aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Downgrade github.com/coreos/go-systemd/v22Nalin Dahyabhai2021-03-16
| | | | | | | | Downgrade github.com/coreos/go-systemd/v22 to a version that will build against systemd headers that we have on CentOS 8. This also pulls in github.com/varlink/go. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* pkg/bindings/images.Build(): fix a race condition in error reportingNalin Dahyabhai2021-03-16
| | | | | | | | | | | | In nTar(), don't return the error value when the goroutine that's populating the error value can continue running long after nTar() returns. Instead, wrap the Close() method of the pipe that we're returning in a function that collects those errors, along with any error we get from closing the pipe, and returns them from Close() wrapper. In Build(), if the Close() method returns an error, at least log it. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* Merge pull request #9711 from jmguzik/volume-prune-fix-http-compatOpenShift Merge Robot2021-03-16
|\ | | | | Fix for volumes prune in http compat api when using filters
| * Fix for volumes prune in http compat apiJakub Guzik2021-03-15
| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #9695 from jmguzik/array-inspect-network-fixOpenShift Merge Robot2021-03-16
|\ \ | | | | | | Fix array instead of one elem network http api
| * | Fix array instead of one elem network http apiJakub Guzik2021-03-12
| | | | | | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | Merge pull request #9589 from troyready/add_compat_auth_endpointOpenShift Merge Robot2021-03-16
|\ \ \ | | | | | | | | add /auth for docker compatibility
| * | | fix use with localhost (testing)troyready2021-03-12
| | | | | | | | | | | | | | | | Signed-off-by: troyready <troy@troyready.com>
| * | | add /auth for docker compatibilitytroyready2021-03-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This endpoint just validates credentials: https://github.com/moby/moby/blob/v20.10.4/api/swagger.yaml#L7936-L7977 Fixes: #9564 Signed-off-by: troyready <troy@troyready.com>
* | | | Merge pull request #9719 from edsantiago/batsOpenShift Merge Robot2021-03-16
|\ \ \ \ | |_|_|/ |/| | | System test cleanup
| * | | System test cleanupEd Santiago2021-03-15
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - cp test: clean up stray image - build test: add workaround for #9567 (ultra-slow ubuntu). We're seeing CI flakes (timeouts) due to ubuntu 2004 being absurdly slow. Workaround: double our timeout on one specific test when ubuntu + remote. - build test: clean up new copy-from test (from #9275). The test was copy-pasted from buildah system tests, without really adapting for podman environment (e.g. it was using images that we don't use here, and would cause pulls, which will cause flakes). Rewrite test so it references only $IMAGE, remove some confusing/unnecessary stuff, selectively run parts of it even when rootless or remote, and add a test to confirm that copy-from succeeded. - load test: add error-message test to new load-invalid (#9672). Basically, make sure the command fails for the right reason. - play test (kube): use $IMAGE, not alpine; and add pause-image cleanup to teardown() - apiv2 mounts test: add a maintainability comment in a tricky section of code; and tighten up the mount point test. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #9716 from Luap99/remote-libpodOpenShift Merge Robot2021-03-15
|\ \ \ | |/ / |/| | Do not leak libpod package into the remote client
| * | Fix remote client timezone testPaul Holzinger2021-03-15
| | | | | | | | | | | | | | | | | | | | | The New York timezone changes between summer and winter time. Make sure the test allows both timezones. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * | Do not leak libpod package into the remote clientPaul Holzinger2021-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some packages used by the remote client imported the libpod package. This is not wanted because it adds unnecessary bloat to the client and also causes problems with platform specific code(linux only), see #9710. The solution is to move the used functions/variables into extra packages which do not import libpod. This change shrinks the remote client size more than 6MB compared to the current master. [NO TESTS NEEDED] I have no idea how to test this properly but with #9710 the cross compile should fail. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * | Split libpod/network packagePaul Holzinger2021-03-15
|/ / | | | | | | | | | | | | | | | | | | | | | | The `libpod/network` package should only be used on the backend and not the client. The client used this package only for two functions so move them into a new `pkg/network` package. This is needed so we can put linux only code into `libpod/network`, see #9710. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9684 from ↵OpenShift Merge Robot2021-03-12
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/sirupsen/logrus-1.8.1 Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1
| * | Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1dependabot-preview[bot]2021-03-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.8.0...v1.8.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9703 from jmguzik/endpoint-networksOpenShift Merge Robot2021-03-12
