| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
| |
Most of these are no longer relevant, just drop the comments.
Most notable change: allow `podman kill` on paused containers.
Works just fine when I test it.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
fix f35 integration test network flake
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I am not 100% sure if this is actually causing the problem but I was
able to reproduce locally and this change fixed it there. Without the `-n`
option iptables tries to reverse lookup the ips to domain names. This is
extremely slow for unknown reasons. Given the large amount of iptables
entries due parallel test runs it will not succeed in the default 90 sec
timeout.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
Todo part 2
|
| | |/
| |
| |
| |
| |
| |
| | |
`podman auto-update` is now properly exercised in the system tests, so
we can safely remove the outdated TODO.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| |/
|/| |
Allow podman pod create --share +pid
|
| | |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/13422
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Allow podman pod create to accept name argument
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I am constantly attempting to add the podname to the last
argument to podman pod create. Allowing this makes it match
podman volume create and podman network create.
It does not match podman container create, since podman container create
arguments specify the arguments to run with the container.
Still need to support the --name option for backwards compatibility.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
help-message system test: catch more cases
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Look for and prevent lower-case arg descriptions:
podman cmd [arg]
- Look for and prevent optional-mandatory misordering:
podman cmd [ARG] ARG
- Tighter whitespace checks (and fix podman pod ps)
- simplify a no-longer-necessary mess! #8635 fixed the
horrible "CONTAINER | IMAGE" strings (with spaces),
so there's no longer a need to special-case those.
The one-extra-arg check is now much cleaner.
Minor refactoring.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
compat, build: suppress `step` errors when `quiet=1` is set
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Match with docker API and suppress step errors when field quiet is set.
Closes: https://github.com/containers/podman/issues/14315
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
TODO's and FIXME's [PART 1]
|
| | | |
| | |
| | |
| | |
| | |
| | | |
The search endpoint is working again.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make sure that `podman image mount` prints a pretty table unless there
is only argument passed and without a custom format. Fixing a TODO item
brought me to the specific code location and revealed the fart in the
logic.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I have seen some system tests flake waiting for a container to
transition into a specific running state. My theory is that
the waiting time was not sufficient on nodes under high load.
Hence, increase the waiting time. Also replace the break with
a return to spare some cycles to redundantly compare with the
already checked state.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| | |
| | | |
fix compat image resolution
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a bug in the resolution of images in the Docker compat API.
When looking up an image by a short name, the name may match
an image that does not live on Docker Hub. The resolved name
should be used for normalization instead of the input name to
make sure that `busybox` can resolve to `registry.com/busybox`
if present in the local storage.
Fixes: #14291
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| | |
| | | |
fix --init with /dev bind mount
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The init binary until now has been bind-mounted to /dev/init which
breaks when bind-mounting to /dev. Instead mount the init to
/run/podman-init. The reasoning for using /run is that it is already
used for other runtime data such as secrets.
Fixes: #14251
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| | |
| | | |
auto update: create an event
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Create an auto-update event for each invocation, independent if images
and containers are updated or not. Those events will be indicated in
the events already but users will now know why.
Fixes: #14283
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| |/
|/| |
Expose block and character devices with play kube
|
| | |
| |
| |
| |
| |
| |
| | |
e2e tests tends to fail when running with multiple nodes because
the same device folder name is used accross all nodes
Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- add test
- fix bug when a character device set in a volume as a block device
is seen as block device in _pkg/specgen/generate/kube/volume.go_.
At this stage the type does not matter much because the devices are
recreated at lower layer but the bug allowed a CharDevice volume to be
passed to lower layer as a BlockDevice.
Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Remove duplicate or unused types and constants
* Move all documetation-only models and responses into swagger package
* Remove all unecessary names, go-swagger will determine names from
struct declarations
* Use Libpod suffix to differentiate between compat and libpod models
and responses. Taken from swagger:operation declarations.
* Models and responses that start with lowercase are for swagger use
only while uppercase are used "as is" in the code and swagger comments
* Used gofumpt on new code
```release-note
```
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Detects unneccessary type conversions and helps in keeping the code base
cleaner.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| | |
| | | |
Deleting an n use image should return conflict not system error
|
| | |/
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/14208
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
k8systemd: run k8s workloads in systemd
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Support running `podman play kube` in systemd by exploiting the
previously added "service containers". During `play kube`, a service
container is started before all the pods and containers, and is stopped
last. The service container communicates its conmon PID via sdnotify.
Add a new systemd template to dispatch such k8s workloads. The argument
of the template is the path to the k8s file. Note that the path must be
escaped for systemd not to bark:
Let's assume we have a `top.yaml` file in the home directory:
```
$ escaped=$(systemd-escape ~/top.yaml)
$ systemctl --user start podman-play-kube@$escaped.service
```
Closes: https://issues.redhat.com/browse/RUN-1287
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| |/
|/| |
api: make no-op `remote` functional in `/libpod/build`
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman API `libpod/build` accepts paramemter `remote` which overrides
`dockerfile` but currently parameter is no-op. Following commit adds
support for `remote` parameter in libpod API.
See: https://docs.podman.io/en/v3.2.3/_static/api.html#operation/ImageBuildLibpod
Closes: https://github.com/containers/podman/issues/13831
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \
| |/
|/| |
[BZ #2083997] pod: build pause image in custom user NS
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use the host UID and host GID mapping when building the local pause
image for a Pod with a custom mapping. Otherwise, the mappings are off
and the build fails. Propagating the mapping to the build container is
not needed since the pause image ships merely a copied `catatonit` from
the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| | |
| | | |
Vendor in latest containers/common
|
| | |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/13789
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
play kube: service container
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the notion of a "service container" to play kube. A service
container is started before the pods in play kube and is (reverse)
linked to them. The service container is stopped/removed *after*
all pods it is associated with are stopped/removed.
In other words, a service container tracks the entire life cycle
of a service started via `podman play kube`. This is required to
enable `play kube` in a systemd unit file.
The service container is only used when the `--service-container`
flag is set on the CLI. This flag has been marked as hidden as it
is not meant to be used outside the context of `play kube`. It is
further not supported on the remote client.
The wiring with systemd will be done in a later commit.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
In hope to fix a CI flake.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
Send the main PID only once. Previously, `(*Container).start()` and
the conmon handler sent them ~simultaneously and went into a race.
I noticed the issue while debugging a WIP PR.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
| |
f32 is already EOL. Let's use the latest version.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
test: simplify cleanup code
|
| | |
| |
| |
| |
| |
| |
| | |
do not try to first stop and then rm but combine the two operations in
a single command.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
add support to override the user namespace to use for the pod.
Closes: https://github.com/containers/podman/issues/7504
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
|
| |
If the RunAsUser, RunAsGroup, SupplementalGroups settings are not
overriden in the container security context, then take the value from
the pod security context.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Commit b58e7e7f11 was not fully rebased before merging and is now
breaking CI because commit 69c479b16e19 made the underlying error
visible. Using journald inside the container tests is not supported.
Fixes #14162
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
test: fix "podman search format json"
|
