summaryrefslogtreecommitdiff
path: root/go.sum
Commit message (Collapse)AuthorAge
* compat API: allow enforcing short-names resolution to Docker HubValentin Rothberg2021-11-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Docker-compatible REST API has historically behaved just as the rest of Podman and Buildah (and the atomic Docker in older RHEL/Fedora) where `containers-registries.conf` is centrally controlling which registries a short name may resolve to during pull or local image lookups. Please refer to a blog for more details [1]. Docker, however, is only resolving short names to docker.io which has been reported (see #12320) to break certain clients who rely on this behavior. In order to support this scenario, `containers.conf(5)` received a new option to control whether Podman's compat API resolves to docker.io only or behaves as before. Most endpoints allow for directly normalizing parameters that represent an image. If set in containers.conf, Podman will then normalize the references directly to docker.io. The build endpoint is an outlier since images are also referenced in Dockerfiles. The Buildah API, however, supports specifying a custom `types.SystemContext` in which we can set a field that enforces short-name resolution to docker.io in `c/image/pkg/shortnames`. Notice that this a "hybrid" approach of doing the normalization directly in the compat endpoints *and* in `pkg/shortnames` by passing a system context. Doing such a hybrid approach is neccessary since the compat and the libpod endpoints share the same `libimage.Runtime` which makes a global enforcement via the `libimage.Runtime.systemContext` impossible. Having two separate runtimes for the compat and the libpod endpoints seems risky and not generally applicable to all endpoints. [1] https://www.redhat.com/sysadmin/container-image-short-names Fixes: #12320 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* image lookup: do not match *any* tagsValentin Rothberg2021-11-23
| | | | | | | | | | For reasons buried in the history of Podman, looking up an untagged image would match any tag of matching image. For instance, looking up centos would match a local image centos:foobar. Change that behavior to only match the latest tag. Fix: #11964 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #12384 from ↵Daniel J Walsh2021-11-22
|\ | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.17.0 Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0
| * Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0dependabot[bot]2021-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.16.1 to 5.17.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.16.1...v5.17.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0dependabot[bot]2021-11-22
|/ | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.9.1 to 1.10.0. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.9.1...v1.10.0) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/rootless-containers/rootlesskit from 0.14.5 to 0.14.6Daniel J Walsh2021-11-19
| | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.5 to 0.14.6. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](rootless-containers/rootlesskit@v0.14.5...v0.14.6) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #12344 from ↵OpenShift Merge Robot2021-11-19
|\ | | | | | | | | containers/dependabot/go_modules/github.com/docker/docker-20.10.11incompatible Bump github.com/docker/docker from 20.10.10+incompatible to 20.10.11+incompatible
| * Bump github.com/docker/dockerdependabot[bot]2021-11-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.10+incompatible to 20.10.11+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.10...v20.10.11) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump k8s.io/api from 0.22.3 to 0.22.4dependabot[bot]2021-11-18
|/ | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.3 to 0.22.4. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.22.3...v0.22.4) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Set config environment variables early in Podman initDaniel J Walsh2021-11-15
| | | | | | | | | Fixes: https://github.com/containers/podman/issues/12296 [NO NEW TESTS NEEDED] because there is no easy way to test this. Tests are in containers/common. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman load: support downloading filesValentin Rothberg2021-11-10
| | | | | | | | | | | | Support downloading files, for instance via `podman load -i server.com/image.tar`. The specified URL is downloaded in the frontend and stored as a temp file that gets passed down to the backend. Also vendor in c/common@main to use the new `pkg/download`. Fixes: #11970 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* support health checks from image configsValentin Rothberg2021-11-09
| | | | | | | | | | | | | | Health checks may be defined in the container config or the config of an image. So far, Podman only looked at the container config. The plumbing happened in libimage but add a regression test to Podman as well to make sure the glue code will not regress. Note that I am pinning github.com/onsi/gomega to v1.16.0 since v1.17.0 requires go 1.16 which in turn is breaking CI. Fixes: #12226 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Bump github.com/checkpoint-restore/go-criu/v5 from 5.1.0 to 5.2.0dependabot[bot]2021-11-05
| | | | | | | | | | | | | | Bumps [github.com/checkpoint-restore/go-criu/v5](https://github.com/checkpoint-restore/go-criu) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/checkpoint-restore/go-criu/releases) - [Commits](https://github.com/checkpoint-restore/go-criu/compare/v5.1.0...v5.2.0) --- updated-dependencies: - dependency-name: github.com/checkpoint-restore/go-criu/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump k8s.io/api from 0.22.2 to 0.22.3dependabot[bot]2021-10-28
| | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.2 to 0.22.3. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.22.2...v0.22.3) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* container create: fix --tls-verify parsingValentin Rothberg2021-10-27
| | | | | | | | | Make sure that the value is only set if specified on the CLI. c/image already defaults to true but if set in the system context, we'd skip settings in the registries.conf. Fixes: #11933 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* vendor: update godbus to v5.0.6Giuseppe Scrivano2021-10-26
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Bump github.com/docker/dockerdependabot[bot]2021-10-26
| | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.9+incompatible to 20.10.10+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.9...v20.10.10) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Update vendor github.com/opencontainers/runtime-toolsDaniel J Walsh2021-10-25
| | | | | | | | | This will change mount of /dev within container to noexec, making containers slightly more secure. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Allow API to specify size and inode quotaDaniel J Walsh2021-10-18
| | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/11016 [NO NEW TESTS NEEDED] We have no easy way to tests this in CI/CD systems. Requires quota to be setup on directories to work. Fixes: https://github.com/containers/podman/issues/11016 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5dependabot[bot]2021-10-12
| | | | | | | | | | | | | | | Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.16.4 to 1.16.5. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v1.16.4...v1.16.5) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* faster image inspectionValentin Rothberg2021-10-08
| | | | | | | | | | | | | | Vendor the latest HEAD in c/common to pull in changes for a faster inspection of images. Previously, only the size computation was optional, now the one for the parent image is as well. In many cases, the parent image is not needed but it takes around 10ms on my local machine. With this change, we cut off 10ms from many code paths, most importantly, container creation. [NO NEW TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1dependabot[bot]2021-10-07
| | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.5 to 1.9.1. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.5...v1.9.1) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1dependabot[bot]2021-10-06
| | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.16.0 to 5.16.1. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.16.0...v5.16.1) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/docker/dockerdependabot[bot]2021-10-05
| | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.8+incompatible to 20.10.9+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.8...v20.10.9) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* bump c/common to latest and c/storage to 1.37.0Paul Holzinger2021-10-04
| | | | | | | Update c/common to fix a bug where broken config files could be created via podman machine and podman system connection add. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Bump github.com/containers/buildah from 1.23.0 to 1.23.1dependabot[bot]2021-10-01
| | | | | | | | | | | | | | | Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.23.0 to 1.23.1. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/v1.23.1/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.23.0...v1.23.1) --- updated-dependencies: - dependency-name: github.com/containers/buildah dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #11804 from ↵OpenShift Merge Robot2021-09-30
|\ | | | | | | | | containers/dependabot/go_modules/github.com/mattn/go-isatty-0.0.14 Bump github.com/mattn/go-isatty from 0.0.12 to 0.0.14
| * Bump github.com/mattn/go-isatty from 0.0.12 to 0.0.14dependabot[bot]2021-09-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty) from 0.0.12 to 0.0.14. - [Release notes](https://github.com/mattn/go-isatty/releases) - [Commits](https://github.com/mattn/go-isatty/compare/v0.0.12...v0.0.14) --- updated-dependencies: - dependency-name: github.com/mattn/go-isatty dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Vendor in latest containers/storageDaniel J Walsh2021-09-29
|/ | | | | | | | Fix handling of additional shares with no images Fixes: https://github.com/containers/storage/issues/1029 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* image prune: support removing external containersValentin Rothberg2021-09-28
| | | | | | | | Support removing external containers (e.g., build containers) during image prune. Fixes: #11472 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Vendor in containers/common v0.46.0Daniel J Walsh2021-09-27
| | | | | | | | | | Fixes: https://github.com/containers/podman/issues/11745 [NO TESTS NEEDED] Since this is just a revendor and a one line change for the revendor Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #11657 from ↵OpenShift Merge Robot2021-09-22
|\ | | | | | | | | containers/dependabot/go_modules/k8s.io/api-0.22.2 Bump k8s.io/api from 0.22.1 to 0.22.2
| * Bump k8s.io/api from 0.22.1 to 0.22.2dependabot[bot]2021-09-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.1 to 0.22.2. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.22.1...v0.22.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11629 from Luap99/CNI-1.0OpenShift Merge Robot2021-09-22
|\ \ | | | | | | Bump CNI to v1.0.1
