summaryrefslogtreecommitdiff
path: root/Makefile
Commit message (Collapse)AuthorAge
* Makefile: build podman-remote-static with cgo disabledLokesh Mandvekar2022-03-30
| | | | | | | | Resolves: #13557 [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Fix windows win-sshproxy buildPaul Holzinger2022-03-17
| | | | | | | | | Github no longer supports the unauthenticated git protocol, so switch to using https instead. https://github.blog/2021-09-01-improving-git-protocol-security-github/ Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Load ip_tables modules at bootPaul Holzinger2022-02-23
| | | | | | | | | | | | | | | | | | Rootless users cannot load the ip_tables module, in fedora 36 this module is no longer loaded by default so we have to add it manually. This is needed because rootless network setup tries to use iptables and if iptables-legacy is used instead of iptables-nft it will fail. To provide a better user experience we will load the module at boot. Note that this is not needed for RHEL because iptables-legacy is not supported on RHEL 8 and newer. [NO NEW TESTS NEEDED] Fixes #12661 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Initial implementation of mac forwarding using a privileged docker sock ↵Jason T. Greene2022-02-16
| | | | | | claim helper Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* netavark e2e testsBrent Baude2022-02-11
| | | | | | enabled e2e tests for netavark Signed-off-by: Brent Baude <bbaude@redhat.com>
* Makefile: install targets independent of buildLokesh Mandvekar2022-01-25
| | | | | | | | | | | | | | Building from source would involve separate `make` and `make install` steps. This removes a lot of unnecessary `-nobuild` targets which were otherwise needed for packaging. This commit also removes spec files for unused copr jobs. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Run codespell on codeDaniel J Walsh2022-01-21
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Engine.Remote from containers.confJhon Honce2022-01-20
| | | | | | | | | | | | | | | Heuristic to initialize TunnelMode/remote podman: - Podman built with remote tag - Podman running on darwin or windows GOOS - CONTAINER_HOST or CONTAINER_CONNECTION set in environment - --remote flag given on command line - From containers.conf, Engine.Remote == true and GOOS == linux Otherwise, podman will run in ABIMode/linked against libpod library. Fixes #12866 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Implement API forwarding for podman machine on WindowsJason T. Greene2022-01-19
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* bump go module to version 4Valentin Rothberg2022-01-18
| | | | | | | | | | | | | Automated for .go files via gomove [1]: `gomove github.com/containers/podman/v3 github.com/containers/podman/v4` Remaining files via vgrep [2]: `vgrep github.com/containers/podman/v3` [1] https://github.com/KSubedi/gomove [2] https://github.com/vrothberg/vgrep Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Switch to a new installer approach using a path manipulation helperJason T. Greene2021-12-23
| | | | | | | | | | | | Fixes #11089 - cleanup PATH on MSI uninstall Additionally fixes scenarios where the path can be overwritten by setx Also removes the console flash, since the helper is built as a silent gui Helper executable can be rerun by user to repair PATHs broken by other tools Utilizes executable location instead of passed parameters to remove delicate escaping requirements [NO NEW TESTS NEEDED] Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* compat API: allow enforcing short-names resolution to Docker HubValentin Rothberg2021-11-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Docker-compatible REST API has historically behaved just as the rest of Podman and Buildah (and the atomic Docker in older RHEL/Fedora) where `containers-registries.conf` is centrally controlling which registries a short name may resolve to during pull or local image lookups. Please refer to a blog for more details [1]. Docker, however, is only resolving short names to docker.io which has been reported (see #12320) to break certain clients who rely on this behavior. In order to support this scenario, `containers.conf(5)` received a new option to control whether Podman's compat API resolves to docker.io only or behaves as before. Most endpoints allow for directly normalizing parameters that represent an image. If set in containers.conf, Podman will then normalize the references directly to docker.io. The build endpoint is an outlier since images are also referenced in Dockerfiles. The Buildah API, however, supports specifying a custom `types.SystemContext` in which we can set a field that enforces short-name resolution to docker.io in `c/image/pkg/shortnames`. Notice that this a "hybrid" approach of doing the normalization directly in the compat endpoints *and* in `pkg/shortnames` by passing a system context. Doing such a hybrid approach is neccessary since the compat and the libpod endpoints share the same `libimage.Runtime` which makes a global enforcement via the `libimage.Runtime.systemContext` impossible. Having two separate runtimes for the compat and the libpod endpoints seems risky and not generally applicable to all endpoints. [1] https://www.redhat.com/sysadmin/container-image-short-names Fixes: #12320 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Minor Makefile fixChris Evich2021-11-18
