| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
enable gocritic linter
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We should not exclude contianers by name. If a users has a container
with the name "inf" it is currently skipped. This is wrong. The k8s yaml
does not contain infra containers so we do not have to skip them.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The linter ensures a common code style.
- use switch/case instead of else if
- use if instead of switch/case for single case statement
- add space between comment and text
- detect the use of defer with os.Exit()
- use short form var += "..." instead of var = var + "..."
- detect problems with append()
```
newSlice := append(orgSlice, val)
```
This could lead to nasty bugs because the orgSlice will be changed in
place if it has enough capacity too hold the new elements. Thus we
newSlice might not be a copy.
Of course most of the changes are just cosmetic and do not cause any
logic errors but I think it is a good idea to enforce a common style.
This should help maintainability.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| |/
|/| |
remote: do not join user NS
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
As noticed while debugging #13992, do not join the rootless user NS as a
Linux remote client.
[NO NEW TESTS NEEDED] as existing tests should continue to work.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| |/
|/| |
machine starting status
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman machine was using the file modification time to get the running status
add three new config entries Starting (bool) Created (time) LastUp (time) to actually
keep track of when these events happened. This means we can use the config file
to actually store this data and not mess up the created/last-up time.
This fixes the issues where the machine would report running 15 seconds before it was up.
Also fixes the issue of modifying the file manually and saying the machine is "up"
[NO NEW TESTS NEEDED]
resolves #13711
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| |\ \
| | |
| | | |
Implement Windows volume/mount support
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Based on WSL2 9p support: remaps windows paths to /mnt/<drive> locations for
both podman and Docker API clients.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Unit tests for pkg/specgenutil pkg/signal
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
Add some lightweight unit tests to the arsenal.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Add podman machine test suite
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This PR introduces a test suite for podman machine. It can currently be
run on developers' local machines and is not part of the official CI
testing; however, the expectation is that any work on machine should
come with an accompanying test.
At present, the test must be run on Linux. It is untested on Darwin.
There is no Makefile target for the test. It can be run like `ginkgo -v
pkg/machine/test/.`. It should be run as a unprivileged user.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Pass --tls-verify option in podman -remote build
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes: https://github.com/containers/podman/issues/13979
[NO NEW TESTS NEEDED] Buildah has a test for this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
enable unparam linter
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The unparam linter is useful to detect unused function parameters and
return values.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Rootfull -> Rootful
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee.
We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
Add support for passing --volumepath
|
| | | |/
| |/|
| | |
| | |
| | |
| | | |
Fixes: https://github.com/containers/podman/issues/13860
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Do not use a list of statuses outside of libpod to validate container
statuses. Removing status was never added to the list.
Fixes: https://github.com/containers/podman/issues/13986
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
replace golint with revive linter
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
golint, scopelint and interfacer are deprecated. golint is replaced by
revive. This linter is better because it will also check for our error
style: `error strings should not be capitalized or end with punctuation or a newline`
scopelint is replaced by exportloopref (already endabled)
interfacer has no replacement but I do not think this linter is
important.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
use etchosts package from c/common
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Because /etc/hosts is shared for all containers with a shared network
namespace you should not be able to add hosts from a joined container.
Only the primary netns container can set the hosts.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Add support for --userns=nomap
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.
This would add protection against a hostile process escapping the
container and reading content in your homedir.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
enable staticcheck linter
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
There is no reason to mark them directly as deprecated since we still
have to use them as long as we want to support 3.X calls. The
staticcheck linter is complaining about the Deprecated comment but that
doesn't make sense in this context. There is no good way to only exclude
a single check with golangci-lint.
I renamed the function with a V3 suffix to make clear that we only use
this for backwards compat.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix many problems reported by the staticcheck linter, including many
real bugs!
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
golang.org/x/crypto/ssh/terminal is deprecated. The package was moved to
golang.org/x/term. golang.org/x/crypto/ssh/terminal was already just
calling golang.org/x/term itslef so there are no functional changes.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| | | |
| | | | |
specgen-volumes: parse `--mount` using csv-reader instead of split.
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Following commit ensures that csv escaping is supported while using
inline `--mount=type=......` flag with `podman run` by using
`encoding/csv` to parse options instead of performing a `split.String(`
by `comma`.
Closes: https://github.com/containers/podman/issues/13922
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Switch all rootful to rootfull
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] Run codespell on code
|
| | |/
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
podman container clone -f
|
| | |
| |
| |
| |
| |
| |
| |
| | |
add the option -f to force remove the parent container if --destory is specified
resolves #13917
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| |\ \
| | |
| | | |
Add support for checkpoint image
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is an enhancement proposal for the checkpoint / restore feature of
Podman that enables container migration across multiple systems with
standard image distribution infrastructure.
A new option `--create-image <image>` has been added to the
`podman container checkpoint` command. This option tells Podman to
create a container image. This is a standard image with a single layer,
tar archive, that that contains all checkpoint files. This is similar to
the current approach with checkpoint `--export`/`--import`.
This image can be pushed to a container registry and pulled on a
different system. It can also be exported locally with `podman image
save` and inspected with `podman inspect`. Inspecting the image would
display additional information about the host and the versions of
Podman, criu, crun/runc, kernel, etc.
`podman container restore` has also been extended to support image
name or ID as input.
Suggested-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
activation.Listeners() can return an net.Listener array which contains
nil entries if it cannot listen on the given fds. This can cause podman
to panic so we should check the we have non nil net.Listener first.
[NO NEW TESTS NEEDED] No idea how to reproduce this.
Fixes #13911
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
|
|
|
|
|
| |
Since the listener is already an interface there is no reason to use a
extra pointer for it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
healthcheck: set default healthcheck `Interval` if not specified in image
|
| | |
| |
| |
| |
| |
| |
| | |
Set appropriate defaults for `--interval` when
processing a Containerfile with build format as docker.
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \
| |/
|/| |
Respect "Rootful" when starting WSL API Forwarding
|
| | |
| |
| |
| | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
in specgen, CLI path uses the given memory limit to define the swap value (if not already specified)
add a route to this piece of code from within the api handlers
resolves #13145
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \
| | |
| | | |
Add support for ipc namespace modes "none, private, sharable"
|