| * | Bump CNI to v1.0.1Paul Holzinger2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update CNI so we can match wrapped errors. This should silence ENOENT warnings when trying to read the cni conflist files. Fixes #10926 Because CNI v1.0.0 contains breaking changes we have to change some import paths. Also we cannot update the CNI version used for the conflist files created by `podman network create` because this would require at least containernetwork-plugins v1.0.1 and a updated dnsname plugin. Because this will take a while until it lands in most distros we should not use this version. So keep using v0.4.0 for now. The update from checkpoint-restore/checkpointctl is also required to make sure it no longer uses CNI to read the network status. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #11678 from vrothberg/fix-11613OpenShift Merge Robot2021-09-22
|\ \ \ | | | | | | | | podman save: add `--uncompressed`
| * | | podman save: add `--uncompressed`Valentin Rothberg2021-09-22
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an option to `podman save` to allow uncompressed layers when copying OCI images. Do the neccessary plumbing for the remote client, add tests and vendor in the latest commit from c/common to fetch the neccessary changes in libimage. Closes: #11613 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11659 from vrothberg/psgoOpenShift Merge Robot2021-09-22
|\ \ \ | |/ / |/| | vendor c/psgo@v1.7.1
| * | vendor c/psgo@v1.7.1Valentin Rothberg2021-09-22
| |/ | | | | | | | | | | | | | | | | | | psgo added support for listing supplementary groups via two new descriptors: * `groups` for supplementary groups inside the container * `hgroups` for the counterpart on the host Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / vendor c/common@mainValentin Rothberg2021-09-20
|/ | | | | | | | | | | Finalizes the linked BZ to fix passing down custom authfiles during auto updates. Also fixes the if-newer pull policy. [NO TESTS NEEDED] for now validated manually. There's a TODO to add a new system test that I did not find time for before PTO. BZ: bugzilla.redhat.com/show_bug.cgi?id=2000943 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #11322 from Luap99/network-libpodOpenShift Merge Robot2021-09-15
|\ | | | | Wire network interface into libpod
| * Drop OCICNI dependencyPaul Holzinger2021-09-15
| | | | | | | | | | | | | | | | | | | | | | We do not use the ocicni code anymore so let's get rid of it. Only the port struct is used but we can copy this into libpod network types so we can debloat the binary. The next step is to remove the OCICNI port mapping form the container config and use the better PortMapping struct everywhere. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * Wire network interface into libpodPaul Holzinger2021-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make use of the new network interface in libpod. This commit contains several breaking changes: - podman network create only outputs the new network name and not file path. - podman network ls shows the network driver instead of the cni version and plugins. - podman network inspect outputs the new network struct and not the cni conflist. - The bindings and libpod api endpoints have been changed to use the new network structure. The container network status is stored in a new field in the state. The status should be received with the new `c.getNetworkStatus`. This will migrate the old status to the new format. Therefore old containers should contine to work correctly in all cases even when network connect/ disconnect is used. New features: - podman network reload keeps the ip and mac for more than one network. - podman container restore keeps the ip and mac for more than one network. - The network create compat endpoint can now use more than one ipam config. The man pages and the swagger doc are updated to reflect the latest changes. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Set default storage from containers.conf for temporary imagesDaniel J Walsh2021-09-15
|/ | | | | | Fixes: https://github.com/containers/podman/issues/11107 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor: Bump github.com/containers/buildah from 1.22.3 to 1.23.0Aditya Rajan2021-09-15
| | | | | | [NO TESTS NEEDED] Signed-off-by: Aditya Rajan <arajan@redhat.com>
* rootfs: Add support for rootfs-overlay and bump to buildah v1.22.1-0.202108flouthoc2021-09-14
| | | | | | | | | | Allows users to specify a readonly rootfs with :O, in exchange podman will create a writable overlay. bump builah to v1.22.1-0.20210823173221-da2b428c56ce [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* Merge pull request #11549 from ↵OpenShift Merge Robot2021-09-13
|\ | | | | | | | | containers/dependabot/go_modules/github.com/json-iterator/go-1.1.12 Bump github.com/json-iterator/go from 1.1.11 to 1.1.12
| * Bump github.com/json-iterator/go from 1.1.11 to 1.1.12dependabot[bot]2021-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/json-iterator/go](https://github.com/json-iterator/go) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/json-iterator/go/releases) - [Commits](https://github.com/json-iterator/go/compare/v1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: github.com/json-iterator/go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
| * Bump github.com/containers/storage from 1.35.0 to 1.36.0dependabot[bot]2021-09-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.35.0 to 1.36.0. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.35.0...v1.36.0) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | bump c/common to v0.44.0Paul Holzinger2021-09-13
|/ | | | Signed-off-by: Paul Holzinger <pholzing@redhat.com>