| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix bad design decision (mine) by adding a simple usage check to 'skip'
and 'skip_if_remote' functions: if invoked without test-name args,
fail loudly and immediately.
Background: yeah, their usage is not intuitive. Making the first arg
be a comment helps with _reading_ the code, but not _writing_ new
additions. A developer in a hurry could write "skip this-test" and,
until now, that would be a silent NOP.
Tested by adding broken skip/skip_if_remote calls inline; I confirm
that the line number and funcname usage is correct.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command
Previously, if a container was not running, and the user ran the `podman
stats` command, an error would be reported: `Error: container state
improper`.
Podman now reports stats as the fields' default values for their
respective type if the container is not running:
```
$ podman stats --no-stream demo
ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU %
4b4bf8ce84ed demo 0.00% 0B / 0B 0.00% 0B / 0B 0B / 0B 0 0s 0.00%
```
Closes: #14498
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
APIv2 tests are flaky after this morning's merge of #14543.
Symptom:
test-apiv2: Timed out (10s) waiting for service (/dev/tcp/localhost/5564)
journal shows:
registry[7421]: panic: unable to configure authorization (htpasswd):
no access controller registered with name: none
Possible cause:
Mix of REGISTRY_AUTH=none with REGISTRY_AUTH_HTPASSWD_* vars.
https://github.com/distribution/distribution/issues/1168
Solution:
only set _HTPASSWD_* vars when AUTH=htpasswd
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
| |
Fixes #14184
Docs: https://onsi.github.io/gomega/#making-asynchronous-assertions
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
this patch included additonal host namespace checks when creating a ctr as well
as fixing of the tests to check /proc/self/ns/net
see #14461
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason commit 5b79cf15a022 moved the container create options
parsing from cmd/podman/common to pkg/api/handlers. However it did not
remove the old code. Unfortunately it moved the code from an outdated
version and did not update it before this commit was merged.
Therefore a couple of regressions were introduced. I manually compared
both versions and found three missing bugfixes.
I fixed the network test again that was changed in bce97a3b5dd1. We
want bridge as default even as rootless. Sine the test is not run as
rootless in CI the regression was not caught.
Also the no hosts test never worked since it was missing the import
check if the hosts file exists.
I don't think we can check for the volume parsing change since this only
works on windows/wsl.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
| |
`podman container restore --file-locks` does not restore file locks
because this option is not passed to OCI runtime. This patch fixes this
issue.
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Mostly fix a bad design decision I made early on, re: registry.
old: registry starts once, runs to the end
new: registry is brought up on demand, then stopped
Reason: there are times when we need a password-controlled
registry, and times when we need it open.
As long as I'm in here, I've also cleaned up some confusing code
and fixed things so tests can run rootless again.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Also:
- It fixes a regression in parsing "images" parameter in
ManifestAddV3 handler.
- Refactors 12-imagesMore.at to use start_registry helper.
- Removes some unsafe "exit 1" statements which skip clean up.
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
| |
|
|
|
|
|
|
|
| |
infra was overriding options that it should be appending rather than resetting.
fix this by appending the given container's spec to the compatible options before marshaling/unmarshaling
resolves #14454
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a container with a userns is created the network setup is special.
Normally the netns is setup before the oci runtime container is created,
however with a userns the container is created first and then the network
is setup. In the second case we never saved the container state
afterwards. Because of it, podman inspect would not show the network info
and network teardown will not happen.
This worked with local podman because there was a save() call later in the
code path which then also saved the network status. But in the podman API
code path this save never happened thus all containers started via API had
this problem.
Fixes #14465
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Setting the build context to a dedicated subdir makes sure that the test does not
flake when running in parallel, as the test is isolated from other tests
that may dump secrets in a higher level context dir.
This should have been done in
https://github.com/containers/podman/pull/13457, as this makes that PR
actually work.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The backend should not convert partial lines to full log lines. While
this works for most cases it cannot work when the last line is partial
since it will just be lost. The frontend logic can already display
partial lines correctly. The journald driver also works correctly since
it does not such conversion.
Fixes #14458
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
| |
Save at most three images and sort them by size. The test started to
flake as _all_ local images were saved which is not neccessary.
Fixes: #14468
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
the function `GetDefaultNamespaceMode` for pods checks if we are sharing each namespace
and if not, returns the default which in the case of a network is slirp.
add a switch case for explicitly checking if the pod's network mode is host
and if so, return specgen.Host for the container
resolves #13763
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
| |
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
podmans remote API does not marshal infra's spec due to
the fact that if it did, all of those options would be available to
the users on the command line. This means we need to manually map "backwards"
some container spec items -> pod spec items before calling PodCreate, this was
one of them that was forgotten
resolves #14233
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hardcoding the interface name is a bad idea. We have no control over the
actual interface name since the user can change it.
The correct thing is to read them from the network status. Since the
contianer can have more than one interface we have to add the RX/TX
values. The other values are currently not used.
For podman 5.0 we should change it so that the API can return the
statistics per interface and the client should sum the TX/RX for the
command output. This is what docker is doing.
Fixes #13824
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The test calls podman run -d followed by podman logs. There is no
guarantee the the container or conmon has written all its output.
