summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Merge pull request #10405 from mheon/always_cleanup_execOpenShift Merge Robot2021-06-11
|\ | | | | Always spawn a cleanup process with exec
| * Always spawn a cleanup process with execMatthew Heon2021-06-10
| | | | | | | | | | | | | | | | | | | | | | | | We were previously only doing this for detached exec. I don't know why we did that, but I don't see any reason not to extend it to all exec sessions - it guarantees that we will always clean up exec sessions, even if the original `podman exec` process died. [NO TESTS NEEDED] because I don't really know how to test this one. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #10638 from Luap99/volumeOpenShift Merge Robot2021-06-11
|\ \ | |/ |/| Fix volumes with uid and gid options
| * Fix volumes with uid and gid optionsPaul Holzinger2021-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman uses the volume option map to check if it has to mount the volume or not when the container is started. Commit 28138dafcc39 added to uid and gid options to this map, however when only uid/gid is set we cannot mount this volume because there is no filesystem or device specified. Make sure we do not try to mount the volume when only the uid/gid option is set since this is a simple chown operation. Also when a uid/gid is explicity set, do not chown the volume based on the container user when the volume is used for the first time. Fixes #10620 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10634 from Luap99/machine-buildOpenShift Merge Robot2021-06-10
|\ \ | | | | | | Fix build tags for pkg/machine...
| * | Fix build tags for pkg/machine...Paul Holzinger2021-06-10
| |/ | | | | | | | | | | | | | | | | | | | | | | Podman machine is only intended for amd64 and arm64 architectures, set the correct buildtags so that the `pkg/machine`, `pkg/machine/qemu` and `pkg/machine/libvirt` packages compile correctly. [NO TESTS NEEDED] Fixes #10625 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / rootless: fix fast join userns pathGiuseppe Scrivano2021-06-09
|/ | | | | | | | | | | | | | commit ab886328357184cd0a8375a5dedf816ba91789f9 changed the path for the pause.pid file but didn't update the same path in the C code. This prevented Podman to take the fast path when the userns is already created and to join it without re-execing itself. Fix the path in the C code as well so we can join the rootless user+mount namespace without having to re-exec Podman. [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #10550 from rhatdan/DockerfileOpenShift Merge Robot2021-06-09
|\ | | | | podman-remote build should handle -f option properly
| * podman-remote build should handle -f option properlyDaniel J Walsh2021-06-08
| | | | | | | | | | | | | | | | | | | | podman-remote build has to handle multiple different locations for the Containerfile. Currently this works in local mode but not when using podman-remote. Fixes: https://github.com/containers/podman/issues/9871 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | [CI:DOCS] Update swagger for inspect networkJhon Honce2021-06-08
| | | | | | | | | | | | | | | | struct for swagger was pointing to wrong internal type Fixes #10559 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #10603 from cdoern/networksQueryCharlie Doern2021-06-08
|\ \ | |/ |/| implemented verbose and scope as possible
| * fixed docs and schemascdoern2021-06-08
| | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #10597 from Luap99/pruneOpenShift Merge Robot2021-06-08
|\ \ | | | | | | Fix network prune api docs
| * | Fix network prune api docsPaul Holzinger2021-06-08
| |/ | | | | | | | | | | | | | | | | | | | | | | | | The api doc used wrong response examples for both the compat and libpod network prune endpoints. Change the doc so that it matches the actual return values. Also fix the endpoints to return an empty array instead of null when no networks are removed. [NO TESTS NEEDED] Fixes: #10564 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10548 from cdoern/imgFeatureOpenShift Merge Robot2021-06-08
|\ \ | | | | | | API images/create added missing parameters platform, message, repo
| * | made requested changes, fixed api testscdoern2021-06-04
| | | | | | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | remote pull: cancel pull when connection is closedPaul Holzinger2021-06-08
| |/ |/| | | | | | | | | | | | | | | | | | | If a client closes the http connection during image pull, the service should cancel the pull operation. [NO TESTS NEEDED] I have no idea how we could test this reliable. Fixes: #7558 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10381 from adrianreber/2021-05-18-publishOpenShift Merge Robot2021-06-07
|\ \ | | | | | | Add --publish to container restore
| * | Allow changing of port forward rules on restoreAdrian Reber2021-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restored containers, until now, had the same port mappings as the original started container. This commit adds the parameter '--publish' to 'podman container restore' with the same semantic as during create/run. With this change it is possible to create a copy from a container with a '--publish' rule and replace the original '--publish' setting with a new one. # podman run -p 2345:8080 container # podman container checkpoint -l --export=dump.tar # podman container restore -p 5432:8080 --import=dump.tar The restored container will now listen on localhost:5432 instead of localhost:2345 as the original created container. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Merge pull request #10557 from vrothberg/fix-5572OpenShift Merge Robot2021-06-07
|\ \ \ | | | | | | | | systemd/generate: change type to notify
| * | | systemd/generate: change type to notifyValentin Rothberg2021-06-04
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change the type of units generated with --new from "forking" to "notify". This brings Podman closer to systemd and opens up Podman to a number of use cases (see #5572). Units generated without --new remain with `type=forking`. I experimented a bit with adding a `--sdnotify` flag to `podman start` but it doesn't really work well since we're competing with the default sdnotify mode set during container creation. Fixes: #5572 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Add parameter to specify checkpoint archive compressionAdrian Reber2021-06-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The checkpoint archive compression was hardcoded to `archive.Gzip`. There have been requests to make the used compression algorithm selectable. There was especially the request to not compress the checkpoint archive to be able to create faster checkpoints when not compressing it. This also changes the default from `gzip` to `zstd`. This change should not break anything as the restore code path automatically handles whatever compression the user provides during restore. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Merge pull request #10561 from vrothberg/fix-remote-events-labelOpenShift Merge Robot2021-06-07
