aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Support DeviceCgroupRules to actually get added.Daniel J Walsh2021-07-21
| | | | | | Fixes: https://github.com/containers/podman/issues/10302 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #11007 from mheon/journald_test_skipOpenShift Merge Robot2021-07-21
|\ | | | | Ensure journald events tests only run where supported
| * Ensure journald events tests only run where supportedMatthew Heon2021-07-21
| | | | | | | | | | | | | | | | | | We don't support the journald events backend on RHEL8, for example. So we can't unconditionally run these tests. Partial fix for RHBZ1955166 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #11008 from dpward/mainOpenShift Merge Robot2021-07-21
|\ \ | | | | | | [CI:DOCS] Fix GitHub URL to Podman logo
| * | [CI:DOCS] Fix GitHub URL to Podman logoDavid Ward2021-07-21
| |/ | | | | | | | | | | The Podman logo is not rendered on docs.podman.io with the current URL. Signed-off-by: David Ward <david.ward@ll.mit.edu>
* | Merge pull request #10991 from vrothberg/fix-10799OpenShift Merge Robot2021-07-21
|\ \ | | | | | | [CI:DOCS] refine the runlabel man page
| * | [CI:DOCS] refine the runlabel man pageValentin Rothberg2021-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Write a description to outline the scope and mechanism of runlabel. * Describe the variables/attributes that we want to be used. * Do not describe the --optN or OPTN flags/variables since they are already hidden flags and date back to the Atomic days. * Update references to other man pages. * Remove unsupported variables (e.g., SUDO_*) which caused confusion. Fixes: #10799 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10992 from rhatdan/playOpenShift Merge Robot2021-07-21
|\ \ \ | |_|/ |/| | Fix handling of selinux labels in podman play kube
| * | Fix handling of selinux labels in podman play kubeDaniel J Walsh2021-07-20
| |/ | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/10969 [NO TESTS NEEDED] We added tests for this, but they don't seem to be running. If I run the local system tests, they fail with the current Podman and work with this version. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10997 from edsantiago/helpfuler_expectsOpenShift Merge Robot2021-07-21
|\ \ | | | | | | e2e tests: prevent 'Expect(ExitCode())' pattern
| * | e2e tests: prevent 'Expect(ExitCode())' patternEd Santiago2021-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #10932: add a validation check to prevent introduction of new 'Expect(foo.ExitCode()).To(...)' patterns. If such use is absolutely necessary -- there is one such instance in the code already -- require that the assertion include a description. Also: clean up instances that were introduced since the merging of #10932. Also: fix one remaining instance in run_exit_test.go: it had a FIXME comment mentioning a race condition, but unfortunately there was no issue or bug ID, hence no way to know if the race is fixed or not. We will assume it is. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #10993 from cevich/generic_stepsOpenShift Merge Robot2021-07-21
|\ \ \ | | | | | | | | [CI:DOCS] Multi-arch image workflow: Make steps generic
| * | | [CI:DOCS] Multi-arch image workflow: Make steps genericChris Evich2021-07-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This duplicates the change from https://github.com/containers/skopeo/pull/1379 Since this workflow is duplicated across three repositories, maintaining changes becomes onerous if the item contents vary between implementations in any way. Improve this situation by encoding the repository-specific details into env. vars. then referencing those vars throughout. This way, a meaningful diff can be worked with to compare the contents across repositories. Also included are abstractions for the specific command used to obtain the project version, and needed details for filtering the output. Both of these vary across the Buildah, Skopeo, and Podman repos. NOTE: This change requires the names of two github action secrets to be updated: PODMAN_QUAY_USERNAME -> REPONAME_QUAY_USERNAME (and *PASSWORD). Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #10999 from rhatdan/quota1OpenShift Merge Robot2021-07-21
|\ \ \ | | | | | | | | Drop support for the --storage-opt container flag
| * | | Drop podman create --storage-opt container flagDaniel J Walsh2021-07-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The global flag will work in either location, and this flag just breaks users expectations, and is basically a noop. Also fix global storage-opt so that podman-remote can use it. [NO TESTS NEEDED] Since it would be difficult to test in ci/cd. Fixes: https://github.com/containers/podman/issues/10264 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10970 from vikas-goel/prepare-volumeOpenShift Merge Robot2021-07-21
