| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
Bump to v1.6.4
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
[1.6] bump c/storage to v1.13.6
|
| |/
|
|
| |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
Backports for v1.6.4
|
| | |
| |
| |
| |
| |
| | |
We disabled it upstream, so images likely don't exist anymore.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| | |
In conmon 2.0.3, we add another fifo to handle window resizing. This needs to be cleaned up for commands like restore, where the same path is used.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not generate an entire `config.Config` for displaying the default
value for the --cgroup-manager flag and just default to systemd. Not
using the `config.Config` is okay as 1) the value may change at runtime
in any case (rootless, DBUS access, etc.), 2) it avoids to redundantly
parse the system config files and to generate the hard-coded default
config, and 3) the log-level and other attributes are not yet set during
init() causing undesirable side effects.
Fixes: #4456
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
After a restart, pods and containers both run a refresh()
function to prepare to run after a reboot. Until now, volumes
have not had a similar function, because they had no per-boot
setup to perform.
Unfortunately, this was not noticed when in-memory locking was
introduced to volumes. The refresh() routine is, among other
things, responsible for ensuring that locks are reserved after a
reboot, ensuring they cannot be taken by a freshly-created
container, pod, or volume. If this reservation is not done, we
can end up with two objects using the same lock, potentially
needing to lock each other for some operations - classic recipe
for deadlocks.
Add a refresh() function to volumes to perform lock reservation
and ensure it is called as part of overall refresh().
Fixes #4605
Fixes #4621
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
in case of errors, the channel is not closed, blocking the reader
indefinitely.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1767663
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
| |
if systemd is not available, use the file events logger backend.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
Revert "catch runc v2 error" [v1.6]
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit c35d71e3da7a84eae94769e005407cf99d1ccb49.
This is a Fedora-specific patch we do not want in upstream
releases.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | | |
Bump to v1.6.3
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/ /
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | | |
Update containers/buildah
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Pin to 20e92ffe09820ad80e44117f8fae8f4a6b3883e7 to grab
FIPS fixes.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \
| |/ /
|/| | |
Release notes for v1.6.3
|
| |/ /
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| |/
|/| |
Cherrypicks for v1.6.3 final
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* Refactored code and Makefile to support new docs layout
* Removed some old code packaging code
* Add Readme.md to document what we're doing
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: baude <bbaude@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Restructuring the docs dir to make integration with sphinx easier. man
pages now exist in docs/source/man and the sphinx make files exists in
docs.
Signed-off-by: baude <bbaude@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When starting a container by using its name as a reference, we should
print the name instead of the ID. We regressed on this behaviour
with commit b4124485ae7e which made it into Podman v1.6.2.
Kudos to openSUSE testing for catching it. To prevent future
regressions, extend the e2e tests to check the printed container
name/ID.
Reported-by: @sysrich
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Refactor the `RuntimeConfig` along with related code from libpod into
libpod/config. Note that this is a first step of consolidating code
into more coherent packages to make the code more maintainable and less
prone to regressions on the long runs.
Some libpod definitions were moved to `libpod/define` to resolve
circular dependencies.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
Bump to v1.6.3-rc1
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
Cirrus: Fix upload_release_archive on branch or tag
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cirrus-CI only sets `$CIRRUS_BASE_SHA` when testing PRs since the
destination and it's state is easy to discover. However, when
post-merge and/or tag-push testing, the previous state is not
easily discoverable (changes have already merged). The
`upload_release_archive` script incorrectly assumed this
variable was always set, causing a constant stream of post-merge
testing failures.
Tweak the `is_release()` function to properly handle an empty
`$CIRRUS_BASE_SHA` whether or not `$CIRRUS_TAG` is also set. Also
update the unit-tests to check for this. Also account for a
corner case where hack/get_ci_vm.sh is running on a VM w/o git.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \
| | |
| | | |
Wait for `mount` command to finish when mounting volume
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
command.Start() just starts the command. That catches some
errors, but the nasty ones - bad options and similar - happen
when the command runs. Use CombinedOutput() instead - it waits
for the command to exit, and thus catches non-0 exit of the
`mount` command (invalid options, for example).
STDERR from the `mount` command is directly used, which isn't
necessarily the best, but we can't really get much more info on
what went wrong.
Fixes #4303
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \
| | | |
| | | | |
Cirrus: Fix minor python deprecation warning
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \
| |_|_|/
|/| | | |
build: drop support for ostree
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
it is going to be removed from containers/image as well, so no longer
depend on it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
stale action: add exempt-issue-label
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Without the label, issues would be closed regardless of the
"do-not-close" label.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Processes execed into container should match container label
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Processes execed into a container were not being run with the correct label.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
goland autocorrections
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
just ran the autocorrect code corrections from goland and it found a few
nits.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
seccomp: use github.com/seccomp/containers-golang
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Use the github.com/seccomp/containers-golang library instead of the
docker package. The docker package has changed and silently broke
on F31.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
Move to containers/image v5, support manifest lists
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Currently podman play kube is not using the system default seccomp.json file.
This PR will use the default or override location for podman play.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Generate an image's RepoDigests list using all applicable digests, and
refrain from outputting a digest in the tag column of the "images"
output.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Be prepared to report multiple image digests for images which contain
multiple manifests but, because they continue to have the same set of
layers and the same configuration, are considered to be the same image.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
