summaryrefslogtreecommitdiff
path: root/contrib/podmanimage
Commit message (Collapse)AuthorAge
* [CI:DOCS] Update podmanimage comment.Chris Evich2022-06-29
| | | | | | | Drop a reference as to why the `rpm --setcaps...` line is needed, along with a `TODO` reminder to check if it's still needed. Signed-off-by: Chris Evich <cevich@redhat.com>
* [CI:DOCS] Minor update to podmanimage upstream docsChris Evich2022-06-24
| | | | | | | Add a reference to where/how podman is compiled for the 'upstream' flavored image. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #14519 from rhatdan/DockerfileOpenShift Merge Robot2022-06-07
|\ | | | | [CI:DOCS] Podman images generated with empty /etc/containers/storage.conf
| * Podman images generated with empty /etc/containers/storage.confDaniel J Walsh2022-06-07
| | | | | | | | | | | | | | | | | | | | The Containerfiles were built with sed -i, which is leading to empty storage.conf files. This will cause Podman in a container to print warning information about storage.driver not being set to something. [NO NEW TESTS REQUIRED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Minor: Fix podmanimage README linksChris Evich2022-06-07
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Minor: Remove useless addition of storage.confChris Evich2022-06-06
| | | | | | | | This was an accidental leftover from an in-development implementation. The `sed` command further down entirely replaces the file in the image. Strip out the unnecessary 'storage.conf' ADD instruction. Signed-off-by: Chris Evich <cevich@redhat.com>
* [CI:DOCS] PodmanImage Readme touchuptomsweeneyredhat2022-06-04
| | | | | | | | | | @cevich recently renamed all the files named Dockerfile to Containerfile in this directory. Touching up the README.md to reflect that. Also, as I was doing the submit, I noticed a couple of nits in the PR request template and cleaned those up. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* Podman image: Mass cleanup + fix missing storage.confChris Evich2022-06-01
| | | | | | | | | | | | | | | | | | As of Fedora 36, `/etc/containers/storage.conf` with defaults is installed under `/usr/share/containers/`. This was causing builds to fail in the necessary `sed` command that enables fuse-overlayfs. Fix this by using sed on the new location with an output redirect into the `etc` location. Also, perform a mass-cleanup of the three files to make them easier to read/maintain. Including renaming them to `Containerfile`, since all native build tooling is now used to produce them. Lastly, take advantage of the `podman-next` copr repository to install the latest/greatest podman from `main`, rather than building it from scratch. This will greatly speed up the image build speed. Signed-off-by: Chris Evich <cevich@redhat.com>
* Revert "Switch all rootful to rootfull"Ashley Cui2022-04-25
| | | | | | | | | | This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee. We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* Switch all rootful to rootfullDaniel J Walsh2022-04-21
| | | | | | | | | We are inconsistent on the name, we should stick with rootfull. [NO NEW TESTS NEEDED] Existing tests should handle this and no tests for machines exists yet. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Cirrus: Multi-arch build auto-update + tagging updateChris Evich2022-04-07
| | | | | | | | | | | | | | | | This new VM image brings in two important updates to multi-arch image build operations: 1. Future operational changes will no-longer require also updating VM images. Updates to build-push made in `containers/automation_images` will automatically be picked up at runtime. ref: https://github.com/containers/automation_images/pull/123 2. On the next run, both `vX` and `vX.Y` tagged manifest-lists will be pushed. This is now also reflected in the README. ref: https://github.com/containers/automation_images/pull/125 Signed-off-by: Chris Evich <cevich@redhat.com>
* increase subuid and subgid in imageChmouel Boudjnah2022-02-16
| | | | | | | increase the number of ids available to the podman users when running as rootless. Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>
* fix default branch linksErik Sjölund2022-01-15
| | | | | | | | | | | | | * Replace https://github.com/containers/podman/blob/master with https://github.com/containers/podman/blob/main to match the new default branch "main". Previously the default branch was "master". This is the only occurence found in the code. * Replace https://raw.githubusercontent.com/containers/libpod/master with https://raw.githubusercontent.com/containers/podman/main Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Move the chown to after the ADDsDaniel J Walsh2021-11-29
| | | | | | | | I have noticed that the containers.conf file in the /home/podman directory is owned by root and not Podman. This change fixes the ownership. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* VOLUME must be declared after RUN chown commandJindrich Novy2021-11-10
| | | | | | | | | | Podman and Docker will not commit changes via RUN command of a VOLUME directory, so we need to chown path first. Not doing do will cause: https://bugzilla.redhat.com/show_bug.cgi?id=2009266 Signed-off-by: Jindrich Novy <jnovy@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add podman-plugins to upstream imageMatthew Mosesohn2021-10-04
