summaryrefslogtreecommitdiff
path: root/hack
Commit message (Collapse)AuthorAge
* podman-registry helper script: handle errorsEd Santiago2020-05-24
| | | | | | | | | | | | | | | | | | | | | | | My initial revision of the podman-registry helper script was written in haste, with an enormous tradeoff: no visibility into any errors. We are now paying for this in #6366: the script is failing on Ubuntu and we have no way of knowing why. This PR adds a must_pass() function used for critical steps. This runs the action silently; if the command fails, it displays the failing command name with full output logs, cleans up the temporary workdir, and exits with error status. As a reminder, the reason this is necessary is that our script convention is to output a series of environment variables to stdout -- we must therefore take pains not to emit anything else to stdout. And, unfortunately, podman and openssl tend to be rather verbose. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Attempt to turn on additional build testsDaniel J Walsh2020-05-22
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* add go-bindings for `hack/podman-registry`Valentin Rothberg2020-05-20
| | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* New tool: hack/podman-registry, manages local registryEd Santiago2020-05-20
| | | | | | | | | | | | | | | | | | | In response to #6207: this is a helper script intended for use in starting and stopping a local container registry. It takes care of port, username, password assignments; generates a self-signed certificate; and starts the container in an isolated podman root/runroot to avoid conflicting with the caller's environment. Intended usage: invoke from shell script, using 'eval' to get results into calling process environment. See help message (-h) for invocation details. This will work for shell scripts but will be difficult if called from Go or C - if that is likely to happen, I'd love to hear suggestions for alternate ways to get the settings back to the caller. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Fix image-name hintsChris Evich2020-05-14
| | | | | | | | | This properly prints out image-name hints when executing the hack script without any arguments. It is required due to changes made by Ed for test-name beatification. An identical change was made and reviewed by Ed in the containers/storage repo. Signed-off-by: Chris Evich <cevich@redhat.com>
* podman rmi: refactor logicValentin Rothberg2020-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | While this commit was initially meant to fix #5847, it has turned into a bigger refactoring which I did not manage to break into smaller pieces: * Fix #5847 by refactoring the image-removal logic. * Make the api handler for image-removal use the ABI code. This way, both (i.e., ABI and Tunnel) end up using the same code. Achieving this code share required to move some code around to prevent circular dependencies. * Everything in pkg/api (excluding pkg/api/types) must now only be accessed from code using `ABISupport`. * Avoid imports from entities on handlers to prevent circular dependencies. * Move `podman system service` logic into `cmd` to prevent circular dependencies - it depends on pkg/api. * Also remove the build header from infra/abi files. It will otherwise confuse swagger and other tools; errors we cannot fix as go doesn't expose a build-tag env variable. Fixes: #5847 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* swagger-check: new CI tool to cross-check swaggerEd Santiago2020-04-14
| | | | | | | | | | | | New script cross-references r.Handle() and r.HandleFunc() calls against the preceding '// swagger:operation' comments, and exits failure (with descriptive error messages) if any comments do not match the code. This script should not be necessary: the swagger comments should be autogenerated from the source code. Signed-off-by: Ed Santiago <santiago@redhat.com>
* V2 podman system serviceJhon Honce2020-04-07
| | | | | | | | | | | | | | | * Added support for system service * Enabled linting on the varlinkapi source, needed to support V2 service command * Added support for PODMAN_SOCKET Skip linting deprecated code Rather than introduce bugs by correcting deprecated code, linting the code is being skipped. Code that is being ported into V2 is being checked. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* podmanv2-retry - new helper for testing v2Ed Santiago2020-04-01
| | | | | | | | | | | | | | | | | | ./hack/podmanv2-retry will first invoke $PODMAN_V2 with given arguments. If that fails with any of the following errors: unrecognized command unknown flag unknown shorthand ...it will run $PODMAN_FALLBACK with the same arguments. Output and exit code will be those of the final podman command, although be aware that stderr and stdout are combined. This is a quick-hack script intended for use in v2 testing, to test implemented commands without noise from unimplemented ones. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #5465 from edsantiago/man_page_option_checkerOpenShift Merge Robot2020-03-19
