summaryrefslogtreecommitdiff
path: root/go.sum
Commit message (Collapse)AuthorAge
* Merge pull request #11091 from Luap99/connect-disconnectopenshift-ci[bot]2021-08-03
|\ | | | | fix rootless port forwarding with network dis-/connect
| * fix rootless port forwarding with network dis-/connectPaul Holzinger2021-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rootlessport forwarder requires a child IP to be set. This must be a valid ip in the container network namespace. The problem is that after a network disconnect and connect the eth0 ip changed. Therefore the packages are dropped since the source ip does no longer exists in the netns. One solution is to set the child IP to 127.0.0.1, however this is a security problem. [1] To fix this we have to recreate the ports after network connect and disconnect. To make this work the rootlessport process exposes a socket where podman network connect/disconnect connect to and send to new child IP to rootlessport. The rootlessport process will remove all ports and recreate them with the new correct child IP. Also bump rootlesskit to v0.14.3 to fix a race with RemovePort(). Fixes #10052 [1] https://nvd.nist.gov/vuln/detail/CVE-2021-20199 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3dependabot[bot]2021-08-03
|/ | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #10828 from cdoern/scpopenshift-ci[bot]2021-08-02
|\ | | | | Created image scp feature
| * Created scp.go image_scp_test.go and podman-image-scp.1.mdcdoern2021-07-30
| | | | | | | | | | | | | | | | added functionality for image secure copying from local to remote. Also moved system connection add code around a bit so functions within that file can be used by scp. Signed-off-by: cdoern <cdoern@redhat.com>
* | Bump github.com/containers/storage from 1.33.0 to 1.33.1dependabot[bot]2021-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.0 to 1.33.1. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.33.0...v1.33.1) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0dependabot[bot]2021-08-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.14.0 to 5.15.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.14.0...v5.15.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11054 from saschagrunert/login-logout-path-testsopenshift-ci[bot]2021-08-01
|\ \ | | | | | | Add `--accept-repositories` integration tests
| * | Add `--accept-repositories` integration testsSascha Grunert2021-07-30
| | | | | | | | | | | | | | | | | | | | | This adds the integration tests for the repository or namespaced registry feature introduced in c/common. Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | Merge pull request #10910 from ↵OpenShift Merge Robot2021-07-28
|\ \ \ | |/ / |/| | | | | | | | adrianreber/2021-07-12-checkpoint-restore-into-pod Add support for checkpoint/restore into and out of pods
| * | Vendor in go-criu v5.1.0 for Pod checkpoint/restore supportAdrian Reber2021-07-27
| | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Bump github.com/containers/storage from 1.32.6 to 1.33.0dependabot[bot]2021-07-27
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.6 to 1.33.0. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.6...v1.33.0) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #11028 from ↵OpenShift Merge Robot2021-07-27
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/image/v5-5.14.0 Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0
| * | Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0dependabot[bot]2021-07-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.13.2 to 5.14.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.13.2...v5.14.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | | refine dangling checksValentin Rothberg2021-07-26
|/ / | | | | | | | | | | | | | | | | | | | | | | | | By proxy by vendoring containers/common. Previously, a "dangling" image was an untagged image; just a described in the Docker docs. The definition of dangling has now been refined to an untagged image without children to be compatible with Docker. Further update a redundant image-prune test. Fixes: #10998 Fixes: #10832 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / Bump github.com/opencontainers/runc from 1.0.0 to 1.0.1dependabot[bot]2021-07-19
|/ | | | | | | | | | | | | | Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/opencontainers/runc/releases) - [Commits](https://github.com/opencontainers/runc/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #10961 from ↵OpenShift Merge Robot2021-07-16
|\ | | | | | | | | containers/dependabot/go_modules/k8s.io/api-0.21.3 Bump k8s.io/api from 0.21.2 to 0.21.3
| * Bump k8s.io/api from 0.21.2 to 0.21.3dependabot[bot]2021-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.21.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | vendor containers/common@mainValentin Rothberg2021-07-16
|/ | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #10848 from vrothberg/update-libimageOpenShift Merge Robot2021-07-16
|\ | | | | vendor containers/common@main
| * vendor containers/common@mainValentin Rothberg2021-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | The `IgnorePlatform` options has been removed from the `LookupImageOptions` in libimage to properly support multi-arch images. Skip one buildah-bud test which requires updated CI images. This is currently being done in github.com/containers/podman/pull/10829 but we need to unblock merging common and buildah into podman. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Bump k8s.io/apimachinery from 0.21.2 to 0.21.3dependabot[bot]2021-07-16
|/ | | | | | | | | | | | | | Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/google/uuid from 1.2.0 to 1.3.0dependabot[bot]2021-07-13
| | | | | | | | | | | | | | Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/google/uuid/releases) - [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/containers/storage from 1.32.5 to 1.32.6dependabot[bot]2021-07-12
| | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.5 to 1.32.6. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.5...v1.32.6) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/onsi/gomega from 1.13.0 to 1.14.0dependabot[bot]2021-07-08
| | | | | | | | | | | | | | | Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.14.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3dependabot[bot]2021-07-05
| | | | | | | | | | | | | | Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.2...v0.2.3) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/spf13/cobra to v1.2.1Paul Holzinger2021-07-02
| | | | | | Fixes #9730 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* force github.com/spf13/cobra@v1.1.3Valentin Rothberg2021-07-02
| | | | | | v1.2.0 is breaking CI (see containers/podman/pull/10844). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* vendor containers/common@mainValentin Rothberg2021-07-02
| | | | | | | Pull in fixes for local image lookups. Fixes: #10835 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* vendor containers/common@7482cf851dccValentin Rothberg2021-06-30