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Revert "add kubernetes pause"Valentin Rothberg2021-11-15
| | | | | | | | This reverts commit 9d2b8d2791c23b83b6155b046099a83483860c56 since catatonit's new pause functionality can replace the `pause` binary entirely. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Match .c files in MakefileIan Wienand2021-11-09
| | | | | | | Ensure that rebuilds happen when .c files are updated in the source tree. Signed-off-by: Ian Wienand <iwienand@redhat.com>
* add kubernetes pauseValentin Rothberg2021-10-26
| | | | | | | | | | | Add the k8s pause binary to `pause/pause.c` and do the plumbing in the Makefile to install it in $libexec/podman/pause/pause. It is intended to replace the k8s pause image and hence the need for network connectivity when creating pods. [NO NEW TESTS NEEDED] since it will be tested in a following commit. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Use CGO_ENABLED=1 when building natively on darwinJhon Honce2021-10-14
| | | | | | | | | | | Need to use CGO for mDNS resolution, but cross builds need CGO disabled See https://github.com/golang/go/issues/12524 for details Note: Homebrew forumla will need to be updated to pick up this change Fixes #10737 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* rootlessport: reduce memory usage of the processPaul Holzinger2021-10-12
| | | | | | | | | | | | | | | | | | | | | | Don't use reexec for the rootlessport process, instead make it a separate binary to reduce the memory usage. The problem with reexec is that it will import all packages that podman uses and therefore loads a lot of stuff into the heap. The rootlessport process however only needs the rootlesskit library. The memory usage is a concern since the rootlessport process will spawn two process per container which has ports forwarded. The processes stay until the container dies. On my laptop the current reexec version uses 47800 KB RSS. The new separate binary only uses 4540 KB RSS. This is more than a 90% improvement. The Makefile has been updated to compile the new binary and install it to the libexec directory. Fixes #10790 [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Unit files: Use actual installed path for podmanEd Santiago2021-10-12
| | | | | | | | | | | | | | | | | | | | | Don't hardcode /usr/bin/podman in unit files: instead, use template files with a path replaced at install time. Because 'make' can be invoked repeatedly, with different PREFIX, do not leave the generated files behind in our work directory: wipe them immediately after install. To get this to work, fix a longstanding bug in podman.spec.in, a PREFIX that should've been DESTDIR. Side note: #7023 made contrib/systemd/user a symlink to .../system but did not update paths in Makefile. The unrelated-looking path change you see here is a belated correction for that. Fixes: #10787 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Fix contributor make targets on Ubuntu and DebianAnders F Björklund2021-09-28
| | | | | | | | It was trying to run a bash script with sh [NO TESTS NEEDED] This changes "make lint" Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* Merge pull request #11760 from rhatdan/dockerfileOpenShift Merge Robot2021-09-28
|\ | | | | Add dockerfile.5 as man link to containerfile man page
| * Add dockerfile.5 as man link to containerfile man pageDaniel J Walsh2021-09-27
| | | | | | | | | | | | | | | | | | | | containers-common now ships a containerfile man page, this patch adds a link to dockerfile.5 so that if user installs podman-docker package man dockerfile will work. [NO TESTS NEEDED] since this is just a man page change. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Set MSI to be 64-bit only.Easton Pillay2021-09-27
|/ | | | | | Hi there! I noticed that the MSI file built for Windows was building in 32-bit mode, even though Podman is 64-bit only. I added a flag to wixl in the Makefile to tell it to build a 64-bit MSI, and I adjusted the podman.wxs file to use the right settings for 64-bit programs. Signed-off-by: GitHub <noreply@github.com>
* Makefile: use -ldflags/-gccgoflags depending on the go implemenatitonДилян Палаузов2021-09-23
