aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* fix goroutine leaks in events and logs backendPaul Holzinger2022-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running a single podman logs this is not really important since we will exit when we finish reading the logs. However for the system service this is very important. Leaking goroutines will cause an increased memory and CPU ussage over time. Both the the event and log backend have goroutine leaks with both the file and journald drivers. The journald backend has the problem that journal.Wait(IndefiniteWait) will block until we get a new journald event. So when a client closes the connection the goroutine would still wait until there is a new journal entry. To fix this we just wait for a maximum of 5 seconds, after that we can check if the client connection was closed and exit correctly in this case. For the file backend we can fix this by waiting for either the log line or context cancel at the same time. Currently it would block waiting for new log lines and only check afterwards if the client closed the connection and thus hang forever if there are no new log lines. [NO NEW TESTS NEEDED] I am open to ideas how we can test memory leaks in CI. To test manually run a container like this: `podman run --log-driver $driver --name test -d alpine sh -c 'i=1; while [ "$i" -ne 1000 ]; do echo "line $i"; i=$((i + 1)); done; sleep inf'` where `$driver` can be either `journald` or `k8s-file`. Then start the podman system service and use: `curl -m 1 --output - --unix-socket $XDG_RUNTIME_DIR/podman/podman.sock -v 'http://d/containers/test/logs?follow=1&since=0&stderr=1&stdout=1' &>/dev/null` to get the logs from the API and then it closes the connection after 1 second. Now run the curl command several times and check the memory usage of the service. Fixes #14879 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14932 from jakecorrenti/pull-all-tags-shorthandopenshift-ci[bot]2022-07-15
|\ | | | | Podman pull --all-tags shorthand option
| * Podman pull --all-tags shorthand optionJake Correnti2022-07-14
| | | | | | | | | | | | | | I added the shorthand option for `podman pull --all-tags`. Like Docker, Podman can now do `podman pull -a`. Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | Merge pull request #14909 from eriksjolund/add_socket_activation_tutorialopenshift-ci[bot]2022-07-15
|\ \ | | | | | | [CI:DOCS] Add socket_activation.md
| * | [CI:DOCS] Update docs/tutorials/socket_activation.mdErik Sjölund2022-07-14
| | | | | | | | | | | | | | | Co-authored-by: Valentin Rothberg <vrothberg@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
| * | [CI:DOCS] Add socket activation tutorialErik Sjölund2022-07-14
| | | | | | | | | | | | | | | | | | Closes #14908 Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | Merge pull request #14944 from cevich/machine-label-taskopenshift-ci[bot]2022-07-15
|\ \ \ | | | | | | | | Cirrus: Trigger podman-machine task by label
| * | | Cirrus: Trigger podman-machine task by labelChris Evich2022-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of requiring developers to search for a magic button, make the task trigger at the time a special PR label is added. Update comments accordingly. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #14927 from cevich/fix_error_grepopenshift-ci[bot]2022-07-14
|\ \ \ \ | | | | | | | | | | [CI:DOCS] GHA: Fix dumb error check
| * | | | GHA: Fix dumb error checkChris Evich2022-07-14
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously the reply JSON was examined for the literal presence of the string 'error'. This was intended to catch server or query errors and the like. However it's not a sound design as valid/legitimate contents could potentially contain the string. Fix this by using the `-e` option to `jq`, with a filter that should always result in a non-empty/null match. If this fails or returns null for some reason, then it's safe to throw a real error code & message. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #14832 from karthikelango137/filterFlagStopopenshift-ci[bot]2022-07-14
|\ \ \ \ | | | | | | | | | | Podman stop --filter flag
| * | | | Podman stop --filter flagKarthik Elango2022-07-14
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy. Signed-off-by: Karthik Elango <kelango@redhat.com>
* | | | Merge pull request #14938 from nicrowe00/12475remixopenshift-ci[bot]2022-07-14
|\ \ \ \ | |/ / / |/| | | fix tests for "podman kube play"
| * | | fix tests for "podman kube play"Niall Crowe2022-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a follow up to fix some of the apiv2 tests related to "podman kube play" while also removing reduntant system tests. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | | | Merge pull request #14935 from saschagrunert/semver-v4openshift-ci[bot]2022-07-14
|\ \ \ \ | | | | | | | | | | Switch to `github.com/blang/semver/v4`
| * | | | Switch to `github.com/blang/semver/v4`Sascha Grunert2022-07-14
