Podman is basically unusable without cgo, checking if it compiles
without adds no value and just tricks people into thinking it works when
it does not.
This means we do not need extra to NOP out a lot of cgo calls with
functions that just return an error like `XXX is not supported without
cgo`.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
package and package-install targets have been renamed
to rpm and rpm-install respectively for clarity.
`make rpm` will now build rpm using HEAD.
Resolves: #18817
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This flag is not supported on BSD-derived systems including FreeBSD and
macos. We can get exactly the same symlink by passing the desired
relative path as source argument to 'ln -sf'.
Signed-off-by: Doug Rabson <dfr@rabson.org>
It's a bit cumbersome to manage a tooling version buried deep in a
command, let alone one also buried deep in a `Makefile`. Add a
variable to hold the version number so renovate can easily manage it.
This happens via a `regex` manager in the shared configuration
include `containers/automation//renovate/defaults.json5`. Also add a
helpful note/reminder to humans who may want to manually change the
version for some reason.
Depends on: https://github.com/containers/automation/pull/145
Signed-off-by: Chris Evich <cevich@redhat.com>
This commit creates a new command `podmansh` command which can be used by
administrators to provide a confined shell to their users.
The user will only have access to the volumes and capabilities for that
user.
Co-authored-by: Paul Holzinger <pholzing@redhat.com>
Co-authored-by: Daniel Walsh <dwalsh@redhat.com>
Co-authored-by: Petr Lautrbach <lautrbach@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This reverts commit ebf7474747787827b1fdc09ac58e949f1ace2d67.
With the c/storage change[1] we no longer need this workaround.
[1] https://github.com/containers/storage/pull/1637
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Because of a c/storage change[1] all we get a lot of new dependencies in
rootlessport despite not using them. Add build tags to exclude storage
drivers to make the binary smaller until it get addressed in c/storage.
This saves about 800 MB but the bloat due that change is still causing
us to gain over 2 MB. This is not ideal but we should get vendoring
going and not wait any longer.
[1] https://github.com/containers/storage/pull/1618
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
On FreeBSD, it usually lives in /usr/local/bin/bash. This uses the shell
'commmand' builtin to find the path which works in bash, dash and the
FreeBSD /bin/sh.
Signed-off-by: Doug Rabson <dfr@rabson.org>
Work around a go-md2man bug, and add a check script to make sure
this doesn't hit us again.
Background: go-md2man can't deal with a left-hand column > 31 chars.
It produces man pages that look like:
| Something With >31 Character | |
| | ..description |
(should be all on one row). It also has trouble when the vertical
bars are misaligned: it completely removes the right-hand side.
There's almost certainly a better solution: fix go-md2man, or
use a different conversion tool, or maybe even pre/postprocess.
But this is a quick interim solution.
Sorry for the perl. This could be done in bash/sed/awk/grep,
but not with any sort of sane error messages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Get rid of `podman.spec.rpkg` in favour of
`rpm/podman.spec` which gets synced with fedora dist-git on every
upstream release. The version in the new spec file is set to `0` by
default and gets updated by packit automatically on every packit task.
For local manual rpm builds using the spec, the helper script in the
`rpm/` subdir will update the Version field with the latest version
found in the upstream repo.
Packit will automatically create a PR on fedora dist-git on every new
upstream release. A sample PR will look like:
https://src.fedoraproject.org/rpms/container-selinux/pull-request/10#
A dry run for this can be triggered using:
`$ packit propose-downstream --local-content`
To run this command locally, you would need to have your packit
user-configuration-file set.
Ref: https://packit.dev/docs/configuration/#user-configuration-file
along with a fedora api key created at:
https://src.fedoraproject.org/settings#nav-api-tab with sufficient ACLs.
Also includes a revised `package` Makefile target which will build rpms
using `rpm/podman.spec`. Fixes: #18421.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
When running ginkgo tests locally we often only want to test a small
subset. I think most people just add the `FIt` block but then you need
to remember to undo that before pushing the changes.
With this change you can just run:
```
make localintegration FOCUS="test name here"
make localintegration FOCUS_FILE="some_test.go"
```
I updated the test Readme to use this new syntax.
The options just map to the ginkgo options, see the upstream docs
linked in the readme for more information about syntax.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
There are days when I really, really, really hate GNU. Remember
when someone decided that 'head -1' would no longer work, and
that it was OK to break an infinite number of legacy production
scripts? Someone now decided that egrep/fgrep are deprecated,
and our CI logs (especially pr-should-include-tests) are now
filled with hundreds of warning lines, making it difficult
to find actual errors.
