summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* add flag to record memory profilesValentin Rothberg2021-08-20
| | | | | | | | | Add a new flag `--memory-profile=$path` which creates a memory profile. The generated profile can later be analyzed via `go tool pprof`. [NO TESTS NEEDED] since it's a hidden flag, devs-only. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #11280 from Luap99/info-pluginsOpenShift Merge Robot2021-08-19
|\ | | | | Podman info output plugin information
| * Podman info output plugin informationPaul Holzinger2021-08-19
| | | | | | | | | | | | | | | | | | For docker compat include information about available volume, log and network drivers which should be listed under the plugins key. Fixes #11265 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11279 from guillaumerose/refactor1OpenShift Merge Robot2021-08-19
|\ \ | | | | | | machine: compute sha256 as we are reading the file
| * | machine: compute sha256 as we read the image fileGuillaume Rose2021-08-19
| | | | | | | | | | | | | | | | | | | | | | | | It avoids to have the full file in memory. [NO TESTS NEEDED] Signed-off-by: Guillaume Rose <gurose@redhat.com>
| * | machine: check for file exists instead of listing directoryGuillaume Rose2021-08-19
| |/ | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Guillaume Rose <gurose@redhat.com>
* | Merge pull request #11271 from jwhonce/issues/8577OpenShift Merge Robot2021-08-19
|\ \ | |/ |/| Clean up swagger
| * [NO TESTS NEEDED] Clean up swaggerJhon Honce2021-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | * Removed defined by unused responses * Added missing body definitions * Updated header input definitions Outstanding issues: * Supporting body ContainerConfig for /commit endpoint Fixes #8577 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #11260 from nalind/remote-build-pathOpenShift Merge Robot2021-08-19
|\ \ | | | | | | pkg/bindings/images.nTar(): slashify hdr.Name values
| * | pkg/bindings/images.nTar(): slashify hdr.Name valuesNalin Dahyabhai2021-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When setting path names in the build context archive, convert path names to use forward slashes, as is normal for those archives, so that directory hierarchies archived on Windows hosts extract correctly everywhere. Not really sure how to run the remote client in CI on a system that uses `\` as a path separator, which is where this error crops up, so [NO TESTS NEEDED] Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | | Merge pull request #11269 from Luap99/rootlessport-flakeOpenShift Merge Robot2021-08-18
|\ \ \ | | | | | | | | fix rootlessport flake
| * | | fix rootlessport flakePaul Holzinger2021-08-18
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the rootlessport process is started the stdout/stderr are attached to the podman process. However once everything is setup podman exits and when the rootlessport process tries to write to stdout it will fail with SIGPIPE. The code handles this signal and puts /dev/null to stdout and stderr but this is not robust. I do not understand the exact cause but sometimes the process is still killed by SIGPIPE. Either go lost the signal or the process got already killed before the goroutine could handle it. Instead of handling SIGPIPE just set /dev/null to stdout and stderr before podman exits. With this there should be no race and no way to run into SIGPIPE errors. [NO TESTS NEEDED] Fixes #11248 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / / Add ability to build images in play kubeBrent Baude2021-08-18
|/ / | | | | | | | | | | | | | | When playing a kube YAML file, it can be desirable to be able to build an image on the fly. This is good for development of an image and YAML files and somewhat mocks what compose does. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #11212 from flouthoc/check-valid-systemd-sessionopenshift-ci[bot]2021-08-17
|\ \ | | | | | | cgroup-manager-systemd: Warn early if user is rootless and no relevent user session is present.
| * | cgroup-manager-systemd:Fail early if user:rootless and relevent session is ↵flouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | not present. [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | Merge pull request #11192 from ashley-cui/darwinwarn3openshift-ci[bot]2021-08-17
|\ \ \ | | | | | | | | [NO TESTS NEEDED] Change connection error to be helpful for machine users
| * | | Change connection error to be helpful for machine usersAshley Cui2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If a podman-remote connection fails, remind the user to check their linux system and podman machine vm Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #11231 from flouthoc/move-volume-dest-to-serveropenshift-ci[bot]2021-08-17
|\ \ \ \ | | | | | | | | | | volume: move validating volume dest from client to server.