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Switch to the latest version of the now go module compatible release. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | | Merge pull request #14914 from edsantiago/xref_manpages_stricteropenshift-ci[bot]2022-07-14
|\ \ \ \ | | | | | | | | | | [CI:DOCS] man page checker: enforce stricter options format
| * | | | man page checker: enforce stricter options formatEd Santiago2022-07-14
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to #14906, in which a nonexistent option was found in a man page. The xref script was designed to catch that, but I was too lax in my parsing: the option was documented using wrong syntax, and the script didn't catch it. Solution: do not allow *any* unrecognized cruft in the option description lines. And fix all improperly-written entries to conform to the rule: **--option**=*value(s)* Two asterisks around option, which must have two dashes. One asterisk around value(s). This is going to cause headaches for some people adding new options, but I don't think I can fix that: there are many factors that make an unparseable line. Adding 'hint' code would make the script even more complex than it is. I have to assume that our contributors are smart enough to look at surrounding context and figure out the right way to specify options. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #14919 from gbraad/fedorawslopenshift-ci[bot]2022-07-14
|\ \ \ \ | |/ / / |/| | | Use prepared image for WSL machine init
| * | | Fixes #14698 Use prepared image for WSL2 machine initGerard Braad2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a prepared image for setting up the WSL2 environment. This means that the deployment will take considerable less time to finish (as it does not need to run an update and package install), but also allows to rely on a cached image to re-init the environment without the need for an internet connection. [NO NEW TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
* | | | Merge pull request #14923 from rhatdan/eventsopenshift-ci[bot]2022-07-14
|\ \ \ \ | |_|/ / |/| | | Add podman events -f to be alias for --filter
| * | | Add podman events -f to be alias for --filterDaniel J Walsh2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | Needed for Docker compatibility. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #14772 from nicrowe00/12475openshift-ci[bot]2022-07-13
|\ \ \ \ | | | | | | | | | | Add "podman kube play" cmd
| * | | | Add "podman kube play" cmdNiall Crowe2022-07-13
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "podman kube play" command is designed to be a replacement for the "podman play kube" command. It performs the same function as "play kube" while also still working with the same flags and options. The "podman play kube" command is still functional as an alias of "kube play". Closes #12475 Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | Merge pull request #14915 from eriksjolund/rename_c_to_cpu_sharesopenshift-ci[bot]2022-07-13
|\ \ \ \ | | | | | | | | | | [CI:DOCS] man pages: replace -c with --cpu-shares
| * | | | [CI:DOCS] man pages: replace -c with --cpu-sharesErik Sjölund2022-07-13
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
| * | | | [CI:DOCS] podman-create.md: replace -c with --cpu-sharesErik Sjölund2022-07-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | | Merge pull request #14895 from baude/machinewipopenshift-ci[bot]2022-07-13
|\ \ \ \ \ | |_|/ / / |/| | | | Fix machine test for list
| * | | | Fix last machine testBrent Baude2022-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The list --format json test case had a typo like error. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #14904 from giuseppe/move-to-subcgroup-in-a-containeropenshift-ci[bot]2022-07-13
|\ \ \ \ \ | | | | | | | | | | | | abi: create new cgroup when running in a container
| * | | | | abi: create new cgroup when running in a containerGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if podman is running in the root cgroup, it will create a new subcgroup and move itself there. [NO NEW TESTS NEEDED] it needs nested podman Closes: https://github.com/containers/podman/issues/14884 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | podman: always call into SetupRootlessGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | utils: call MaybeMoveToSubCgroup onceGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | memoize its result and use it for subsequent calls. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | podman: move MaybeMoveToSubCgroup to utils/Giuseppe Scrivano2022-07-13
| | |_|/ / | |/| | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #14916 from rhatdan/dockeropenshift-ci[bot]2022-07-13
|\ \ \ \ \ | |/ / / / |/| | | | Docker uses "-c" to mean "--cpu-shares" in create and run
| * | | | Docker uses "-c" to mean "--cpu-shares" in create and runDaniel J Walsh2022-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for -c as an alias for --cpu-shares to be compatible with Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #14910 from flouthoc/fix-testopenshift-ci[bot]2022-07-12
|\ \ \ \ \ | |_|/ / / |/| | | | test,manifest-run: declare `TARGETPLATFORM` in test containerfile.