|\ | | | | New test: man page cross-ref against --help
| * New test: man page cross-ref against --helpEd Santiago2020-03-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New hack/xref-helpmsgs-manpages script, added to CI 'gate' task, runs 'podman [subcommand] --help' and cross-references against man pages in docs/source/markdown/podman*.1.md See #5453 and #5460 for instances of the problems the script has found. The careful reader will find an alarming number of special-case bypasses. These are a tradeoff I am making: to get perfect coverage with no handwaving, it would be necessary to make drastic changes to some man pages, and I believe those would be counterproductive. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | auto updatesValentin Rothberg2020-03-17
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to auto-update containers running in systemd units as generated with `podman generate systemd --new`. `podman auto-update` looks up containers with a specified "io.containers.autoupdate" label (i.e., the auto-update policy). If the label is present and set to "image", Podman reaches out to the corresponding registry to check if the image has been updated. We consider an image to be updated if the digest in the local storage is different than the one of the remote image. If an image must be updated, Podman pulls it down and restarts the container. Note that the restarting sequence relies on systemd. At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT" environment variables and stores it verbatim in the container's label. This variable is now set by all systemd units generated by `podman-generate-systemd` and is set to `%n` (i.e., the name of systemd unit starting the container). This data is then being used in the auto-update sequence to instruct systemd (via DBUS) to restart the unit and hence to restart the container. Note that this implementation of auto-updates relies on systemd and requires a fully-qualified image reference to be used to create the container. This enforcement is necessary to know which image to actually check and pull. If we used an image ID, we would not know which image to check/pull anymore. Fixes: #3575 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Cirrus: Fix gate image & false-positive exitsChris Evich2020-03-02
| | | | | | | | | | | | | | | | | | | A number of scripts relating to tooling used and the gate container image were not exiting upon errors as intended. Coupled with external service unavailability (i.e. downloading golangci-lint) was observed to cause difficult to debug failures. This change corrects the scripts inside/out of the gate container as well as fixes many golang related path consistency problems vs other CI jobs. After this change, all jobs use consistent path names reducing the number of special-case overrides needed. Lastly, I also made a documentation-pass, updating/correcting as needed, including documenting a likely local validation-failure mode, related to `$EPOCH_TEST_COMMIT`. This is dependent on the developers git environment, so documentation is the only possible "fix". Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix not growing Fedora rootChris Evich2020-02-28
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* implement reverse reader for log readsBrent Baude2020-02-20
| | | | | | | | in cases where the log file exceeds the available memory of a system, we had a bug that triggered an oom because the entire logfile was being read when the tail parameter was given. this reads in chunks and is more or less memory safe. fixes: #5131 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Fix a syntax error in hack/release.shMatthew Heon2020-01-31
| | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Update release script to not manage epochMatthew Heon2020-01-22
| | | | | | | We removed the Gitvalidation epoch in the Makefile. As such, we don't need to adjust it anymore when we tag releases. Signed-off-by: Matthew Heon <mheon@redhat.com>
* hack/install_golangci.sh: check env varsValentin Rothberg2020-01-16
| | | | | | Also make it executable and `set -eo pipefail`. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* make .install.golangci-lint: force specific versionValentin Rothberg2020-01-15
| | | | | | | | | | | Instead of only performing a presence check of the binary, also do a version check and force installing the specified one if needed. This will prevent users and the CI from using a wrong version in the future. Move the logic into a dedicated shell script as I find built-in bash in Makefiles hard to maintain. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Use systemd/sd-daemon.h headers for systemd presenceChandan Kumar (raukadah)2019-12-16
