aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Kube Gen run as user/group issuescdoern2021-10-12
| | | | | | | | | Removed the inclusion of RunAsUser or RunAsGroup unless a container is run with the --user flag. When building from an image the user will be pulled from there anyway resolves #11914 Signed-off-by: cdoern <cdoern@redhat.com>
* Merge pull request #11904 from siretart/patch-2OpenShift Merge Robot2021-10-10
|\ | | | | [CI:DOCS] oci-hooks.5.md: fixup section in header
| * [CI:DOCS] oci-hooks.5.md: fixup section in headerReinhard Tartler2021-10-10
| | | | | | | | | | | | This fixes the autodetection of where to install the manpages Signed-off-by: Reinhard Tartler <siretart@tauware.de>
* | Merge pull request #11869 from jwhonce/wip/pprofOpenShift Merge Robot2021-10-10
|\ \ | | | | | | Enable /debug/pprof API service endpoints
| * | Enable /debug/pprof API service endpointsJhon Honce2021-10-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor sidecar HTTP service for /debug/pprof endpoints to use a TCP address given via new podman system service --pprof-address flag * Allow same URL parsing in "system service" as bindings/connection.go * Refactor NewServerWithSettings() to use entities.ServiceOptions in place of deleted server.Options * Updated godoc for impacted functions and types * Fixed API service Shutdown() to do an orderly shutdown when terminated and running with --time=0 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #11880 from rhatdan/stoptimeoutOpenShift Merge Robot2021-10-10
|\ \ \ | | | | | | | | Warn if podman stop timeout expires that sigkill was sent
| * | | Warn if podman stop timeout expires that sigkill was sentDaniel J Walsh2021-10-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Note: the Warning message will not come to podman-remote. It would be difficult to plumb, and not really worth the effort. Fixes: https://github.com/containers/podman/issues/11854 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #11893 from vrothberg/vendor-commonOpenShift Merge Robot2021-10-10
|\ \ \ \ | |_|_|/ |/| | | faster image inspection
| * | | faster image inspectionValentin Rothberg2021-10-08
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Vendor the latest HEAD in c/common to pull in changes for a faster inspection of images. Previously, only the size computation was optional, now the one for the parent image is as well. In many cases, the parent image is not needed but it takes around 10ms on my local machine. With this change, we cut off 10ms from many code paths, most importantly, container creation. [NO NEW TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11900 from afbjorklund/machine-tableOpenShift Merge Robot2021-10-09
|\ \ \ | |_|/ |/| | Not all fields in machine list were set properly
| * | Not all fields in machine list were set properlyAnders F Björklund2021-10-08
|/ / | | | | | | | | | | | | | | | | When using custom output formats like table, some of the booleans introduced for json format were not initialized correctly (wrong). [NO TESTS NEEDED] Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | Merge pull request #11671 from chenzhiwei/kube-replaceOpenShift Merge Robot2021-10-08
|\ \ | |/ |/| introduce --replace flag for play kube
| * [CI:DOCS] introduce --replace flag for play kubeChen Zhiwei2021-10-08
|/ | | | | | | | With this flag, users can easily sync up the yaml content with the existing pods. Fixes #11481 Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
* Merge pull request #11884 from ↵OpenShift Merge Robot2021-10-07
|\ | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/selinux-1.9.1 Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
| * Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1dependabot[bot]2021-10-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.5 to 1.9.1. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.5...v1.9.1) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11885 from rhatdan/docsOpenShift Merge Robot2021-10-07
|\ \ | |/ |/| [ci:docs] Change podman.1 man page to show corret log-level default
| * Change podman.1 man page to show corret log-level defaultDaniel J Walsh2021-10-07
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #11855 from rhatdan/DockerfileOpenShift Merge Robot2021-10-06
|\ | | | | Add podman-plugins to upstream image
| * Add podman-plugins to upstream imageMatthew Mosesohn2021-10-04
| | | | | | | | | | | | | | | | Fixes #11380 Replaces https://github.com/containers/podman/pull/11385 Originally subbmitted by @mattymo Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #11878 from mheon/stop_stoppingOpenShift Merge Robot2021-10-06
|\ \ | | | | | | Allow `podman stop` to be run on Stopping containers
