aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* auto-update: validate container imageValentin Rothberg2022-09-26
| | | | | | | | | | | Auto updates using the "registry" policy require container to be created with a fully-qualified image reference. Short names are not supported due the ambiguity of their source registry. Initially, container creation errored out for non FQN images but it seems that Podman has regressed. Fixes: #15879 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #15911 from yrro/fix-libsubid-detectionOpenShift Merge Robot2022-09-26
|\ | | | | Fix libsubid detection
| * Fix libsubid detectionSam Morris2022-09-23
| | | | | | | | | | | | Library arguments must be positioned after sources when invoking GCC. Signed-off-by: Sam Morris <sam@robots.org.uk>
* | Merge pull request #15900 from rhatdan/VENDOROpenShift Merge Robot2022-09-23
|\ \ | | | | | | Update vendor of containers(image, common, buildah, storage)
| * | Fixup Buildah mergeEd Santiago2022-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes since 2022-09-09: - man page: add --skip-unused-stages (buildah 4249) - man page: bring in new Note for --cache-ttl (4248) - system tests: de-stutter (4205) - (internal): in skip() applier: escape asterisk, otherwise the "bud with --dns* flags" sed expression never applies. Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Update vendor or containers/buildahDaniel J Walsh2022-09-23
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #15873 from ashley-cui/prettysecretsOpenShift Merge Robot2022-09-23
|\ \ \ | | | | | | | | Add --pretty to podman secret inspect
| * | | Add --pretty to podman secret inspectAshley Cui2022-09-22
| | | | | | | | | | | | | | | | | | | | | | | | Pretty-print podman secret inspect output in a human-readable format Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #15463 from mheon/fix_15408OpenShift Merge Robot2022-09-23
|\ \ \ \ | |_|/ / |/| | | Events for containers in pods now include the pod's ID
| * | | Events for containers in pods now include the pod's IDMatthew Heon2022-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows tools like Cockpit to know that the pod in question has also been updated, so they can refresh the list of containers in the pod. Fixes #15408 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #15905 from lsm5/fix-coprOpenShift Merge Robot2022-09-23
|\ \ \ \ | | | | | | | | | | [CI:BUILD] Copr: also define _user_tmpfilesdir for f35
| * | | | [CI:BUILD] Copr: also define _user_tmpfilesdir for f35Lokesh Mandvekar2022-09-22
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some users are still on f35, so we need to account for that for some time. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | Merge pull request #15841 from mheon/image_driverOpenShift Merge Robot2022-09-23
|\ \ \ \ | |_|_|/ |/| | | Add support for 'image' volume driver
| * | | Add support for 'image' volume driverMatthew Heon2022-09-22
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We added the concept of image volumes in 2.2.0, to support inspecting an image from within a container. However, this is a strictly read-only mount, with no modification allowed. By contrast, the new `image` volume driver creates a c/storage container as its underlying storage, so we have a read/write layer. This, in and of itself, is not especially interesting, but what it will enable in the future is. If we add a new command to allow these image volumes to be committed, we can now distribute volumes - and changes to them - via a standard OCI image registry (which is rather new and quite exciting). Future work in this area: - Add support for `podman volume push` (commit volume changes and push resulting image to OCI registry). - Add support for `podman volume pull` (currently, we require that the image a volume is created from be already pulled; it would be simpler if we had a dedicated command that did the pull and made a volume from it) - Add support for scratch images (make an empty image on demand to use as the base of the volume) - Add UOR support to `podman volume push` and `podman volume pull` to enable both with non-image volume drivers Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #15854 from anjannath/issue_15831OpenShift Merge Robot2022-09-22
|\ \ \ | |/ / |/| | pkginstaller: use path_helper to add podman and helpers to path
| * | pkginstaller: use path_helper to add podman and helpers to pathAnjan Nath2022-09-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | path_helper(8) appends the contents of /etc/paths.d/podman-pkg to the PATH env [NO NEW TESTS NEEDED] Signed-off-by: Anjan Nath <kaludios@gmail.com>
* | | Merge pull request #15895 from dcermak/don-expose-dev-for-privilegedOpenShift Merge Robot2022-09-22
|\ \ \ | | | | | | | | Don't mount /dev/ inside privileged containers running systemd
| * | | Don't mount /dev/tty* inside privileged containers running systemdDan Čermák2022-09-22
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to https://systemd.io/CONTAINER_INTERFACE/, systemd will try take control over /dev/ttyN if exported, which can cause conflicts with the host's tty in privileged containers. Thus we will not expose these to privileged containers in systemd mode, as this is a bad idea according to systemd's maintainers. Additionally, this commit adds a bats regression test to check that no /dev/ttyN are present in a privileged container in systemd mode This fixes https://github.com/containers/podman/issues/15878 Signed-off-by: Dan Čermák <dcermak@suse.com>
* | | Merge pull request #15131 from boaz0/closes_14707OpenShift Merge Robot2022-09-22
|\ \ \ | |/ / |/| | Add support to sig-proxy for podman-remote
| * | Add support to sig-proxy for podman-remoteBoaz Shuster2022-09-20
| | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Merge pull request #15870 from idleroamer/podman-saveOpenShift Merge Robot2022-09-22
|\ \ \ | | | | | | | | podman-save: Add signature-policy flag
| * | | cli: Add signature-policy flag to podman save😎Mostafa Emami2022-09-21
| |/ / | | | | | | | | | | | | | | | | | | | | | Allow overwrite of the signature-policy file by passing signature-policy flag to podman save command Closes: https://github.com/containers/podman/issues/15869 Signed-off-by: 😎Mostafa Emami <mustafaemami@gmail.com>
* | | Merge pull request #15894 from edsantiago/reenable_some_aarch64_testsOpenShift Merge Robot2022-09-22
|\ \ \ | | | | | | | | System tests: reenable some skipped aarch64 tests
| * | | System tests: reenable some skipped aarch64 testsEd Santiago2022-09-21
