| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR further implements a more structured approach to handling the
files needed by machine. More files are now made as MachineFile which
can then have a symlink (using a shorter path) to them. Also added Set
and Get methods for many of the files.
The next part of the refactor will implement the use of symlinks on
MacOS.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
| |
Signed-off-by: John Matthews <jwmatthews@gmail.com>
|
|\
| |
| | |
Set systemd mode if entrypoint begins with /bin/sh -c
|
| |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/13324
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
If podman detects a Machinev1 config, it will automatically migrate it
to the new format.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the way machine was written was very adjunct and as such is in dire need
of refactoring to better structures and structure methods where
appropriate. the weekest part is specifically around all the files that
machine requires and how some are just dynamically built on the fly.
this pr defines a new machinefile type which allows us to work with the
file and also takes into account the use of symlinks which are going to
be needed on macos due to its relatively short file length restriction.
also, added unit tests for new methods as well as anywhere else I saw a
need.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
Switch all calls to filepath.Walk to filepath.WalkDir
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
WalkDir should be faster the Walk, since we often do
not need to stat files.
[NO NEW TESTS NEEDED] Existing tests should find errors.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Vendor c/common for filters
|
| |
| |
| |
| |
| |
| |
| |
| | |
Added patch provided by rhatdan to add support for shareable
[NO NEW TESTS NEEDED]
Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
|
|\ \
| | |
| | | |
Resolves #13629 Add RegistryAuthHeader to manifest push
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jason Montleon <jmontleo@redhat.com>
|
|\ \ \
| | | |
| | | | |
Remove error stutter
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When podman gets an error it prints out "Error: " before
printing the error string. If the error message starts with
error, we end up with
Error: error ...
This PR Removes all of these stutters.
logrus.Error() also prints out that this is an error, so no need for the
error stutter.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add Context Directory to tar
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman build fails on remote build when using a relative context directory.
This is because the context dir was not being added to the tar, so when remote
the compat build function would not be able to stat the contextDir.
resolves #13293
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \ \ \
| | | | |
| | | | | |
Fix manifest 4.0 endpoints
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO NEW TESTS NEEDED]
* Branch forced 4.0 only endpoints, which broke bindings
* Fix lint error, in new code
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podman machine start: lookup qemu path again if not found
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Use logrus.IsLevelEnabled because this will cover all levels below it as
well. Currently this condition would fail for the trace log level.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We store the full path to qemu in the machine config. When the path
changes on the host the machine can longer be started. To fix it we get
the path again when we fail to start the machine due the missing binary.
We want to store and use the full path first because otherwise existing
machines can break when the qemu version changed.
[NO NEW TESTS NEEDED] We still have no machine tests.
Fixes #13394
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
container: allow clone to an existing pod
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Closes: https://github.com/containers/podman/issues/3979
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
do not set the inheritable capabilities
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The kernel never sets the inheritable capabilities for a process, they
are only set by userspace. Emulate the same behavior.
Closes: CVE-2022-27649
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The PlayKube and PlayKubeDown commands accepted a "path" argument to a YAML file
to play. This requires the caller to write the YAML to a file path. The downside
of this is apparent in the HTTP handlers which have to use a temporary file on
disk to store the YAML file.
The file is opened & used as the body of the HTTP request. It's possible to
instead pass a io.Reader and use a fully in-memory request body.
Add backwards-compatible changes to bindings to allow passing either a filepath
or a io.Reader body.
Refactor the podman bindings to use a io.Reader instead of a filepath.
Simplify the HTTP handlers for PlayKube by removing the now unneeded tempfile.
[NO NEW TESTS NEEDED]
Signed-off-by: Christian Stewart <christian@paral.in>
|
|\ \ \ \
| | | | |
| | | | | |
podman stats: calc CPU percentage correctly
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When you run podman stats, the first interval always shows the wrong cpu
usage. To calculate cpu percentage we get the cpu time from the cgroup
and compare this against the system time between two stats. Since the
first time we do not have a previous stats an empty struct is used
instead. Thus we do not use the actual running time of the container but
the current unix timestamp (time since Jan 1 1970).
To fix this we make sure that the previous stats time is set to the
container start time, when it is empty.
[NO NEW TESTS NEEDED] No idea how I could create a test which would have
a predictable cpu usage.
See the linked bugzilla for a reproducer.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2066145
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When starting a VM that has been configured with volume mounts, the
podman client attempts to connect via TCP to localhost, which runs
gvproxy to proxy an ephemeral port to the VM's ssh port. Previously,
gvproxy was listening on all interfaces and IP addresses, but this
behavior has changed to listening only on the IPv4 loopback address.
Without this change, if a newer build of gvproxy is used, a podman
machine configured with volume mounts will hang forever after "podman
machine start" with "Waiting for VM ...".
[NO NEW TESTS NEEDED]
Signed-off-by: Burt Holzman <burt@fnal.gov>
|
|\ \ \ \
| | | | |
| | | | | |
import: allow users to set `--os`, `--arch` and `--variant` of image imports
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Allows users to set `--os` , `--arch` and `--variant` of the image
created from the custom import.
Following is useful when user is already aware of the values which are
correct for their generated rootfs
Signed-off-by: Aditya R <arajan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO NEW TESTS NEEDED]
Improve swagger and handler code compatibility.
Fixes #12804
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Numerous issues remain, especially in tests/e2e.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Still an unknown number remains but I am running out of patience.
Adding dots is not the best use of my time.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A number of cases looked suspicious, so I marked them with `FIXME`s to
leave some breadcrumbs.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
bump golangci-lint to v1.45.0
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* supports Go 1.18
* disable a number of new linters
* fix minor stylecheck issues
[NO NEW TESTS NEEDED]
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add an `--ignore` flag to `podman image rm` to instruct ignoring image
if a specified image does not exist and to not throw an error. Other
commands (e.g., `podman container rm`) already support this flag.
Such an `--ignore` flag can come in handy in clean-up scripcts such as
the teardown phases in the Podman tests.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Tolerate old machine images, but warn they should be recreated
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
Start in a reduced mode for recovery, warn, and provide instructions to recreate them
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| | |
| | | |
podman create: building local pause image: do not read ignore files
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make sure to ignore local {container,docker}ignore files when building a
local pause image. Otherwise, we may mistakenly not be able to copy
catatonit into the build container.
Fixes: #13529
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Set rawimage for containers created via play kube
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit set the containers RawImageName to default image name
specified in Pod YAML, so the containers could be used via autoupdate
feature, which needs the RawImageName to be set.
Currently RawImageName is set only for the create/run/clone podman
commands.
[NO NEW TESTS NEEDED]
Signed-off-by: Ondra Machacek <omachace@redhat.com>
|