|\ \ \ | |/ / |/| | Copy the content from the underlying image into the newly created volume
| * | Copy the content from the underlying image into the newly created volume.Vikas Goel2021-07-20
| | | | | | | | | | | | | | | | | | Fixes: #10262 Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
* | | Merge pull request #10995 from edsantiago/systemd_ephemeralOpenShift Merge Robot2021-07-20
|\ \ \ | | | | | | | | system tests: cleaner, safer use of systemd
| * | | system tests: cleaner, safer use of systemdEd Santiago2021-07-20
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First and foremost: use ephemeral (/run, $XDG) directories for systemd unit files, so as not to vandalize a working system. Second, refactor common systemd-related functionality into a new helper file, loaded by the systemd-related tests. Shared functionality includes: * setting $XDG_RUNTIME_DIR if unset and rootless * setting $UNIT_DIR for use by tests * new systemctl() and journalctl() functions, which include "--user" when rootless (why can't systemd figure this out on its own?) Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #10985 from edsantiago/batsOpenShift Merge Robot2021-07-20
|\ \ \ | |_|/ |/| | system test: auto-update: multiarch fixes, and cleanup
| * | system test: auto-update: multiarch fixesEd Santiago2021-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | auto-update test is failing on non-x86_64 arch: https://gitlab.com/cki-project/kernel-tests/-/issues/614#note_630010734 Reason: test was relying on alpine_nginx image; this is a custom libpod image that only has a x86_64 version. Solution: use busybox instead. Busybox was copied from docker.io using skopeo copy --all, so it has all arches. Signed-off-by: Ed Santiago <santiago@redhat.com>
| * | system test: auto-update: allow running as rootlessEd Santiago2021-07-20
|/ / | | | | | | | | | | | | | | | | | | | | | | | | They were being skipped for no clear reason. Also: use --files and --name option in generate-systemd. Before, output went to stdout, resulting in completely unreadable logs on test failure. Also: use volatile systemd directories (/run, $XDG_RUNTIME_DIR) instead of permanent ones. Thanks to @Luap99 for the reference. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #10979 from vrothberg/fix-10977OpenShift Merge Robot2021-07-20
|\ \ | | | | | | compat: image create: handle platform correctly
| * | compat: image create: handle platform correctlyValentin Rothberg2021-07-20
| |/ | | | | | | | | | | | | | | | | Handle the platform parameter correctly. The parameter was only parsed in presence of credentials and the code was a bit complex. Also add a regression test. Fixes: #10977 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #10982 from cevich/fix_listen_flakeOpenShift Merge Robot2021-07-20
|\ \ | | | | | | Flake Fix: Wait before connecting to container port
| * | Flake Fix: Wait before connecting container portChris Evich2021-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was observed during periodic testing, this test can fail due to the container process being not fully running and listening on the expected port: ``` [+1069s] not ok 220 podman networking: port with --userns=keep-id [+1069s] # (in test file test/system/500-networking.bats, line 144) [+1069s] # `echo "$teststring" | nc 127.0.0.1 $myport' failed [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman rm --all --force [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman ps --all --external --format {{.ID}} {{.Names}} [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman images --all --format {{.Repository}}:{{.Tag}} {{.ID}} [+1069s] # quay.io/libpod/testimage:20210610 9f9ec7f2fdef [+1069s] # # /var/tmp/go/src/github.com/containers/podman/bin/podman run -d --userns=keep-id -p 127.0.0.1:54322:54322 quay.io/libpod/testimage:20210610 nc -l -n -v -p 54322 [+1069s] # 252c562c9a3c96892d867d1d72fb52b2efdfe62855ebedbccd2d281c472c2988 [+1069s] # Ncat: No route to host. ``` Fix this by using a new `wait_for_port()` function (thanks @edsantiago) before attempting to communicate with the service. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #10984 from edsantiago/timeout_typoOpenShift Merge Robot2021-07-19
|\ \ \ | | | | | | | | (minor) typo fix: timeout variable
| * | | (minor) typo fix: timeout variableEd Santiago2021-07-19
| | |/ | |/| | | | | | | | | | | | | timeout variable was inconsistently spelled in helper function Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #10956 from flouthoc/kube-liveness-probe-systemdOpenShift Merge Robot2021-07-19
|\ \ \ | |_|/ |/| | Kube: Add liveness probe for containers backed by native (systemd) healthchecks instead of kubelet.