| | | | | | | | | | | | | Insisting on “DCO” imposes formalities, that serve self-purpose. One cannot assume that the submitter has time or will to read texts about symbolism in software contributions. If the system wants to see the text nrEAUIEUAIe eanuitdnuae EAIUEAUIAIE »ℓ§444.3.72b)°»°ℓ§euaieauuae in each commit, people will write this, or any other text, that the system wants to see. All such text, which presence is mandated by the system, has the same value. Signed-off-by: Дилян Палаузов <git-dpa@aegee.org>
* Cross-build release-archives w/ arch in filenameChris Evich2021-09-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #11417 Cross-building the podman-remote documentation requires a functional native architecture executable. However `make` only deals with files/timestamps, it doesn't understand if an existing binary will function on the system or not. This makes building cross-platform releases incredibly accident-prone and fragile. A practical way to deal with this, is via multiple conditional (nested) `make` calls along with careful manipulation of `$GOOS` and `$GOARCH`. Also, when cross-building releases be kind to humans and cleanup any non-native binaries left behind. Update the `Alt Arch. Cross` Cirrus-CI task to build release archives for all Linux architectures supported by golang and podman. Update the `OSX Cross` task to additionally build for the M1 (arm64) architecture. Finally, update the release process documentation to reflect the new locations (Cirrus-CI task names) for the release archives. Include a note about additional manual work being required to produce the signed `.dmg` file for MacOS. Signed-off-by: Chris Evich <cevich@redhat.com>
* Fix Error, empty output for info: 'VERSION'Chris Evich2021-09-21
| | | | | | | | | | | | | | | | | | | | | When building releases, the definitive canonical version of podman (or podman-remote) is needed. Previously this was accomplished by scraping `version/version.go`. However, due to tooling differences across platforms, this has proven problematic, unreliable, and hard to maintain. Fix this by building and caching a small golang binary who's only purpose is to print the version number to stdout. This not only provides a quick and reliable way to determine the current version, it also acts as a check on the version API vs tooling that relies on it. Lastly, remove several `RELEASE_*` Makefile definitions which aren't actually used anywhere. These were originally added a very long time ago to serve as part of a long since retired release process. The remaining items, were updated to make use of the new `.podmanversion` binary on an as-required basis (i.e. not every time `make` is run). Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Run unit-tests rootlessChris Evich2021-09-09
| | | | | | | | | | Previously (for various reasons) the unittests were limited by the Makefile to root-only. However, experimentation via PR #11490 shows they will actually execute and pass when run as a regular user. Enable this for only the latest Fedora VMs, so as to only add one new task to the (already large) set. Signed-off-by: Chris Evich <cevich@redhat.com>
* Remove changelog.txt from the repositoryjesperpedersen2021-09-07
| | | | | | | | | | | The changelog.txt file hasn't been kept in sync with release tags, especially on main, so remove it. The release notes will be featured in RELEASE_NOTES.md. Signed-off-by: jesperpedersen <jesper.pedersen@redhat.com> [NO TESTS NEEDED]
* Add support for libsubidDaniel J Walsh2021-08-27
| | | | | | | | | This will enable remote access to /etc/subuid and /etc/subgid information from ldap services, if shadow-utils ships with a libsubid. [NO TESTS NEEDED] Since we have no way to test this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #11169 from cevich/enable_docker_py_testingopenshift-ci[bot]2021-08-16
|\ | | | | Enable docker-py compat. testing w/ ignored result
| * Enable docker-py compat. testing w/ ignored resultChris Evich2021-08-09
| | | | | | | | | | | | | | | | | | | | Significant bitrot results in almost immediate test failure. This commit adds only the very basic, bare-minimum needed to get them started. ***TESTING RESULTS ARE IGNORED*** Signed-off-by: Chris Evich <cevich@redhat.com>
* | Run codespell to fix spellingDaniel J Walsh2021-08-11
| | | | | | | | | | | | [NO TESTS NEEDED] Just fixing spelling. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Reproducible Builds: trim embedded cgo pathskpcyrd2021-08-09
|/ | | | Signed-off-by: kpcyrd <git@rxv.cc>
* [CI:DOCS] tests-expect-exit: include source line numbersEd Santiago2021-08-04
| | | | | | | | | | In the new check for preventing 'Expect(ExitCode...)', include source line numbers. Response to #11034, which I totally didn't even understand because it was referencing a different test. Sorry, Brent. Signed-off-by: Ed Santiago <santiago@redhat.com>
