| Commit message (Collapse) | Author | Age |
... | |
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1160
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Fixes spaces and sorting on capabilties and Descriptors
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1148
Approved by: vrothberg
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use github.com/containers/psgo instead of execing `ps (1)`. The psgo
library enables a much more flexible interface with respect to which
data to be printed (e.g., capabilities, seccomp mode, PID, PCPU, etc.)
while the output can be parsed reliably. The library does not use
ps (1) but parses /proc and /dev instead. To list the processes of a
given container, psgo will join the mount namespace of the given
container and extract all data from there.
Notice that this commit breaks compatibility with docker-top.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1113
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
vendor in containers/storage
vendor in containers/image
vendor in projectatomic/buildah
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1114
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a refresh of Dan William's PR #974 with a rebase and proper
vendoring of ocicni and containernetworking/cni. It adds the ability
to define multiple networks as so:
podman run --network=net1,net2,foobar ...
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1082
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1062
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1061
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor an updated version of urfave/cli to fix the parsing of short
options. Until the fix is merged upstream, vendor the code from
github.com/vrothberg/cli containing both, the latest urfave/cli and
the bug fix.
Fixes: #714
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1046
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1037
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
User newer seccomp bindings from the seccomp upstream
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1021
Approved by: giuseppe
|
|
|
|
|
|
|
|
|
|
| |
Fixes issue with build for last step of docker file when
building with --layers.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1023
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1022
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1022
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1007
Approved by: baude
|
|
|
|
|
|
|
|
|
|
| |
Fixes issue with podman search of private registries. Podman search
was not picking up the credentials from the authfile. This fixes it.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #998
Approved by: rhatdan
|
|
|
|
|
|
| |
Baude found an error in non linux bindings.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
THis should make libpod easier to build on non linux platforms.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1000
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #968
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #971
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
This should fix the issue with iptables being denied execution on
container cleanup
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #966
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Adds --rm and --force-rm to podman build.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #945
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
This will add --layers support.
Also add missing information in man pages on podman build features.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #938
Approved by: umohnani8
|
|
|
|
|
|
|
|
|
|
| |
Use the parsing code to properly setup podman build namespaces
Fixes support for network namespace and user namespace
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #917
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fix the issues when you are trying to build from a non existant
image or the registries in registries.conf do not include the registry.
./bin/podman build -t dan -f Dockerfile.suse ~
STEP 1: FROM opensuse:tumbleweed
error creating build container: image "opensuse:tumbleweed" not found in /etc/containers/registries.conf registries: image not known
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
v#
Closes: #897
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
| |
This vendor will improve the performance of using userns
since it will save aside the image layer of the chown, so
followup runnings of podman will use the new layer rather
then chowning again.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #881
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #878
Approved by: mheon
|
|
|
|
|
|
| |
Only supported for docker formated images. OCI Does not support this flag.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
when there are no registries configured for the system and the user provided
a short image name, we panic'd due a logic bug in recent image pull changes.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #841
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
buildah fixed its probelm where it was not pulling in
the ENV of the base image. This pulls that change into
libpod as well.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #832
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Add --label, --annotations, --idfile, --squash
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #824
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
|
|
|
| |
container/storage now supports devicemapper options that allow you to
configure it.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #808
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the user uses the image ID when saving to either docker-archive
or oci-archive, then do not save a reference in the manifest/index.json.
If the user chooses to push without an image reference, i.e <transport>:<path>
it should be valid and succeed.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #782
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently podman build http://remote.com/Dockerfile does not work.
podman always treats this file as an Archive.
Vendoring in the latest buildah code fixes this issue. Also updated
the man pages to better explain the syntax.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #775
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
containernetworking/plugins@a0eac8d7 (pkg/ns: remove namespace
creation, 2018-03-16) removed NewNS, which we use in
libpod/networking.go. Pinning to the previous commit,
containernetworking/plugins@1fb94a42 (Merge pull request #96 from
DennisDenuto/denuto/master, 2018-03-14), allows us to run vndr without
breaking our build. This is a short term fix; moving forward we'll
want to either drop this dependency or catch up with the new upstream
API.
