summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Remove error stutterDaniel J Walsh2022-03-25
| | | | | | | | | | | | | | | | | When podman gets an error it prints out "Error: " before printing the error string. If the error message starts with error, we end up with Error: error ... This PR Removes all of these stutters. logrus.Error() also prints out that this is an error, so no need for the error stutter. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13531 from cdoern/buildOpenShift Merge Robot2022-03-24
|\ | | | | Add Context Directory to tar
| * add contextDir to tar on remotecdoern2022-03-22
| | | | | | | | | | | | | | | | | | | | podman build fails on remote build when using a relative context directory. This is because the context dir was not being added to the tar, so when remote the compat build function would not be able to stat the contextDir. resolves #13293 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #13274 from jwhonce/wip/manifest_4_mainOpenShift Merge Robot2022-03-24
|\ \ | | | | | | Fix manifest 4.0 endpoints
| * | Fix manifest 4.0 endpointsJhon Honce2022-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] * Branch forced 4.0 only endpoints, which broke bindings * Fix lint error, in new code Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #13620 from Luap99/qemu-pathOpenShift Merge Robot2022-03-24
|\ \ \ | | | | | | | | podman machine start: lookup qemu path again if not found
| * | | fix podman machine start log level detectionPaul Holzinger2022-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Use logrus.IsLevelEnabled because this will cover all levels below it as well. Currently this condition would fail for the trace log level. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | | podman machine start: lookup qemu path again if not foundPaul Holzinger2022-03-23
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We store the full path to qemu in the machine config. When the path changes on the host the machine can longer be started. To fix it we get the path again when we fail to start the machine due the missing binary. We want to store and use the full path first because otherwise existing machines can break when the qemu version changed. [NO NEW TESTS NEEDED] We still have no machine tests. Fixes #13394 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #13587 from giuseppe/clone-to-podOpenShift Merge Robot2022-03-24
|\ \ \ | | | | | | | | container: allow clone to an existing pod
| * | | container: allow clone to an existing podGiuseppe Scrivano2022-03-24
| | | | | | | | | | | | | | | | | | | | | | | | Closes: https://github.com/containers/podman/issues/3979 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | specgen: fix typoGiuseppe Scrivano2022-03-24
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request from GHSA-qvf8-p83w-v58jGiuseppe Scrivano2022-03-24
|\ \ \ \ | | | | | | | | | | do not set the inheritable capabilities
| * | | | do not set the inheritable capabilitiesGiuseppe Scrivano2022-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The kernel never sets the inheritable capabilities for a process, they are only set by userspace. Emulate the same behavior. Closes: CVE-2022-27649 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | play: kube: use in-memory kubefile and remove tempfileChristian Stewart2022-03-24
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The PlayKube and PlayKubeDown commands accepted a "path" argument to a YAML file to play. This requires the caller to write the YAML to a file path. The downside of this is apparent in the HTTP handlers which have to use a temporary file on disk to store the YAML file. The file is opened & used as the body of the HTTP request. It's possible to instead pass a io.Reader and use a fully in-memory request body. Add backwards-compatible changes to bindings to allow passing either a filepath or a io.Reader body. Refactor the podman bindings to use a io.Reader instead of a filepath. Simplify the HTTP handlers for PlayKube by removing the now unneeded tempfile. [NO NEW TESTS NEEDED] Signed-off-by: Christian Stewart <christian@paral.in>
* | | | Merge pull request #13597 from Luap99/statsOpenShift Merge Robot2022-03-23
|\ \ \ \ | | | | | | | | | | podman stats: calc CPU percentage correctly
| * | | | podman stats: calc CPU percentage correctlyPaul Holzinger2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you run podman stats, the first interval always shows the wrong cpu usage. To calculate cpu percentage we get the cpu time from the cgroup and compare this against the system time between two stats. Since the first time we do not have a previous stats an empty struct is used instead. Thus we do not use the actual running time of the container but the current unix timestamp (time since Jan 1 1970). To fix this we make sure that the previous stats time is set to the container start time, when it is empty. [NO NEW TESTS NEEDED] No idea how I could create a test which would have a predictable cpu usage. See the linked bugzilla for a reproducer. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2066145 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Explicitly use IPv4 to check if podman-machine VM is listeningBurt Holzman2022-03-23
| |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When starting a VM that has been configured with volume mounts, the podman client attempts to connect via TCP to localhost, which runs gvproxy to proxy an ephemeral port to the VM's ssh port. Previously, gvproxy was listening on all interfaces and IP addresses, but this behavior has changed to listening only on the IPv4 loopback address. Without this change, if a newer build of gvproxy is used, a podman machine configured with volume mounts will hang forever after "podman machine start" with "Waiting for VM ...". [NO NEW TESTS NEEDED] Signed-off-by: Burt Holzman <burt@fnal.gov>
* | | | Merge pull request #13588 from flouthoc/import-os-archOpenShift Merge Robot2022-03-23
|\ \ \ \ | | | | | | | | | | import: allow users to set `--os`, `--arch` and `--variant` of image imports
| * | | | import: allow users to set os, arch and variant of importsAditya R2022-03-23
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allows users to set `--os` , `--arch` and `--variant` of the image created from the custom import. Following is useful when user is already aware of the values which are correct for their generated rootfs Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Update swagger to improve compatibilityJhon Honce2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Improve swagger and handler code compatibility. Fixes #12804 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | fix a number of errcheck issuesValentin Rothberg2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | Numerous issues remain, especially in tests/e2e. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | fix a number of `godot` issuesValentin Rothberg2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Still an unknown number remains but I am running out of patience. Adding dots is not the best use of my time. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | linter: enable makezeroValentin Rothberg2022-03-22
| | | | | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | linter: enable nilerrValentin Rothberg2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | A number of cases looked suspicious, so I marked them with `FIXME`s to leave some breadcrumbs. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | linter: enable wastedassignValentin Rothberg2022-03-22
| | | | | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | linter: enable interfacerValentin Rothberg2022-03-22
|/ / / | | | | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #13573 from vrothberg/golangci-lintOpenShift Merge Robot2022-03-21
|\ \ \ | | | | | | | | bump golangci-lint to v1.45.0
| * | | bump golangci-lint to v1.45.0Valentin Rothberg2022-03-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * supports Go 1.18 * disable a number of new linters * fix minor stylecheck issues [NO NEW TESTS NEEDED] Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | podman rmi --ignoreValentin Rothberg2022-03-19
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an `--ignore` flag to `podman image rm` to instruct ignoring image if a specified image does not exist and to not throw an error. Other commands (e.g., `podman container rm`) already support this flag. Such an `--ignore` flag can come in handy in clean-up scripcts such as the teardown phases in the Podman tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #13523 from n1hility/tolerate-old-machineOpenShift Merge Robot2022-03-18
|\ \ \ | | | | | | | | Tolerate old machine images, but warn they should be recreated
| * | | Handle incompatible machinesJason T. Greene2022-03-18
| | |/ | |/| | | | | | | | | | | | | Start in a reduced mode for recovery, warn, and provide instructions to recreate them Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* / | go fmt: use go 1.18 conditional-build syntaxValentin Rothberg2022-03-18
|/ / | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #13530 from vrothberg/fix-13529OpenShift Merge Robot2022-03-17
|\ \ | | | | | | podman create: building local pause image: do not read ignore files
| * | podman create: building local pause image: do not read ignore filesValentin Rothberg2022-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure to ignore local {container,docker}ignore files when building a local pause image. Otherwise, we may mistakenly not be able to copy catatonit into the build container. Fixes: #13529 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #13527 from machacekondra/set_raw_image_name_for_play_kubeOpenShift Merge Robot2022-03-17
|\ \ \ | | | | | | | | Set rawimage for containers created via play kube
| * | | Set rawimage for containers created via play kubeOndra Machacek2022-03-16
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit set the containers RawImageName to default image name specified in Pod YAML, so the containers could be used via autoupdate feature, which needs the RawImageName to be set. Currently RawImageName is set only for the create/run/clone podman commands. [NO NEW TESTS NEEDED] Signed-off-by: Ondra Machacek <omachace@redhat.com>
* / / Separator is no longer prepended when prefix is empty on podman generate systemdNirmal Patel2022-03-16
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | When podman generate systemd is invoked, it previously did not check if container-prefix or pod-prefix are empty. When these are empty, the file name starts with the separator, which is hyphen by default. This results in files like '-containername.service'. The code now checks if these prefixes are empty. If they are, the filename no longer adds a separator. Instead, it uses name or ID of the container or pod. Closes #13272 Signed-off-by: Nirmal Patel <npate012@gmail.com>
* | Merge pull request #13489 from Luap99/k8sOpenShift Merge Robot2022-03-16
|\ \ | | | | | | move k8s deps into podman
| * | pkg/k8s.io: add small readme with copyright noticePaul Holzinger2022-03-15
| | | | | | | | | | | | Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | pkg/k8s.io/api/core/v1: remove unneeded typesPaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | | | | | | | Remove types that are not applicable for podman. This are types I do not think we need, there is definitely more that could be removed but this should be handled by someone who knows the k8s code better than me. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | pkg/k8s.io/...: remove more unneeded filesPaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | We do not use the types defined in these fields. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | pkg/k8s.io/...: remove protobuf field tagsPaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since we do not use protobuf we can remove these field tags. This will save some KB in the final binary size. This change was automated with the following commands: find pkg/k8s.io/ -type f -name "*.go" -exec sed -i -e 's/\sprotobuf\:\".*\"//g' {} + find pkg/k8s.io/ -type f -name "*.go" -exec sed -i -e 's/\s`protobuf\:\".*\"`//g' {} + Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | pkg/k8s.io/...: fix lint errorsPaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix linting errors. We use different/stricter linters, instead of skipping these packages we should fix it. Most errors are about naming conventions, since I do not want to change the names I added the nolint comment there. I also removed some unused fields where the linter complained. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | remove unneeded k8s codePaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a lot of unneeded code, k8s is the by far the biggest dependency in podman. We should remove as much as possible so that we only have the stuff left that we use. This is just a quick skim over the code which removes a lot of the generated code and many packages that are now unused. I know that this will be impossible to properly review. I will try to make smaller changes in follow up work. Right now this reduces about 8 MB in binary size!!! [NO NEW TESTS NEEDED] Hopefully existing tests will catch any problems. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | move k8s deps into podmanPaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | | | | | | | We only need a small part of the k8s dependencies but they are the biggest dependencies in podman by far. Moving them into podman allows us to remove the unnecessary parts. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | fix breaking change in pkg/bindingsPaul Holzinger2022-03-15
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | pkg/bindings is considered stable. We cannot make changes that would break any users. If someone uses this field their code would fail to compile. Since the fix is obviously correct we will keep it but also add the old field back in to keep compatibility with old code. When both fields are set ImportArchive is preferred over ImportAchive. Fixes changes from commit 217197340c8f [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13499 from rst0git/fix-typoOpenShift Merge Robot2022-03-14
|\ \ | | | | | | Fix typo
| * | Fix typoRadostin Stoyanov2022-03-14
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
* | | Add support for --chrootdirsLStandman2022-03-14
|/ / | | | | | | Signed-off-by: LStandman <65296484+LStandman@users.noreply.github.com>
* | Fixes TTY & resizing on Mac and WindowsJason T. Greene2022-03-12
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>