| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is the other command that benefits greatly from being run in
parallel, due to the potential 15-second timeout for containers
that ignore SIGTERM.
While we're at it, also clean up how stop timeout is set. This
needs to be an optional parameter, so that the value set when the
container is created with `--stop-timeout` will be respected.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
Fix handling of systemd.
|
| |/
|
|
|
|
|
|
|
|
| |
Systemd enablement has to happen on the server side, since we need
check if the image is running systemd.
Also need to make sure user setting the StopSignal is not overriden on the
server side. But if not set and using systemd, we set it correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
Add parallel execution code for container operations
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This code will run container operations in parallel, up to a
given maximum number of threads. Currently, it has only been
enabled for local `podman rm` as a proof of concept.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/seccomp/containers-golang-0.5.0
Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/seccomp/containers-golang](https://github.com/seccomp/containers-golang) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/seccomp/containers-golang/releases)
- [Commits](https://github.com/seccomp/containers-golang/compare/v0.4.1...v0.5.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Ensure that containers in pods properly set hostname
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We were picking up defaults from the client's containers.conf,
which broke pod namespaces. The server-side code already checks
containers.conf when not explicitly overridden by the user, or by
the container being part of a pod (the last bit being our bug).
This only manifested on systems with a containers.conf installed,
so RHEL 8 and Fedora 32 (which means our F32 CI VMs likely should
have caught it, but didn't, which is concerning).
This prevents defaults for these flags being shown, but they were
incorrect anyways for `podman-remote`, so I'm not terribly
concerned.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we moved to the new Namespace types in Specgen, we made a
distinction between taking a namespace from a pod, and taking it
from another container. Due to this new distinction, some code
that previously worked for both `--pod=$ID` and
`--uts=container:$ID` has accidentally become conditional on only
the latter case. This happened for Hostname - we weren't properly
setting it in cases where the container joined a pod.
Fortunately, this is an easy fix once we know to check the
condition.
Also, ensure that `podman pod inspect` actually prints hostname.
Fixes #6494
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \
| |/ /
|/| | |
Fix handling of ThrottleWriteIOPSDevice
|
| |/ /
| |
| |
| |
| |
| | |
This is causing the UBuntu tests to fail.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Attempt to turn on special_testing_in_podman tests
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Turn on the podman-commands script to verify man pages
|
| |/ /
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
[CI:DOCS] Bump to v2.0.0-RC4
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
/images/.../json: fix port parsing
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a bug when parsing the `ExposedPorts` of the image that lead to
panics when the field was set. The OCI image spec allows three valid
formats: `tcp/port`, `udp/port` and `port`
Fixes: #6490
Reported-by: @jgallucci32
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| | |
| | | |
BATS and APIv2: more tests and tweaks
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- (minor): apiv2 tests: check for full ID
Observation made while reviewing #6461: tests were checking
only for a 12-character container/image ID in return value.
It's actually 64, and we should test for that. This should
also minimize confusion in a future maintainer.
- podman pause/unpause: new test
Runs a 'date/sleep' loop, pauses container, sleeps 3s,
restarts, then confirms that there's a 3- to 6-second
gap in the logs for the container.
- podman healthcheck: new test
run a container with healthcheck, test both healthy
and unhealthy conditions
- podman pod: check '{{.Pod}}' field in podman ps
Hey, as long as we have a pod with two running
containers, might as well confirm that 'podman ps'
returns the expected pod ID.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | | |
fix remote test --ignore & turn on more tests
|
| | | |
| | |
| | |
| | |
| | |
| | | |
fix remote test --ignore & turn on more tests
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
turn on remote stop_test
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
turn on stop_test --cidfile
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Properly follow linked namespace container for stats
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Podman containers can specify that they get their network
namespace from another container. This is automatic in pods, but
any container can do it.
The problem is that these containers are not guaranteed to have a
network namespace of their own; it is perfectly valid to join the
network namespace of a --net=host container, and both containers
will end up in the host namespace. The code for obtaining network
stats did not account for this, and could cause segfaults as a
result. Fortunately, the fix is simple - the function we use to
get said stats already performs appropriate checks, so we just
need to recursively call it.
Fixes #5652
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
add socket information to podman info
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
this is step 1 to self-discovery of remote ssh connections. we add a remotesocket struct to info to detect what the socket path might be.
Co-authored-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/containers/conmon-2.0.17incompatible
Bump github.com/containers/conmon from 2.0.16+incompatible to 2.0.17+incompatible
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Bumps [github.com/containers/conmon](https://github.com/containers/conmon) from 2.0.16+incompatible to 2.0.17+incompatible.
- [Release notes](https://github.com/containers/conmon/releases)
- [Changelog](https://github.com/containers/conmon/blob/master/changelog.txt)
- [Commits](https://github.com/containers/conmon/compare/v2.0.16...v2.0.17)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Namespace fields were set with bogus values
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Namespace fields were being set with their option names
unless overriden by the user. This was causing issues
with podman-remote on userns.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Add a few CVE entries to changelog.txt
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add the following CVE entries
CVE-2020-1726
CVE-2020-10696
CVE-2019-18466
to changelog.txt
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Ensure that image/container inspect are specialized
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
We are currently able to inspect images with
`podman container inspect` and containers with
`podman image inspect` and neither of those seem correct. This
ensures that the appropriate flags, and only the appropriate
flags, are available for each specialized exec, and they can only
inspect the specific type they were intended to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|/
|/| | | | | | | | |
Vendor in container/storage v1.20.2
|
| |/ / / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Also modify gate Dockerfile to take advantage of skipping
mounting of the storage directory.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Remove use of ABISupport buildtag
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
We need to default to building podman. If you specify no build
tags you will not build podman, not podman-remote.
Just using remote flag to indicate podman-remote and !remote for
podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / /
|/| | | | | | | | |
When stopping containers locally, ensure cleanup runs
|
| | | |_|_|_|/ / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The cleanup process was already running and ensuring that mounts
and networking configuration was cleaned up on container stop,
but this was async from the actual `podman stop` command which
breaks some expectations - the container is still mounted at the
end of `podman stop` and will be cleaned up soon, but not
immediately. Fortunately, it's a trivial change to resolve this.
Fixes #5747
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | | |
test.apiv2: add test cases for committing an image from a container
|
| | | |_|/ / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Testing query parameters: container, repo, tag, comment, author, changes
and pause.
Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
|
| |\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
Add more Remote tests
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
V2 Add support for ssh authentication methods
|
