summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #2859 from giuseppe/enable-userns-tests-rootlessOpenShift Merge Robot2019-04-09
|\ | | | | test: enable userns and remote e2e tests for rootless
| * cirrus: enable remote tests for rootlessGiuseppe Scrivano2019-04-08
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * test: fix remote tests for rootlessGiuseppe Scrivano2019-04-08
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * test: enable userns e2e tests for rootlessGiuseppe Scrivano2019-04-08
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #2873 from edsantiago/podman_command_check_usabilityOpenShift Merge Robot2019-04-09
|\ \ | |/ |/| CI check for --help vs man pages: usability fix
| * CI check for --help vs man pages: usability fixEd Santiago2019-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The output of this CI script leaves much to be desired: it is output from 'diff' with little clarity on what exactly is wrong. The proper fix is to make the output clear and readable: podman containers --help lists a 'foo' subcommand that is not present in docs/podman-containers.1.md Doing this in bash would take many hours and be fragile gibberish code. This does not seem worth the effort: the likely case is that breakages reported by this script will be due to a newly added subcommand, and the PR author will find it obvious what to do. Ergo, plan B: if the test fails, display a blurb at the end describing how to interpret results. Three minutes' effort, plus five for writing this commit message. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #2861 from baude/varlinkimagepanicOpenShift Merge Robot2019-04-08
|\ \ | | | | | | Correct varlink pull panic
| * | Correct varlink pull panicbaude2019-04-08
| |/ | | | | | | | | | | | | | | | | | | when pulling a non-existent image via varlink, we had a panic because when we detected a pull error we sent the error over a channel but still tried to deduce the image id on a nil object. Fixes: #2860 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2799 from rhatdan/manOpenShift Merge Robot2019-04-08
|\ \ | | | | | | Fix location of libpod.conf
| * | Fix location of libpod.confDaniel J Walsh2019-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | libpod.conf defaults to /usr/share/containers/libpod.conf. Clarify how administrators can override it and the location of the users version for rootless mode. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #2746 from baude/remotecreateOpenShift Merge Robot2019-04-08
|\ \ \ | | | | | | | | podman-remote create|run
| * | | podman-remote create|runbaude2019-04-08
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to create and run containers via the podman-remote client. we now create an intermediate layer from the the create/run cli flags. the intermediate layer can be converted into a createconfig or into a varlink struct. Once transported, the varlink struct can be converted back to an intermediate layer and then to a createconfig. remote terminals are not supported yet. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2862 from baude/rmiimageeventOpenShift Merge Robot2019-04-08
|\ \ \ | | | | | | | | add image rmi event
| * | | add image rmi eventbaude2019-04-08
| |/ / | | | | | | | | | | | | | | | | | | when deleting a commited image, the path for deletion has an early exit and the image remove event was not being triggered. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #2845 from QiWang19/cpdirOpenShift Merge Robot2019-04-08
|\ \ \ | | | | | | | | fix bug podman cp directory
| * | | fix bug podman cp directoryQi Wang2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman cp` used to copy the contents under the source directory to the destination. But according to the specification in podman-cp.md. it should copy the whole directory to the destination if the destination directory already exists. - src dir ends with /., copy the contents to dest dir - src dir does not end with /. - dest dir /home does not exist, copy the contents - dest dir /home exists, copy the directory ``` $ sudo podman cp /home/qiwan/Documents/empty 7c47:/home $ sudo podman exec -it 7c47 ls /home $ $ sudo podman cp /home/qiwan/Documents/empty 7c47:/home $ sudo podman exec -it 7c47 ls /home empty ``` Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #2817 from tkrypton/tutorial-fixOpenShift Merge Robot2019-04-08
|\ \ \ \ | | | | | | | | | | Documentation fix: we need port forwarding to access a rootless containers TCP port.