| * | | | fix: unifiedOverlays should be assigned if no conflicts found.flouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
| * | | | libpod/option.go remove error stutter from wrap/wrafflouthoc2021-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
| * | | | volume: move validating volume dest from client to server.flouthoc2021-08-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | | | Merge pull request #11224 from xatier/masteropenshift-ci[bot]2021-08-17
|\ \ \ \ \ | | | | | | | | | | | | Add space trimming check in ValidateSysctls
| * | | | | Add space trimming check in ValidateSysctlsxatier2021-08-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is to catch invalid sysctl configs with extra spacing. See https://github.com/containers/common/issues/723#issuecomment-897395506 Signed-off-by: xatier <xatierlike@gmail.com>
* | | | | | make sure that signal buffers are sufficiently bigValentin Rothberg2021-08-17
| |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dealing with os.Signal channels seems more like an art than science since signals may get lost. os.Notify doesn't block on an unbuffered channel, so users are expected to know what they're doing or hope for the best. In the recent past, I've seen a number of flakes and BZs on non-amd64 architectures where I was under the impression that signals may got lost, for instance, during stop and exec. [NO TESTS NEEDED] since this is art. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #11154 from cdoern/imagesPullopenshift-ci[bot]2021-08-16
|\ \ \ \ \ | |_|/ / / |/| | | | Libpod images pull changes
| * | | | Libpod images pull changescdoern2021-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added quiet param to docs to limit stream output. Formatted JSON. fixes #10612 Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | rename oneshot initcontainers to onceBrent Baude2021-08-12
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | after the init containers pr merged, it was suggested to use `once` instead of `oneshot` containers as it is more aligned with other terminiology used similarily. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #11206 from baude/gvproxynewpathopenshift-ci[bot]2021-08-12
|\ \ \ \ | | | | | | | | | | Set gvproxy path to /usr/libexec/podman/gvproxy
| * | | | Set gvproxy path to /usr/libexec/podman/gvproxyBrent Baude2021-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have reverted the previous patches to look for the gvproxy binary in /usr/lib/podman and have again decided to use /usr/libexec/podman [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
| * | | | Revert "Use static path for gvproxy"Brent Baude2021-08-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 4acc1d685066faa1dc102532ba76a81d3ec6bdc0. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #11203 from rhatdan/codespellopenshift-ci[bot]2021-08-12
|\ \ \ \ \ | |_|_|_|/ |/| | | | Run codespell to fix spelling
| * | | | Run codespell to fix spellingDaniel J Walsh2021-08-11
| |/ / / | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Just fixing spelling. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / / / For compatibility, ignore Content-TypeJhon Honce2021-08-11
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Endpoint /build logs an info entry when a client uses the wrong Content-Type for build payload. Given Content-Type is ignored and assumed to be "application/x-tar". Endpoint /libpod/build will fail unless "application/x-tar" or "application/tar" is given for Content-Type. "application/tar" will be logged as an info entry. Fixes #11012 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #11173 from jmguzik/pod-ps-until-filteropenshift-ci[bot]2021-08-11
|\ \ \ | |_|/ |/| | Add until filter to podman pod ps
| * | Add until filter to podman pod psJakub Guzik2021-08-10
| |/ | | | | | | | | | | | | | | This commit adds additional until filter to podman pod ps (ls/list). Additionally, it also adds descriptions for podman pod ps filters available via http api. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* / Add support for pod inside of user namespace.Daniel J Walsh2021-08-09
|/ | | | | | | | | | | | | Add the --userns flag to podman pod create and keep track of the userns setting that pod was created with so that all containers created within the pod will inherit that userns setting. Specifically we need to be able to launch a pod with --userns=keep-id Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* Merge pull request #11074 from vrothberg/auto-update-rollbackopenshift-ci[bot]2021-08-06
|\ | | | | auto-update: simple rollback
| * auto-update: simple rollbackValentin Rothberg2021-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for simple rollbacks during `podman auto-update`. Rollbacks are enabled by default. If a systemd unit cannot be restarted after an update, the previous image will be retagged and the unit will be restarted a second time. Add system tests for rollbacks. Also fix a bug in the restart sequence; we have to use the channel to actually know whether the restart was successful or not. NOTE: To make rollbacks really useful, users must run their containers with `--sdnotify=container` such that the containers send the ready message over the (mounted) socket. This way, restarting the systemd units during auto update will block until the message has been received (or a timeout kicked in). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #11141 from flouthoc/support-linux-execution-domainopenshift-ci[bot]2021-08-06
|\ \ | | | | | | personality: Add support for setting execution domain.