| * | | | test,manifest-run: declare TARGETPLATFORM before using itAditya R2022-07-12
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of fix for https://github.com/openshift/imagebuilder/issues/231 `FROM` does not expands `ARGS` which are not declared so `TARGETPLATFORM` Note: I think a patch should be added at imagebuilder to allow using inbuilt ARGS in FROM without declaring it as well but it is something to be discussed so lets declare it manually in our tests [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #14905 from eriksjolund/remove_rootless_considerationsopenshift-ci[bot]2022-07-12
|\ \ \ \ | | | | | | | | | | [CI:DOCS] rootless_tutorial: Remove incorrect advice regarding volume…
| * | | | [CI:DOCS] rootless_tutorial: Remove incorrect advice regarding volumes and ↵Erik Sjölund2022-07-12
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mount points * Remove the instruction "The mount point must exist in the container" as it is incorrect which is shown by this example ``` $ mkdir dir1 $ podman run --rm -v ./dir1:/dir1:Z docker.io/library/fedora:36 touch /dir1/file $ ls dir1 file $ podman run --rm docker.io/library/fedora:36 ls -l /dir1 ls: cannot access '/dir1': No such file or directory $ podman --version podman version 4.1.1 $ ``` * Rewrite the advice "You should always give the full path to the volume you'd like to mount" so that it also mentions relative paths starting with a dot. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #14912 from edsantiago/ci_confirm_runtimeopenshift-ci[bot]2022-07-12
|\ \ \ \ | |_|_|/ |/| | | [CI:DOCS] CI: sanity check for desired runtime
| * | | CI: sanity check for desired runtimeEd Santiago2022-07-12
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're still not testing runc in CI (#14833), and it may be weeks or months before we can, due to criu/glibc nightmare, but one day we'll be back on track, then later on we'll update VMs again, and screw it up, and lose runc, and not notice, and RHEL will break, and oh noes headless chicken again, repeat repeat. We can do better. Use .cirrus.yml to explicitly define which VMs should use which runtimes, and enforce it early in the CI build step. This should never fail (uh huh) in a PR, only in one of the update-VM PRs. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14911 from ↵Daniel J Walsh2022-07-12
|\ \ \ | | | | | | | | | | | | | | | | eriksjolund/remove_builtin_volume_option_from_man_pages [CI:DOCS] man pages: remove non-existent option builtin-volume
| * | | [CI:DOCS] man pages: remove non-existent option builtin-volumeErik Sjölund2022-07-12
| |/ / | | | | | | | | | | | | | | | Closes #14906 Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | Merge pull request #14893 from Luap99/machine-proxyopenshift-ci[bot]2022-07-12
|\ \ \ | |/ / |/| | podman machine: do not commit proxies into config file
| * | podman machine: do not commit proxies into config filePaul Holzinger2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu fails when the same `fw_cfg` options is used more than once. Since the current logic always adds a new option on each machine load this will fail on the second start. We can fix this by checking if the option is already set and replace but I think it is easier to just not commit the option in the config and add it dynamically on start. User that hit this bug have to recreate the machine. [NO NEW TESTS NEEDED] Fixes #14636 Fixes #14837 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14896 from edsantiago/logformatter_by_taskopenshift-ci[bot]2022-07-12
|\ \ \ | |_|/ |/| | logformatter: link by *task ID*, not build ID
| * | logformatter: link by *task ID*, not build IDEd Santiago2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | Reason: task IDs are unique and permanent; linking by build ID and task name is non-unique, because Re-run. Fixes: #14863 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #14901 from tyler92/fix-trace-logopenshift-ci[bot]2022-07-12
|\ \ \ | | | | | | | | fix wrong log message on Trace level
| * | | fix wrong log message on Trace levelMikhail Khachayants2022-07-12
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Empty path to runtime binary was printed instead of a real path. Before fix: TRAC[0000] found runtime "" TRAC[0000] found runtime "" After: TRAC[0000] found runtime "/usr/bin/crun" TRAC[0000] found runtime "/usr/bin/runc" Signed-off-by: Mikhail Khachayants <khachayants@arrival.com>