Adding an extra podman wait should fix this.
Do not remove the -d to not print 1000 unnecessary lines in the logs.
Fixes #14362
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a container does not use the default podman netns, for example
--network none or --network ns:/path a restore would fail because the
specgen check validates that c.config.StaticMAC is nil but the
unmarshaller sets it to an empty slice.
While we could make the check use len() > 0 I feel like it is more
common to check with != nil for ip and mac addresses.
Adding omitempty tag makes the json marshal/unmarshal work correctly.
This should not cause any issues.
Fixes #14389
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In docker, the format of no-new-privileges is
"no-new-privileges:true". However, for Podman
all that's required is "no-new-privileges", leading to issues
when attempting to use features desgined for docker in podman.
Adding support for the ":" format to be used along with the "="
format, depedning on which one is entered by the user.
fixes #14133
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
I am not 100% sure if this is actually causing the problem but I was
able to reproduce locally and this change fixed it there. Without the `-n`
option iptables tries to reverse lookup the ips to domain names. This is
extremely slow for unknown reasons. Given the large amount of iptables
entries due parallel test runs it will not succeed in the default 90 sec
timeout.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
| |
Match with docker API and suppress step errors when field quiet is set.
Closes: https://github.com/containers/podman/issues/14315
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Create an auto-update event for each invocation, independent if images
and containers are updated or not. Those events will be indicated in
the events already but users will now know why.
Fixes: #14283
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Remove duplicate or unused types and constants
* Move all documetation-only models and responses into swagger package
* Remove all unecessary names, go-swagger will determine names from
struct declarations
* Use Libpod suffix to differentiate between compat and libpod models
and responses. Taken from swagger:operation declarations.
* Models and responses that start with lowercase are for swagger use
only while uppercase are used "as is" in the code and swagger comments
* Used gofumpt on new code
```release-note
```
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
| |
Detects unneccessary type conversions and helps in keeping the code base
cleaner.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/14208
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/13789
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Send the main PID only once. Previously, `(*Container).start()` and
the conmon handler sent them ~simultaneously and went into a race.
I noticed the issue while debugging a WIP PR.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
| |
f32 is already EOL. Let's use the latest version.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
| |
do not try to first stop and then rm but combine the two operations in
a single command.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Commit b58e7e7f11 was not fully rebased before merging and is now
breaking CI because commit 69c479b16e19 made the underlying error
visible. Using journald inside the container tests is not supported.
Fixes #14162
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
currently tags cause a panic due to an uninitialized map. Initialize the map
and add parsing to make sure we are only tagging with journald
resolves #13356
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix a bug in the resolution of images in the Docker compat API.
When looking up an image by a short name, the name may match
an image that does not live on Docker Hub. The resolved name
should be used for normalization instead of the input name to
make sure that `busybox` can resolve to `registry.com/busybox`
if present in the local storage.
Fixes: #14291
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the host UID and host GID mapping when building the local pause
image for a Pod with a custom mapping. Otherwise, the mappings are off
and the build fails. Propagating the mapping to the build container is
not needed since the pause image ships merely a copied `catatonit` from
the host.
Backport-of: commit c45d51899a8190bd3797cdee71b74b912a634c71
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
the alpine image used previously returns a description that contains
'...':
$ podman search --format json alpine | fgrep ...\"\,
"Description": "alpine 3.7 with bash, perl, gzip, wget...",
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
since the network config is a string map, json.unmarshal does not recognize
the config and spec as the same entity, need to map this option manually
resolves #13713
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| |
|
|
|
|
|
|
|
| |
The default log driver is not used when using play kube
without --log-driver. The LogDriver function needs to
be called in order to use the default log driver.
fixes #13781
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
| |
Ref: https://github.com/containers/podman/issues/13931
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\
| |
| |
| |
| | |
openshift-cherrypick-robot/cherry-pick-14037-to-v4.1
[v4.1] Report correct RemoteURI
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rather than assuming a filesystem path, the API service URI is recorded
in the libpod runtime configuration and then reported as requested.
Note: All schemes other than "unix" are hard-coded to report URI exists.
Fixes #12023
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
| |
podman system reset did not clean up machines fully, leaving some config
files, and breaking machines. Now it removes all machines files fully.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
| |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When a container is run in the host network namespace we have to keep
the same resolv.conf content and not use the systemd-resolve detection
logic.
But also make sure we still allow --dns options.
Fixes #14055
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always
be owned by the root user in the container. This worked correct for
/etc/hostname and /etc/hosts but not for /etc/resolv.conf.
A container run with --userns keep-id would have the reolv.conf file
owned by the current container user which is wrong.
Consolidate some common code in a new helper function to make the code more
cleaner.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
| |
The test has been broken since it was added 4 years ago. Instead of
using hardcoded paths we should use tmp files.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
| |
The errcheck linter makes sure that errors are always check and not
ignored by accident. It spotted a lot of unchecked errors, mostly in the
tests but also some real problem in the code.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/14028
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Two for this error:
invalid indirect of pod.Spec.DNSConfig.Options[0]
...and one for a gofmt error (spaces).
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
