| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The slirp4netns port forwarder was not updated to make use of the new
port format. This results in a problem when port ranges are used since
it does not read the range field from the port.
Update the logic to iterate through all ports with the range and
protocols. Also added a system test for port ranges with slirp4netns,
rootlesskit and the bridge network mode.
Fixes #13643
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
| |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
systemd expects the container_uuid environment variable be set
when it is running in a container.
Fixes: https://github.com/containers/podman/issues/13187
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
One of the pod tests was leaving a stray image behind,
causing scary red warnings in CI logs. Clean that up.
Also, now that #13541 has merged, use 'rmi --ignore' instead of
ignoring exit status from rmi
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Add an `--ignore` flag to `podman image rm` to instruct ignoring image
if a specified image does not exist and to not throw an error. Other
commands (e.g., `podman container rm`) already support this flag.
Such an `--ignore` flag can come in handy in clean-up scripcts such as
the teardown phases in the Podman tests.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Make sure to ignore local {container,docker}ignore files when building a
local pause image. Otherwise, we may mistakenly not be able to copy
catatonit into the build container.
Fixes: #13529
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Allow users to add annotions in the podman play kube command.
This PR Also fixes the fact that annotations in the pod spec were
not being passed down to containers.
Fixes: https://github.com/containers/podman/issues/12968
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Add --context-dir option to podman play kube
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This option was requested so that users could specify alternate
locations to find context directories for each image build. It
requites the --build option to be set.
Partion Fix: https://github.com/containers/podman/issues/12485
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Invoking parallel/concurrent builds from podman race against each other
following behviour was fixed in
https://github.com/containers/storage/pull/1153 and https://github.com/containers/image/pull/1480
Test verifies if following bug is fixed in new race-free API or not.
Read more about this issue, see bz 2055487 for more details.
More details here: https://github.com/containers/buildah/pull/3794 and https://github.com/containers/podman/pull/13339
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Aditya R <arajan@redhat.com>
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/12768
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Don't log errors on removing volumes inuse, if container --volumes-from
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When removing a container created with a --volumes-from a container
created with a built in volume, we complain if the original container
still exists. Since this is an expected state, we should not complain
about it.
Fixes: https://github.com/containers/podman/issues/12808
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
| |
When a test which creates a network fail it will not remove the network.
The teardown logic should remove the networks. Since there is no --all
option for network rm we use network prune --force.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| |
| |
| | |
Romain-Geissler-1A/url-and-connection-implies-remote
Option --url and --connection should imply --remote.
|
| |
| |
| |
| |
| |
| | |
Closes #13242
Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
|
|\ \
| | |
| | | |
provide better error on invalid flag
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a extra `See 'podman command --help'` to the error output.
With this patch you now get:
```
$ podman run -h
Error: flag needs an argument: 'h' in -h
See 'podman run --help'
```
Fixes #13082
Fixes #13002
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We're running into problems that are impossible to diagnose
because we have no idea if the SUT is using netavark or CNI.
We've previously run into similar problems with runc/crun,
or cgroups 1/2.
This adds a one-line 'echo' with important system info. Now,
when viewing a full test log, it will be possible to view
system settings in one glance.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The CONTAINERS_CONF environment variable can be used to override the
configuration file, which is useful for testing. However, at the moment
this variable is not propagated to conmon. That means in particular, that
conmon can't propagate it back to podman when invoking its --exit-command.
The mismatch in configuration between the starting and cleaning up podman
instances can cause a variety of errors.
This patch also adds two related test cases. One checks explicitly that
the correct CONTAINERS_CONF value appears in conmon's environment. The
other checks for a possible specific impact of this bug: if we use a
nonstandard name for the runtime (even if its path is just a regular crun),
then the podman container cleanup invoked at container exit will fail.
That has the effect of meaning that a container started with -d --rm won't
be correctly removed once complete.
Fixes #12917
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
|/
|
|
|
|
|
|
| |
This comment refers to overiding $PODMAN although the code below does
nothing of the sort. Presumbly the comment has been outdated by altering
the containers.conf / $CONTAINERS_CONF instead.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/12763
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
move rootless netns slirp4netns process to systemd user.slice
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When running podman inside systemd user units, it is possible that
systemd kills the rootless netns slirp4netns process because it was
started in the default unit cgroup. When the unit is stopped all
processes in that cgroup are killed. Since the slirp4netns process is
run once for all containers it should not be killed. To make sure
systemd will not kill the process we move it to the user.slice.
Fixes #13153
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
Followup to #13129: remove a no-longer-necessary workaround
for a healthcheck bug.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
healthcheck, libpod: Read healthcheck event output from os pipe
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All the healthcheck return output now but systems tests is written to
expect empty output which seems wrong.
Modify jq output to contain newline character rather than actual newline
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \
| | |
| | | |
append podman dns search domain
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Append the podman dns seach domain to the host search domains when we
use the dnsname/aardvark server. Previously it would only use podman
seach domains and discard the host domains.
