Moving from Go module v4 to v5 prepares us for public releases.
Move done using gomove [1] as with the v3 and v4 moves.
[1] https://github.com/KSubedi/gomove
Signed-off-by: Matt Heon <mheon@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
The init binary until now has been bind-mounted to /dev/init which
breaks when bind-mounting to /dev. Instead mount the init to
/run/podman-init. The reasoning for using /run is that it is already
used for other runtime data such as secrets.
Fixes: #14251
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This leverages conmon's ability to proxy the SD-NOTIFY socket.
This prevents locking caused by OCI runtime blocking, waiting for
SD-NOTIFY messages, and instead passes the messages directly up
to the host.
NOTE: Also re-enable the auto-update tests which has been disabled due
to flakiness. With this change, Podman properly integrates into
systemd.
Fixes: #7316
Signed-off-by: Joseph Gooch <mrwizard@dok.org>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
The `IgnorePlatform` options has been removed from the
`LookupImageOptions` in libimage to properly support multi-arch images.
Skip one buildah-bud test which requires updated CI images. This is
currently being done in github.com/containers/podman/pull/10829 but
we need to unblock merging common and buildah into podman.
[NO TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
First, make podman diff accept optionally a second argument. This allows
the user to specify a second image/container to compare the first with.
If it is not set the parent layer will be used as before.
Second, podman container diff should only use containers and podman
image diff should only use images. Previously, podman container diff
would use the image when both an image and container with this name
exists.
To make this work two new parameters have been added to the api. If they
are not used the previous behaviour is used. The same applies to the
bindings.
Fixes#10649
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We should create the /etc/mtab->/proc/mountinfo link
so that mount command will work within the container.
Docker does this by default.
Fixes: https://github.com/containers/podman/issues/10263
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Migrate the Podman code base over to `common/libimage` which replaces
`libpod/image` and a lot of glue code entirely.
Note that I tried to leave bread crumbs for changed tests.
Miscellaneous changes:
* Some errors yield different messages which required to alter some
tests.
* I fixed some pre-existing issues in the code. Others were marked as
`//TODO`s to prevent the PR from exploding.
* The `NamesHistory` of an image is returned as is from the storage.
Previously, we did some filtering which I think is undesirable.
Instead we should return the data as stored in the storage.
* Touched handlers use the ABI interfaces where possible.
* Local image resolution: previously Podman would match "foo" on
"myfoo". This behaviour has been changed and Podman will now
only match on repository boundaries such that "foo" would match
"my/foo" but not "myfoo". I consider the old behaviour to be a
bug, at the very least an exotic corner case.
* Futhermore, "foo:none" does *not* resolve to a local image "foo"
without tag anymore. It's a hill I am (almost) willing to die on.
* `image prune` prints the IDs of pruned images. Previously, in some
cases, the names were printed instead. The API clearly states ID,
so we should stick to it.
* Compat endpoint image removal with _force_ deletes the entire not
only the specified tag.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Noticed this while I was poking around in the runtime doing DB
work. The signature of this function makes me a bit uncomfortable
(why should we let people apply arbitrary diffs to layers? Seems
like a good way to break things...) and it's completely unused,
so let's just remove it.
[NO TESTS NEEDED] since this is a pure removal.
Signed-off-by: Matthew Heon <mheon@redhat.com>
We missed bumping the go module, so let's do it now :)
* Automated go code with github.com/sirkon/go-imports-rename
* Manually via `vgrep podman/v2` the rest
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Current these commands only check if a container exists in libpod. With
this fix, the commands will also check if they are in containers/storage.
This allows users to look at differences within a buildah or CRI-O container.
Currently buildah diff does not exists, so this helps out in that situation
as well as in CRI-O since the cri does not implement a diff command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
With the advent of Podman 2.0.0 we crossed the magical barrier of go
modules. While we were able to continue importing all packages inside
of the project, the project could not be vendored anymore from the
outside.
Move the go module to new major version and change all imports to
`github.com/containers/libpod/v2`. The renaming of the imports
was done via `gomove` [1].
[1] https://github.com/KSubedi/gomove
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
When doing a checkpoint with --export the root file-system diff was not
working as expected. Instead of getting the changes from the running
container to the highest storage layer it got the changes from the
highest layer to that parent's layer. For a one layer container this
could mean that the complete root file-system is part of the checkpoint.
With this commit this changes to use the same functionality as 'podman
diff'. This actually enables to correctly diff the root file-system
including tracking deleted files.
This also removes the non-working helper functions from libpod/diff.go.
Signed-off-by: Adrian Reber <areber@redhat.com>
The newly added function GetDiffTarStream() mirrors the GetDiff()
function. It tries to get the correct layer ID from getLayerID()
and it filters out containerMounts from the tarstream. Thus the
behavior is the same as GetDiff(), but it returns a tarstream.
This also adds the function ApplyDiffTarStream() to apply the tarstream
generated by GetDiffTarStream().
These functions are targeted to support container migration with
root file-system changes.
Signed-off-by: Adrian Reber <areber@redhat.com>
There is a group of inodes that get created when running a container
if they do not exist.
containerMounts = map[string]bool{
"/dev": true,
"/etc/hostname": true,
"/etc/hosts": true,
"/etc/resolv.conf": true,
"/proc": true,
"/run": true,
"/run/.containerenv": true,
"/run/secrets": true,
"/sys": true,
}
If the destination inode does not exist, libpod/runc will create the inode.
This can cause programs like podman diff to see the image as having changed,
when actually it has not. This patch ignores changes in these inodes.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1508
Approved by: giuseppe
Need to get some small changes into libpod to pull back into buildah
to complete buildah transition.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1270
Approved by: mheon
Cull funcs from runtime_img.go which are no longer needed. Also, fix any remaining
spots that use the old image technique.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #532
Approved by: mheon
The PR contains several enhancements to our CI testing.
- enable lint testing on Fedora
- add Centos Atomic as test platform
- integration tests on run on the OS natively (uncontainerized)
- builds are done in containers
- inclusion of Vagrant file for local testing
Signed-off-by: baude <bbaude@redhat.com>
Closes: #18
Approved by: mheon