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Background: in order to add aarch64 tests, we had to add emergency skips to a lot of failing tests. No attempt was ever made to understand why they were failing. Fast forward to today, I filed #15888 just to see if tests are still failing. Looks like a number of them are fixed. (Yes, magically). Remove those skips. See: #15074, #15277 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #15890 from cevich/more_ioutil_fixesOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Fix a few missed io/ioutil -> os updates
| * | | Fix a few missed io/ioutil -> os updatesChris Evich2022-09-21
|/ / / | | | | | | | | | | | | | | | Ref: https://github.com/containers/podman/pull/15871 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #15871 from cevich/replace_ioutilOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Replace deprecated ioutil
| * | | Replace deprecated ioutilChris Evich2022-09-20
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Package `io/ioutil` was deprecated in golang 1.16, preventing podman from building under Fedora 37. Fortunately, functionality identical replacements are provided by the packages `io` and `os`. Replace all usage of all `io/ioutil` symbols with appropriate substitutions according to the golang docs. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #15837 from rhatdan/formatOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Improve generate systemd format
| * | | Improve generate systemd formatDaniel J Walsh2022-09-21
| |/ / | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/14897 Followup to #13814 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #15856 from dfr/freebsd-copyOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Add support for 'podman cp' on FreeBSD
| * | | libpod: Implement 'podman cp' for FreeBSDDoug Rabson2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | | libpod: Move jointMountAndExec to container_copy_linux.goDoug Rabson2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This also moves the logic for resolving paths in running and stopped containers tp container_copy_linux.go. On FreeBSD, we can execute the function argument to joinMountAndExec directly using host-relative paths since the host mount namespace includes all the container mounts. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | | libpod: Move part of (*Container).stat to container_stat_linux.goDoug Rabson2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The logic that treats running containers differently from stopped containers is not needed on FreeBSD where the container mounts live in a global mount namespace. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | | libpod: Move container_copy_linux.go to container_copy_common.goDoug Rabson2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
| * | | libpod: Move container_stat_linux.go to container_stat_common.goDoug Rabson2022-09-20
| |/ / | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
* | | Merge pull request #15842 from ashley-cui/seclabelsOpenShift Merge Robot2022-09-21
|\ \ \ | | | | | | | | Add labels to secrets
| * | | Add labels to secretsAshley Cui2022-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add --label/-l label flag to secret create, and show labels when inspecting secrets. Also allow labeling secrets via libpod/compat API. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #15866 from boaz0/closes_15746OpenShift Merge Robot2022-09-21
|\ \ \ \ | |_|/ / |/| | | Fix podman-remote run --attach stdin to show container ID
| * | | Fix podman-remote run --attach stdin to show container IDBoaz Shuster2022-09-20
| | | | | | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | | Merge pull request #15859 from edsantiago/docs_format_eventsOpenShift Merge Robot2022-09-19
|\ \ \ \ | | | | | | | | | | [CI:DOCS] man pages: document some --format options
| * | | | man pages: document some --format optionsEd Santiago2022-09-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Baby steps toward merging #14046: document Go format options for podman events. This is deliberately imperfect. I am not the right person to document these. I am simply the person who is getting a skeleton framework in place. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | Merge pull request #15072 from rhatdan/contextOpenShift Merge Robot2022-09-19
|\ \ \ \ \ | |/ / / / |/| | | | Add support for podman context as alias to podman system connection
| * | | | Add support for podman context as alias to podman system connectionDaniel J Walsh2022-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Alias podman --context -> podman --connection podman context use -> podman system connection default podman context rm -> podman system connection rm podman context create -> podman system connection add podman context ls ->podman system connection ls podman context inspect ->podman system connection ls --json (For specified connections) Podman context is a hidden command, but can be used for existing scripts that assume Docker under the covers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #15844 from rhatdan/selinuxOpenShift Merge Robot2022-09-19
|\ \ \ \ \ | |_|_|_|/ |/| | | | label.Relabel third option is shared not recurse
| * | | | label.Relabel third option is shared not recurseDaniel J Walsh2022-09-17
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no option in Selinux labeling to only relabel the top level of a directory. The option is to either label the path shared or not shared. Changing to make sure future engineers do not assume that recurse can work. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #15839 from cdoern/cloneOpenShift Merge Robot2022-09-17
|\ \ \ \ | | | | | | | | | | podman container clone env patch
| * | | | podman container clone env patchCharlie Doern2022-09-16
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman container clone was failing when env variables had multiple `=` in them. Switch split to splitn resolves #15836 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Merge pull request #15833 from ↵OpenShift Merge Robot2022-09-16
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/coreos/go-systemd/v22-22.4.0 build(deps): bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.4.0
| * | | | build(deps): bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.4.0dependabot[bot]2022-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) from 22.3.2 to 22.4.0. - [Release notes](https://github.com/coreos/go-systemd/releases) - [Commits](https://github.com/coreos/go-systemd/compare/v22.3.2...v22.4.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-systemd/v22 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-12-26 20:02:18 +0000