| * | | | Added port forwarding and IP address hint.Ulrich Teichert2019-04-04
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Ulrich Teichert <516052+tkrypton@users.noreply.github.com>
* | | | | Merge pull request #2841 from openSUSE/ginkgo-unitOpenShift Merge Robot2019-04-08
|\ \ \ \ \ | |_|_|/ / |/| | | | Update registrar unit tests to match them of cri-o
| * | | | Update registrar unit tests to match them of cri-oSascha Grunert2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add the test framework abstraction - Update the unit tests to run with ginkgo Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | Merge pull request #2865 from baude/pr/2864OpenShift Merge Robot2019-04-08
|\ \ \ \ \ | | | | | | | | | | | | Revert "Switch to golangci-lint"
| * | | | | Revert "Switch to golangci-lint"Brent Baude2019-04-05
|/ / / / / | | | | | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #2742 from openSUSE/golangci-lintDaniel J Walsh2019-04-05
|\ \ \ \ \ | | | | | | | | | | | | Switch to golangci-lint
| * | | | | Add varcheck linterSascha Grunert2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
| * | | | | Add deadcode linterSascha Grunert2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
| * | | | | Update lint to use golangci-lintSascha Grunert2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | | Merge pull request #2856 from haircommander/kube-entrypointOpenShift Merge Robot2019-04-05
|\ \ \ \ \ \ | | | | | | | | | | | | | | Respect image entrypoint in play kube
| * | | | | | Respect image entrypoint in play kubePeter Hunt2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before we ignored an entrypoint specified in an image, which lead to crashes when a user assumed the entrypoint would be used Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | | | | Merge pull request #2858 from giuseppe/rootless-enable-healthcheckOpenShift Merge Robot2019-04-05
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | rootless: enable healthcheck
| * | | | | | | rootless: enable healthcheck testsGiuseppe Scrivano2019-04-05
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | Merge pull request #2857 from giuseppe/kube-rootlessOpenShift Merge Robot2019-04-05
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | rootless: add support for kube
| * | | | | | podman: enable kube for rootlessGiuseppe Scrivano2019-04-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes: https://github.com/containers/libpod/issues/2852 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | kube: correctly set the default for MemorySwappinessGiuseppe Scrivano2019-04-05
|/ / / / / / | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #2853 from mheon/up_resource_for_build_each_commitOpenShift Merge Robot2019-04-04
|\ \ \ \ \ \ | | | | | | | | | | | | | | Increase resources for build_each_commit task
| * | | | | | Increase CI resources to help avoid hitting timeoutsMatthew Heon2019-04-04
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The build_each_commit task builds each commit in a pull request to verify that we have a (at least minimally) functional Podman at every point, to aid in bisecting. This task is, right now, extremely slow, taking around 1m40s to build each commit - which quickly grows unreasonable as PRs grow to 10+ commits. Upping resources available to the task should decrease time spent in CI and reduce the risk of hitting timeouts. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #2838 from openSUSE/golang-1.12OpenShift Merge Robot2019-04-04
|\ \ \ \ \ \ | | | | | | | | | | | | | | Update Dockerfile to use golang:1.12 image
| * | | | | | Update Dockerfile to use golang:1.12 imageSascha Grunert2019-04-04
| | |/ / / / | |/| | | | | | | | | | | | | | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | | Merge pull request #2831 from baude/remotetreeOpenShift Merge Robot2019-04-04
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman-remote image tree
| * | | | | | podman-remote image treebaude2019-04-04
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability for the podman-remote client to be able to print an image tree. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #2774 from mheon/db_rework_named_volumeOpenShift Merge Robot2019-04-04
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Rework named volumes in DB
| * | | | | Fix E2E testsMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Commit test is blatantly wrong and testing buggy behavior. We should be commiting the destination, if anything - and more likely nothing at all. When force-removing volumes, don't remove the volumes of containers we need to remove. This can lead to a chicken and the egg problem where the container removes the volume before we can. When we re-add volume locks this could lead to deadlocks. I don't really want to deal with this, and this doesn't seem a particularly harmful quirk, so we'll let this slide until we get a bug report. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Drop LocalVolumes from our the databaseMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We were never using it. It's actually a potentially quite sizable field (very expensive to decode an array of structs!). Removing it should do no harm. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Major rework of --volumes-from flagMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The flag should be substantially more durable, and no longer relies on the create artifact. This should allow it to properly handle our new named volume implementation. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Volume force-remove now removed dependent containersMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Add handling for new named volumes code in pkg/specMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that named volumes must be explicitly enumerated rather than passed in with all other volumes, we need to split normal and named volumes up before passing them into libpod. This PR does this. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Create non-existing named volumes at container createMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replaces old functionality we used for handling image volumes. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Switch Libpod over to new explicit named volumesMatthew Heon2019-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This swaps the previous handling (parse all volume mounts on the container and look for ones that might refer to named volumes) for the new, explicit named volume lists stored per-container. It also deprecates force-removing volumes that are in use. I don't know how we want to handle this yet, but leaving containers that depend on a volume that no longer exists is definitely not correct. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Add named volumes for each container to databaseMatthew Heon2019-04-04
|/ / / / / | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #2706 from giuseppe/rootless-single-usernamespaceOpenShift Merge Robot2019-04-04
|\ \ \ \ \ | | | | | | | | | | | | rootless: single user namespace
| * | | | | rootless: use a single user namespaceGiuseppe Scrivano2019-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | simplify the rootless implementation to use a single user namespace for all the running containers. This makes the rootless implementation behave more like root Podman, where each container is created in the host environment. There are multiple advantages to it: 1) much simpler implementation as there is only one namespace to join. 2) we can join namespaces owned by different containers. 3) commands like ps won't be limited to what container they can access as previously we either had access to the storage from a new namespace or access to /proc when running from the host. 4) rootless varlink works. 5) there are only two ways to enter in a namespace, either by creating a new one if no containers are running or joining the existing one from any container. Containers created by older Podman versions must be restarted. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>