summaryrefslogtreecommitdiff
path: root/vendor
Commit message (Collapse)AuthorAge
* vendor containers/psgo@v1.7.3Valentin Rothberg2022-08-24
| | | | | | | | | | Add three new capabilities that would otherwise be reported as unknown. Also add an e2e test making sure that `podman top` knows all capabilities of the current kernel. I refrained from adding a system test since this may blow up in gating tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #15437 from mheon/default_volume_timeoutOpenShift Merge Robot2022-08-24
|\ | | | | Add support for containers.conf volume timeouts
| * Add support for containers.conf volume timeoutsMatthew Heon2022-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, do a general cleanup of all the timeout code. Changes include: - Convert from int to *uint where possible. Timeouts cannot be negative, hence the uint change; and a timeout of 0 is valid, so we need a new way to detect that the user set a timeout (hence, pointer). - Change name in the database to avoid conflicts between new data type and old one. This will cause timeouts set with 4.2.0 to be lost, but considering nobody is using the feature at present (and the lack of validation means we could have invalid, negative timeouts in the DB) this feels safe. - Ensure volume plugin timeouts can only be used with volumes created using a plugin. Timeouts on the local driver are nonsensical. - Remove the existing test, as it did not use a volume plugin. Write a new test that does. The actual plumbing of the containers.conf timeout in is one line in volume_api.go; the remainder are the above-described cleanups. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | run,create: add support for --env-merge for preprocessing varsAditya R2022-08-24
|/ | | | | | | | | | | | | | | Allow end users to preprocess default environment variables before injecting them into container using `--env-merge` Usage ``` podman run -it --rm --env-merge some=${some}-edit --env-merge some2=${some2}-edit2 myimage sh ``` Closes: https://github.com/containers/podman/issues/15288 Signed-off-by: Aditya R <arajan@redhat.com>
* vendor: update containers/commonGiuseppe Scrivano2022-08-17
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* build(deps): bump github.com/mattn/go-isatty from 0.0.14 to 0.0.16dependabot[bot]2022-08-15
| | | | | | | | | | | | | | Bumps [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty) from 0.0.14 to 0.0.16. - [Release notes](https://github.com/mattn/go-isatty/releases) - [Commits](https://github.com/mattn/go-isatty/compare/v0.0.14...v0.0.16) --- updated-dependencies: - dependency-name: github.com/mattn/go-isatty dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ↵dependabot[bot]2022-08-10
| | | | | | | | | | | | | | | | github.com/container-orchestrated-devices/container-device-interface Bumps [github.com/container-orchestrated-devices/container-device-interface](https://github.com/container-orchestrated-devices/container-device-interface) from 0.4.0 to 0.5.0. - [Release notes](https://github.com/container-orchestrated-devices/container-device-interface/releases) - [Commits](https://github.com/container-orchestrated-devices/container-device-interface/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: github.com/container-orchestrated-devices/container-device-interface dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* podman ssh work, using new c/common interfaceCharlie Doern2022-08-09
| | | | | | | | | | | | | | | | | | | implement new ssh interface into podman this completely redesigns the entire functionality of podman image scp, podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh have been moved to common as have native ssh/scp execs and the new usage of the sftp package. this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default. Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production. The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used. podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls. My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Bump to Buildah v1.27.0tomsweeneyredhat2022-08-08
| | | | | | | | | | As the title says. Vendor Buildah v1.27.0 into Podman in preparation for Buildah v4.2 [No New Tests Needed] Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* podman rmi: improve error message for build containersValentin Rothberg2022-08-04