The upstream package seems to have been fairly stable in the meantime,
because even with the new pinned version, a vndr re-vendor generates
no changes:
$ vndr github.com/containernetworking/plugins
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #751
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vendor.conf has been pinned at containerd/cgroups@7a5fdd83 (Merge pull
request #26 from onorua/error-ignore-example, 2017-08-24) since libpod
forked from CRI-O with a031b83a (Initial checkin from CRI-O repo,
2017-11-01). The content in vendor/github.com/containerd/cgroups was
bumped to containerd/cgroups@77e62851 (Use /proc/diskstats to get
device names, 2018-01-31) in ae89dc28 (Update containerd/cgroups repo
fix perf issue, 2018-02-01, #284), but ae89dc28 forgot to update
vendor.conf. With this commit:
$ vndr github.com/containerd/cgroups
no longer changes anything under vendor/github.com/containerd/cgroups.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #749
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Neither the nominal version nor vendored content had changed since
a031b83a (Initial checkin from CRI-O repo, 2017-11-01):
$ git ls-tree origin/master -- vendor/github.com/containernetworking/cni
040000 tree 744c091cc1dbb869b2cf714cf6b5e8d33fe17d9c vendor/github.com/containernetworking/cni
$ git ls-tree a031b83a -- vendor/github.com/containernetworking/cni
040000 tree 744c091cc1dbb869b2cf714cf6b5e8d33fe17d9c vendor/github.com/containernetworking/cni
$ git grep /cni a031b83a -- vendor.conf
a031b83a:vendor.conf:github.com/containernetworking/cni v0.4.0
I'm not quite sure which upstream version the old vendored content
came from, but it certainly wasn't v0.4.0. I've bumped our nominal
version to v0.6.0 and re-vendored with:
$ vndr github.com/containernetworking/cni
$ git add -A vendor/github.com/containernetworking/cni
to generate this commit. The only change to the vendored content is
text in the README (unlikely to break anything ;), and sitting on an
upstream tag is nice, so I think this is good enough.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #750
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #732
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #715
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes podman pull to pull a public image even if $XDG_RUNTIME_DIR
does not exist for authentication. Public images don't require credentials
to access.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #701
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
Vendor in buildah and use as much of commit and bug as possible for podman
build and commit.
Resolves #586
Signed-off-by: baude <bbaude@redhat.com>
Closes: #681
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
Closes: #627
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Made necessary changes to functions to include contex.Context wherever needed
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #640
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
| |
Containers/storage brings in support for UserNS ID Mappings
This means we can start experimenting with User NS Support in
podman
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #596
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #155
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some more features.
docker-archive generates docker legacy compatible images
Do not create $DiffID subdirectories for layers with no configs
Ensure the layer IDs in legacy docker/tarfile metadata are unique
docker-archive: repeated layers are symlinked in the tar file
sysregistries: remove all trailing slashes
Improve docker/* error messages
Fix failure to make auth directory
Create a new slice in Schema1.UpdateLayerInfos
Drop unused storageImageDestination.{image,systemContext}
Load a *storage.Image only once in storageImageSource
Support gzip for docker-archive files
Remove .tar extension from blob and config file names
ostree, src: support copy of compressed layers
ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size
image: fix docker schema v1 -> OCI conversion
Add /etc/containers/certs.d as default certs directory
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #569
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
podman parse and attach were using a very small portion of the kubernetes code
but using it caused a signficant increase in binary size.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #559
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #554
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
| |
New pinned commit is ff8a6d2bf496daf46ab1a153f783a0f6b8762a54
This includes a fix to error reporting with overlayfs, and will
produce more verbose errors when initializing overlayfs fails.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #546
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
New pinned commit is b327f751c16e4a189fdcde4ea36be67cc964c605
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #505
Approved by: rhatdan
|