| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
| |
local/remote mode.
Also Fix usage of flag "--compression-format" for remote "podman image push". Fix usage of flags "--format", "--remove-signatures" in remote "podman manifest push".
Closes #15109.
Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
|
|\
| |
| | |
With --rm option remove container if podman run fails
|
| |
| |
| |
| |
| |
| | |
Fixes https://github.com/containers/podman/issues/15049
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.1.11 to 0.1.12.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.1.11...v0.1.12)
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\
| |
| | |
Cirrus: enable Fedora 36 aarch64 tasks on EC2
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
new file: test/e2e/config_arm64.go
Tests that fail on aarch64 have been skipped with
`skip_if_aarch64`.
Co-authored-by: Chris Evich <cevich@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \
| | |
| | | |
Fix: manifest push --rm removes a correct manifest list
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This bug is reproduced when we execute the following command:
1. podman manifest add <manifest list> <images exist on local storage>
2. podman manifest push --rm <manifest list> dir:<directory>
If pushing succeeds, it is expected to remove only a manifest list.
However, manifest list remains on local storage and images are removed.
This commit fixes `podman manifest push --rm` to remove only a manifest list.
And, supports `manifest push --rm option` in remote environment,
like host environment.
Fixes: https://github.com/containers/podman/issues/15033
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|\ \ \
| |_|/
|/| | |
Fix: Restore a container which name is equal to a image name
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If there is a match for both container and image, we restore the container.
Fixes: https://github.com/containers/podman/issues/15055
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|\ \ \
| | | |
| | | | |
When removing objects specifying --force,podman should exit with 0
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This Patch will cause podman COMMAND rm --force bogus not fail
This is how Docker works, so Podman should follow this to allow existing
scripts to convert from Docker to Podman.
Fixes: #14612
Oprignal version of this patch came from wufan 1991849113@qq.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
prune filter handling
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
network and container prune could not handle the label!=... filter. vendor in c/common to fix this and
add some podman level handling to make everything run smoothly
resolves #14182
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \
| | | |
| | | | |
pod create --share none should not create infra
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
for podman pod create, when we are not sharing any namespaces there is no point for the infra container.
This is especially true since resources have also been decoupled from the container recently.
handle this on the cmd level so that we can still create infra if set explicitly
resolves #15048
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Set TLSVerify=true by default for API endpoints
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Option defaults in API must be the same as in CLI.
```
% podman image push --help
% podman image pull --help
% podman manifest push --help
% podman image search --help
```
All of these CLI commands them have --tls-verify=true by default:
```
--tls-verify require HTTPS and verify certificates when accessing the registry (default true)
```
As for `podman image build`, it doesn't have any means to control
`tlsVerify` parameter but it must be true by default.
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some refer to issues that are closed. Remove them.
Some are runc bugs that will never be fixed. Say so, and remove
the FIXME.
One (bps/iops) should probably be fixed. File an issue for it, and
update comment to include the issue# so my find-obsolete-skips script
can track it.
And one (rootless mount with a "kernel bug?" comment) is still
not fixed. Leave the skip, but add a comment documenting the symptom.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/
|
|
|
|
| |
And a new one for `run --detach`.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\
| |
| | |
fix container create/run throttle devices
|
| |
| |
| |
| |
| |
| | |
pod resource limits introduced a regression where `FinishThrottleDevices` was not called for create/run
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
integration test: fix network backend option with remote
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I honestly do not understand all this extra option parsing here but
there is really no reason to exclude the option for remote, all the
other global options are also set there.
This fixes a problem with mixed cni/netavark use because the option was
unset.
Fixes #15017
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add pause/unpause --latest, --cidfile, --filter
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
--latest : pause/unpause the latest container.
--filter : pause/unpause the filtered container.
--cidfile : Read container ID from the specified file and pause/unpause the container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|\ \ \ \
| | | | |
| | | | | |
API: libpod/create use correct default umask
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make sure containers created via API have the correct umask from
containers.conf set.
Fixes #15036
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Implement kubernetes secret handling for podman play kube
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add support for both creating a secret using yaml and mounting a secret as a volume given a yaml file.
Kubernetes secrets have a different structure than podman and therefore have to be handeled differently.
In this PR, I have introduced the basic usecases of kube secrets with more implementations like env secrets
to come!
resolves #12396
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \
| |_|/
|/| | |
compat api: allow default bridge name for networks
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The network backend always has default config in memory so there is no
need to copy it. Also netavark cannot use it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Docker uses "bridge" as default network name so some tools expect this
to work with network list or inspect. To fix this we change "bridge" to
the podman default ("podman") name.