|\ \ \ | | | | | | | | [NO TESTS NEEDED] create endpoint for querying libpod networks
| * | | create endpoint for querying libpod networksJakub Guzik2021-03-12
| | |/ | |/| | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | Merge pull request #9699 from jwhonce/wip/testsOpenShift Merge Robot2021-03-12
|\ \ \ | | | | | | | | Delete all containers and pods between tests
| * | | Delete all containers and pods between testsJhon Honce2021-03-11
| | |/ | |/| | | | | | | | | | | | | New tearDown() deletes all pods and containers between tests Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #9697 from edsantiago/fedora_gating_test_hangOpenShift Merge Robot2021-03-12
|\ \ \ | |/ / |/| | sdnotify tests: try real hard to kill socat processes
| * | sdnotify tests: try real hard to kill socat processesEd Santiago2021-03-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman gating tests are hanging in the new Fedora CI setup; long and tedious investigation suggests that 'socat' processes are being left unkilled, which then causes BATS to hang when it (presumably) runs a final 'wait' in its end cleanup. The two principal changes are to exec socat in a subshell with fd3 closed, and to pkill its child processes before killing the process itself. I don't know if both are needed. The pkill definitely is; the exec may just be superstition. Since I've wasted more than a day of PTO time on this, I'm okay with a little superstition. What I do know is that with these two changes, my reproducer fails to reproduce in over one hour of trying (normally it fails within 5 minutes). AND, update: only rawhide (f35) leaves stray socat processes behind. f33 and ubuntu do not, so 'pkill -P' fails. I really have no idea what's going on. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #9686 from edsantiago/apiv2_jsonifyDaniel J Walsh2021-03-11
|\ \ \ | |/ / |/| | apiv2 tests: finally fix POST as originally intended
| * | apiv2 tests: finally fix POST as originally intendedEd Santiago2021-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When I originally wrote this code I had no idea what POST would look like so I did a sloppy job, deferring making it usable. Now that we have some real-world examples in place, I have a better understanding of what params look like and how to make tests more readable/maintainable. (Deferring isn't always bad: one of my early ideas was to separate params using commas; that would've been a disaster because some JSON values, such as arrays, include commas). This commit implements a better way of dealing with POST: * The main concept is still 'key=value' * When value is a JSON object (dictionary, array), it can be quoted. * Multiple params are simply separated by spaces. The 3-digit HTTP code is a prominent, readable separator between POST params and expected results. The parsing code is a little uglier, but test developers need never see that. The important thing is that writing tests is now easier. * POST params can be empty (this removes the need for a useless '') I snuck in one unrelated change: one of the newly-added tests, .NetworkSettings, was failing when run rootless (which is how I test on my setup). I made it conditional. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #9524 from riyad/apiv3-print-tags-when-buildingOpenShift Merge Robot2021-03-11
|\ \ \ | |_|/ |/| | [Compat API] Also print successfully tagging images in /build endpoint
| * | [Compat API] Also print successfully tagging images in /build endpointRiyad Preukschas2021-02-25
| | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Riyad Preukschas <riyad@informatik.uni-bremen.de>
* | | Merge pull request #9652 from alvistack/master-linux-amd64OpenShift Merge Robot2021-03-10
|\ \ \ | | | | | | | | Update nix pin with `make nixpkgs`
| * | | Update nix pin with `make nixpkgs`Wong Hoi Sing Edison2021-03-07
| | | | | | | | | | | | | | | | Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
* | | | Merge pull request #9668 from rhatdan/manOpenShift Merge Robot2021-03-10
|\ \ \ \ | | | | | | | | | | Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables
| * | | | Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variablesDaniel J Walsh2021-03-10
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | Also Switch to using CONTAINERS_REGISTRIES_CONF for registries.conf overrides. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #9681 from rhatdan/rmOpenShift Merge Robot2021-03-10
|\ \ \ \ | |/ / / |/| | | Removing a non existing container API should return 404
| * | | Removing a non existing container API should return 404Daniel J Walsh2021-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we were overwrapping error returned from removal of a non existing container. $ podman rm bogus -f Error: failed to evict container: "": failed to find container "bogus" in state: no container with name or ID bogus found: no such container Removal of wraps gets us to. ./bin/podman rm bogus -f Error: no container with name or ID "bogus" found: no such container Finally also added quotes around container name to help make it standout when you get an error, currently it gets lost in the error. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #9612 from ↵OpenShift Merge Robot2021-03-10
