aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* If newuidmap or newgidmap fail, then check their permissionsDaniel J Walsh2022-04-08
| | | | | | | | | | Often distributions to not have newuidmap and netgidmap configured to be setuid. If Podman fails to setup the user namespace, check to see if these files doe not have the proper protection and tell the user. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13687 from rhatdan/VENDOROpenShift Merge Robot2022-04-08
|\ | | | | Vendor in new opencontainers/selinux
| * Vendor in new opencontainers/selinuxDaniel J Walsh2022-04-08
| | | | | | | | | | | | | | | | Also update vendor of containers/common,buildah,storage,image Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13810 from vrothberg/images-sizeOpenShift Merge Robot2022-04-08
|\ \ | | | | | | images --size
| * | images --sizeValentin Rothberg2022-04-08
|/ / | | | | | | | | | | | | | | | | | | Add a --size option to podman images to allow for disabling computing the size of listed images. If listing images is critical to performance, user may chose to turn off size computation to speed things up. Context: #13755 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #13773 from TomSweeneyRedHat/dev/tsweeney/helloOpenShift Merge Robot2022-04-07
|\ \ | |/ |/| [CI:DOCS] Add Podman Hello to readme.md
| * Add Podman Hello to readme.mdtomsweeneyredhat2022-04-06
| | | | | | | | | | | | | | | | | | | | As the title says. Adds a Podman hello image to the home page. I ran it on windows, so had to have a blue screen to honor that! [NO NEW TESTS NEEDED] Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* | Merge pull request #13798 from n1hility/fix-docker-sockOpenShift Merge Robot2022-04-07
|\ \ | | | | | | Fix mac docker socket handling
| * | Fix docker socket handlingJason T. Greene2022-04-06
| |/ | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Merge pull request #13796 from n1hility/no-live-setOpenShift Merge Robot2022-04-07
|\ \ | |/ |/| Prevent set command from updating a running instance
| * Prevent set command from updating a running instanceJason T. Greene2022-04-06
|/ | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Merge pull request #13776 from ↵OpenShift Merge Robot2022-04-06
|\ | | | | | | | | containers/dependabot/go_modules/github.com/BurntSushi/toml-1.1.0 build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
| * build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0dependabot[bot]2022-04-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #13786 from patrycja-guzik/docu3OpenShift Merge Robot2022-04-06
|\ \ | | | | | | [CI:DOCS] Unify examples section across several man pages: pod rm/start/unpause
| * | Unify examples section across several man pages: pod rm/start/unpausePatrycja Guzik2022-04-05
| | | | | | | | | | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
* | | Merge pull request #13750 from baude/refactor3OpenShift Merge Robot2022-04-06
|\ \ \ | |_|/ |/| | machine refactor 3: add symlinks for sockets
| * | machine refactor 3: add symlinks for socketsBrent Baude2022-04-05
|/ / | | | | | | | | | | | | | | | | | | | | | | | | to avoid errors on macos, we use symlinks to long socket names. Fixes: #12751 Fixes: #13609 Signed-off-by: Brent Baude <bbaude@redhat.com> [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #13771 from patrycja-guzik/docu3OpenShift Merge Robot2022-04-05
|\| | | | | [CI:DOCS] Unify examples section across several man pages: init/kill
| * Unify examples section across several man pages: init/killPatrycja Guzik2022-04-04
|/ | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
* Merge pull request #13696 from Luap99/apiv2-netavarkOpenShift Merge Robot2022-04-04
|\ | | | | test/apiv2: support netavark
| * test/apiv2: support netavarkPaul Holzinger2022-03-30
| | | | | | | | | | | | | | | | | | | | | | Since netavark does not support dhcp yet we have to create a macvlan network with a static subnet. Since we do not use the network to run containers the actual subnet does not matter. Also stop hard coding the network id. Unlike the cni backend the netavark backend creates random ids that are not predictable. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13490 from gcalin/13266OpenShift Merge Robot2022-04-04
|\ \ | | | | | | pod logs enhancements: option to color logs
| * | Add option for pod logs to display different colors per container.gcalin2022-03-29
| |/ | | | | | | | | Signed-off-by: Krzysztof Baran <krysbaran@gmail.com> Signed-off-by: gcalin <caling@protonmail.com>
* | Merge pull request #13765 from giuseppe/do-not-set-oom-score-adjOpenShift Merge Robot2022-04-04
|\ \ | | | | | | specgen: do not set OOMScoreAdj by default
| * | specgen: do not set OOMScoreAdj by defaultGiuseppe Scrivano2022-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | do not force a value of OOMScoreAdj=0 if it is wasn't specified by the user. Closes: https://github.com/containers/podman/issues/13731 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #13724 from naveensrinivasan/naveen/feat/set-perms-actionsOpenShift Merge Robot2022-04-04
|\ \ \ | | | | | | | | [CI:DOCS] Set permissions for GitHub actions
| * \ \ Merge branch 'containers:main' into naveen/feat/set-perms-actionsNaveen2022-04-02
| |\ \ \
| * | | | Set permissions for GitHub actionsnaveensrinivasan2022-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* | | | | Merge pull request #13757 from andrewaylett/anonymous_volumesOpenShift Merge Robot2022-04-04
|\ \ \ \ \ | | | | | | | | | | | | Allow creating anonymous volumes with --mount
| * | | | | Allow creating anonymous volumes with --mountAndrew Aylett2022-04-02
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes #13756. All the mechanics to create anonymous volumes is already present, but there's still a validation preventing that path from being taken. We remove the validation, which allows the volume to be created successfully. Signed-off-by: Andrew Aylett <andrew@aylett.co.uk>