|\ \ \ | | | | | | | | remote events: support labels
| * | | remote events: support labelsValentin Rothberg2021-06-04
| |/ / | | | | | | | | | | | | | | | | | | | | | Certain event meta data was lost when converting the remote events to libpod events and vice versa. Enable the skipped system tests for remote. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10568 from jwhonce/issues/10562OpenShift Merge Robot2021-06-06
|\ \ \ | | | | | | | | [CI:DOCS] Document which CNI fields are encoded
| * | | [CI:DOCS] Document which CNI fields are encodedJhon Honce2021-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CNI configuration fields named Bytes are typed []byte which the GO JSON encoded automatically Base64 encodes. Note: Future major versions of Podman will refactor the networking endpoints to encapsulate/abstract the CNI structures which will allow better documenation and encoding. Fixes #10562 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #10549 from Luap99/fix-9859OpenShift Merge Robot2021-06-05
|\ \ \ \ | |/ / / |/| | | remote: always send resize before the container starts
| * | | remote: always send resize before the container startsPaul Holzinger2021-06-04
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is race condition in the remote client attach logic. Because the resize api call was handled in an extra goroutine the container was started before the resize call happend. To fix this we have to call resize in the same goroutine as attach. When the first resize is done start a goroutine to listen on SIGWINCH in the background and resize again if the signal is received. Fixes #9859 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #10546 from boaz0/closes_8645OpenShift Merge Robot2021-06-04
|\ \ \ | | | | | | | | Add CORS support
| * | | Add CORS supportBoaz Shuster2021-06-04
| |/ / | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Merge pull request #10563 from Luap99/fix-10494OpenShift Merge Robot2021-06-04
|\ \ \ | | | | | | | | [CI:DOCS] fix incorrect network remove api doc
| * | | [CI:DOCS] fix incorrect network remove api docPaul Holzinger2021-06-04
| |/ / | | | | | | | | | | | | | | | | | | | | | The endpoint returns an array and not a single entry. Fixes #10494 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / / remote events: fix --stream=falseValentin Rothberg2021-06-04
|/ / | | | | | | | | | | | | | | | | | | | | Fix a bug in remote events where only one event would be sent if when streaming is turned off. The source of the bug was that the handler attempted to implement the streaming logic and did it wrong. The fix is rather simple by removing this logic from the handler and let the events backend handle streaming. Fixes: #10529 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #10517 from cdoern/masterOpenShift Merge Robot2021-06-01
|\| | | | | API one-shot query implementation/handling
| * added tests in python rest apicdoern2021-06-01
| | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #10486 from vrothberg/tag-digest-supportOpenShift Merge Robot2021-06-01
|\ \ | | | | | | support tag@digest notation
| * | support tag@digest notationValentin Rothberg2021-05-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | Vendor in the latest HEAd of containers/common to implicitly support the tag@digest notation for images. To remain compatible with Docker, the tag will be stripped off the image reference and is entirely ignored. Fixes: #6721 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10519 from matejvasek/use-req-ctxOpenShift Merge Robot2021-06-01
|\ \ \ | | | | | | | | Use request context instead of background
| * | | Use request context instead of backgroundMatej Vasek2021-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This prevents goroutine leak: If background context were used then push operation would continue even if client aborted request by closing connection. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | | Merge pull request #10488 from baude/machinehostnetworkOpenShift Merge Robot2021-06-01
|\ \ \ \ | | | | | | | | | | Enable port forwarding on host
| * | | | Enable port forwarding on hostBrent Baude2021-06-01
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using the gvproxy application on the host, we can now port forward from the machine vm on the host. It requires that 'gvproxy' be installed in an executable location. gvproxy can be found in the containers/gvisor-tap-vsock github repo. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #10508 from matejvasek/fix-from-imgOpenShift Merge Robot2021-06-01
|\ \ \ \ | | | | | | | | | | Better error handing for images/create compat api
| * | | | Better error handing for images/create compat apiMatej Vasek2021-05-31
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If server cannot resolve short name due to enforcing policy send non-2xx status code. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | | Merge pull request #10510 from matejvasek/improve-creat-from-imgOpenShift Merge Robot2021-06-01
|\ \ \ \ | | | | | | | | | | Use request context instead of background context
| * | | | Use request context instead of background contextMatej Vasek2021-06-01
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a goroutine leak. Previously if request was cancelled the image pulling goroutine kept running regardless. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | / / [NO TESTS NEEDED] API list networks should return [] when used with no networkszhangguanzhang2021-06-01
| |/ / |/| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | generate systemd: make mounts portableValentin Rothberg2021-05-31
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 748826fc88fc fixed a bug where slow mounting of the runroot was causing issues when the units are started at boot. The fix was to add the container's runroot to the required mounts; the graph root has been added as well. Hard-coding the run- and graphroot to the required mounts, however, breaks the portability of units generated with --now. Those units are intended to be running on any machine as, theoreticaly, any user. Make the mounts portable by using the `%t` macro for the run root. Since the graphroot's location varies across root and ordinary users, drop it from the list of required mounts. The graphroot was not causing issues. Fixes: #10493 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | rootless: fix SIGSEGV ,make LISTEN_FDNAMES optional [Closes #10435].flouthoc2021-05-29
| | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | Merge pull request #10383 from rhatdan/kubeOpenShift Merge Robot2021-05-27
|\ \ | | | | | | Handle image user and exposed ports in podman play kube
| * | Handle image user and exposed ports in podman play kubeDaniel J Walsh2021-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if a user runs an image with a user specified or exposed ports with podman play kube, the fields are ignored. Fixed: https://github.com/containers/podman/issues/9609 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>