summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Merge pull request #5382 from vrothberg/systemd-networkOpenShift Merge Robot2020-03-05
|\ | | | | generate systemd: add network dependencies
| * generate systemd: add network dependenciesValentin Rothberg2020-03-03
| | | | | | | | | | | | | | | | Add network dependencies to generated systemd services to allow for enabling them at system startup and have a working network if needed. Fixes: #4130 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #5381 from vrothberg/ENVFIXOpenShift Merge Robot2020-03-04
|\ \ | | | | | | env: set "container" to current binary
| * | env: don't set "container" envValentin Rothberg2020-03-04
| | | | | | | | | | | | | | | | | | | | | | | | Leave setting the "container" variable to consumers of pkg/env. Podman is now hard-setting it to "podman" while "libpod" will set it internally to "libpod" if it's unset. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #5385 from baude/makemapOpenShift Merge Robot2020-03-04
|\ \ \ | | | | | | | | avoid adding to nil map
| * | | avoid adding to nil mapBrent Baude2020-03-03
| | |/ | |/| | | | | | | | | | | | | we need to make the environment map to avoid throwing an error when trying to add an environment value from file. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #4772 from boaz0/closes_4628OpenShift Merge Robot2020-03-04
|\ \ \ | |/ / |/| | Add the rmi flag to podman-run to delete container image
| * | Add the rmi flag to podman-run to delete container imageBoaz Shuster2020-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --rmi flag will delete the container image after its execution unless that image is already been used by another container(s). This is useful when one wants to execute a container once and remove any resources attached to it. Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Merge pull request #5206 from rhatdan/capabilitiesOpenShift Merge Robot2020-03-03
|\ \ \ | |_|/ |/| | Allow devs to set labels in container images for default capabilities.
| * | Allow devs to set labels in container images for default capabilities.Daniel J Walsh2020-03-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch allows users to specify the list of capabilities required to run their container image. Setting a image/container label "io.containers.capabilities=setuid,setgid" tells podman that the contained image should work fine with just these two capabilties, instead of running with the default capabilities, podman will launch the container with just these capabilties. If the user or image specified capabilities that are not in the default set, the container will print an error message and will continue to run with the default capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | consolidate env handling into pkg/envValentin Rothberg2020-03-03
| |/ |/| | | | | | | | | | | | | | | Env-variable related code is scattered across several packages making it hard to maintain and extend. Consolidate the code into a new pkg/env package. Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5371 from edsantiago/apiv2_fixesOpenShift Merge Robot2020-03-02
|\ \ | |/ |/| more swagger fixes
| * more swagger fixesEd Santiago2020-03-02
| | | | | | | | Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #5347 from baude/apiv2waitOpenShift Merge Robot2020-03-02
|\ \ | |/ |/| rework apiv2 wait endpoint|binding
| * rework apiv2 wait endpoint|bindingBrent Baude2020-02-28
| | | | | | | | | | | | | | | | added the ability to wait on a condition (stopped, running, paused...) for a container. if a condition is not provided, wait will default to the stopped condition which uses the original wait code paths. if the condition is stopped, the container exit code will be returned. also, correct a mux issue we discovered. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5343 from lsm5/fix-exists-urlOpenShift Merge Robot2020-03-02
|\ \ | | | | | | container Exists: fix URL
| * | container Exists: fix URLLokesh Mandvekar2020-02-27
| | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #5320 from sujil02/podtestOpenShift Merge Robot2020-03-02
|\ \ \ | | | | | | | | Add test to validate prune pod apiv2 binding.