| * | Ensure `podman ps --sync` functionsMatthew Heon2021-10-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The backend for `ps --sync` has been nonfunctional for a long while now - probably since v2.0. It's questionable how useful the flag is in modern Podman (the original case it was intended to catch, Conmon gone via SIGKILL, should be handled now via pinging the process with a signal to ensure it's still alive) but having the ability to force a refresh of container state from the OCI runtime is still useful. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | Allow `podman stop` to be run on Stopping containersMatthew Heon2021-10-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows you to stop a container after a `podman stop` process started, but did not finish, stopping the container (probably an ignored stop signal, with no time to SIGKILL?). This is a very narrow case, but once you're in it the only way to recover is a `podman rm -f` of the container or extensive manual remediation (you'd have to kill the container yourself, manually, and then force a `podman ps --all --sync` to update its status from the OCI runtime). [NO NEW TESTS NEEDED] I have no idea how to verify this one - we need to test that it actually started *during* the other stop command, and that's nontrivial. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #11864 from Luap99/closeOpenShift Merge Robot2021-10-06
|\ \ \ | | | | | | | | libpod: fix race when closing STDIN
| * | | libpod: fix race when closing STDINPaul Holzinger2021-10-06
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a race where `conn.Close()` was called before `conn.CloseWrite()`. In this case `CloseWrite` will fail and an useless error is printed. To fix this we move the the `CloseWrite()` call to the same goroutine to remove the race. This ensures that `CloseWrite()` is called before `Close()` and never afterwards. Also fixed podman-remote run where the STDIN was never was closed. This is causing flakes in CI testing. [NO TESTS NEEDED] Fixes #11856 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11877 from ↵OpenShift Merge Robot2021-10-06
|\ \ \ | |/ / |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.16.1 Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1
| * | Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1dependabot[bot]2021-10-06
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.16.0 to 5.16.1. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.16.0...v5.16.1) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11866 from ↵OpenShift Merge Robot2021-10-05
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/docker/docker-20.10.9incompatible Bump github.com/docker/docker from 20.10.8+incompatible to 20.10.9+incompatible
| * | Bump github.com/docker/dockerdependabot[bot]2021-10-05
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.8+incompatible to 20.10.9+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.8...v20.10.9) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11861 from edsantiago/no_new_tests_neededOpenShift Merge Robot2021-10-05
|\ \ | | | | | | It really should be no **NEW** tests needed
| * | It really should be no **NEW** tests neededEd Santiago2021-10-04
|/ / | | | | | | | | | | | | | | | | | | | | | | Accept both "NO TESTS NEEDED" and "NO NEW TESTS NEEDED". That was a usability mistake I made on Day One. Fixed it in Buildah but oops never got around to fixing it here. Also, fix the test suite script: remove a no-longer-working test case (changelog.txt, removed in #11467) and add a new test for commits that include the magic string. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #11857 from lsm5/community-channel-updateOpenShift Merge Robot2021-10-04
|\ \ | | | | | | README.md: Point to Podman's channels
| * | README.md: Point to Podman's channelsLokesh Mandvekar2021-10-04
|/ / | | | | | | | | | | | | | | | | There's a significant number of non-IRC users in the bridged rooms, both Matrix and Discord. So, we should mention those options too. [NO TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #11763 from rhatdan/timeoutOpenShift Merge Robot2021-10-04
|\ \ | | | | | | Add --time option for podman * rm -f flag
| * | Add --time out for podman * rm -f commandsDaniel J Walsh2021-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add --time flag to podman container rm Add --time flag to podman pod rm Add --time flag to podman volume rm Add --time flag to podman network rm Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #11846 from Luap99/network-reloadOpenShift Merge Robot2021-10-04
|\ \ \ | |_|/ |/| | CNI networks: reload networks if needed
| * | CNI networks: reload networks if neededPaul Holzinger2021-10-04
