aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| * | | | | | | cp: consolidate and simplifyValentin Rothberg2021-07-28
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Consolidate and simplify code in `podman cp` a bit. PR #11049 introduced some code duplicates that were worth tackling. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #11056 from giuseppe/warning-root-no-sharedOpenShift Merge Robot2021-07-28
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | rootless: check that / is mounted as shared
| * | | | | | | rootless: check that / is mounted as sharedGiuseppe Scrivano2021-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if the root mount '/' is not mounted as MS_SHARED, print a warning, otherwise new mounts that are created in the host won't be propagated to the rootless mount namespace. Closes: https://github.com/containers/podman/issues/10946 [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | | Merge pull request #10910 from ↵OpenShift Merge Robot2021-07-28
|\ \ \ \ \ \ \ \ | |_|/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | adrianreber/2021-07-12-checkpoint-restore-into-pod Add support for checkpoint/restore into and out of pods
| * | | | | | | Added tests for out of and into pod checkpoint and restore supportAdrian Reber2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | | | | Support checkpoint/restore with podsAdrian Reber2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support to checkpoint containers out of pods and restore container into pods. It is only possible to restore a container into a pod if it has been checkpointed out of pod. It is also not possible to restore a non pod container into a pod. The main reason this does not work is the PID namespace. If a non pod container is being restored in a pod with a shared PID namespace, at least one process in the restored container uses PID 1 which is already in use by the infrastructure container. If someone tries to restore container from a pod with a shared PID namespace without a shared PID namespace it will also fail because the resulting PID namespace will not have a PID 1. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | | | | Vendor in go-criu v5.1.0 for Pod checkpoint/restore supportAdrian Reber2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
| * | | | | | | Prepare CRIU version check to work with multiple versionsAdrian Reber2021-07-27
| | |_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The upcoming commit to support checkpointing out of Pods requires CRIU 3.16. This changes the CRIU version check to support checking for different versions. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | | | Merge pull request #11049 from vrothberg/fix-7370OpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | support container to container copy
| * | | | | | | cp system tests: reduce number of exec'sValentin Rothberg2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reduce the amount of `podman exec`s in the cp system tests. Exec is expensive and a number of them could easily be combined into the container command. This cuts down the costs of running the tests by around 25 percent on my local machine. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | | | support container to container copyMehul Arora2021-07-27
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement container to container copy. Previously data could only be copied from/to the host. Fixes: #7370 Co-authored-by: Mehul Arora <aroram18@mcmaster.ca> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #11060 from ↵OpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.33.0 Bump github.com/containers/storage from 1.32.6 to 1.33.0
| * | | | | | | Bump github.com/containers/storage from 1.32.6 to 1.33.0dependabot[bot]2021-07-27
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.6 to 1.33.0. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.6...v1.33.0) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | | Merge pull request #11061 from giuseppe/migrate-no-move-to-cgroupOpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | command: migrate doesn't move process to cgroup
| * | | | | | command: migrate doesn't move process to cgroupGiuseppe Scrivano2021-07-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add a new annotation for the "system migrate" command to not move the pause process to a separate cgroup. The operation is not needed since "system migrate" destroys the pause process, so there won't be any process left to move to a cgroup. [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | rootless: do not overwrite err variableGiuseppe Scrivano2021-07-27
| |/ / / / / | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #11055 from vrothberg/fix-10701OpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | exec: fix cleanup
| * | | | | | exec: fix cleanupValentin Rothberg2021-07-27
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 341e6a1 made sure that all exec sessions are getting cleaned up. But it also came with a peformance penalty. Fix that penalty by spawning the cleanup process to really only cleanup the exec session without attempting to remove the container. [NO TESTS NEEDED] since we have no means to test such performance issues in CI. Fixes: #10701 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #11028 from ↵OpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.14.0 Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0
| * | | | | | Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0dependabot[bot]2021-07-25
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.13.2 to 5.14.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.13.2...v5.14.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | | | Merge pull request #10861 from jmguzik/until-prune-volume-cmdOpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add prune until filter test for podman volume cli
| * | | | | | Add prune until filter test for podman volume cliJakub Guzik2021-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit follows work started in #10756. Changes made in #11015 enabled cli support for volume prune --filter until. Adding e2e test closes #10579. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | | | | | Merge pull request #11025 from rhatdan/dockerfileOpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | [CI:DOCS] Fix handling of shadow-utils
| * | | | | | Fix handling of shadow-utilsDaniel J Walsh2021-07-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There seems to be a bug in rpm, where it fails silently if you specify rpm --restore --quiet shadow-utils. rpm --restore shadow-utils 2> /dev/null Does the right thing. [NO TESTS NEEDED] Might add tests from buildah, once we have them working correctly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #10983 from vrothberg/fix-danglingOpenShift Merge Robot2021-07-27
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | refine dangling checks
| * | | | | | refine dangling checksValentin Rothberg2021-07-26
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By proxy by vendoring containers/common. Previously, a "dangling" image was an untagged image; just a described in the Docker docs. The definition of dangling has now been refined to an untagged image without children to be compatible with Docker. Further update a redundant image-prune test. Fixes: #10998 Fixes: #10832 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #11047 from Luap99/fix-11032OpenShift Merge Robot2021-07-26
|\ \ \ \ \ \ | | | | | | | | | | | | | | dual-stack network: fix duplicated subnet assignment
| * | | | | | dual-stack network: fix duplicated subnet assignmentPaul Holzinger2021-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure podman network create reads all subnets from existing cni configs and not only the first one. Fixes #11032 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | | Merge pull request #11036 from caarlos0/fix-podman-manifest-pushOpenShift Merge Robot2021-07-26
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | fix: podman manifest push respect --tls-verify flag
| * | | | | | | fix: podman manifest push respect --tls-verify flagCarlos Alexandro Becker2021-07-26
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com>
* | | | | | | Merge pull request #11019 from boaz0/test_corsOpenShift Merge Robot2021-07-26
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Add tests to verify CORs is enabled
| * | | | | | Add tests to verify CORS is enabledBoaz Shuster2021-07-25
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | | | | Merge pull request #11044 from vrothberg/playOpenShift Merge Robot2021-07-26
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | play kube: support capitalized pull policy
| * | | | | play kube: support capitalized pull policyValentin Rothberg2021-07-26
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pull policies in K8s yaml may be capitalized, so lower them before parsing. Fixes: bugzilla.redhat.com/show_bug.cgi?id=1985905 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #10895 from rhatdan/devicesOpenShift Merge Robot2021-07-24
|\ \ \ \ \ | | | | | | | | | | | | Support DeviceCgroupRules to actually get added.