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/coreos/go-systemd/v22-22.2.0 Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.2.0
| * | | | Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.2.0dependabot-preview[bot]2021-03-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) from 22.1.0 to 22.2.0. - [Release notes](https://github.com/coreos/go-systemd/releases) - [Commits](https://github.com/coreos/go-systemd/compare/v22.1.0...v22.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #9676 from giuseppe/cli-overrides-confOpenShift Merge Robot2021-03-10
|\ \ \ \ \ | | | | | | | | | | | | options: append CLI graph driver options
| * | | | | options: append CLI graph driver optionsGiuseppe Scrivano2021-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if --storage-opt are specified on the CLI append them after what is specified in the configuration files instead of overriding it. Closes: https://github.com/containers/podman/issues/9657 [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #9678 from xcffl/doc-sock-in-container-privilegedOpenShift Merge Robot2021-03-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | [CI:DOCS] Add docs about how to access APIs inside containers
| * | | | | | Docs: Add docs to access APIs inside containerxcffl2021-03-10
| | |_|/ / / | |/| | | | | | | | | | | | | | | | Signed-off-by: xcffl <2216902+xcffl@users.noreply.github.com>
* | | | | | Merge pull request #9669 from edsantiago/apiv2_registryOpenShift Merge Robot2021-03-10
|\ \ \ \ \ \ | |/ / / / / |/| | | | | apiv2 tests: add helpers to start/stop a local registry
| * | | | | apiv2 tests: add helpers to start/stop a local registryEd Santiago2021-03-08
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...and a rudimentary set of /auth tests for PR#9589 (disabled). This simply adds a new start_registry() helper function that allocates a random unused port, pulls a registry image, creates a local certificate + random username + random password, and fires everything up. Since none of this is (yet) used in CI, this is very low risk. The only infinitessimally-risky change is using a dedicated subdirectory of $WORKDIR (instead of $WORKDIR itself) as the podman root. This fixes a dumb oversight on my part: the workdir has grown to be used for much more than just podman root; this change removes clutter and makes it easier for humans to debug in cases of problems. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #9677 from vrothberg/fix-9672OpenShift Merge Robot2021-03-09
|\ \ \ \ \ | | | | | | | | | | | | podman load: fix error handling
| * | | | | podman load: fix error handlingValentin Rothberg2021-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure to properly return loading errors and to set the exit code accordingly. Fixes: #9672 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #9630 from vrothberg/cp-rootless-epermsOpenShift Merge Robot2021-03-09
|\ \ \ \ \ \ | |/ / / / / |/| | | | | podman cp: ignore EPERMs in rootless mode
| * | | | | podman cp: evaluate symlink correctly when copying from containerValentin Rothberg2021-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When copying from a container, make sure to evaluate the symlinks correctly. Add tests copying a symlinked directory from a running and a non-running container to execute both path-resolution paths. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | podman cp: fix copying to a non-existent dirValentin Rothberg2021-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Copy is full of perils. Some of them are the nuances when copying directories. Who would have thought that * cp dir foo * cp dir/ foo * cp dir/. foo are all supposed to yield the same result when foo does not exist. `podman cp` now supports all three notations, which required to massage the front-end code in `cmd/podman` a bit. The tests have been extended and partially rewritten to test container->host and host->container copy operations. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | podman cp: fix ownershipValentin Rothberg2021-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure the files are chowned to the host/container user, depending on where things are being copied to. Fixes: #9626 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | podman cp: ignore EPERMs in rootless modeValentin Rothberg2021-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ignore permission errors when copying from a rootless container. TTY devices inside rootless containers are owned by the host's root user which is "nobody" inside the container's user namespace rendering us unable to even read them. Enable the integration test which was temporarily disabled for rootless users. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | vendor buildah@v1.19.8Valentin Rothberg2021-03-09
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #9671 from vrothberg/fix-9670OpenShift Merge Robot2021-03-09
|\ \ \ \ \ | |/ / / / |/| | | | rm pkg/api/handlers/libpod/copy.go