| * | | Update pod bindings and Add test to validate prune pod apiv2 binding.Sujil022020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modify the pod inspect bindings to hold current pod status. Includes test to validate on pod status and added test to check no or few pods are pruned,if the pods are in exited state. Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | Fix wrong condition in bindings testChris Evich2020-02-28
| |_|/ |/| | | | | | | | | | | | | | Thanks for Brent Baude <bbaude@redhat.com> for the fix. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #5348 from baude/cninetfixOpenShift Merge Robot2020-02-27
|\ \ \ | | | | | | | | Cninetfix
| * | | network create should use firewall pluginBrent Baude2020-02-27
| | |/ | |/| | | | | | | | | | | | | when creating a network, podman should add the firewall plugin to the config but not specify a backend. this will allow cni to determine whether it should use an iptables|firewalld backend. Signed-off-by: Brent Baude <bbaude@redhat.com>
* / | binding tests for volumesBrent Baude2020-02-27
|/ / | | | | | | | | | | | | | | add binding tests for volumes: inspect(get), create, remove, prune, and list implement filters ability for volumes Signed-off-by: Brent Baude <bbaude@redhat.com>
* | spec: allow container alias name in lookupGiuseppe Scrivano2020-02-26
| | | | | | | | | | | | | | | | Previously --uts=container: expected the full container ID. Closes: https://github.com/containers/libpod/issues/5289 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #5328 from lsm5/trivial-typo-correctionOpenShift Merge Robot2020-02-25
|\ \ | | | | | | fix trivial typo
| * | fix trivial typoLokesh Mandvekar2020-02-25
| | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #5326 from jwhonce/issues/5311OpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | Remove 1 sec delay
| * | | Remove 1 sec delayJhon Honce2020-02-25
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | * Stop closing net.Listener() twice on interrupt * Do not report error if closing server twice Fixes #5311 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #3901 from cevich/support_f31OpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | Cirrus: Support testing with F31
| * | | Temp. skip "remove pause by id" bindings testChris Evich2020-02-25
| |/ / | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #5324 from giuseppe/fix-running-no-pauseOpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | rootless: raise error if the process is not found
| * | | rootless: become root only if the pause file is specifiedGiuseppe Scrivano2020-02-25
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we need to store the pause process PID file so that it can be re-used later. commit e9dc2120925d9bc32b87ed3c4122aa40f7413db5 introduced this regression. Closes: https://github.com/containers/libpod/issues/5246 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / / rootless: fix segfault when open fd >= FD_SETSIZEGiuseppe Scrivano2020-02-25
|/ / | | | | | | | | | | | | | | | | if there are more than FD_SETSIZE open fds passed down to the Podman process, the initialization code could crash as it attempts to store them into a fd_set. Use an array of fd_set structs, each of them holding only FD_SETSIZE file descriptors. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #5305 from mheon/check_for_common_deadlocksOpenShift Merge Robot2020-02-25
|\ \ | | | | | | Add basic deadlock detection for container start/remove
| * | Add basic deadlock detection for container start/removeMatthew Heon2020-02-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can easily tell if we're going to deadlock by comparing lock IDs before actually taking the lock. Add a few checks for this in common places where deadlocks might occur. This does not yet cover pod operations, where detection is more difficult (and costly) due to the number of locks being involved being higher than 2. Also, add some error wrapping on the Podman side, so we can tell people to use `system renumber` when it occurs. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #5318 from giuseppe/fix-running-without-env-variablesOpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | build: move initialization after SetXdgDirs
| * | | utils: relax check for directory to useGiuseppe Scrivano2020-02-24
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | when we use namespaces, we set the run directory to 0711 to allow other users to access it. without this relaxation, the /run/user/$UID directory would be skipped. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / | add apiv2 tests for podman pause and stopLokesh Mandvekar2020-02-24
|/ / | | | | | | | | | | Initial ginkgo setup credit to Brent Baude <bbaude@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #5281 from baude/bindingsciOpenShift Merge Robot2020-02-24
|\ \ | | | | | | enable ci on go binding tests
| * | enable ci on go binding testsBrent Baude2020-02-22
| | | | | | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5301 from baude/apiv2imagetests3OpenShift Merge Robot2020-02-24
|\ \ \ | |_|/ |/| | more image binding tests
| * | more image binding testsBrent Baude2020-02-23
| | | | | | | | | | | | | | | | | | | | | | | | add two additional bindings tests for image usage. add ability to use search filter on the endpoint. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Friendly amendment: tests, and a help messageEd Santiago2020-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) Help message for podman port was missing [PORT] 2) Add test for 'podman port'. And, actually, an entire networking test that I'd written some weeks ago but apparently didn't 'git add'. Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | fix port list by container with portbaude2020-02-23
|/ / | | | | | | | | | | | | | | | | code was erronously misinterpretting the port as a containername. Fixes: #1791832 Signed-off-by: baude <bbaude@redhat.com> Signed-off-by: Brent Baude <bbaude@redhat.com>
* / add more image tests for go bindingsBrent Baude2020-02-21
|/ | | | | | adding more image tests for go bindings. one big change is that the params were converted from map[string]string to url.values to account for the ability to send []string as query params Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5280 from baude/addreturnOpenShift Merge Robot2020-02-21
|\ | | | | search endpoint failure correction
| * search endpoint failure correctionBrent Baude2020-02-21
| | | | | | | | | | | | | | | | when returning an invalid search, a return was omitted triggering a null on the consumer end. Fixes: #5228 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | disable generation of cni firewall pluginBrent Baude2020-02-21
|/ | | | | | | | it turns out that when the firewall plugin is not provided as part of the configuration, then the firewall cni plugin will dynamically figure out if it should use firewalld or iptables. also removing this from the default configuration file Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5213 from mheon/remove_db_imagevolOpenShift Merge Robot2020-02-21
|\ | | | | Remove ImageVolumes from database
| * Remove ImageVolumes from databaseMatthew Heon2020-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Before Libpod supported named volumes, we approximated image volumes by bind-mounting in per-container temporary directories. This was handled by Libpod, and had a corresponding database entry to enable/disable it. However, when we enabled named volumes, we completely rewrote the old implementation; none of the old bind mount implementation still exists, save one flag in the database. With nothing remaining to use it, it has no further purpose. Signed-off-by: Matthew Heon <mheon@redhat.com>