| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Allow creating sigstore signatures via --sign-by-sigstore-private-key .
Like existing --sign-by, it does not work remote (in this case
because we would have to copy the private key to the server).
- Allow passing a passphrase (which is mandatory for sigstore private keys)
via --sign-passphrase-file; if it is not provided, prompt interactively.
- Also, use that passphrase for --sign-by as well, allowing non-interactive
GPG use. (But --sign-passphrase-file can only be used with _one of_
--sign-by and --sign-by-sigstore-private-key.)
Note that unlike the existing code, (podman build) does not yet
implement sigstore (I'm not sure why it needs to, it seems not to
push images?) because Buildah does not expose the feature yet.
Also, (podman image sign) was not extended to support sigstore.
The test for this follows existing (podman image sign) tests
and doesn't work rootless; that could be improved by exposing
a registries.d override option.
The test for push is getting large; I didn't want to
start yet another registry container, but that would be an
alternative. In the future, Ginkgo's Ordered/BeforeAll
would allow starting a registry once and using it for two
tests.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
... because it is documented to be ignored.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
| |
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
AFAICS it is not used anywhere.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
... to get https://github.com/containers/common/pull/1106 .
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
... primarily so that it can support OCI artifacts.
2.8 already seems to exist in the repo.
This requires changing WaitContainerReady to also check
stderr (ultimately because docker/distribution was
updated to a more recent sirupsen/logrus, which logs
by default to stderr instead of stdout).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
... instead of hard-coding a copy of the value.
Notably this makes hack/podman_registry actually
support the documented -i option.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
htpasswd is no longer included in docker.io/library/distribution
after 2.7.0, per https://github.com/docker/distribution-library-image/issues/107 ,
and we want to upgrade to a recent version.
At least system tests currently execute htpasswd from the OS,
so it seems that it is likely to be available.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |\
| |
| |
| |
| | |
containers/dependabot/go_modules/github.com/BurntSushi/toml-1.2.0
Bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](https://github.com/BurntSushi/toml/compare/v1.1.0...v1.2.0)
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/google.golang.org/protobuf-1.28.1
Bump google.golang.org/protobuf from 1.28.0 to 1.28.1
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash)
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1)
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \
| |/ /
|/| | |
Use 8k buffer to help clients w/ broken parsing
|
| |/ /
| |
| |
| | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |\ \
| | |
| | | |
With --rm option remove container if podman run fails
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes https://github.com/containers/podman/issues/15049
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Cirrus: Use pre-installed bats
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A prior change added extra whitespace when commenting out several
sections to temporarily disable F35 testing. This restores the sections
to proper indentation, so (in the future) only the `#` character needs
to be removed.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
While convenient, it can be problematic to rely on a Makefile to install
software. This was found to be the case across multiple environments
WRT `bats`. Fix this by removing the install script and target. A
future commit will ensure the correct version of `bats` is present in
all CI environments where it's required.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
CI: new check for leftover skips/fixmes
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
If a PR says "Fixes #123", make sure it removes skips and/or
FIXME comments that reference issue 123.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containernetworking/cni-1.1.2
Bump github.com/containernetworking/cni from 1.1.1 to 1.1.2
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/containernetworking/cni/releases)
- [Commits](https://github.com/containernetworking/cni/compare/v1.1.1...v1.1.2)
---
updated-dependencies:
- dependency-name: github.com/containernetworking/cni
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/test/tools/golang.org/x/tools-0.1.12
Bump golang.org/x/tools from 0.1.11 to 0.1.12 in /test/tools
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.11 to 0.1.12.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.1.11...v0.1.12)
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \
| |/ /
|/| | |
[QE:DOCS] docs: resolve typo in create,run manpages
|
| |/ /
| |
| |
| |
| |
| | |
* Replace typo 'personaity' with 'personality' in several man pages
Signed-off-by: Ewout van Mansom <ewout@vanmansom.name>
|
| |\ \
| | |
| | | |
Cirrus: enable Fedora 36 aarch64 tasks on EC2
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
new file: test/e2e/config_arm64.go
Tests that fail on aarch64 have been skipped with
`skip_if_aarch64`.
Co-authored-by: Chris Evich <cevich@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \ \
| | | |
| | | | |
cleanup: transition from `stopping` to `exited`
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Allow the cleanup process (and others) to transition the container from
`stopping` to `exited`. This fixes a race condition detected in #14859
where the cleanup process kicks in _before_ the stopping process can
read the exit file. Prior to this fix, the cleanup process left the
container in the `stopping` state and removed the conmon files, such
that the stopping process also left the container in this state as it
could not read the exit files. Hence, `podman wait` timed out (see the
23 seconds execution time of the test [1]) due to the unexpected/invalid
state and the test failed.
Further turn the warning during stop to a debug message since it's a
natural race due to the daemonless/concurrent architecture and nothing
to worry about.
[NO NEW TESTS NEEDED] since we can only monitor if #14859 continues
flaking or not.
[1] https://storage.googleapis.com/cirrus-ci-6707778565701632-fcae48/artifacts/containers/podman/6210434704343040/html/sys-remote-fedora-36-rootless-host.log.html#t--00205
Fixes: #14859
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Fix: manifest push --rm removes a correct manifest list
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This bug is reproduced when we execute the following command:
1. podman manifest add <manifest list> <images exist on local storage>
2. podman manifest push --rm <manifest list> dir:<directory>
If pushing succeeds, it is expected to remove only a manifest list.
However, manifest list remains on local storage and images are removed.
This commit fixes `podman manifest push --rm` to remove only a manifest list.
And, supports `manifest push --rm option` in remote environment,
like host environment.
Fixes: https://github.com/containers/podman/issues/15033
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Fix: Restore a container which name is equal to a image name
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If there is a match for both container and image, we restore the container.
Fixes: https://github.com/containers/podman/issues/15055
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
When removing objects specifying --force,podman should exit with 0
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This Patch will cause podman COMMAND rm --force bogus not fail
This is how Docker works, so Podman should follow this to allow existing
scripts to convert from Docker to Podman.
Fixes: #14612
Oprignal version of this patch came from wufan 1991849113@qq.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
prune filter handling
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
network and container prune could not handle the label!=... filter. vendor in c/common to fix this and
add some podman level handling to make everything run smoothly
resolves #14182
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] socket_activation.md: Add start/stop sections
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Add section "Starting a socket-activated service".
* Add section "Stopping a socket-activated service".
* Clarify in the diagrams that socket activation
only happens for the first client connection.
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add support for building macOS pkg installer
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
it installs podman and supporting binaries along with
qemu to have a functioning podman install using a pkg
podman and podman-mac-helper is compiled from source
gvproxy binary is downloaded from its github releases
and qemu from github release of containers/podman-machine-qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
|
| |\ \ \ \ \ \ \
| |_|_|_|/ / /
|/| | | | | | |
[CI:DOCS] Cirrus: Use the latest imgts container
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Contains important updates re: preserving release-branch CI VM images.
Ref: https://github.com/containers/automation_images/pull/157
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
[CI:DOCS] podman-generate-systemd.1.md: document --sdnotify
|
| | | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Document why the default value for --sdnotify is overridden.
Some was included text from
https://github.com/containers/podman/issues/15029#issuecomment-1192244755
* Document that --sdnotify=ignore is overridden.
Fixes #15029
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
pod create --share none should not create infra
|
| | | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
for podman pod create, when we are not sharing any namespaces there is no point for the infra container.
This is especially true since resources have also been decoupled from the container recently.
handle this on the cmd level so that we can still create infra if set explicitly
resolves #15048
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
