| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The helper function we use for signal name mapping does not
check for negative numbers nor invalid (too-high) ones. This
can yield unexpected error messages:
# podman kill -s -1 foo
ERRO[0000] unknown signal "18446744073709551615"
This PR introduces a small wrapper for it that:
1) Strips off a leading dash, allowing '-1' or '-HUP'
as valid inputs; and
2) Rejects numbers <1 or >64 (SIGRTMAX)
Also adds a test suite checking signal handling as well as
ensuring that invalid signals are rejected by the command line.
Fixes: #4746
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.0.0...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
container config: add CreateCommand
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Store the full command plus arguments of the process the container has
been created with. Expose this data as a `Config.CreateCommand` field
in the container-inspect data as well.
This information can be useful for debugging, as we can find out which
command has created the container, and, if being created via the Podman
CLI, we know exactly with which flags the container has been created
with.
The immediate motivation for this change is to use this information for
`podman-generate-systemd` to generate systemd-service files that allow
for creating new containers (in contrast to only starting existing
ones).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
podman images history test - clean up
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As initially written the test does not work other than in
a CI environment because it relies on an empty tag history.
Rewrite so we can guarantee that, by creating a new image.
Also add slightly more helpful tests: the initial tests
would just show "expected 0, got 1" which is unhelpful.
Tweak so we test on actual history contents, which will
show more informative messages on failure.
And, finally, clean up after ourselves.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Correctly export the root file-system changes
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When doing a checkpoint with --export the root file-system diff was not
working as expected. Instead of getting the changes from the running
container to the highest storage layer it got the changes from the
highest layer to that parent's layer. For a one layer container this
could mean that the complete root file-system is part of the checkpoint.
With this commit this changes to use the same functionality as 'podman
diff'. This actually enables to correctly diff the root file-system
including tracking deleted files.
This also removes the non-working helper functions from libpod/diff.go.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|/
|
|
|
|
|
| |
The profile should not be part of the repo and is already in the
gitignore.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\
| |
| | |
test for #3920 (improper caching of tarballs in build)
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
See https://github.com/containers/buildah/pull/1955
I've confirmed that this test fails under podman-1.6.2-2.fc30
and passes under current master.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Fix parsing for arrays of values in image changes
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The way we were trying to parse was very broken. I originally
attempted to use Buildah's Dockerfile parser here, but dealing
with it (and convincing it to accept only a limited subset, and
only one instruction at a time) was challenging, so I rewrote a
subset of Dockerfile parsing. This should handle most common
cases well, though there are definitely unhandled edge cases for
ENV and LABEL.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|/
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
container prune command fixed as per docker prune command
|
| |
| |
| |
| |
| |
| |
| | |
filter flag helps to filter the containers based on
labels, until(time), name, etc for prune command.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the user specifies .Server.* on a non podman-remote,
substitute .Client for .Server and return the value.
This is for compatability with Docker.
Since prior versions documented --format {{ .Version }}, we
have to continue to support that.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
This command will destroy all data created via podman.
It will remove containers, images, volumes, pods.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Trying to checkpoint a container started with --rm works, but it makes
no sense as the container, including the checkpoint, will be deleted
after writing the checkpoint. This commit inhibits checkpointing
containers started with '--rm' unless '--export' is used. If the
checkpoint is exported it can easily be restored from the exported
checkpoint, even if '--rm' is used. To restore a container from a
checkpoint it is even necessary to manually run 'podman rm' if the
container is not started with '--rm'.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\
| |
| | |
Add support for image name history
|
| |
| |
| |
| |
| |
| |
| |
| | |
We leverage the containers/storage image history tracking feature to
show the previously used image names when running:
`podman images --history`
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \
| | |
| | | |
Remove containers when pod prune & pod rm.
|
| |/
| |
| |
| |
| |
| |
| | |
This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod.
PrunePods and RemovePod should be able to remove containers without force removal of stopped pods.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
These only conflict when joining more than one network. We can
still set a single CNI network and set a static IP and/or static
MAC.
Fixes #4500
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add an --ignore flag to podman rm and stop. When specified, Podman will
ignore "no such {container,pod}" errors that occur when a specified
container/pod is not present in the store (anymore). The motivation
behind adding this flag is to write more robust systemd services using
Podman. A user might have manually decided to remove a container/pod
which would lead to a failure during the `ExecStop` directive of a
systemd service referencing that container/pod.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
e2e/prune: run two top containers
|
| |
| |
| |
| |
| |
| |
| |
| | |
In hope to make the prune tests more robust, run two top containers and
stop one explicitly to reduce the risk of a race condition.
Fixes: #4452
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
image prune command fixed as per docker image prune.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
filter option accepts two filters.
- label
- until
label supports "label=value" or "label=key=value" format
until supports all golang compatible time/duration formats.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
|\ \ \
| |_|/
|/| | |
Handle seccomp annotations in play kube
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add handling of seccomp annotations to play kube at both container and pod levels.
also add a test
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add new test suite for build
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Most build testing should be done in Buildah's test
suites, but we should have a minimal amount of tests,
especially testing the parts that are different like
layers and squash. Also the CLI argument handling
of things like the context directory that we've had
issues reported.
This first chunk does a basic test and then checks for
context directory being a file and squash iterations.
More to be added as time goes by.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman rm/stop --cidfile
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a --cidfile flag to podman rm/stop to pass a container ID via a
file. Podman run already provides the functionaly to store the ID
in a specified file which we now complete with rm/stop. This allows
for a better life-cycle management in systemd services. Note that
--cdifile can be specified multiple times to rm/stop.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
history: rewrite mappings
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rewrite the backend for displaying the history of an image to simplify
the code and be closer to docker's behaviour. Instead of driving
index-based heuristics, create a reverse mapping from top-layers to the
corresponding image IDs and lookup the layers on-demand. Also use the
uncompressed layer size to be closer to Docker's behaviour.
Note that intermediate images from local builds are not considered for
the ID lookups anymore.
Fixes: #3359
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
|
| |
the pull all tags test can frequently timeout when trying to pull all
alpine tags. using the pause image, which is smaller, should provide
some relief.
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
Fixed issue #4391; podman info --format '{{ json . }}'
|
| |
| |
| |
| | |
Signed-off-by: Jimmy Crumpler <slimjim2234@gmail.com>
|
|\ \
| | |
| | | |
fix bug check nonexist authfile
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use GetDefaultAuthFile() from buildah.
For podman command(except login), if authfile does not exist returns error.
close #4328
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| | | |
| | | | |
mount: add new options nocopyup|copyup for tmpfs
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
add a way to disable tmpcopyup for tmpfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman: add support for specifying MAC
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I basically copied and adapted the statements for setting IP.
Closes #1136
Signed-off-by: Jakub Filak <jakub.filak@sap.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently podman generate kube does not generate the correct RunAsUser and RunAsGroup
options in the yaml file. This patch fixes this.
This patch also make `podman play kube` use the RunAdUser and RunAsGroup options if
they are specified in the yaml file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Set SELinux labels based on the security context in the kube.yaml
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the kube.yaml specifieds the SELinux type or Level, we need the container
to be launched with the correct label.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|