| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
| |
also make sure that the limits we set for rootless are not higher than
what we'd set for root containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the `podman generate kube` and `podman play kube` command. The code
has largely been copied from Podman v1 but restructured to not leak the
K8s core API into the (remote) client.
Both commands are added in the same commit to allow for enabling the
tests at the same time.
Move some exports from `cmd/podman/common` to the appropriate places in
the backend to avoid circular dependencies.
Move definitions of label annotations to `libpod/define` and set the
security-opt labels in the frontend to make kube tests pass.
Implement rest endpoints, bindings and the tunnel interface.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
| |
Failing tests are now skipped and we should work from this.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
podman play kube was ignoring the
imageData.Config
Volumes
WorkingDir
Labels
StopSignal
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
| |
When a container specification has a pull policy, we should honor it when recreating the pods/containers from yaml. furthermore, ini kube, if a tag is :latest, then the always pull policy is automatically instituted.
Fixes: #4880
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
| |
Add flag --seccomp-profile-root in play kube to allow users to specify where to look for seccomp profiles
update tests
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|
|
|
|
|
|
| |
Add handling of seccomp annotations to play kube at both container and pod levels.
also add a test
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Use GetDefaultAuthFile() from buildah.
For podman command(except login), if authfile does not exist returns error.
close #4328
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|
|
|
|
|
| |
for berevity
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The play kube test suite has many different cases to cover, and should only grow in coverage over time
The old design was difficult to extend, and there was lots of duplicated code.
The largest pain point was the Container struct needed to be changed often, and doing so caused changes every test case
Instead, adopt the `withOption` idiom. Now, adding a new option for customizing just involves adding a new withOption function, and changing the struct definition and initialization in one place.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|
|
|
|
|
|
| |
when securityContext wasn't specified in yaml.
add a test as well
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|
|
|
|
|
|
| |
* set hostname in pod yaml file
* set --hostname in pod create command
Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
|
|
|
|
| |
Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
|
|
|
|
|
|
|
| |
Take capabilities written in a kube and add to a container
adapt test suite and write cap-add/drop tests
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|
Before, play kube wasn't properly setting the command. Fix this
Also, begin a dedicated test suite for play kube to catch regressions like this in the future
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|