On debian with an older we get this error instead:
fsconfig() failed: tmpfs: Unknown parameter 'noswap'
So handle that case as well to skip the test correctly.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The full error message is:
failed to create idmapped mount: mount_setattr /tmp/CI_SKPI/podman_bats.RX6gD9/rootfs: invalid argument
So in order to match this account for the variable part.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Do not use reupload_on_changes, this will make the cache grow unbound
and I have seen the cache become so large then restoring it and
uploading it took several minutes thus making the task time worse
compared to no cache. I manually cleaned the cache a few times to fix
this but it need to properly be fixed here.
To not have a stale cache for to long also use date +%U which will
create a new cache once a week. This is in line with the offical
golangci-lint github action which invalidates the cache every 7 days by
default[1].
[1] https://github.com/golangci/golangci-lint-action/blob/main/README.md#cache-invalidation-interval
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add a new directory, which I'm currently dubbing "Features", in
which will live design documents - descriptions of Podman
features that will be implemented or are being implemented.
Add a README and template to this directory to make the purpose
clear and enable easy addition of new design documents.
Signed-off-by: Matt Heon <matthew.heon@pm.me>
We need to update the import path over the variable overwrite after the
monorepo move.
Fixes: #27029
Fixes: a98154a9 ("Switch common, storage and image to monorepo.")
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
- Split the monolithic Build() function into focused helper functions.
- Add a TempFileManager for proper temporary file lifecycle management.
This refactoring is in preparation for implementing a local build API.
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
This github action uses the certficate_generator.html from automation
repo to generate the badge for first time contributors and commits the
badge to the same repo which will be commented on the PR once its get
merged.
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
There are endless of links pointing to this document we should not get
rid of that.
Also I find having two podman-quadlet with different numbers rather
confusing, while I understand the motivation I think for most users this
is not intuitive. Most people will not type the man section numbers.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
If the `Mount` option inside a quadlet is missing the source=... part,
the code today panics with the following message.
```
panic: runtime error: index out of range [0] with length 0
goroutine 1 [running]:
github.com/containers/podman/v5/pkg/systemd/quadlet.handleStorageSource(0xc000140de0?, 0x1d?, {0x0?, 0x1?}, 0x5634e39e233e?, 0x10?)
...
```
This commit checks for the missing source and returns an error to avoid the panic.
Signed-off-by: Jakob Meier <mail@jakobmeier.ch>
For ConfigMap and Secret kube play volumes podman populates the data
from the yaml. However the volume content is not controlled by us and we
can be tricked following a symlink to a file on the host instead.
Fixes: CVE-2025-9566
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We already used `x` in tmpfiles, to ensure systemd did not remove
our directories or clean their contents (we really need them to
be left unmodified). However, systemd-tmpfiles lets us use more
than one directive per line, which means we can safely add an R!
(recursive remove on reboot) to these lines to ensure that, if
/tmp is not a tmpfs, systemd-tmpfiles will still remove our
temporary files, ensuring reboots are still accurately detected.
Signed-off-by: Matt Heon <mheon@redhat.com>