| | | | | | | Make sure that image events are written *after* execution. Fixes: #10812 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Bump github.com/containers/storage from 1.32.3 to 1.32.5Daniel J Walsh2021-06-29
| | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.3 to 1.32.5. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.3...v1.32.5) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2dependabot[bot]2021-06-29
| | | | | | | | | | | | | | Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.1.1 to 1.1.2. - [Release notes](https://github.com/containers/ocicrypt/releases) - [Commits](https://github.com/containers/ocicrypt/compare/v1.1.1...v1.1.2) --- updated-dependencies: - dependency-name: github.com/containers/ocicrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* remove `pkg/registries`Valentin Rothberg2021-06-25
| | | | | | | | | | | | | | Pull the trigger on the `pkg/registries` package which acted as a proxy for `c/image/pkg/sysregistriesv2`. Callers should be using the packages from c/image directly, if needed at all. Also make use of libimage's SystemContext() method which returns a copy of a system context, further reducing the risk of unintentionally altering global data. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* create: support images with invalid platformValentin Rothberg2021-06-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Much to my regret, there is a number of images in the wild with invalid platforms breaking the platform checks in libimage that want to make sure that a local image is matching the expected platform. Imagine a `podman run --arch=arm64 fedora` with a local amd64 fedora image. We really shouldn't use the local one in this case and pull down the arm64 one. The strict platform checks in libimage in combination with invalid platforms in images surfaced in Podman being able to pull an image but failing to look it up in subsequent presence checks. A `podman run` would hence pull such an image but fail to create the container. Support images with invalid platforms by vendoring the latest HEAD from containers/common. Also remove the partially implemented pull-policy logic from Podman and let libimage handle that entirely. However, whenever --arch, --os or --platform are specified, the pull policy will be forced to "newer". This way, we pessimistically assume that the local image has an invalid platform and we reach out to the registry. If there's a newer image (i.e., one with a different digest), we'll pull it down. Please note that most of the logic has either already been implemented in libimage or been moved down which allows for removing some clutter from Podman. [NO TESTS NEEDED] since c/common has new tests. Podman can rely on the existing tests. Fixes: #10648 Fixes: #10682 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Do not use inotify for OCICNIPaul Holzinger2021-06-22
| | | | | | | | | | | | | | | | Podman does not need to watch the cni config directory. If a network is not found in the cache, OCICNI will reload the networks anyway and thus even podman system service should work as expected. Also include a change to not mount a "new" /var by default in the rootless cni ns, instead try to use /var/lib/cni first and then the parent dir. This allows users to store cni configs under /var/... which is the case for the CI compose test. [NO TESTS NEEDED] Fixes #10686 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #10719 from ↵OpenShift Merge Robot2021-06-22
|\ | | | | | | | | containers/dependabot/go_modules/k8s.io/api-0.21.2 Bump k8s.io/api from 0.21.1 to 0.21.2
| * Bump k8s.io/api from 0.21.1 to 0.21.2dependabot[bot]2021-06-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.1 to 0.21.2. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.21.1...v0.21.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #10723 from rhatdan/tmpdirOpenShift Merge Robot2021-06-21
|\ \ | | | | | | fix systemcontext to use correct TMPDIR
| * | fix systemcontext to use correct TMPDIRDaniel J Walsh2021-06-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Users are complaining about read/only /var/tmp failing even if TMPDIR=/tmp is set. This PR Fixes: https://github.com/containers/podman/issues/10698 [NO TESTS NEEDED] No way to test this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10718 from ↵OpenShift Merge Robot2021-06-20
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.32.3 Bump github.com/containers/storage from 1.32.2 to 1.32.3
| * | Bump github.com/containers/storage from 1.32.2 to 1.32.3dependabot[bot]2021-06-18
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.2 to 1.32.3. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.2...v1.32.3) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* / Bump k8s.io/apimachinery from 0.21.1 to 0.21.2dependabot[bot]2021-06-18
|/ | | | | | | | | | | | | | Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.1 to 0.21.2. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.1...v0.21.2) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Vendor in containers/common v0.40.0Daniel J Walsh2021-06-17
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Bump github.com/containers/storage from 1.32.1 to 1.32.2dependabot[bot]2021-06-10
| | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.1 to 1.32.2. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.1...v1.32.2) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/containers/buildah from 1.21.0 to 1.21.1dependabot[bot]2021-06-08
| | | | | | | | | | | | | | | Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.21.0 to 1.21.1. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/v1.21.1/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.21.0...v1.21.1) --- updated-dependencies: - dependency-name: github.com/containers/buildah dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #10545 from ↵OpenShift Merge Robot2021-06-03
|\ | | | | | | | | containers/dependabot/go_modules/go.etcd.io/bbolt-1.3.6 Bump go.etcd.io/bbolt from 1.3.5 to 1.3.6
| * Bump go.etcd.io/bbolt from 1.3.5 to 1.3.6dependabot[bot]2021-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.5 to 1.3.6. - [Release notes](https://github.com/etcd-io/bbolt/releases) - [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.5...v1.3.6) --- updated-dependencies: - dependency-name: go.etcd.io/bbolt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #10543 from ↵OpenShift Merge Robot2021-06-03
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.2 Bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2
| * | Bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2dependabot[bot]2021-06-03
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* / Bump github.com/docker/dockerdependabot[bot]2021-06-03
|/ | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.6+incompatible to 20.10.7+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.6...v20.10.7) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>