| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* To aid in debugging log API request and response bodies at trace
level. Events can be correlated using the X-Reference-Id.
* Server now echos X-Reference-Id from client if set, otherwise
generates an unique id.
* Move logic for X-Reference-Id into middleware
* Change uses of Header.Add() to Set() when setting Content-Type
* Log API operations in Apache format using gorilla middleware
* Port server code to use BaseContext and ConnContext
Fixes #10053
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
| |
paused containers still a cgroup we can use to grab the stats.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
Add a system test to modify and import an exported container
|
| | |
| |
| |
| |
| |
| |
| | |
This test has completed one of TODO items in test/system/TODO.md.
The item is "Implied pull, build, export, modify, import, tag, run, kill"
Signed-off-by: Tsubasa Watanabe <w.tsubasa@fujitsu.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The conmon buffer size is 8192, however the attach socket needs two extra
bytes. The first byte of each message will be the STREAM type. The last
byte is a null byte. So when we want to read 8192 message bytes we need
to read 8193 bytes since the first one is special.
check https://github.com/containers/conmon/blob/1ef246896b4f6566964ed861b98cd32d0e7bf7a2/src/ctr_stdio.c#L101-L107
This problem can be seen in podman-remote run/exec when it prints output
with 8192 or more bytes. The output will miss the 8192 byte.
Fixes #11496
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
vendor mpb@v7.1.4
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some search tests were looking for an explicit amount of images to
match. Since images are moving targets on these registries, make
sure to use lower bounds instead of exact matches.
Fixes CI which started to break when Red Hat images changed.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
fix play kube can't use infra_image in config file
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
inspect: printTmpl must Flush writer
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Flush should be called after the last call to Write to ensure that any data buffered in the Writer is written to output.
Any incomplete escape sequence at the end is considered complete for formatting purposes.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
podman upgrade tests for networking
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Test basic networking functionality in the upgrade tests.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Picks a pseudorandom open port within a range. Refactor existing
instances of such code.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| | | |
| | | | |
fix play kube --network options
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Commit 092902b45555 introduced advanced network options for podman play
kube. However this never worked because it unconditionally set the
network mode to bridge after it parsed the network option.
Added a test to ensure the correct mode is set.
Truly fixes #10807
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
go test -v -p 1 -tags apparmor,ostree,seccomp,selinux,systemd github.com/containers/podman/v2/test/testvol
results in the following error:
> test/testvol/main.go:227:10: Errorf format %s reads arg #1, but call has 0 args
> test/testvol/main.go:233:10: Errorf format %s reads arg #1, but call has 0 args
This patch passes req.Name as an argument to the Errorf() call
Signed-off-by: Raoul Bhatia <raoul.bhatia@radarcs.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add Checkpointed bool to Inspect
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When inspecting a container, we now report whether the container
was stopped by a `podman checkpoint` operation via a new bool in
the State portion of inspected, `Checkpointed`.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When attempting to run remote builds, users with UID/GID values that
were high enough that they wouldn't be mapped into their default user
namespace configurations would see their builds fail when the server
attempted to extract the build contexts that they supplied, and failed
to set ownership of the build context content to the UID/GID that were
originally assigned to them.
When archiving the build context at the client, set ownership of
everything to 0:0, which we know is always mapped. Both ADD and COPY
require that we set the ownership of newly-added content to 0:0 (unless
the --chown flag is used), so throwing away the original ownership
information doesn't hurt, anyway. As usual, tarballs that we extract
as part of ADD aren't going to be affected.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add filtering functionality to http api secrets list
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Filtering is missing in both compat API and libpod API, while docker
has filtering functinality. This commit enables filtering option using
name and id in both libpod and http API.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
kube: Add support for `podman pod logs`.
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Following PR adds support for `kubectl` like `pod logs` to podman.
Usage `podman pod logs <podIDorName` gives a stream of logs for all
the containers within the pod with **containername** as a field.
Just like **`kubectl`** also supports `podman pod logs -c ctrIDorName podIDorName`
to limit the log stream to any of the specificied container which belongs to pod.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
generate systemd: handle --restart
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Handle custom restart policies of containers when generating the unit
files; those should be set on the unit level and removed from ExecStart
flags.
Fixes: #11438
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
Fix a dead lock in the file log driver where one goroutine would wait on
the tail to hit EOF but reading is blocked for the function to return.
Fixes: 11461
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
The "auto-update using systemd" test is failing on RHEL rootless.
Reason: it uses journalctl, which does not work on RHEL rootless.
Solution: add skip_if_journald_unavailable.
ALSO: add debugging info to test failure.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
manifest: `rm` should not remove referenced images.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Following PR makes sure that `podman manifest rm <list>` only removes
the named manifest list and not referenced images.
Bumping and squashing c/common to v0.43.3-0.20210902095222-a7acc160fb25
in same commit in order to make sure build commit test passes.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
Since boolean flags accept `True` and `False` the systemd flag should do
this as well.
Fixes #11387
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Cleanup: the final 'play' test wasn't cleaning up after itself,
leading to angry warning messages when rerunning tests (in
my environment; never in CI)
Debug: I'm seeing a lot of "Could not parse READY=1 as MAINPID=nnn"
flakes in the sdnotify:container test (nine in the past month). Add
debug traces to help diagnose in future flakes.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Make secret env var available to exec session
|
| | |
| |
| |
| |
| |
| |
| | |
Secret environment variables were only available to a podman run/start.
This commit makes sure that exec sessions can see them as well.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure that Podman passes the LISTEN_* environment into containers.
Similar to runc, LISTEN_PID is set to 1.
Also remove conditionally passing the LISTEN_FDS as extra files.
The condition was wrong (inverted) and introduced to fix #3572 which
related to running under varlink which has been dropped entirely
with Podman 3.0. Note that the NOTIFY_SOCKET and LISTEN_* variables
are cleared when running `system service`.
Fixes: #10443
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
auto-update: fix authfile label
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure that the container's authfile label is used when pulling down
a new image.
[NO TESTS NEEDED] since it would require some larger rewrite of the
auto-update system tests that I currently have no time for. I added a
reminder to have some breadcrumbs when there is more time.
Fixes: #11171
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
|
|
| |
There are use-cases where users would want to use overlay-mounts as
workdir. For such cases workdir should be resolved after all the mounts
are completed during the container init process.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |
|
|
|
|
|
|
| |
When creating containers the specialized mount options where not
populated via the API.
Fixes: #10831
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
InfraContainer should go through the same creation process as regular containers. This change was from the cmd level
down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod
cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows
FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state)
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\
| |
| | |
teardown play kube
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
add the ability for play kube to tear down based on the yaml used to
play it. it is indicated by --down in the play kube command. volumes
are NOT deleted during the teardown. pods and their containers are
stopped and removed.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
logFile until flag issue, negative duration replaced with positive
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
we were adding a negative duration in podman events, causing inputs like
-5s to be correct and 5s to be incorrect.
fixes #11158
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \ \
| | | |
| | | | |
volumes: Add support for `volume import` which allows importing contents of external tarballs into podman volumes.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Following feature makes sure that users can load contents of external
tarball into the podman volumes.
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Fix file descriptor leaks in bindings and add test
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add response.Body.Close() where needed to release HTTP
connections to API server.
* Add tests to ensure no general leaks occur. 100% coverage would be
required to ensure no leaks on any call.
* Update code comments to be godoc correct
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
podman inspect show exposed ports
|