| * | Kube: Add liveness probe for containers.flouthoc2021-07-17
| | | | | | | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | Merge pull request #10981 from ↵OpenShift Merge Robot2021-07-19
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/runc-1.0.1 Bump github.com/opencontainers/runc from 1.0.0 to 1.0.1
| * | | Bump github.com/opencontainers/runc from 1.0.0 to 1.0.1dependabot[bot]2021-07-19
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/opencontainers/runc/releases) - [Commits](https://github.com/opencontainers/runc/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #10980 from rhatdan/dockerfileOpenShift Merge Robot2021-07-19
|\ \ \ | |/ / |/| | [CI:DOCS] Just restore protections of shadow-utils
| * | Just restore protections of shadow-utilsDaniel J Walsh2021-07-19
|/ / | | | | | | | | | | | | | | | | | | Rather then reinstalling shadow-utils to fix permissions, just restore the correct permissions. [NO TESTS NEEDED] Since this does not affect Podman, just the prebuilt images on quay.io/podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10968 from ashley-cui/3.2.3masterOpenShift Merge Robot2021-07-17
|\ \ | | | | | | [CI:DOCS] Update Release Notes and README for 3.2.3
| * | Update Release Notes and README for 3.2.3Ashley Cui2021-07-16
|/ / | | | | | | Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #10961 from ↵OpenShift Merge Robot2021-07-16
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/k8s.io/api-0.21.3 Bump k8s.io/api from 0.21.2 to 0.21.3
| * | Bump k8s.io/api from 0.21.2 to 0.21.3dependabot[bot]2021-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.21.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #10965 from vrothberg/vendor-commonOpenShift Merge Robot2021-07-16
|\ \ \ | | | | | | | | vendor containers/common@main
| * | | vendor containers/common@mainValentin Rothberg2021-07-16
| |/ / | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10950 from edsantiago/python_flake_fixOpenShift Merge Robot2021-07-16
|\ \ \ | |/ / |/| | APIv2 (python) tests: fix flake
| * | APIv2 (python) tests: fix flakeEd Santiago2021-07-16
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Python tests were flaking because they behave differently when $DEBUG is set. It looks like something in CI sets that envariable. Solution: do not use $DEBUG as a debug trigger, use a properly-named custom variable that is unlikely to be set accidentally. Also: get rid of AssertTrue(), which gives no visibility into what happened. Write in proper form that can emit useful diagnostics on failure. Fixes: #10948 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #10962 from vrothberg/fix-10655OpenShift Merge Robot2021-07-16
|\ \ | | | | | | systemd: require network*-online*.target
| * | systemd: require network*-online*.targetValentin Rothberg2021-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | Require the network to be online in all (generated) systemd units to make sure that containers and Podman run only after the network has been fully configured. Fixes: #10655 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10848 from vrothberg/update-libimageOpenShift Merge Robot2021-07-16
|\ \ \ | | | | | | | | vendor containers/common@main
| * | | vendor containers/common@mainValentin Rothberg2021-07-16
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `IgnorePlatform` options has been removed from the `LookupImageOptions` in libimage to properly support multi-arch images. Skip one buildah-bud test which requires updated CI images. This is currently being done in github.com/containers/podman/pull/10829 but we need to unblock merging common and buildah into podman. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10960 from ↵OpenShift Merge Robot2021-07-16
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/k8s.io/apimachinery-0.21.3 Bump k8s.io/apimachinery from 0.21.2 to 0.21.3
| * | Bump k8s.io/apimachinery from 0.21.2 to 0.21.3dependabot[bot]2021-07-16
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #10820 from jvanz/indfra-container-name-issue-10794OpenShift Merge Robot2021-07-16
|\ \ | | | | | | --infra-name command line argument
| * | --infra-name command line argumentJosé Guilherme Vanz2021-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | Adds the new --infra-name command line argument allowing users to define the name of the infra container Issue #10794 Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>