Add --creds flag to podman create and podman run commands to support
registry authentication during image pulling.
Without this flag, users must perform a separate `podman pull
--creds/--cert-dir` first and then remember to specify `--pull=never`.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
I hastily commented out some tests that were problematic
for the vendor of Buildah v1.41 into Podman main (5.6 to be)
in #26666.
@luap99 noted that I should have skipped them, this PR removes
the comments and puts the Skip into play.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Comment out the problematic "podman diff container and image with same name" test
in test/e2e/diff_test.go. This became a problem with Buildah v1.41 and
if possible, should be addressed by Podman v5.6 final.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Update the "podman diff container and image with same name" e2e test to
not expect a built image to include /etc, since newer buildah won't
include an item in a layer if it was only created in a rootfs in order
to have something mounted onto it while processing a RUN instruction.
A few exceptions are still made for the sake of conformance tests.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Teach our patched version of run_buildah() to notice when a build tries
to write the output image to an oci:/oci-archive:/docker-archive:/dir:
location, and for those cases, adjust the command to commit the image to
local storage and then copy it to the desired location.
It's a hack on top of a hack. I don't love it, but here we are.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Fixed the --build-context flag to properly send files for remote builds. Previously
only the main context was sent over as a tar while additional contexts were passed as
local paths and this would cause builds to fail since the files wouldn't exist.
New changes modifies the Build API to use multipart HTTP requests allowing multiple
build contexts to be used. Each additional context is packaged and
transferred based on its type:
- Local Directories: Sent as tar archives
- Git Repositories: link sent to the server where its then cloned
- Container Images: Image reference sent to the server, it then pulls the image there
- URLs/archives: URL sent to the server, which handles the download
Fixes: #23433
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
When conmon was killed podman rm -f currently fails but running it again
then works which doesn't really makes sense. We should properly remove
the contianer even if conmon is dead.
In fact the code already handles ErrConmonDead as stop error when we
remove the container but this error was never thrown anywhere. To fix
this throw ErrConmonDead instead of ErrInternal because that is not an
intenral error if something else killed conmon.
With this we can correctly cleanup and remove the container. The fact
that this works on the first try is important for quadlet units as they
only run the ExecStopPost= command once to remove it.
Fixes: #26640
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
There is no reason for local and rmeote to use a different error that
just differs in quoting. Make them consitent to simplify the tests.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Updated helper function "find_exec_pid_files" and called it the "podman exec - leak check" test.
Fixes: #26616
Signed-off-by: Craig Spencer <craig.spencer812@gmail.com>
Prevent `podman volume export` from showing raw tar contents directly to the terminal (STDOUT). If not redirected and without output flag, error message is expected.
Fixes: #26506
Signed-off-by: Arthur Wu <lion811004@gmail.com>
I noticed recently when I made a typo that then auto-update errored but
it did not tell me which container was incorrect so I had to check all
containers myself. Include the container ID in the error to make it
clear which container has the issue.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
For currently version of journalctl, --user option only works when
the persistent storage is enabled. So we need to check this option
before we use it. Otherwise a set of tests will failed with can
not find expected output from journalctl with rootless user.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
When generating Conmon's command line, we read containers.conf to
get log_size_max and used it if the container didn't override it.
However, `podman inspect` only reads from the container's own
config, and ignores containers.conf. Unify the way we determine
maximum log size with a single function and use it for both
inspect and containers.conf, and add a test for this behavior.
Fixes https://issues.redhat.com/browse/RHEL-96776
Signed-off-by: Matt Heon <mheon@redhat.com>
Unfortunately on a number of occasions, Podman has been released
officially with a `-dev` suffix in the version number. Assist in
catching this mistake at release time by the addition of a simple
conditional test. Note that it must be positively enabled by a
magic env. var. before executing the system tests.
Also (thanks to @lsm5) update the TMT test to trigger the new
condition for future Fedora releases.
Signed-off-by: Chris Evich <cevich@redhat.com>
For unknown reasons systemd-resolved sometimes responds with NXDOMAIN
instead REFUSED which it seems to use by default for a local name
without domain part. So the fact that this works at all right now is
super weird.
In any case we just want to make sure the name did not get resolved so
allow both here to fix the flake.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