Fixes #13103
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
Podman pod create --share-parent vs --share=cgroup
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
separated cgroupNS sharing from setting the pod as the cgroup parent,
made a new flag --share-parent which sets the pod as the cgroup parent for all
containers entering the pod
remove cgroup from the default kernel namespaces since we want the same default behavior as before which is just the cgroup parent.
resolves #12765
Signed-off-by: cdoern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Revert #13049. criu-3.16.1-6.fc36 fixes the problem and is
now in fc36 stable:
https://bodhi.fedoraproject.org/updates/FEDORA-2022-183b337712
(Yes, I confirmed that tests pass on a rawhide vm)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Also add a system-test that verifies netavark driver is in use when
magic env. var. is set.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit a1bc8cb52cefd49e8cc54ae14d1864b8a1ec216e.
Please see resolv.conf(5) search domains must be on the same line. If
you use multiple seach key words only the last one is used. I tested this
with alpine and it works correctly when they are on the same line so I
am not sure what issues Dan had with it but this is not correct.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Alpine does not seem to use search correctly when there are multiple
search domains on the same line. It only uses the first with the advent.
When podman runs within a separate network we are appending on
dns.podman as a search, if you add a search domain, then this causes the
local search on network to fail.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/13065
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| | |
...on kernel 5.17, because it's broken
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM,
and use the given UID and GID to execute the command properly.
machinectl is still used to create a user session. Ubuntu support is limited by this.
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Minimal: only test Fedora.Latest.
Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests:
https://github.com/containers/podman/issues/12989
Requires skipping two recently-added tests that use 'podman unshare',
which doesn't work on remote.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Amongst other things 030-run.bats checks for sensible error messages when
attempting a "podman run" with a non-existent or inaccessible path. It
checks for these messages, which come from the low-level runtime, in a lot
of detail, including separate versions for runc and crun. This is fragile
in several ways:
* It's likely to fail if using a runtime other than crun or runc
* It relies on detecting whether the runtime is crun vs. runc using the
path, which could fail if the binary has been named something unusual
* It will break if crun or runc ever alter their error message (even if
it's just changing case)
This replaces the checked versions with a much more accepting regex which
will work for both the runc and crun messages, while still looking for the
essential pieces. This isn't guaranteed to work with other runtimes, but
it's much more likely to.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Amongst other things 005-info.bats tests that the host.ociRuntime.package
field in the output from "podman info" reports something containing "crun"
or "runc".
While those are obviously the dominant runtimes in practice, it seems
undesirable to explicitly exclude them in testing. So, remove this
specific test.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
|
| |
| |
| |
| |
| |
| |
| |
| | |
systemd 250 on f36 has changed the output format of a message
our tests rely on. This breaks bodhi gating tests. Fix test
so it accepts a continually-growing set of systemd outputs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
Tests for podman image scp (the sudo form)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
viz, rootful system tests. The rootless account will be
used by image-scp tests.
Unfortunately, having ssh available means the system-connection
tests will start running, which is very bad because they will
fail, because system connection doesn't actually work (long story).
Add a few more checks to prevent this test from running.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Start inching our way back to having tests for the sudo form
of podman image scp. Basically, copy an image to another user
and then back, using a pseudorandom name. Confirm that the
image makes it to the remote end, and that when we copy it
back, the original image digest is preserved.
When scp'ing as root, we identify the destination rootless
user account via the $PODMAN_ROOTLESS_USER envariable. Setting
this and creating the account is left as an exercise for the
CI framework (be it github, or Fedora/CentOS/RHEL gating, or
other).
Also: amend hack/bats to set and relay $PODMAN_ROOTLESS_USER,
so developers can test locally.
Also: remove what I'm 99% sure is a debugging printf.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve our compatibility with Docker by better handling the
state strings that we print in `podman ps`. Docker capitalizes
all states in `ps` (we do not) - fix this in our PS code. Also,
stop normalizing ContainerStateConfigured to the "Created" state,
and instead make it always be Created, with the existing Created
state becoming Initialized.
I didn't rename the actual states because I'm somewhat reticent
to make such a large change a day before we leave for break. It's
somewhat confusing that ContainerStateConfigured now returns
Created, but internally and externally we're still consistent.
[NO NEW TESTS NEEDED] existing tests should catch anything that
broke.
I also consider this a breaking change. I will flag appropriately
on Github.
Fixes RHBZ#2010432 and RHBZ#2032561
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Replace https://github.com/containers/podman/blob/master
with https://github.com/containers/podman/blob/main
to match the new default branch "main". Previously
the default branch was "master". This is the only
occurence found in the code.
* Replace https://raw.githubusercontent.com/containers/libpod/master
with https://raw.githubusercontent.com/containers/podman/main
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|