| | | | | | | | | Improve the error message when attempting to remove an image that is in use by an external/build container. Prior, the error only indicated that the image was in use but did not aid in resolving the issue. Fixes: #15006 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Add support for creating sigstore signatures, and providing passphrasesMiloslav Trmač2022-07-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Allow creating sigstore signatures via --sign-by-sigstore-private-key . Like existing --sign-by, it does not work remote (in this case because we would have to copy the private key to the server). - Allow passing a passphrase (which is mandatory for sigstore private keys) via --sign-passphrase-file; if it is not provided, prompt interactively. - Also, use that passphrase for --sign-by as well, allowing non-interactive GPG use. (But --sign-passphrase-file can only be used with _one of_ --sign-by and --sign-by-sigstore-private-key.) Note that unlike the existing code, (podman build) does not yet implement sigstore (I'm not sure why it needs to, it seems not to push images?) because Buildah does not expose the feature yet. Also, (podman image sign) was not extended to support sigstore. The test for this follows existing (podman image sign) tests and doesn't work rootless; that could be improved by exposing a registries.d override option. The test for push is getting large; I didn't want to start yet another registry container, but that would be an alternative. In the future, Ginkgo's Ordered/BeforeAll would allow starting a registry once and using it for two tests. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Update c/common to an unreleased versionMiloslav Trmač2022-07-30
| | | | | | ... to get https://github.com/containers/common/pull/1106 . Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Merge pull request #15019 from ↵OpenShift Merge Robot2022-07-29
|\ | | | | | | | | containers/dependabot/go_modules/github.com/BurntSushi/toml-1.2.0 Bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0
| * Bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0dependabot[bot]2022-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](https://github.com/BurntSushi/toml/compare/v1.1.0...v1.2.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump google.golang.org/protobuf from 1.28.0 to 1.28.1dependabot[bot]2022-07-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.28.0 to 1.28.1. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github.com/containernetworking/cni from 1.1.1 to 1.1.2dependabot[bot]2022-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.1.1 to 1.1.2. - [Release notes](https://github.com/containernetworking/cni/releases) - [Commits](https://github.com/containernetworking/cni/compare/v1.1.1...v1.1.2) --- updated-dependencies: - dependency-name: github.com/containernetworking/cni dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #14567 from cdoern/secretsOpenShift Merge Robot2022-07-22
|\ \ | | | | | | Implement kubernetes secret handling for podman play kube
| * | kube secret handling for podman play kubecdoern2022-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for both creating a secret using yaml and mounting a secret as a volume given a yaml file. Kubernetes secrets have a different structure than podman and therefore have to be handeled differently. In this PR, I have introduced the basic usecases of kube secrets with more implementations like env secrets to come! resolves #12396 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | podman-remote pull: fix duplicate progress outputsValentin Rothberg2022-07-21
| |/ |/| | | | | | | | | | | By vendoring the fixes from containers/image. Also add a test (thanks @edsantiago) to make sure we won't regress in the future again. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | vendor: remove unused depsAditya R2022-07-20
|/ | | | | | | | | Some deps cleaned by `make vendor` [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* Vendor in latests containers/storage and opencontainers/runtime-toolsDaniel J Walsh2022-07-18
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in containers/(storage,image, common, buildah)Daniel J Walsh2022-07-18
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Switch to `github.com/blang/semver/v4`Sascha Grunert2022-07-14
| | | | | | | | Switch to the latest version of the now go module compatible release. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* pkg: switch to golang native error wrappingSascha Grunert2022-07-08
| | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* use c/common code for resize and CopyDetachablePaul Holzinger2022-07-06
| | | | | | | | | Since conmon-rs also uses this code we moved it to c/common. Now podman should has this also to prevent duplication. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* podman pod create --memoryCharlie Doern2022-07-01
| | | | | | | | using the new resource backend, implement podman pod create --memory which enables users to modify memory.max inside of the parent cgroup (the pod), implicitly impacting all children unless overriden Signed-off-by: Charlie Doern <cdoern@redhat.com>
* build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0dependabot[bot]2022-06-29
| | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* vendor containers/commonValentin Rothberg2022-06-28
| | | | | | | | Pull in fixes for platform checks to silence annoying warnings when pulling images by platforms using uname values. Fixes: #14669 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* vendor: update containers/commonGiuseppe Scrivano2022-06-27
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #14654 from cdoern/cgroupopenshift-ci[bot]2022-06-27
|\ | | | | podman cgroup enhancement