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current implementation of the CNI network interface only loads the networks on the first call and saves them in a map. This is done to safe performance and not having to reload all configs every time which will be costly for many networks. The problem with this approach is that if a network is created by another process it will not be picked up by the already running podman process. This is not a problem for the short lived podman commands but it is problematic for the podman service. To make sure we always have the actual networks store the mtime of the config directory. If it changed since the last read we have to read again. Fixes #11828 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11850 from Luap99/bump-commonOpenShift Merge Robot2021-10-04
|\ \ | |/ |/| bump c/common to latest and c/storage to 1.37.0
| * bump c/common to latest and c/storage to 1.37.0Paul Holzinger2021-10-04
|/ | | | | | | Update c/common to fix a bug where broken config files could be created via podman machine and podman system connection add. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #11834 from cevich/fix_gitlab_setupOpenShift Merge Robot2021-10-04
|\ | | | | Cirrus: Fix defunct package metadata breaking cache
| * Cirrus: Fix defunct package metadata breaking cacheChris Evich2021-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Original workaround https://github.com/containers/podman/pull/11821 During VM image build, a number of packages are downloaded but not installed, since they may interfere with some testing. Then at runtime, where required, the packages are installed from cache and used. However, between image build and runtime it's possible the repository contents change, which will invalidate the package cache. Since the `--no-download --ignore-missing` options were used, the install will fail. Ref: https://github.com/containers/automation_images/issues/95 Fortunately, when it comes to the docker packages, no other dependencies are required and so `apt-get` isn't required. Switch to using a simple dpkg install command on the necessary files. If this ever breaks due to new dependencies, the list of files may simply be updated. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #11820 from jwhonce/issues/11810OpenShift Merge Robot2021-10-02
|\ \ | | | | | | [NO TESTS NEEDED] Ignore removed containers
| * | [NO TESTS NEEDED] Ignore removed containersJhon Honce2021-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Ignore condition when containers are removed while listing them for ps output. No tests added at this time as they would create a race condition for CI. * Updated godocs See https://github.com/containers/podman/issues/11810 for reproducer. Fixes #11810 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #11816 from cdoern/podEventsBugOpenShift Merge Robot2021-10-02
|\ \ \ | |_|/ |/| | Pod Events Logging Fix
| * | Pod Events Logging Fixcdoern2021-10-01
| |/ | | | | | | | | | | | | on create, libpod was only creating a new event if the pod had an infra container. now, pod creation triggers a new pod event with or without infra Signed-off-by: cdoern <cdoern@redhat.com>
* | Merge pull request #11777 from cdoern/podVolumesFromOpenShift Merge Robot2021-10-01
|\ \ | | | | | | Pod Volumes From Support
| * | Pod Volumes From Supportcdoern2021-10-01
| |/ | | | | | | | | | | | | added support for a volumes from container. this flag just required movement of the volumes-from flag declaration out of the !IsInfra block, and minor modificaions to container_create.go Signed-off-by: cdoern <cdoern@redhat.com>
* | Merge pull request #11833 from umohnani8/swaggerOpenShift Merge Robot2021-10-01
|\ \ | |/ |/| Add note about empty fields and null values for API responses
| * Add note about empty fields and null values for API responsesUrvashi Mohnani2021-10-01
| | | | | | | | | | | | | | | | | | | | | | Add a note the global swagger docs about some fields not showing up in responses as they are set to omitempty. Also add a note about null values for complicated field types that swagger-go has a hard time with. [NO TESTS NEEDED] Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | Merge pull request #11783 from ↵OpenShift Merge Robot2021-10-01
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/buildah-1.23.1 Bump github.com/containers/buildah from 1.23.0 to 1.23.1
| * | Bump github.com/containers/buildah from 1.23.0 to 1.23.1dependabot[bot]2021-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.23.0 to 1.23.1. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/v1.23.1/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.23.0...v1.23.1) --- updated-dependencies: - dependency-name: github.com/containers/buildah dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>