* | | | | Merge pull request #13655 from n1hility/dual-pipesOpenShift Merge Robot2022-04-04
|\ \ \ \ \ | | | | | | | | | | | | Prefer registering both machine and global pipe on Win
| * | | | | Prefer registering both machine and global pipeJason T. Greene2022-03-29
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | | | | | Merge pull request #13739 from cevich/fix_build_pushOpenShift Merge Robot2022-04-04
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Fix multi-arch image build version-tag + allow testing in PRs
| * | | | | Cirrus: Allow manually running image-build taskChris Evich2022-03-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Building multi-arch images in a standardized way is complex. Some of the builds themselves can take a really long time to run (over an hour). Make changes easier to test inside a PR by adding manually-triggered image-build tasks. These mirror most of the real cron-triggered task, without actually pushing the final images. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | | Cirrus: Upd VM images to fix multi-arch build bugChris Evich2022-03-31
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | Ref: https://github.com/containers/automation_images/pull/122 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #13665 from jwhonce/issues/13535OpenShift Merge Robot2022-04-01
|\ \ \ \ \ | | | | | | | | | | | | Add build test for .containerignore tar file
| * | | | | Add build test for .containerignore tar fileJhon Honce2022-03-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure a directory added to .containerignore on client is not included in tar sent to remote podman API service * Clean up podman invocations to not include duplicate --remote and --url flags * Use pkill vs. pgrep when cleaning up podman API service in tests * Add exit code when logging error when testing Closes #13535 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | | Merge pull request #13594 from cdoern/podVolumesOpenShift Merge Robot2022-04-01
|\ \ \ \ \ \ | | | | | | | | | | | | | | fix pod volume passing and alter infra inheritance
| * | | | | | fix pod volume passing and alter infra inheritancecdoern2022-03-29
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the infra Inherit function was not properly passing pod volume information to new containers alter the inherit function and struct to use the new `ConfigToSpec` function used in clone pick and choose the proper entities from a temp spec and validate them on the spegen side rather than passing directly to a config resolves #13548 Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | | | Merge pull request #13744 from giuseppe/allow-privileged-cap-addOpenShift Merge Robot2022-04-01
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | specgen: permit --privileged and --cap-add
| * | | | | specgen: permit --privileged and --cap-addGiuseppe Scrivano2022-04-01
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --cap-add is useful when running a privileged container with UID != 0, so that individual capabilities can be added to the container process. Closes: https://github.com/containers/podman/issues/13449 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #13738 from Luap99/remote-commandOpenShift Merge Robot2022-03-31
|\ \ \ \ \ | |_|/ / / |/| | | | cli commands: better error for unsupported commands
| * | | | cli commands: better error for unsupported commandsPaul Holzinger2022-03-31
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you run podman-remote unsahre for example you currently get: Error: unrecognized command `podman-remote unshare` This is because we do not add the command to the cobra tree when we run in remote mode. However this is a bad user experience since it is not clear that the command is only supported for local podman. Users are left wondering why this does not work and could think the documentation is wrong. To fix it we add a clear error message: Error: cannot use command "podman-remote unshare" with the remote podman client Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #13732 from flouthoc/reuse-configmap-volumeOpenShift Merge Robot2022-03-31
|\ \ \ \ | | | | | | | | | | kube: `configmap` volume should be reused if already exists
| * | | | kube: configmap volume should be reused if already existsAditya R2022-03-31
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman play kube` creates a new volume for configmap, if same configmap is applied again volume can be re-used, there is no need to remove and re-create the volume again Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #13697 from edsantiago/upgrade_test_matrixOpenShift Merge Robot2022-03-30
|\ \ \ \ | |_|_|/ |/| | | Upgrade tests: reexamine cross-testing matrix
| * | | Upgrade tests: reexamine cross-testing matrixEd Santiago2022-03-29
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - removed: v1.9.0, v2.0.6 + added: v3.4.0 (Cannot add v4 because there's no such image on quay. As soon as one appears, we should add it.) Add a workaround for a UTS namespace conflict new in v3.4 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #13704 from baude/refactor2OpenShift Merge Robot2022-03-30
|\ \ \ | | | | | | | | Machine refactor part 2
| * | | Machine refactor part 2Brent Baude2022-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR further implements a more structured approach to handling the files needed by machine. More files are now made as MachineFile which can then have a symlink (using a shorter path) to them. Also added Set and Get methods for many of the files. The next part of the refactor will implement the use of symlinks on MacOS. Signed-off-by: Brent Baude <bbaude@redhat.com> [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #13646 from Luap99/slirp4netns-portrangeOpenShift Merge Robot2022-03-30
|\ \ \ \ | | | | | | | | | | fix slirp4netns port forwarding with ranges