't serve.
Tools used:
skopeo copy --all docker://docker.io/library/alpine:3.10.2 \
docker://quay.io/libpod/alpine:3.10.2
...and also:
docker.io/library/alpine:3.2
docker.io/library/busybox:latest
docker.io/library/busybox:glibc
docker.io/library/busybox:1.30.1
docker.io/library/redis:alpine
docker.io/libpod/alpine-with-bogus-seccomp:label
docker.io/libpod/alpine-with-seccomp:label
docker.io/libpod/alpine_healthcheck:latest
docker.io/libpod/badhealthcheck:latest
Since most of those were new quay.io/libpod images, they required
going in through the quay.io GUI, image, settings, Make Public.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
NewFromLocal can return multiple images
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If you use additional stores and pull the same image into
writable stores, you can end up with the situation where
you have the same image twice. This causes image exists
to return the wrong error. It should return true in this
situation rather then an error.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
rootless: improve error message if cannot join namespaces
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
if podman failed to join the rootless namespaces, give users a better
errror message and possible solution.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1891220
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Support hashed hostnames in the known_hosts file
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Some systems have "HashKnownHosts yes" in their ssh_config
This causes entries in the ssh known_hosts to be hashed (|)
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
libpod: clean paths before check
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
clean the paths before checking whether its value is different than
what is stored in the db.
Closes: https://github.com/containers/podman/issues/8160
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Add a Degraded state to pods
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Make a distinction between pods that are completely running (all
containers running) and those that have some containers going,
but not all, by introducing an intermediate state between Stopped
and Running called Degraded. A Degraded pod has at least one, but
not all, containers running; a Running pod has all containers
running.
First step to a solution for #7213.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Ensure that attach ready channel does not block
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We only use this channel in terminal attach, and it was not a
buffered channel originally, so it would block on trying to send
unless a receiver was ready. In the non-terminal case, there was
no receiver, so attach blocked forever. Buffer the channel for a
single bool so that it will never block, even if unused.
Fixes #8154
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add test cases to cover podman volume
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add test cases to cover below podman volume subcommand:
create
ls
inspect
rm
prune
Signed-off-by: Yuhui Jiang <yujiang@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add pod, volume, network to inspect package
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
podman inspect only had the capabilities to inspect containers and images. if a user wanted to inspect a pod, volume, or network, they would have to use `podman network inspect`, `podman pod inspect` etc. Docker's cli allowed users to inspect both volumes and networks using regular inspect, so this commit gives the user the functionality
If the inspect type is not specified using --type, the order of inspection is:
containers
images
volumes
networks
pods
meaning if container that has the same name as an image, podman inspect would return the container inspect.
To avoid duplicate code, podman network inspect and podman volume inspect now use the inspect package as well. Podman pod inspect does not because podman pod inspect returns a single json object while podman inspect can return multiple)
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
set resources only when specified
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
when using the compatibility endpoint to create a container, we should only set certain resources when we are provided a value for them or we result in fields with zero values.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Add support for host keys for non-22 ports
|
| | |_|_|_|/ /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
When not using the standard SSH port (22), the port is appended
to the hostname (in brackets) like so: "host" -> "[host]:1234"
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
(cherry picked from commit 8794e8db1ce3088d633911454d6d36c4e939e126)
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
[CI:DOCS] Add more details about how CPU limits work
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
[CI:DOCS] Document how to enable CPU limit delegation
|
| |/ / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|\ \ \ \ \ \ \ \
| |_|_|_|_|/ / /
|/| | | | | | |
| | | | | | | |
| | | | | | | | |
containers/dependabot/go_modules/github.com/containers/common-0.26.2
Bump github.com/containers/common from 0.26.0 to 0.26.3
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.26.0 to 0.26.3.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](containers/common@v0.26.0...v0.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \ \ \
| |_|_|_|/ / / /
|/| | | | | | | |
Improve the journal event reading
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fix the AddMatch/SeekTail conflict. This prevents reading
unnecessary journal entries which could cause errors.
Also wrap the sdjournal errors to provide better error messages.
Fixes #8125
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \ \ \ \
| |_|_|_|_|/ / /
|/| | | | | | | |
image list: check for all errors
|
| |/ / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
For unknown historical reasons, some errors were ignored when listing
images. I assume that the basic assumption was that if we can properly
list images, we can also successfully compute their sizes which turned
out to be wrong.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
The cidfile should be created when the container is created
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Currently if you run an interactive session of podman run and
specifiy the --cidfile option, the cidfile will not get created
until the container finishes running. If you run a detached
container, it will get created right away. This Patch creates
the cidfile as soon as the container is created. This could allow
other tools to use the cidefile on all running containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
System tests: cleanup, make more robust
|
| | |/ / / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- run test: preserve --runtime test: use a random executable
path. And, clean up better.
- run test: "look up correct image name" test: use random
strings; test both without and with a :tag
- events test: use random label strings, add more filter tests
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
auto update: mark it as non-experimental
|
| | |/ / / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Auto updates have inititally been marked as experimental which allowed
us to receive initital feedback from the community. More than half a
year has passed and we are now confident to mark `podman-auto-update`
as stable.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \ \ \
| |_|/ / / / /
|/| | | | | | |
Yet another iteration on PR title plugin
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
PR #8147 made things worse: it's not valid YAML. This at
least is valid YAML. I have no idea if it yields the
desired result, and we won't even know until it gets
merged, but at least it won't cause fatal syntax errors.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
pr update action: fix errors on master branch
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The action fails on the master branch as the regex does not match.
The error in this scenario is unfortunate and not of much value as
we do not want to change PR titles on the master branch.
To fix it, entirely disable the action on the master branch which
in restrospective may be a better approach as we do not fire off the
action.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
add GitHub action to add non-main branch to PR title
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add a GitHub action to add the name of the target branch as prefix to
the title of a pull request. It is easy to miss the target of a given
pull request which has already caused issues of commits going into
non-main branches without intention.
We have already used this action on the `v2.0.5-rhel` branch with
limited success. Fortunately, the upstream implemented our feature
request to support adding the _target_ branch name (rather than the
source) to the PR title, which is what we need.
Any non-main branch from this commit forward will now be clearly marked.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|