* buildah bud tests under podman-remoteEd Santiago2021-07-28
| | | | | | | | | | | | | | | | New functionality -- mostly in the diffs we apply to buildah's helpers.bash -- to enable running buildah-bud tests under podman-remote. The gist of it is, we start a 'podman system service' before each test, and clean it up on test exit. Design decision: the diff file for helpers.bash is no longer trailing-whitespace-clean: that ended up producing diffs that git wouldn't apply, because in some cases the whitespace is actually important. In order to pass CI, we need to exclude this file from some checks. Signed-off-by: Ed Santiago <santiago@redhat.com>
* e2e tests: prevent 'Expect(ExitCode())' patternEd Santiago2021-07-20
| | | | | | | | | | | | | | | | | Followup to #10932: add a validation check to prevent introduction of new 'Expect(foo.ExitCode()).To(...)' patterns. If such use is absolutely necessary -- there is one such instance in the code already -- require that the assertion include a description. Also: clean up instances that were introduced since the merging of #10932. Also: fix one remaining instance in run_exit_test.go: it had a FIXME comment mentioning a race condition, but unfortunately there was no issue or bug ID, hence no way to know if the race is fixed or not. We will assume it is. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Fixes due to master->main renameChris Evich2021-06-30
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #10803 from lsm5/remove-cni-conflistOpenShift Merge Robot2021-06-29
|\ | | | | Makefile: remove install.cni
| * Makefile: remove install.cniLokesh Mandvekar2021-06-28
| | | | | | | | | | | | | | We no longer need to install /etc/cni/net.d/87-podman-bridge.conflist so install.cni isn't needed either. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | prefix `ETCDIR` with `${PREFIX}/`tobwen2021-06-26
|/ | | | | | `ETCDIR` isn't prefixed and led to dangling files in `DESTDIR/etc` Signed-off-by: Tobias Wendorff <1864057+tobwen@users.noreply.github.com>
* Merge pull request #10679 from cevich/fix_static_buildOpenShift Merge Robot2021-06-15
|\ | | | | Fix building static podman-remote
| * Fix building static podman-remoteChris Evich2021-06-14
| | | | | | | | | | | | | | | | | | | | As near as I can tell, sometime between `v1.6.4` and `v1.9` the definition of `LDFLAGS_PODMAN_STATIC` was both created and lost. Additionally, after a refactoring of the `Makefile` it was possible to enable CGO (which will cause a dynamic binary to be built). Fix both issues by adding the missing definition and forcing CGO to be disabled. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #10595 from boaz0/closes_10539OpenShift Merge Robot2021-06-15
|\ \ | |/ |/| Add podman-restart systemd unit file
| * Restart all containers with restart-policy=always on bootBoaz Shuster2021-06-13
| | | | | | | | | | | | | | * Add podman-restart systemd unit file and add it to podman RPM package * Fix podman start to filter all containers + unit test Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | Merge pull request #10601 from Procyhon/07062021_manpageOpenShift Merge Robot2021-06-12
|\ \ | | | | | | [CI:DOCS] UPDATE manpages with MANPAGE_SYNTAX
| * | UPDATE manpages with MANPAGE_SYNTAXAlexander Richter2021-06-12
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following manpages have been adapted to the MANPAGE_SYNTAX: - podman-completion - podman-container-checkpoint - podman-container-cleanup - podman-container-exists The following manpages have had little changes: - podman-attach - podman-commit - MANPAGE_SYNTAX - Makefile Signed-off-by: Alexander Richter <67486332+Procyhon@users.noreply.github.com>
* / Update nix pin with `make nixpkgs`Wong Hoi Sing Edison2021-06-10
|/ | | | | | | | - Bugfix `make nixpkgs` which pin with branch `nixos-21.05` - Code lint with `nixpkgs-fmt` - Code sync between x86\_64 and aarch64 Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
* UPDATE MANPAGE_SYNTAX (commit,attach,auto-update)Alexander Richter2021-06-06
| | | | | | | Updated version for the MANPAGE_SYNTAX and adaption of the syntax for the manpages of podman-commit, podman-attach, and podman-auto-update. Signed-off-by: Alexander Richter <67486332+Procyhon@users.noreply.github.com>
* Handle hard links in remote buildsDaniel J Walsh2021-05-22
| | | | | | Fixes: https://github.com/containers/podman/issues/9893 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Break up python APIv2 testsJhon Honce2021-05-18
| | | | | | | | | | | | | | * Tests broken up into areas of concern * Introduced fixtures to reduce duplicated code * Introduced new assert methods with APITestCase * General cleanup of code while visiting * Tests now targeting quay.io Known issues: * is-official against quay.io not working Fixes: #9238 Signed-off-by: Jhon Honce <jhonce@redhat.com>