| * podman cgroup enhancementcdoern2022-06-24
| | | | | | | | | | | | | | | | | | | | | | currently, setting any sort of resource limit in a pod does nothing. With the newly refactored creation process in c/common, podman ca now set resources at a pod level meaning that resource related flags can now be exposed to podman pod create. cgroupfs and systemd are both supported with varying completion. cgroupfs is a much simpler process and one that is virtually complete for all resource types, the flags now just need to be added. systemd on the other hand has to be handeled via the dbus api meaning that the limits need to be passed as recognized properties to systemd. The properties added so far are the ones that podman pod create supports as well as `cpuset-mems` as this will be the next flag I work on. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Bump github.com/stretchr/testify from 1.7.4 to 1.7.5dependabot[bot]2022-06-24
|/ | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.4...v1.7.5) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #14642 from rhatdan/VENDORopenshift-ci[bot]2022-06-21
|\ | | | | Update to use gopkg.in/yaml.v3
| * Update to use gopkg.in/yaml.v3Daniel J Walsh2022-06-17
| | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | bump github.com/spf13/cobra from 1.4.0 to 1.5.0Paul Holzinger2022-06-21
| | | | | | | | | | | | | | | | | | Update cobra to latest version. Remove workaround for podman -h. Also regenerate the completion scripts. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Bump github.com/stretchr/testify from 1.7.2 to 1.7.4dependabot[bot]2022-06-21
|/ | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.4. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.7.4) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* vendor in latests containers/imageDaniel J Walsh2022-06-17
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in latest containers/storageDaniel J Walsh2022-06-16
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Update vendor of containers/buildahDaniel J Walsh2022-06-13
| | | | | | | | Changes since 2022-05-31: - add --omit-history option (buildah PR 4028) Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor buildah@mainValentin Rothberg2022-06-10
| | | | | | | Note that the bud-logfile-with-split-logfile-by-platform test is skipped on the remote client (see #14544). Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Bump github.com/opencontainers/runc from 1.1.2 to 1.1.3dependabot[bot]2022-06-09
| | | | | | | | | | | | | | | Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/opencontainers/runc/releases) - [Changelog](https://github.com/opencontainers/runc/blob/v1.1.3/CHANGELOG.md) - [Commits](https://github.com/opencontainers/runc/compare/v1.1.2...v1.1.3) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #14220 from Luap99/resolvconfOpenShift Merge Robot2022-06-07
|\ | | | | use resolvconf package from c/common/libnetwork
| * use resolvconf package from c/common/libnetworkPaul Holzinger2022-06-07
| | | | | | | | | | | | | | | | | | | | | | | | | | Podman and Buildah should use the same code the generate the resolv.conf file. This mostly moved the podman code into c/common and created a better API for it so buildah can use it as well. [NO NEW TESTS NEEDED] All existing tests should continue to pass. Fixes #13599 (There is no way to test this in CI without breaking the hosts resolv.conf) Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * update c/common to latestPaul Holzinger2022-06-07
| | | | | | | | Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Bump github.com/docker/dockerdependabot[bot]2022-06-07
|/ | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.16+incompatible to 20.10.17+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.16...v20.10.17) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/stretchr/testify from 1.7.1 to 1.7.2dependabot[bot]2022-06-06
| | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump github.com/containernetworking/cni from 1.1.0 to 1.1.1dependabot[bot]2022-06-02
| | | | | | | | | | | | | | Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/containernetworking/cni/releases) - [Commits](https://github.com/containernetworking/cni/compare/v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/cni dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump gopkg.in/yaml.v3 to v3.0.1Lokesh Mandvekar2022-05-31
| | | | | | | | | v3.0.1 resolves GHSA-hp87-p4gw-j4gq - CVE-2022-28948. While podman doesn't appear to be vulnerable to the CVE as the concerned code isn't being called, this update should silence a dependabot alert. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* vendor: bump buildah to v1.26.1-0.20220524184833-5500333c2e06Aditya R2022-05-26
| | | | | | Bump buildah to v1.26.1-0.20220524184833-5500333c2e06 Signed-off-by: Aditya R <arajan@redhat.com>
* Merge pull request #14342 from ↵Daniel J Walsh2022-05-25
|\ | | | | | | | | containers/dependabot/go_modules/github.com/vbauerster/mpb/v7-7.4.2 build(deps): bump github.com/vbauerster/mpb/v7 from 7.4.1 to 7.4.2