| | | | | | | | | | | | | | | Finding systemd devel packages using libsystemd does not work as in RHEL based distro the package name is systemd-devel and for deb/ubunutu it is libsystemd. It is also giving false result when podman rpm is built with systemd but hack/systemd_tag.sh does not return anything. Install systemd-devel package in build_rpm.sh script Moving to systemd/sd-daemon.h header files which comes from devel packages fixes the issue. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* Improve hack/get_release_info.shSorin Sbarnea2019-12-04
| | | | | | | | - Adopt bash strict mode - Avoid cd errors as seen on CI vendor jobs: hack/get_release_info.sh: line 9: cd: /go/src/github.com/containers/libpod: No such file or directory Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* codespell: spelling correctionsDmitry Smirnov2019-11-13
| | | | Signed-off-by: Dmitry Smirnov <onlyjob@member.fsf.org>
* Update document formatting and packaging codeJhon Honce2019-10-31
| | | | | | | | | * Refactored code and Makefile to support new docs layout * Removed some old code packaging code * Add Readme.md to document what we're doing Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: baude <bbaude@redhat.com>
* Restructure documentation dirbaude2019-10-31
| | | | | | | | Restructuring the docs dir to make integration with sphinx easier. man pages now exist in docs/source/man and the sphinx make files exists in docs. Signed-off-by: baude <bbaude@redhat.com>
* build: drop support for ostreeGiuseppe Scrivano2019-10-30
| | | | | | | it is going to be removed from containers/image as well, so no longer depend on it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #4090 from vrothberg/build-catatonitOpenShift Merge Robot2019-10-01
|\ | | | | Build catatonit
| * catatonit: clone and buildValentin Rothberg2019-09-25
| | | | | | | | | | | | | | | | Instead of unconditionally pulling the x86 binary, clone the repository and build the binary to make it independent of the architecture. Fixes: #2699 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * bump catatonit to v0.1.4Valentin Rothberg2019-09-25
| | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Cirrus: Upload windows MSI release fileChris Evich2019-09-24
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* hack/man_page_checker - improve diagnosticsEd Santiago2019-09-09
| | | | | | | | Make the errors more readable, with clearer instructions on what to look for, and which filename, and what we expect to see, and perhaps even how to approach a fix. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Exclude podman-remoteRyan Whalen2019-08-31
| | | | Signed-off-by: Ryan Whalen <rj.whalen@gmail.com>
* WIP - ignore man pages for commands besides podmanRyan Whalen2019-08-30
| | | | Signed-off-by: Ryan Whalen <rj.whalen@gmail.com>
* Fix formatting and enable hack/man-page-checkerRyan Whalen2019-08-30
| | | | Signed-off-by: Ryan Whalen <rj.whalen@gmail.com>
* Cirrus: Reimplement release archive + uploadChris Evich2019-08-28
| | | | | | | | The initial implementation was far more complicated than necessary. Strip out the complexities in favor of a simpler and more direct approach. Signed-off-by: Chris Evich <cevich@redhat.com>
* Adjust get_ci_vm.sh for substitutionChris Evich2019-08-12
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* vendor github.com/containers/image@v2.0.1Valentin Rothberg2019-07-22
| | | | | | | | | | | | | | | | * progress bar: use spinners for unknown blob sizes * use 'containers_image_ostree' as build tag * ostree: default is no OStree support * Add "Env" to ImageInspectInfo * config.go: improve debug message * config.go: log where credentials come from * Fix typo in docs/containers-registries.conf.5.md * docker: delete: support all MIME types * Try harder in storageImageDestination.TryReusingBlob * docker: allow deleting OCI images * ostree: improve error message Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Cirrus: Add support for testing F30Chris Evich2019-06-14
| | | | | | | | | | | | | | | | Remove disused `build_cache_images` task, and update relevant dockerfiles for F30. Fix problem of cloud-init failing to expand root-device on boot (/var/lib/cloud/instance left in improper state). Fix problem of cloud-init racing with google-network-daemon.service on boot (looking for cloudconfig metadata too early). Causing root-device to _sometimes_ fail to expand. Fix problem of hack/get_ci_vm.sh argument passing. Signed-off-by: Chris Evich <cevich@redhat.com>
* hack: support setting local region/zoneChris Evich2019-05-29
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* hack: ignore from all VCS files when tarballingChris Evich2019-05-22
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* hack: shrink xfer tarball sizeChris Evich2019-05-22
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* hack: Display IP address of VM from scriptChris Evich2019-05-22
