| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
Often distributions to not have newuidmap and netgidmap configured
to be setuid. If Podman fails to setup the user namespace, check to
see if these files doe not have the proper protection and tell the user.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Vendor in new opencontainers/selinux
|
| |
| |
| |
| |
| |
| |
| |
| | |
Also update vendor of containers/common,buildah,storage,image
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
images --size
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a --size option to podman images to allow for disabling computing
the size of listed images. If listing images is critical to
performance, user may chose to turn off size computation to speed things
up.
Context: #13755
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] Add Podman Hello to readme.md
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As the title says. Adds a Podman hello image
to the home page. I ran it on windows, so had to have
a blue screen to honor that!
[NO NEW TESTS NEEDED]
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
|
|\ \
| | |
| | | |
Fix mac docker socket handling
|
| |/
| |
| |
| | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\ \
| |/
|/| |
Prevent set command from updating a running instance
|
|/
|
|
| |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\
| |
| |
| |
| | |
containers/dependabot/go_modules/github.com/BurntSushi/toml-1.1.0
build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0)
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Unify examples section across several man pages: pod rm/start/unpause
|
| | |
| | |
| | |
| | | |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
|\ \ \
| |_|/
|/| | |
machine refactor 3: add symlinks for sockets
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
to avoid errors on macos, we use symlinks to long socket names.
Fixes: #12751
Fixes: #13609
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\|
| |
| | |
[CI:DOCS] Unify examples section across several man pages: init/kill
|
|/
|
|
| |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
|\
| |
| | |
test/apiv2: support netavark
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since netavark does not support dhcp yet we have to create a macvlan
network with a static subnet. Since we do not use the network to run
containers the actual subnet does not matter.
Also stop hard coding the network id. Unlike the cni backend the
netavark backend creates random ids that are not predictable.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
pod logs enhancements: option to color logs
|
| |/
| |
| |
| |
| | |
Signed-off-by: Krzysztof Baran <krysbaran@gmail.com>
Signed-off-by: gcalin <caling@protonmail.com>
|
|\ \
| | |
| | | |
specgen: do not set OOMScoreAdj by default
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
do not force a value of OOMScoreAdj=0 if it is wasn't specified by the
user.
Closes: https://github.com/containers/podman/issues/13731
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Set permissions for GitHub actions
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Allow creating anonymous volumes with --mount
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fixes #13756.
All the mechanics to create anonymous volumes is already present, but
there's still a validation preventing that path from being taken. We
remove the validation, which allows the volume to be created
successfully.
Signed-off-by: Andrew Aylett <andrew@aylett.co.uk>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Prefer registering both machine and global pipe on Win
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
Fix multi-arch image build version-tag + allow testing in PRs
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Building multi-arch images in a standardized way is complex. Some
of the builds themselves can take a really long time to run (over
an hour). Make changes easier to test inside a PR by adding
manually-triggered image-build tasks. These mirror most of the real
cron-triggered task, without actually pushing the final images.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | | |
Ref: https://github.com/containers/automation_images/pull/122
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add build test for .containerignore tar file
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Ensure a directory added to .containerignore on client is not included
in tar sent to remote podman API service
* Clean up podman invocations to not include duplicate --remote and
--url flags
* Use pkill vs. pgrep when cleaning up podman API service in tests
* Add exit code when logging error when testing
Closes #13535
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
fix pod volume passing and alter infra inheritance
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
the infra Inherit function was not properly passing pod volume information to new containers
alter the inherit function and struct to use the new `ConfigToSpec` function used in clone
pick and choose the proper entities from a temp spec and validate them on the spegen side rather
than passing directly to a config
resolves #13548
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
specgen: permit --privileged and --cap-add
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
--cap-add is useful when running a privileged container with UID != 0,
so that individual capabilities can be added to the container process.
Closes: https://github.com/containers/podman/issues/13449
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
cli commands: better error for unsupported commands
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When you run podman-remote unsahre for example you currently get:
Error: unrecognized command `podman-remote unshare`
This is because we do not add the command to the cobra tree when we run
in remote mode. However this is a bad user experience since it is not
clear that the command is only supported for local podman. Users are
left wondering why this does not work and could think the documentation
is wrong.
To fix it we add a clear error message:
Error: cannot use command "podman-remote unshare" with the remote podman client
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
kube: `configmap` volume should be reused if already exists
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
`podman play kube` creates a new volume for configmap, if same configmap
is applied again volume can be re-used, there is no need to remove and
re-create the volume again
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Upgrade tests: reexamine cross-testing matrix
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- removed: v1.9.0, v2.0.6
+ added: v3.4.0
(Cannot add v4 because there's no such image on quay. As soon
as one appears, we should add it.)
Add a workaround for a UTS namespace conflict new in v3.4
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
Machine refactor part 2
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This PR further implements a more structured approach to handling the
files needed by machine. More files are now made as MachineFile which
can then have a symlink (using a shorter path) to them. Also added Set
and Get methods for many of the files.
The next part of the refactor will implement the use of symlinks on
MacOS.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
fix slirp4netns port forwarding with ranges
|