summaryrefslogtreecommitdiff
path: root/vendor
Commit message (Collapse)AuthorAge
* Merge pull request #2082 from rhatdan/runcOpenShift Merge Robot2019-01-06
|\ | | | | Update vendor of runc
| * Update vendor of runcDaniel J Walsh2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating the vendor or runc to pull in some fixes that we need. In order to get this vendor to work, we needed to update the vendor of docker/docker, which causes all sorts of issues, just to fix the docker/pkg/sysinfo. Rather then doing this, I pulled in pkg/sysinfo into libpod and fixed the code locally. I then switched the use of docker/pkg/sysinfo to libpod/pkg/sysinfo. I also switched out the docker/pkg/mount to containers/storage/pkg/mount Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Vendor in latest containers/buildah codeDaniel J Walsh2019-01-05
|/ | | | | | | | | This should improve the speed of podman build. Has fixes from containres/image for parallell pull. Also vendor containers/storage and containers/image Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor in new containers/storagebaude2019-01-03
| | | | | | | | | vendor in latest containers/storage which contains a fix for when a filesystem that overlayfs is on is ENOSPC. adding pgzip/compress as a new dep for c/s Signed-off-by: baude <bbaude@redhat.com>
* Vendor in latest psgo code to fix race conditionsDaniel J Walsh2018-12-21
| | | | | | | | | | When running podman top, the processes collected can exit befor psgo gets information on the processes. This can cause some weird errors and creates some CI flakes. psgo now properly ignores this situation rather then returning errors Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* perf test a stress test to profile CPU load of podmanKunal Kushwaha2018-12-19
| | | | Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
* Merge pull request #1962 from rhatdan/criuOpenShift Merge Robot2018-12-12
|\ | | | | Set Socket label for contianer
| * Set Socket label for contianerDaniel J Walsh2018-12-12
| | | | | | | | | | | | | | This will allow container processes to write to the CRIU socket that gets injected into the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Vendor buildah after merging mtrmac/blob-info-caching-on-top-of-contents-cachingMiloslav Trmač2018-12-08
| | | | | | | | Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* | Vendor c/image after merging c/image#536Miloslav Trmač2018-12-08
|/ | | | | | ... which adds blob info caching Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Vendor buildah after merging https://github.com/containers/buildah/pull/1214Miloslav Trmač2018-12-06
| | | | | | This updates buildah for the sysregistriesv2 changes. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Update containers/image to 63a1cbdc5e6537056695cf0d627c0a33b334df53Miloslav Trmač2018-12-06
| | | | Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Vendor in latest containers/storageDaniel J Walsh2018-12-05
| | | | | | This should improve performance on vfs images on top of xfs/reflink drives. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor: update containers/storageGiuseppe Scrivano2018-12-04
| | | | | | | inherit a change for rootless containers to ignore devices nodes inside of images. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Vendor in latest containers/storageDaniel J Walsh2018-11-28
| | | | | | This allows us to modify the containers mount option on a per/container basis Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor: update selinuxGiuseppe Scrivano2018-11-28
| | | | | | | inherit a change for not failing a recursive relabelling if the file is removed between the directory is read and the lsetxattr syscall. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Vendor in latest containers/buildahUrvashi Mohnani2018-11-21
| | | | | | Pulls in fix for COPY --from when using --layers Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* runlabel: use shlex for splitting commandsValentin Rothberg2018-11-16
| | | | | | | | Use github.com/google/shlex for splitting commands instead of splitting at whitespaces. This way, we avoid accidentally splitting single string arguments into mutliple ones. Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* Merge pull request #1769 from umohnani8/buildOpenShift Merge Robot2018-11-16
|\ | | | | Set --force-rm for podman build to true by default
| * Set --force-rm for podman build to true by defaultUrvashi Mohnani2018-11-08
| | | | | | | | | | | | | | | | | | Since we use buildah containers for the build process, the user will not know if we have any buildah containers lingering due to a failed build. Setting this to true by default till we figure out a better way to solve this. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | Vendor in containers/storageTomSweeneyRedHat2018-11-15
| | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | vendor: update ostree-goGiuseppe Scrivano2018-11-13
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Vendor in latest containers/storageDaniel J Walsh2018-10-26
| | | | | | We need this to start testing metacopy up for podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Increase security and performance when looking up groupsbaude2018-10-25
| | | | | | | | | | We implement the securejoin method to make sure the paths to /etc/passwd and /etc/group are not symlinks to something naughty or outside the container image. And then instead of actually chrooting, we use the runc functions to get information about a user. The net result is increased security and a a performance gain from 41ms to 100us. Signed-off-by: baude <bbaude@redhat.com>
* vendor: update containers/storageGiuseppe Scrivano2018-10-23
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #1687 from rhatdan/vendorOpenShift Merge Robot2018-10-23
|\ | | | | Move selinux label reservations to containers storage.
