| Commit message (Collapse) | Author | Age |
|\
| |
| | |
machine: Fix check which is always true
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before making / mutable/immutable, podman-machine checks if the mount is
being done in /home or /mnt. However the current check is always going
to be true:
```
!strings.HasPrefix(mount.Target, "/home") || !strings.HasPrefix(mount.Target, "/mnt")
```
is false when mount.Target starts with "/home" and mount.Target starts
with "/mnt", which cannot happen at the same time.
The correct check is:
```
!strings.HasPrefix(mount.Target, "/home") && !strings.HasPrefix(mount.Target, "/mnt")
```
which can also be written as:
```
!(strings.HasPrefix(mount.Target, "/home") || strings.HasPrefix(mount.Target, "/mnt"))
```
The impact is not too bad, it results in extra 'chattr -i' calls which
should be unneeded.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|\ \
| |/
|/| |
Set TLSVerify=true by default for API endpoints
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Option defaults in API must be the same as in CLI.
```
% podman image push --help
% podman image pull --help
% podman manifest push --help
% podman image search --help
```
All of these CLI commands them have --tls-verify=true by default:
```
--tls-verify require HTTPS and verify certificates when accessing the registry (default true)
```
As for `podman image build`, it doesn't have any means to control
`tlsVerify` parameter but it must be true by default.
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some refer to issues that are closed. Remove them.
Some are runc bugs that will never be fixed. Say so, and remove
the FIXME.
One (bps/iops) should probably be fixed. File an issue for it, and
update comment to include the issue# so my find-obsolete-skips script
can track it.
And one (rootless mount with a "kernel bug?" comment) is still
not fixed. Leave the skip, but add a comment documenting the symptom.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
fix container create/run throttle devices
|
| |
| |
| |
| |
| |
| | |
pod resource limits introduced a regression where `FinishThrottleDevices` was not called for create/run
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
Add pause/unpause --latest, --cidfile, --filter
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
--latest : pause/unpause the latest container.
--filter : pause/unpause the filtered container.
--cidfile : Read container ID from the specified file and pause/unpause the container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|\ \ \
| | | |
| | | | |
API: libpod/create use correct default umask
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make sure containers created via API have the correct umask from
containers.conf set.
Fixes #15036
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Implement kubernetes secret handling for podman play kube
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add support for both creating a secret using yaml and mounting a secret as a volume given a yaml file.
Kubernetes secrets have a different structure than podman and therefore have to be handeled differently.
In this PR, I have introduced the basic usecases of kube secrets with more implementations like env secrets
to come!
resolves #12396
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \
| |_|/
|/| | |
compat api: allow default bridge name for networks
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix some network option parsing logic to use constants.
Always use the isolate option since this is what docker does.
Remove the icc option, this is different from isolate and it is not
implemented.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Docker uses "bridge" as default network name so some tools expect this
to work with network list or inspect. To fix this we change "bridge" to
the podman default ("podman") name.
Fixes #14983
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
Compat API: unify pull/push and add missing progress info
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Progress bar in JSONMessage is missing compared to docker output both in
pull and push. Additionaly, pull was not using JSONMessage while push
was using the type.
[NO NEW TESTS NEEDED]
Signed-off-by: Jakub Guzik <jguzik@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
enable linter for pkg/machine/e2e
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The memory both local and in the CI test is converted to 3822. I don't
know why this changed but I want to have this working again. For the
future we should look at a more robust solution.
Fixes #15012
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The same problem again as 4374038cc67405e3f5555b1870d5bb7f6570fa5d.
Also fix the incorrect --format autocompletion struct.
It should be avoided to import cmd/podman/... packages from outside of
cmd/podman. This can lead in weird hard to debug import paths but also
can have negative consequences when imported in unit tests. In this case
it will set XDG_CONFIG_HOME and thus the machine tests this dir over the
tmp HOME env variable which is set at a later point. This caused machine
files to be leaked into the actual users home dir.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also fix the machine ssh code order to provide a better error message.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Rename all files to _test.go and rename the package to e2e_test. This
makes the linter less strict about things like dot imports.