| * | personality: Add support for setting execution domain.flouthoc2021-08-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Execution domains tell Linux how to map signal numbers into signal actions. The execution domain system allows Linux to provide limited support for binaries compiled under other UNIX-like operating systems. Reference: https://man7.org/linux/man-pages/man2/personality.2.html Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | | Merge pull request #11136 from baude/machinelogsshopenshift-ci[bot]2021-08-05
|\ \ \ | | | | | | | | show podman machine ssh command line
| * | | show podman machine ssh command lineBrent Baude2021-08-05
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A user contributed a one line PR that enabled logging the podman machine ssh command for debug. The user was not able to complete the submission so this PR replaces that. [NO TESTS NEEDED] Replaces #10798 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #11135 from matejvasek/fix_tsopenshift-ci[bot]2021-08-05
|\ \ \ | |/ / |/| | Fix TS parsing for fractional values
| * | Fix TS parsing for fractional valuesMatej Vasek2021-08-04
| | | | | | | | | | | | | | | | | | Parse Unix timestamps that contains fractional part. Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | Merge pull request #11011 from baude/initcontainersopenshift-ci[bot]2021-08-05
|\ \ \ | |_|/ |/| | implement init containers in podman
| * | implement init containers in podmanBrent Baude2021-08-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this is the first pass at implementing init containers for podman pods. init containersare made popular by k8s as a way to run setup for pods before the pods standard containers run. unlike k8s, we support two styles of init containers: always and oneshot. always means the container stays in the pod and starts whenever a pod is started. this does not apply to pods restarting. oneshot means the container runs onetime when the pod starts and then is removed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #11132 from rhatdan/VENDORopenshift-ci[bot]2021-08-04
|\ \ \ | | | | | | | | Bump Buildah to v1.22.0 [NO TESTS NEEDED]
| * | | Bump Buildah to v1.22.0 [NO TESTS NEEDED]TomSweeneyRedHat2021-08-04
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Bump Buildah to v1.22.0 in preparation for RHEL 8.5 and RHEL 9.0beta. Also bump c/common to v0.42.1 [NO TESTS NEEDED] Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / | Fix podman unpause,pause,kill --all to work like podman stop --allDaniel J Walsh2021-08-04
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if you execute podman unpause --all, podman pause --all Podman shows attempts to unpause containers that are not paused and prints an error. This PR catches this error and only prints errors if a paused container was not able to be unpaused. Currently if you execute podman pause --all or podman kill --all, Podman Podman shows attempts to pause or kill containers that are not running and prints an error. This PR catches this error and only prints errors if a running container was not able to be paused or killed. Also change printing of multiple errors to go to stderr and to prefix "Error: " in front to match the output of the last error. Fixes: https://github.com/containers/podman/issues/11098 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #11096 from baude/gvproxystaticpathopenshift-ci[bot]2021-08-04
|\ \ | | | | | | Use static path for gvproxy