| * Vendor in latest containers/storage opencontainers/selinuxDaniel J Walsh2018-10-23
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | vendor in go-criu and dependenciesAdrian Reber2018-10-23
|/ | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* Vendor in new new buildah/cibaude2018-10-17
| | | | | | | libpod requires new buildah and container image versions to resolve bug #1640298 Signed-off-by: baude <bbaude@redhat.com>
* vendor: update containers/buildahGiuseppe Scrivano2018-10-14
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Support auth file environment variable & add change to man pagesQi Wang2018-10-12
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #1623 from mheon/static_ipOpenShift Merge Robot2018-10-11
|\ | | | | Add ability to specify static IPs with --ip flag
| * Update OCICNI vendor to 2d2983e4Matthew Heon2018-10-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Update OCICNI vendor to e617a611Matthew Heon2018-10-11
| | | | | | | | | | | | Includes necessary changes for static IPs. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Vendor latest containers/imageUrvashi Mohnani2018-10-11
|/ | | | | | Catches more errors when checking for login credentials. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* Vendor in latest github.com/containers/storage,image, buildahDaniel J Walsh2018-10-07
| | | | | | | | | Grab latest fixes from subpackages Including fixes for usernamespace chowning retaining file attributes Better logging of error messages. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in the latest containers/storage, image and buildahDaniel J Walsh2018-09-29
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in latest containers/buildahDaniel J Walsh2018-09-21
| | | | | | | | | | Fixes issues with builtin volumes having correct ownership and permissions when doing podman builds. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1525 Approved by: giuseppe
* Vendor in latest opencontainers/runtime-toolsDaniel J Walsh2018-09-19
| | | | | | | | | | This will cause /proc inside of the container to match the mount options of the host. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1511 Approved by: baude
* Vendor in latest containers/buildahDaniel J Walsh2018-09-18
| | | | | | Switch from projectatomic/buildah to containers/buildah Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in latest projectatomic/buildahDaniel J Walsh2018-09-15
| | | | | | | | | | | | | Buildah Fixes to COPY and ADD to properly follow symbolic links is SRC is a symbolic link Print out a digest message on successful push. We should not drop the Bounding set when running as a non priv user in podman build Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1483 Approved by: rhatdan
* Vndr latest containers/imageDaniel J Walsh2018-09-15
| | | | | | | | | Containers image has a fix docker tarfile: use the cached digest if existing Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1482 Approved by: rhatdan
* Vendor in latest containers/imageUrvashi Mohnani2018-09-13
| | | | | | | | | Picks up changes made to authentication for registry search. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com> Closes: #1444 Approved by: rhatdan
* Vendor in latest containers/storage to eliminage deadlockDaniel J Walsh2018-09-12
| | | | | | | | | | When running lots of podman commands simultaneously we were able to get into a deadlock situation. The updated containers/storage should fix this issue. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1454 Approved by: mheon
* Vendor CNI plugins firewall codeMatthew Heon2018-09-10
| | | | | | | | | | | | | | The upstream CNI project has a PR open for adding iptables and firewalld support, but this has been stalled for the better part of a year upstream. On advice of several maintainers, we are vendoring this code into libpod, to perform the relevant firewall configuration ourselves. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1431 Approved by: baude
* use layer cache when building imagesbaude2018-09-07
| | | | | | | | | | | | | | | | to more closely mimic docker default behavior, the --layers cli option is set to true by default for podman. the buildah environment variable of BUILDAH_LAYERS is still honored and will override the command line input. this should be considered in place of PR #1383. Many thanks for Scott McCarty for inspiring this welcome change. Signed-off-by: baude <bbaude@redhat.com> Closes: #1422 Approved by: rhatdan
* vendor containerd/cgroupsbaude2018-09-06
| | | | | | | | | | | We need to vendor in the latest containerd/cgroups for a fix related to slice delegation and systemd <= 239. The opencontainer/runtime-spec is brought along for the ride. Signed-off-by: baude <bbaude@redhat.com> Closes: #1414 Approved by: mheon
* Vendor in latest containers/storage and containers/imageDaniel J Walsh2018-08-31
| | | | | | | | | | | | | Update container/image to address a commit error when copying layers and metadata. This change may require users to recreate containers. container/storage added some new lock protection to prevent possible deadlock and data corruption. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1381 Approved by: mheon
* Vendor in latest projectatomic/buildahDaniel J Walsh2018-08-29
| | | | | | | | | | | | This will help document the defaults in podman build. podman build --help will now show the defaults and mention the environment variables that can be set to change them. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1364 Approved by: mheon
* Vendor easyjson code to fix buildMatthew Heon2018-08-24
| | | | | | | | | | | To ensure we can build without easyjson installed, vendor the easyjson repository as the generated files use the easyjson library. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1322 Approved by: mheon