Fixes #14983
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
Bump VMs, to Ubuntu 2204 with cgroups v1
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
...and enable the at-test-time confirmation, the one that
double-checks that if CI requests runc we actually use runc.
This exposed a nasty surprise in our setup: there are steps to
define $OCI_RUNTIME, but that's actually a total fakeout!
OCI_RUNTIME is used only in e2e tests, it has no effect
whatsoever on actual podman itself as invoked via command
line such as in system tests. Solution: use containers.conf
Given how fragile all this runtime stuff is, I've also added
new tests (e2e and system) that will check $CI_DESIRED_RUNTIME.
Image source: https://github.com/containers/automation_images/pull/146
Since we haven't actually been testing with runc, we need
to fix a few tests:
- handle an error-message change (make it work in both crun and runc)
- skip one system test, "survive service stop", that doesn't
work with runc and I don't think we care.
...and skip a bunch, filing issues for each:
- #15013 pod create --share-parent
- #15014 timeout in dd
- #15015 checkpoint tests time out under $CONTAINER
- #15017 networking timeout with registry
- #15018 restore --pod gripes about missing --pod
- #15025 run --uidmap broken
- #15027 pod inspect cgrouppath broken
- ...and a bunch more ("podman pause") that probably don't
even merit filing an issue.
Also, use /dev/urandom in one test (was: /dev/random) because
the test is timing out and /dev/urandom does not block. (But
the test is still timing out anyway, even with this change)
Also, as part of the VM switch we are now using go 1.18 (up
from 1.17) and this broke the gitlab tests. Thanks to @Luap99
for a quick fix.
Also, slight tweak to #15021: include the timeout value, and
reword message so command string is at end.
Also, fixed a misspelling in a test name.
Fixes: #14833
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
remote push: show copy progress
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
`podman-remote push` has shown absolutely no progress at all. Fix that
by doing essentially the same as the remote-pull code does.
The get-free-out-of-jail-card for backwards compatibility is to let the
`quiet` parameter default to true. Since the --quioet flag wasn't
working before either, older Podman clients do not set it.
Also add regression tests to make sure we won't regress again.
Fixes: #11554
Fixes: #14971
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
added the following flags and handling for podman pod create
--memory-swap
--cpuset-mems
--device-read-bps
--device-write-bps
--blkio-weight
--blkio-weight-device
--cpu-shares
given the new backend for systemd in c/common, all of these can now be exposed to pod create.
most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here
as well!
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
libpod: create /etc/passwd if missing
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
create the /etc/passwd and /etc/group files if they are missing in the
image.
Closes: https://github.com/containers/podman/issues/14966
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
e2e: show command and output when a timeout happens
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
To make debugging easier we should see the command and its output when a
failure happens.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| | |
By vendoring the fixes from containers/image. Also add a test (thanks
@edsantiago) to make sure we won't regress in the future again.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| |/
|/| |
Update init ctr default for play kube
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #14957, which added a new test that doesn't
actually belong in the 250-systemd.bats file. It was
copy-pasted from another test that doesn't belong there.
Move both tests to a new .bats file, because (1) they
need a custom cleanup, and (2) one of the tests should
very definitely run under podman-remote, and the 250
bats file has a global skip_if_remote().
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
Vendor in containers/(storage,image, common, buildah)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As you run --sync, please update this commit message with your
actual changes.
Changes since 2022-06-14:
- apply-podman-deltas: (minor) buildah 4057 changed the name
of a test; make corresponding change here
- apply-podman-deltas: buildah 4071 adds a new OCI-hook
test that's failing in remote. Skip it.
- apply-podman-deltas: buildah 4096 changed an error message
- apply-podman-deltas: buildah 4097 added a test that doesn't
work with podman-remote
- run-buildah-bud-tests: only run 'sudo --validate' if we
need to sudo later (for running tests). Otherwise, same
thing: I run the treadmill script, step away, and come
back to an unnecessary sudo prompt.
- system tests: the new containers-storage changes some
error messages; fix tests to reflect that. (And, unrelated,
fix a red cleanup warning)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
Docker supports -H and --host for specify the listening socket. Podman
should support them also in order to match the CLI.
These will not be documented since Podman defaults to using the
--url option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|