| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
To replace redundant string scattered across the code with proper
constants. The "status" will further be useful in a future change
as it can be moved into a `task`.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Will simplify the code and speed up things as we do not consult a
container's labels multiple times.
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This will simplify the logic and pave the way for abstracting the
auto-update policies to a certain degree that allows us to better
control _when_ the updates and rollbacks happen and will ultimately
reduce redundant code.
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
"pull" is more expressive.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
If two containers use the same image and one rolled back (i.e., tagged
the old image again), make sure to repull the image for the other
container.
Once an image has caused a rollback, it may be worth marking this image
as broken and not update any other container using it but that is
outside of the scope.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Change the auto-update logic to update unit-by-unit rather by policy.
This allows for, in theory now and in practice later, to have mutliple
containers run in a single systemd unit and update them in sequence
before restarting the unit.
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Drop a comment on using `chcon` to let the local rollback test pass.
It took me a while to understand why the test failed and future souls
may appreciated the extra breadcrumb.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
A `task` includes data and state for updating a given container image.
It will come in handy in future changes, but we are going there in
baby steps to have smaller incremental changes.
[NO NEW TESTS NEEDED] - should not change behaviour.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Introduce an `updater` type to allow for sharing state.
This will be more useful for future changes.
[NO NEW TESTS NEEDED] as it does not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
fix sphinx build to include podman-create/run page
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When docs.podman.io is build on readthedocs we have to make sure to
generate the markdown pages first.
It works locally with sphinx but I have no idea if this works on the
readthedocs infra.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
[CI:DOCS] Cirrus: Support EC2 instances in hack/get_ci_vm.sh
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
***Depends on:***
https://github.com/containers/automation_images/pull/160
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
add omitempty to Secret in k8s VolumeSource
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Secret was populating a generated kube as `null`. Add omitempty
so that when the volume source is not a secret, we do not print unnecessary info
resolves #15156
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\ \ \ \ \ \
| | |_|/ / /
| |/| | | | |
fix hack/markdown-preprocess to support older python versions
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
str.removeprefix() and str.removesuffix() is python 3.9+ only but we need to
support older versions for the OSX cross task.
This fixes broken CI on main.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
Default to rootless via Windows WSL prompt / Lock to WSL2
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also force installation to use WSL2 to prevent accidental usage of WSL1
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
(requires psi)
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
[CI:DOCS] Refactor common options in man pages
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman-create and -run have many options in common. To date,
these are copy-pasted and haphazardly maintained.
Solution: add an include mechanism, '@@option foo', such
that multiple md source files can fetch from one common file.
This is a Phase One commit, a very small subset of what's
possible. Purpose of this commit is ease of review. If this
passes review, much more (trickier stuff) will be forthcoming.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add steps to sign included qemu and notarize the built pkg
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
this updates downloading of gvproxy and qemu using a standard
makefile rule which will avoid downloading them again if its
already downloaded
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
add file hvf.entitlements which has the com.apple.security.hypervisor
entitlement needed for qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add rm --filter option
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
--filter : remove the filtered container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Cirrus: use dnf instead of rpm to install packages
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
Cirrus: Fix e2e tests for "mount_rootless_test"
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
e2e `mount_rootless_test` did not load `podman binary path` successfully.
This PR fix this problem.
[It] podman unshare podman mount:
```
[+1596s] Running: ... unshare mount <cid>
[+1596s] Error: exec: no command
[+1596s] output:
```
[It] podman unshare image podman mount:
```
[+1599s] Running: ... unshare image mount quay.io/libpod/alpine:latest
[+1599s] Error: exec: no command
[+1599s] output:
```
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
add "podman kube down" command
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The "podman kube down" reads in a structured file of
Kubernetes YAML and removes pods based on the Kubernetes kind described in the YAML,
similiar to "podman play kube --down". Users will still be able to use
"podman play kube --down" and "podman kube play --down" to
perform the same function.
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
switch from "kube/play" endpoint to "play/kube" endpoint.
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When podman kube play was added the endpoint for the kube play/play kube
commands was switched from the "play kube" endpoint to the new "kube play"
endpoint. This caused issues with the remote client, requiring the need
to use the "play kube" endpoint again in order to avoid these issues.
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
podman generate systemd --new: allow -h hostname
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman run/create can accept `-h <hostname>` as argument. When parsing
flags -h throws an help requested error from pflag. To prevent this
error we have to define the help flag.
Fixes #15124
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
manifest,test: `inspect` should contain `OCI` annotations.
|
| |/ /
| |
| |
| | |
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \
| | |
| | | |
fix e2e sign tests
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The key used in the tests has expired. Remove the expiration date to
turn CI happy and green.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
[CI:DOCS] man podman-volume-import: Clarify that merge happens
|
| | | |
| | |
| | | |
Signed-off-by: Felix Stupp <me+github@banananet.work>
|
| | |/
| |
| |
| |
| | |
Current directories and files stay the same with the current implementation as long as the tarball does not contain a directories or files with the same name.
Signed-off-by: Felix Stupp <me+github@banananet.work>
|
| |\ \
| | |
| | | |
Sigstore sign
|
