| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
If the RunAsUser, RunAsGroup, SupplementalGroups settings are not
overriden in the container security context, then take the value from
the pod security context.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Commit b58e7e7f11 was not fully rebased before merging and is now
breaking CI because commit 69c479b16e19 made the underlying error
visible. Using journald inside the container tests is not supported.
Fixes #14162
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
test: fix "podman search format json"
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
the alpine image used previously returns a description that contains
'...':
$ podman search --format json alpine | fgrep ...\"\,
"Description": "alpine 3.7 with bash, perl, gzip, wget...",
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| |/
|/| |
play kube log tag handling
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
currently tags cause a panic due to an uninitialized map. Initialize the map
and add parsing to make sure we are only tagging with journald
resolves #13356
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \
| | |
| | | |
e2e cleanups
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Pulling the K8s pause image seems unnecessarily expensive to me. Let's
use the testgitest_v2s2 one which is under our control and weighs only a
couple of KB.
This cut the execution time in less than half on my machine. Since it's
network bound and I am running on fibre, I expect more significant speed
ups in slower networks.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Squash the --quiet test into another one. The test was more complex
than necessary and can easily be squashed into another one to avoid one
more expensive pull.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Let's keep simple tests at the top and complex ones at the bottom.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Once upon a time, the tests actually pulled from Docker Hub. This has
changed with the rate limits, so we can safely remove the redundant
tests to speed up CI.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Used the cached registry archive instead of pulling down the image from
Quay.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Vendor in containers/buildah@v1.26.1
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
vendor test dependencies instead of installing via network
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We have no control over the code in the vendored files.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Instead of using the main module we should vendor the test tools in a
different directory. That way we do not add extra dependencies to the
main module which can be problemetic for packages or other users.
This is already done in buildah so this makes us more consitent.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We can vendor the test dependencies such as go-md2man, git-validation
and goimports. This allows us to always install the same version as
specified in go.mod. Also we do not rely on a network connection for
this.
The advantage with this method is that dependabot will also update the
dependencies for us and we do not have to hardcode versions in the
Makefile.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
pass networks to container clone
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
since the network config is a string map, json.unmarshal does not recognize
the config and spec as the same entity, need to map this option manually
resolves #13713
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \ \ \
| |_|_|/
|/| | | |
benchmarks: push/pull
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
Polish the push and pull benchmarks. In particular, make sure to not be
network bound during these benchmarks by running a local registry and
pushing a local image that can later on be pulled.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Report correct RemoteURI
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Rather than assuming a filesystem path, the API service URI is recorded
in the libpod runtime configuration and then reported as requested.
Note: All schemes other than "unix" are hard-coded to report URI exists.
Fixes #12023
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
podman system reset removed machines incorrectly
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
podman system reset did not clean up machines fully, leaving some config
files, and breaking machines. Now it removes all machines files fully.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The default log driver is not used when using play kube
without --log-driver. The LogDriver function needs to
be called in order to use the default log driver.
fixes #13781
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the notion of an "exit policy" to a pod. This policy controls the
behaviour when the last container of pod exits. Initially, there are
two policies:
- "continue" : the pod continues running. This is the default policy
when creating a pod.
- "stop" : stop the pod when the last container exits. This is the
default behaviour for `play kube`.
In order to implement the deferred stop of a pod, add a worker queue to
the libpod runtime. The queue will pick up work items and in this case
helps resolve dead locks that would otherwise occur if we attempted to
stop a pod during container cleanup.
Note that the default restart policy of `play kube` is "Always". Hence,
in order to really solve #13464, the YAML files must set a custom
restart policy; the tests use "OnFailure".
Fixes: #13464
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| | |
| | | |
libpod: host netns keep same /etc/resolv.conf
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a container is run in the host network namespace we have to keep
the same resolv.conf content and not use the systemd-resolve detection
logic.
But also make sure we still allow --dns options.
Fixes #14055
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always
be owned by the root user in the container. This worked correct for
/etc/hostname and /etc/hosts but not for /etc/resolv.conf.
A container run with --userns keep-id would have the reolv.conf file
owned by the current container user which is wrong.
Consolidate some common code in a new helper function to make the code more
cleaner.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
The test has been broken since it was added 4 years ago. Instead of
using hardcoded paths we should use tmp files.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|/
|
|
|
|
|
|
| |
The errcheck linter makes sure that errors are always check and not
ignored by accident. It spotted a lot of unchecked errors, mostly in the
tests but also some real problem in the code.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/14028
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
e2e tests: use HaveField() for better error checking
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Two for this error:
invalid indirect of pod.Spec.DNSConfig.Options[0]
...and one for a gofmt error (spaces).
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a very late followup to my ginkgo-improving work of 2021.
It has been stuck since December because it requires gomega 1.17,
which we've just enabled.
This commit is simply a copy-paste of a command I saved in
my TODO list many months ago:
sed -i -e 's/Expect(\([^ ]\+\)\.\([a-zA-Z0-9]\+\))\.To(Equal(/Expect(\1).To(HaveField(\"\2\", /' test/e2e/*_test.go
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| |/
|/| |
volume: add new option -o o=noquota
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add a new option to completely disable xfs quota usage for a volume.
xfs quota set on a volume, even just for tracking disk usage, can
cause weird errors if the volume is later re-used by a container with
a different quota projid. More specifically, link(2) and rename(2)
might fail with EXDEV if the source file has a projid that is
different from the parent directory.
To prevent such kind of issues, the volume should be created
beforehand with `podman volume create -o o=noquota $ID`
Closes: https://github.com/containers/podman/issues/14049
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Add CreatedSince & CreatedAt format fields to podman image history
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes: https://github.com/containers/podman/issues/14012
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|/|
| |
| |
| |
| | |
Ref: https://github.com/containers/podman/issues/13931
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| |/
|/| |
Bump version to v4.1.0-dev
|
| |
| |
| |
| |
| |
| |
| |
| | |
I think we forgot to bump the version in the main branch. It should be
v4.1.0-dev now.
Also set the min api version to 4.0.0 as on the podman 4.0 branch.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
Truncate annotations when generating kubernetes yaml files
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Kubernetes only allows 63 characters in an annotation. Make sure
that we only add 63 or less charaters when generating kube. Warn
if containers or pods have longer length and truncate.
Discussion: https://github.com/containers/podman/discussions/13901
Fixes: https://github.com/containers/podman/issues/13962
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to use the host network when it is set in the config and
--network was not used.
This regression was added in 3e9af2029f1f.
Fixes #14015
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| |/
|/| |
enable gocritic linter
|
| |
| |
| |
| |
| |
| |
| |
| | |
We should not exclude contianers by name. If a users has a container
with the name "inf" it is currently skipped. This is wrong. The k8s yaml
does not contain infra containers so we do not have to skip them.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|