| | | | | | Useful for accessing it from other terminals. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: fixups based on review feedbackChris Evich2019-05-21
| | | | | | Also remove disused distros (RHEL/CentOS/FAH) and fix get_ci_vm script Signed-off-by: Chris Evich <cevich@redhat.com>
* Add `systemd` build tagSascha Grunert2019-05-13
| | | | | | | | | | | | If the systemd development files are not present on the system which builds podman, then `podman events` will error on runtime creation. Beside this, a warning will be printed when compiling podman. This commit mainly exists because projects which depend on libpod would not need the podman event support and therefore do not need to rely on the systemd headers. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* Cirrus: Add check for make varlink_api_generateChris Evich2019-05-03
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* CI check for --help vs man pages: usability fixEd Santiago2019-04-08
| | | | | | | | | | | | | | | | | | | | | The output of this CI script leaves much to be desired: it is output from 'diff' with little clarity on what exactly is wrong. The proper fix is to make the output clear and readable: podman containers --help lists a 'foo' subcommand that is not present in docs/podman-containers.1.md Doing this in bash would take many hours and be fragile gibberish code. This does not seem worth the effort: the likely case is that breakages reported by this script will be due to a newly added subcommand, and the PR author will find it obvious what to do. Ergo, plan B: if the test fails, display a blurb at the end describing how to interpret results. Three minutes' effort, plus five for writing this commit message. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #2433 from cevich/hack_around_homeOpenShift Merge Robot2019-03-27
|\ | | | | [ci skip] get_ci_vm.sh: Fix conflicting homedir files
| * get_ci_vm.sh: Fix conflicting homedir filesChris Evich2019-03-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the script would bind mount the user's home directory into the container in order to execute gcloud commands. This was done to preserve the `.config/gcloud` directory and new ssh keys in `.ssh`. However, it's possible the user has modified `.bash*` or `.ssh/config` files which do not play nicely with gcloud and/or the container. Fix this by mounting the existing temporary directory on the host, as the user's home directory. Then bind mount in a dedicated `gcloud/ssh` sub-directory, and the libpod repo directory on top. Pre-create the necessary mount-points as the user, so later removal does not require root on the host. The gcloud tool takes minutes to setup/manage its ssh-keys, so preserving that work between runs is a necessary optimization. Similarly, saving the `.gcloud` directory prevents repeatedly going through the lengthy client-auth process. Overall, these changes make the container environment much more selective with the host-side data it has access to use/modify. Preventing unrelated details from getting in the way, and preserving only the bare-minimum of details on the host, between runs. Signed-off-by: Chris Evich <cevich@redhat.com>
* | man pages - consistency fixesEd Santiago2019-03-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman-generate and -play had the wrong NAMEs. podman-restart and -volume-prune the wrong SYNOPSIS. All the rest are varying degrees of minor: - missing a space between the NAME and description - multi-line SYNOPSIS that could be collapsed into one - use of UPPER CASE in synopsis instead of *asterisks* - improper use of **double asterisks** for options - varlink and version were transposed in podman-1 - fixed inconsistencies between the description in the man page and that in the parent manpage. These are too numerous for me to fix all. Added: script that could be used in CI to prevent future such inconsistencies. It cannot be enabled yet because there are still 35+ inconsistencies in need of cleaning. This will be difficult to review on github. I suggest pulling the PR and running 'git log -1 -p | cdif | less' 'cdif' is a handy tool for colorizing individual diffs between lines: http://kaz-utashiro.github.io/cdif/ There are other such tools; use your favorite. Comparing without visual highlights may be painful. I also encourage you to run hack/man-page-checker and suggest more fixes for the problems it's finding. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Cirrus: Various fixes for rootless testingChris Evich2019-03-19
| | | | | | | | | | | | | | | | | | * Randomize the user's UID and GID * Simplify `setup_environment.sh` * Support new "-r" option for `hack/get_ci_vm.sh` setting up rootless * Connect as $ROOTLESS_USER when using "-r" with `hack/get_ci_vm.sh` Signed-off-by: Chris Evich <cevich@redhat.com>
* | Enable rootless integration testsbaude2019-03-19
| | | | | | | | Signed-off-by: baude <bbaude@redhat.com>