aboutsummaryrefslogtreecommitdiff
path: root/vendor
Commit message (Collapse)AuthorAge
...
* build(deps) bump CDI dependency from 0.3.0 to 0.3.2Evan Lezar2022-04-13
| | | | | | bump github.com/container-orchestrated-devices/container-device-interface from 0.3.0 to 0.3.2 Signed-off-by: Evan Lezar <elezar@nvidia.com>
* Merge pull request #13841 from lsm5/main-cve-2022-27191OpenShift Merge Robot2022-04-12
|\ | | | | Bump golang.org/x/crypto to 7b82a4e
| * Bump golang.org/x/crypto to 7b82a4eLokesh Mandvekar2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | Resolves: GHSA-8c26-wmh5-6g9v - CVE-2022-27191 Podman doesn't seem to be directly affected as the logic in question is not called. golang.org/x/crypto@1baeb1ce contains the actual CVE fix. Using the latest upstream commit to also include support for SHA-2. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Update vendor of storage,common,imageDaniel J Walsh2022-04-12
|/ | | | | | Preparing for release candidate. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* If newuidmap or newgidmap fail, then check their permissionsDaniel J Walsh2022-04-08
| | | | | | | | | | Often distributions to not have newuidmap and netgidmap configured to be setuid. If Podman fails to setup the user namespace, check to see if these files doe not have the proper protection and tell the user. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in new opencontainers/selinuxDaniel J Walsh2022-04-08
| | | | | | | | Also update vendor of containers/common,buildah,storage,image Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* build(deps): bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0dependabot[bot]2022-04-05
| | | | | | | | | | | | | | Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* replace hpcloud/tail with nxadm/tailValentin Rothberg2022-03-29
| | | | | | | | | | | | The hpcloud is not maintained anymore. nxadm is already part of the dependency chain, so it won't add work for downstream packages. While testing upcoming changes to the events-file backend, I noticed that nxadm is shipping required fixes. [NO NEW TESTS NEEDED] Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #13592 from ↵OpenShift Merge Robot2022-03-28
|\ | | | | | | | | containers/dependabot/go_modules/google.golang.org/protobuf-1.28.0 build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0
| * build(deps): bump google.golang.org/protobuf from 1.27.1 to 1.28.0dependabot[bot]2022-03-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.27.1 to 1.28.0. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.27.1...v1.28.0) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #13611 from rvandernoort/vendor_filtersOpenShift Merge Robot2022-03-28
|\ \ | | | | | | Vendor c/common for filters
| * | Vendor commonrvandernoort2022-03-27
| | | | | | | | | | | | | | | | | | | | | | | | Added patch provided by rhatdan to add support for shareable [NO NEW TESTS NEEDED] Signed-off-by: rvandernoort <s.r.vandernoort@student.tudelft.nl>
* | | Merge pull request #13639 from ↵Daniel J Walsh2022-03-27
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/docker/docker-20.10.14incompatible build(deps): bump github.com/docker/docker from 20.10.13+incompatible to 20.10.14+incompatible
| * | build(deps): bump github.com/docker/dockerdependabot[bot]2022-03-24
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.13+incompatible to 20.10.14+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.13...v20.10.14) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump github.com/rootless-containers/rootlesskitdependabot[bot]2022-03-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.6 to 1.0.0. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.6...v1.0.0) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github.com/prometheus/client_golang to v1.11.1Lokesh Mandvekar2022-03-24
|/ | | | | | Resolves: CVE-2022-21698 Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* build(deps): bump github.com/containers/ocicrypt from 1.1.2 to 1.1.3dependabot[bot]2022-03-22
| | | | | | | | | | | | | | Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/containers/ocicrypt/releases) - [Commits](https://github.com/containers/ocicrypt/compare/v1.1.2...v1.1.3) --- updated-dependencies: - dependency-name: github.com/containers/ocicrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* vendor containers/storage with https://github.com/containers/storage/pull/1165Dan Čermák2022-03-21
| | | | Signed-off-by: Dan Čermák <dcermak@suse.com>
* vendor c/common@0ededd18a1f9Valentin Rothberg2022-03-18
| | | | | | | Update the login tests to reflect the latest changes to allow http{s} prefixes (again) to address bugzilla.redhat.com/show_bug.cgi?id=2062072. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1dependabot[bot]2022-03-16
| | | | | | | | | | | | | | Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.0 to 1.7.1. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #13489 from Luap99/k8sOpenShift Merge Robot2022-03-16
|\ | | | | move k8s deps into podman
| * remove unneeded k8s codePaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a lot of unneeded code, k8s is the by far the biggest dependency in podman. We should remove as much as possible so that we only have the stuff left that we use. This is just a quick skim over the code which removes a lot of the generated code and many packages that are now unused. I know that this will be impossible to properly review. I will try to make smaller changes in follow up work. Right now this reduces about 8 MB in binary size!!! [NO NEW TESTS NEEDED] Hopefully existing tests will catch any problems. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * move k8s deps into podmanPaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | We only need a small part of the k8s dependencies but they are the biggest dependencies in podman by far. Moving them into podman allows us to remove the unnecessary parts. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13512 from ↵OpenShift Merge Robot2022-03-15
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/docker/docker-20.10.13incompatible Bump github.com/docker/docker from 20.10.12+incompatible to 20.10.13+incompatible
| * | Bump github.com/docker/dockerdependabot[bot]2022-03-15
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.12+incompatible to 20.10.13+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.12...v20.10.13) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* / Bump github.com/spf13/cobra from 1.3.0 to 1.4.0dependabot[bot]2022-03-15
|/ | | | | | | | | | | | | | | Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md) - [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* vendor: bump buildah, c/image and c/storageAditya R2022-03-14
| | | | | | | | | | Bumps c/buildah to -> `v1.24.3-0.20220310160415-5ec70bf01ea5` c/storage to -> `v1.38.3-0.20220308085612-93ce26691863` c/image to -> `v5.20.1-0.20220310094651-0d8056ee346f` Signed-off-by: Aditya R <arajan@redhat.com>
* Merge pull request #13483 from ↵OpenShift Merge Robot2022-03-11
|\ | | | | | | | | containers/dependabot/go_modules/github.com/spf13/cobra-1.4.0 Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
| * Bump github.com/spf13/cobra from 1.3.0 to 1.4.0dependabot[bot]2022-03-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md) - [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github.com/docker/dockerdependabot[bot]2022-03-11
|/ | | | | | | | | | | | | | | Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.12+incompatible to 20.10.13+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.12...v20.10.13) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #13477 from ↵OpenShift Merge Robot2022-03-10
|\ | | | | | | | | containers/dependabot/go_modules/github.com/containernetworking/plugins-1.1.1 Bump github.com/containernetworking/plugins from 1.1.0 to 1.1.1
| * Bump github.com/containernetworking/plugins from 1.1.0 to 1.1.1dependabot[bot]2022-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](https://github.com/containernetworking/plugins/compare/v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github.com/vbauerster/mpb/v7 from 7.3.2 to 7.4.1dependabot[bot]2022-03-10
|/ | | | | | | | | | | | | | Bumps [github.com/vbauerster/mpb/v7](https://github.com/vbauerster/mpb) from 7.3.2 to 7.4.1. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v7.3.2...v7.4.1) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #13471 from Luap99/bump-mpbv7OpenShift Merge Robot2022-03-09
|\ | | | | Use github.com/vbauerster/mpb/v7 in pkg/machine
| * Use github.com/vbauerster/mpb/v7 in pkg/machinePaul Holzinger2022-03-09
| | | | | | | | | | | | | | | | | | | | | | We already use v7 in c/image so podman should use the same version to prevent duplication. This saves 170 KB binary size. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13470 from Luap99/yamlv2OpenShift Merge Robot2022-03-09
|\ \ | |/ |/| use gopkg.in/yaml.v2 instead of v3
| * use gopkg.in/yaml.v2 instead of v3Paul Holzinger2022-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | Many dependencies already import gopkg.in/yaml.v2, podman is the only user of the v3 version except github.com/stretchr/testify but this is only a testing dependency so it will not end up in the binary. This change reduces the podman binary size from 54740 to 54260 KB on my system. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Bump github.com/docker/distributiondependabot[bot]2022-03-09
|/ | | | | | | | | | | | | | Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.0+incompatible to 2.8.1+incompatible. - [Release notes](https://github.com/docker/distribution/releases) - [Commits](https://github.com/docker/distribution/compare/v2.8.0...v2.8.1) --- updated-dependencies: - dependency-name: github.com/docker/distribution dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* vendor: bump c/image to main/9a9cd9Aditya R2022-03-02
| | | | | | | Bump c/image to upstream main/9a9cd9 so podman could use new race-free code. Signed-off-by: Aditya R <arajan@redhat.com>
* vendor: bump c/storage to main/d06b0fAditya R2022-03-02
| | | | | | | Bump c/storage to main/d06b0f so we podman could use new `race-free` `AddNames` and `RemoveNames` api Signed-off-by: Aditya R <arajan@redhat.com>
* Use storage that better supports rootless overlayfsNick Guenther2022-03-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | overlayfs -- the kernel's version, not fuse-overlayfs -- recently learned (as of linux 5.16.0, I believe) how to support rootless users. Previously, rootless users had to use these storage.conf(5) settings: * storage.driver=vfs (aka STORAGE_DRIVER=vfs), or * storage.driver=overlay (aka STORAGE_DRIVER=overlay), storage.options.overlay.mount_program=/usr/bin/fuse-overlayfs (aka STORAGE_OPTS=/usr/bin/fuse-overlayfs) Now that a third backend is available, setting only: * storage.driver=overlay (aka STORAGE_DRIVER=overlay) https://github.com/containers/podman/issues/13123 reported EXDEV errors during the normal operation of their container. Tracing it out, the problem turned out to be that their container was being mounted without 'userxattr'; I don't fully understand why, but mount(8) mentions this is needed for rootless users: > userxattr > > Use the "user.overlay." xattr namespace instead of "trusted.overlay.". > This is useful for unprivileged mounting of overlayfs. https://github.com/containers/storage/pull/1156 found and fixed the issue in podman, and this just pulls in that via go get github.com/containers/storage@ebc90ab go mod vendor make vendor Closes https://github.com/containers/podman/issues/13123 Signed-off-by: Nick Guenther <nick.guenther@polymtl.ca>
* Vendor in containers/common@mainAshley Cui2022-02-28
| | | | Signed-off-by: Ashley Cui <acui@redhat.com>
* Bump github.com/containernetworking/plugins from 1.0.1 to 1.1.0dependabot[bot]2022-02-24
| | | | | | | | | | | | | | Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](https://github.com/containernetworking/plugins/compare/v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Bump CDI go dependency to v0.3.0Evan Lezar2022-02-23
| | | | | | | | This updates the CDI dependency to the v0.3.0 tagged version instead of relying on a pseudo version. This also addresses the fact that cgroups are not set correctly for devices using the previous dependency. Signed-off-by: Evan Lezar <elezar@nvidia.com>
* Add containers-common spec and command to podmanDaniel J Walsh2022-02-22
| | | | | | | | | Since containers-common package is tied to specific versions of Podman, add tools to build the package into the contrib directory This should help other distributions to figure out which commont package to ship. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13263 from giuseppe/update-c-storageOpenShift Merge Robot2022-02-17
|\ | | | | vendor: update c/storage to 26c561f9
| * vendor: update c/storage to 26c561f9Giuseppe Scrivano2022-02-17
| | | | | | | | | | | | | | | | | | | | update c/storage to commit 26c561f9a64585d9a25d340e1ae5479eca8008a1. It contains an important fix for partial pulls. [NO NEW TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Bump github.com/containers/buildah from 1.24.1 to 1.24.2dependabot[bot]2022-02-17
|/ | | | | | | | | | | | | | | Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.24.1 to 1.24.2. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/main/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.24.1...v1.24.2) --- updated-dependencies: - dependency-name: github.com/containers/buildah dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Temporarily pull machine images from side repoBrent Baude2022-02-11
| | | | | | | | | | | Until podman4 is in the fcos trees, we need to pull the machine images from a side repository. There is a hard coded bit that forces the side repo download right now. Simple comment or removal of the bit will revert to normal download behavior. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* Bump c/common to v0.47.4tomsweeneyredhat2022-02-09
| | | | | | As the title says. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>