| | | | | | | | Fixes #11380 Replaces https://github.com/containers/podman/pull/11385 Originally subbmitted by @mattymo Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* [CI:DOCS] Add link to running ctrimage on enablesysadmTomSweeneyRedHat2021-09-22
| | | | | | | | | Add a link to the podman images readme.md to Dan's recent post on Enable Sysadm about running containers inside of Podman Fixes: https://github.com/containers/buildah/issues/3119 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* [CI:DOCS] Fix multi-arch image docsChris Evich2021-08-10
| | | | | | | | | | The automation workflow was altered in recent history to build images daily, even if the podman version didn't change. This was is necessary so that any updates/security vulnerabilities in ancillary packages are incorporated quickly. However, documentation was never updated to reflect this change. This commit puts the two in sync. Signed-off-by: Chris Evich <cevich@redhat.com>
* Fix handling of shadow-utilsDaniel J Walsh2021-07-24
| | | | | | | | | | | | | | There seems to be a bug in rpm, where it fails silently if you specify rpm --restore --quiet shadow-utils. rpm --restore shadow-utils 2> /dev/null Does the right thing. [NO TESTS NEEDED] Might add tests from buildah, once we have them working correctly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Just restore protections of shadow-utilsDaniel J Walsh2021-07-19
| | | | | | | | | | Rather then reinstalling shadow-utils to fix permissions, just restore the correct permissions. [NO TESTS NEEDED] Since this does not affect Podman, just the prebuilt images on quay.io/podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Create user storage dir with correct permissionsBlake Burkhart2021-06-14
| | | | | | | | Docker VOLUMEs will inherit permissions from an existing directory at the same path. If the path does not exist, the directory will be owned by root which makes this image unusable in rootless mode. Signed-off-by: Blake Burkhart <blake.burkhart@us.af.mil>
* fix incorrect log driver in podman container imagePaul Holzinger2021-05-12
| | | | | | | | | Commit 7f2c27d43fc5 added an invalid value for the log_driver in the containers.conf file inside the podman image. Fixes #10312 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #10227 from cevich/podman_image_docsOpenShift Merge Robot2021-05-05
|\ | | | | [CI:DOCS] Minor podmanimage docs updates.
| * Minor podmanimage docs updates.Chris Evich2021-05-05
| | | | | | | | | | | | | | Discovered by review of https://github.com/containers/buildah/pull/3200 Signed-off-by: Chris Evich <cevich@redhat.com>
* | Force log_driver to k8s-file for containers in containersDaniel J Walsh2021-05-04
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Update container image docs + fix unstable executionChris Evich2021-04-29
| | | | | | | | | | | | | | | | Update the order of image documentation to be from most to least stable. Similarly, avoid depending on execution of upstream podman, when building/pushing. It's easily possible for this build to function but execution to fail due to some partially implemented feature. Also, ensure images tagged `latest` are pushed for every matrix item. For 'upstream' and 'testing', this replaces use of the 'master' tag. Lastly, update workflow comments and split the 'podman' and 'containers' FQIN steps and outputs to improve readability. Signed-off-by: Chris Evich <cevich@redhat.com>
* Update podman image Dockerfile to support Podman in containerDaniel J Walsh2021-04-12
| | | | | | | | | | | | | | | | | | | | [NO TEST NEEDED] Can not test this in CI/CD system since it needs to be merged in order for the Dockerfiles to even work. Modified the /etc/subuid and /etc/subgid to be able to run in rootless containers. The Range can not be the same as on the host. Add /home/podman/.config/containers/containers.conf to automatically mount /proc on /proc while inside of the container. This prevents additional permissions being required that are blocked when not in --privileged mode. Setup volumes for /var/lib/containers and /home/podman/.local/share/containwers This will prevent the errors where people are doing overlay on overlay. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* SpellingJosh Soref2020-12-22
| | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* [CI:DOCS] Add note on run image fuse problem - try 2TomSweeneyRedHat2020-09-04
| | | | | | | | | | | | | | | | | | We've recently had a number of issues reported against our pre-fabricated images on quay.io and a couple of rhel repositories throwing a fuse error when run: ``` fuse: device not found, try 'modprobe fuse' first ``` The tip on modprobe fuse is not always seen by or displayed to the end user. Adding a couple of doc pointers to hopefully help. Arises from this BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1867892 and several others. Replaces: 7453 where I was going crazy with whitespace and merge issues. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #7237 from TomSweeneyRedHat/dev/tsweeney/imagedocOpenShift Merge Robot2020-08-15
|\ | | | | [CI:DOCS] Update podmanimages README.md