Add some unused nolint directives to silence some warnings, these can be
used to find untested options so someone could add tests for them.
Fixes #14996
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
remote push: show copy progress
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
`podman-remote push` has shown absolutely no progress at all. Fix that
by doing essentially the same as the remote-pull code does.
The get-free-out-of-jail-card for backwards compatibility is to let the
`quiet` parameter default to true. Since the --quioet flag wasn't
working before either, older Podman clients do not set it.
Also add regression tests to make sure we won't regress again.
Fixes: #11554
Fixes: #14971
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
added the following flags and handling for podman pod create
--memory-swap
--cpuset-mems
--device-read-bps
--device-write-bps
--blkio-weight
--blkio-weight-device
--cpu-shares
given the new backend for systemd in c/common, all of these can now be exposed to pod create.
most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here
as well!
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Fix potential body leak on mid-stream read error when fetching artifact version
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\ \ \
| | | |
| | | | |
pkg,libpod: remove `pkg/hooks` and use `hooks` from `c/common`
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
PR https://github.com/containers/common/pull/1071 moved `pkg/hooks` to
`c/common` hence remove that from podman and use `pkg/hooks` from
`c/common`
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix machine test
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
DownloadVMImage takes an extra argument.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Update init ctr default for play kube
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \
| |/
|/| |
"podman pod pause" return error if cgroups v1 rootless container
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is a possibility that podman does not output expected error message.
(e.g. When pause rootless cgroups v1 container on host)
This problem is solved by appending `report.Errs` to `reports` before `continue`.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|/
|
|
|
|
|
|
|
| |
- Also save the file using this convention.
- Change the general pull mechanism to print the local file
as opposed to the remote to enable this - no change in
observed behavior on mac
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\
| |
| | |
Clean up cached machine images
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When initing machines, we download a machine image, and uncompress and
copy the image for the actual vm image. When a user constantly pulls new
machines, there may be a buildup of old, unused machine images. This
commit cleans ups the unused cached images.
Changes:
- If the machine is pulled from a URL or from the FCOS releases, we pull
them into XDG_DATA_HOME/containers/podman/machine/vmType/cache
- Cache cleanups only happen if there is a cache miss, and we need to
pull a new image
- For Fedora and FCOS, we actually use the cache, so we go through the
cache dir and remove any images older than 2 weeks (FCOS's release cycle), on a cache miss.
- For generic files pulled from a URL, we don't actually cache, so we
delete the pulled file immediately after creating a machine image
- For generic files from a local path, the original file will never be
cleaned up
Note that because we cache in a different dir, this will not clean up
old images pulled before this commit.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|/
|
|
|
|
|
| |
When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there
is not .ssh dir, we should create it, so the init does not fail.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|
|
|
|
|
|
| |
Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in
getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy.
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
|\
| |
| | |
Switch to `github.com/blang/semver/v4`
|
| |
| |
| |
| |
| |
| |
| |
| | |
Switch to the latest version of the now go module compatible release.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
|\ \
| |/
|/| |
Use prepared image for WSL machine init
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit introduces a prepared image for setting up the WSL2
environment. This means that the deployment will take considerable
less time to finish (as it does not need to run an update and package
install), but also allows to rely on a cached image to re-init the
environment without the need for an internet connection.
[NO NEW TESTS NEEDED]
Signed-off-by: Gerard Braad <me@gbraad.nl>
|
|\ \
| | |
| | | |
Add "podman kube play" cmd
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The "podman kube play" command is designed to be a replacement for the
"podman play kube" command.
It performs the same function as "play kube" while also still working with the same flags and options.
The "podman play kube" command is still functional as an alias of "kube play".
Closes #12475
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Fix machine test for list
|
| |/
| |
| |
| |
| |
| |
| |
| | |
The list --format json test case had a typo like error.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
if podman is running in the root cgroup, it will create a new
subcgroup and move itself there.
[NO NEW TESTS NEEDED] it needs nested podman
Closes: https://github.com/containers/podman/issues/14884
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|