| * | | | | Support DeviceCgroupRules to actually get added.Daniel J Walsh2021-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/10302 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #10996 from cdoern/untilLogOpenShift Merge Robot2021-07-24
|\ \ \ \ \ \ | | | | | | | | | | | | | | Implemented --until flag for Libpod's Container Logs
| * | | | | | Implemented --until flag for libpod's container logscdoern2021-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | compat containers/logs was missing actual usage of until query param. This led me to implement the until param for libpod's container logs as well. Added e2e tests. Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | | | Merge pull request #11018 from vrothberg/fix-10994OpenShift Merge Robot2021-07-24
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | | import: write stdin to tmp file
| * | | | | | import: write stdin to tmp fileValentin Rothberg2021-07-23
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If importing an archive via stdin write it to a temporary file such that the temporary file can be opened multiple times later on. Otherwise, we may end up with an empty image. Also fix a bug in the URL parsing code; we need to check whether there's actually a scheme. Add system tests for `podman import` exercising the basics. Fixes: #10994 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #11027 from edsantiago/batsOpenShift Merge Robot2021-07-23
|\ \ \ \ \ \ | | | | | | | | | | | | | | Networking test: fix silent breakage
| * | | | | | Networking test: fix silent breakageEd Santiago2021-07-22
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Wow did I screw up. #10982 introduced (at my suggestion) a new wait_for_port() helper, with the goal of eliminating a race condition. It didn't work. First: wait_for_port() tests by connecting to the port, which is a Bad Idea when you have a one-shot server that exits upon the first connection closing. We should've caught that, but: Second: I wrote wait_for_port() for a non-BATS test framework, and used the conventional file descriptor 3. BATS uses fd3 for internal control. Overriding that made the test silently just disappear, no "not ok" message, no warnings, nothing except vanishing into the ether. Third: this was caught by my log-colorizer script, which loudly yelled "WARNING: expected 234" (tests) at the bottom of the log. Unfortunately, since this wasn't my PR, I didn't actually look at the test logs. Solution: we can't use wait_for_port() in the network port test. Use wait_for_output() instead, triggering on the 'listening' message emitted by netcat in the container. Also: fix wait_for_port() to use fd5 instead of 3. Although no code currently uses wait_for_port() as of this PR, it's a useful helper that we may want to keep. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #11013 from hshiina/cgroupsv2OpenShift Merge Robot2021-07-22
|\ \ \ \ \ \ | | | | | | | | | | | | | | [CI:DOCS] Add notes to flags not supported on cgroups V2
| * | | | | | Add notes to flags not supported on cgroups V2Hironori Shiina2021-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clarify what flags are not supported on cgroups V2 in documentation. Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
* | | | | | | Merge pull request #11022 from xordspar0/patch-1OpenShift Merge Robot2021-07-22
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | [CI:DOCS] Fix broken remote client link
| * | | | | | | docs: fix broken remote client linkJordan Christiansen2021-07-22
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | Signed-off-by: Jordan Christiansen <jordan.christiansen@target.com>
* | | | | | | Merge pull request #11015 from jmguzik/until-list-volumeOpenShift Merge Robot2021-07-22
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Add until filter to volume ls filters list
| * | | | | | Add until filter to volume ls filters listJakub Guzik2021-07-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As a conclusion of a discussion in #10861, until filter is added by this commit to volume ls filters. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | | | | | Merge pull request #11007 from mheon/journald_test_skipOpenShift Merge Robot2021-07-21
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Ensure journald events tests only run where supported
| * | | | | | | Ensure journald events tests only run where supportedMatthew Heon2021-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't support the journald events backend on RHEL8, for example. So we can't unconditionally run these tests. Partial fix for RHBZ1955166 Signed-off-by: Matthew Heon <mheon@redhat.com>