| * [CI:DOCS] Update podmanimages README.mdTomSweeneyRedHat2020-08-05
| | | | | | | | | | | | | | | | | | Updates to the README.md for the contrib/podmanimages directory. This completes the changes to answer this Buildah issue: https://github.com/containers/buildah/issues/1693 and then also adds the quay.io/conatiners/podman images to the list of images. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Align images with BuildahKirill Shirinkin2020-08-10
|/ | | | Signed-off-by: Kirill Shirinkin <kirill@hey.com>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* [CI:DOC]Use full repo name in podmanimage DockerfilesTomSweeneyRedHat2020-05-01
| | | | | | | | | | | | | | In the Buildah images, we had a problem where the testing image was installed with an older version of Buildah than the stable image. This was apparently due to quay.io using Docker and Dockerhub which has a version of Fedora that did not let testing version of Buildah to be installed as it should have been. This change fully specifies the name of the fedora image to use. This has not been a problem in Podman, but I'm carrying this change here to avoid future problems. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Update podmanimage files to adjust perms on containers.conf for rootlessTomSweeneyRedHat2020-04-28
| | | | | | | | | | Adding the changes to the Podman image Docker/Containerfiles similar to @rhatdan 's changes in https://github.com/containers/buildah/pull/2332 In short it changes the perms on containers.conf so it can be used by a rootless user. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Add support for containers.conf to podmanimagesDaniel J Walsh2020-04-20
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix upstream dockerfile and add 'by hand' ctrfileTomSweeneyRedHat2020-03-05
| | | | | | | | | | | | | | | | | | The podmanimage/upstream/Dockerfile had two rpms in its build procedure that are no longer available. The atomic-registries has been removed and the md2man has been renamed. In addtion conmon was not being installed and I've added that. I've been using a Containerfile to build or rebuild a specific version of the podmanimage stored in the stable repository with a version tag. As the other Containerfiles have been updated by others, and in case anyone else needs to build it, I've added it to the repo and have also updated the readme.md. FWIW, the builds in the quay.io/podman/upstream have been failing for a while due to missing rpms. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Update podmanimage build processTomSweeneyRedHat2020-01-08
| | | | | | | | | | | | | | | | | | | | | (Stealing from: @rhatdan 's https://github.com/containers/buildah/pull/2038 ) 1 We need to update all packages in the podman image to make sure they are up2date. 2 reinstall shadow-utils. For some reason the fedora base image does not include the file capabilities assigned to /usr/bin/newuidmap and /usr/bin/newgidmap. Reinstalling shadow-utils, brings them back. 3 Add a default user build to the system. This will create the /etc/subuid and /etc/subgid maps get created correctly. Once we have this we should be able to build a container starting with a non privileged user podman run -ti --user build --device=/dev/fuse -v ./Dockerfile:/Dockerfile:z quay.io/podman/stable podman buildd / Addresses: #4741 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* build: drop support for ostreeGiuseppe Scrivano2019-10-30
| | | | | | | it is going to be removed from containers/image as well, so no longer depend on it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #3817 from xcffl/masterOpenShift Merge Robot2019-09-10
|\ | | | | Add explanation mounting named volumes for `podman run`
| * Replace "podman" with "Podman"xcffl2019-09-07
| | | | | | | | Signed-off-by: xcffl <xcffl@outlook.com>
* | Turn off journald in podmanimages on quay.ioTomSweeneyRedHat2019-09-06
|/ | | | | | | | | In the Dockerfiles that are used to build the podman images on quay.io, we were changing the events_logger from journald to file in libpod.conf, but we weren't enabling it as we didn't remove the comment. This corrects that and addresses: #3464 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Change wait to sleep in podmanimage readmeTomSweeneyRedHat2019-07-22
| | | | | | | Change wait to sleep 100000 as we've had some reports of problems with wait: https://github.com/containers/buildah/issues/1665 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Touchup upstream DockerfileTomSweeneyRedHat2019-06-08
| | | | | | | | The upstream/Dockerfile had a few issues that this cleans up. A few files were misplaced, wrong installs and removes. This corrects those issues. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Create Dockerfiles for podmanimageTomSweeneyRedHat2019-06-01
The Dockerfiles necessary to create the stable, testing and upstream container images on quay.io/user/podman. Once this is commited, I will set up those images such that they will be built with every git commit. stable - Latest Fedora release image testing - Latest release on bohdi Fedora testing upstream - Latest version in upstream podman Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>