I expect that those warnings will be removed quickly after
furious community backlash, just like the 'head -1' fiasco
was quietly reverted, but ITM the warnings are annoying
so I capitulate.
Signed-off-by: Ed Santiago <santiago@redhat.com>
ginkgo v2 has new options, --junit-report and --json-report.
The JUNIT one is utterly worthless: no timing data, no
separation between test output (podman commands) and
ginkgo output (filenames, linenumbers). JSON goes the
other direction, super-complicated, but I think I can
work with it. Let's try it.
This PR does not actually _do_ anything with the json; all
we do is save it. Over time, I'll download and play with it
and see what I can do with it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
while reworking ginkgo to use -p by default we also forced the machine
tests to be run in parallel. Right now this does not work at all
(something that should be fixed).
Using -p is easier becuase that will let ginkgo decide how many parallel
nodes to use so it much faster on high core counts.
So use some makefile magic to instaed of using `GINKGONODES` use
`GINKGO_PARALLEL` and set it to `y` by default. The machine tests will
then use that var to disable it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Porting them over to v2 requires a full rewrite.
IT is not clear who actually uses these benchmarks, Valentin who wrote
them originally is in favor of removing them. He recommends to use
script from hack/perf instead.
This commit also drop the CI integration, it is not clear who actually
uses this data. If it is needed for something please speak up.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using -p autodetect the number of cores and thus spins up workers as
needed, this should help speeding up e2e tests, especially locally.
Also -vv for mor everbose logging.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
- switch long flags to use `--`
- move the renamed flages noColor, flakeAttempts, outputdir
- remove no longer needed flag -progress
also see https://onsi.github.io/ginkgo/MIGRATING_TO_V2
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Revert commit 3d0e08f04e9c67dd8136acd54adabd077dbbd633.
`/etc/` does not need a prefix and can be customized
with the `ETCDIR` env variable.
Fixes: #18250
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The current release artifacts generation process is still fairly manual
with a bunch of steps. This commit bundles them all into a single
convenient Makefile target.
The `clean-binaries` target ends up removing `bin/`. So, the artifact
dir has been changed to `release/` instead of the current `bin/` to
avoid breaking other Makefile targets.
Related: https://github.com/containers/podman/issues/18215
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
On some platforms, /lib is not actually a directory, it is a symlink to
/usr/lib:
$ ls -l /lib
lrwxrwxrwx 1 root root 7 Dec 4 17:11 /lib -> usr/lib
When this is the case, "make install" will be operating under a false
assumption when it generates any relative symlinks to files under a
different root-level directory.
If linking to /libexec/... from /lib/... for example, the generated
relative symlink will be 1 parent directory pointer (../) too short.
This PR allows the builder to specify LIBDIR=/usr/lib, explicitly
installing files to the target of the symlink. This results in
symlinks being generated with the correct depth.
Signed-off-by: Jack Wearden <jack@jackwearden.co.uk>
When undefined make defaults to `/bin/sh` which is *NOT* the same on all
platforms. For example, on Fedora it's a symlink to `/bin/bash` but on
Debian, it's a symlink to `/bin/dash`. Remove any/all ambiguity by
declaring the shell to be bash forever and evermore.
Signed-off-by: Chris Evich <cevich@redhat.com>
A recent commit to an included option file resulted in
completely broken man pages, where the markdown processor
just choked and sent the "included file blah blah" markdown
straight through to the nroff source. Hilarity ensued.
The string "included file options/" should never appear
in nroff. This adds a last-minute check to make sure
a similar error never happens again.
(As suggested by @Luap99 we should also add validators for
markdown and/or nroff.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Somehow the options/secret.md file generated corrupt md which
then generated corrupt .man files. Fix, and add a Makefile
check to prevent this from happening again.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Podman machine os apply takes a takes a OCI image with container native ostree functionality and rebases the machine os on that image.
Currently, this requires the guest os inside the vm to use rpm-ostree.
When specifying an image, any container transport may be specified. If a
container transport is not specified, OS apply will attempt to search
the local containers-storage for the image, and if it is not found, it
will then attempt to use the Docker transport to pull from a remote
registry.
The architecture of OS apply is as follows:
podman machine os apply ssh's into the machine and calls podman machine os
apply. on the secondary call to podman machine os apply, apply
recognizes that it is inside the machine and does image operations, and
finally calls rpm-ostree rebase.
Tests are written but commented out, due to the chicken-and-egg problem.
Signed-off-by: Ashley Cui <acui@redhat.com>
The new version contains the ginkgolinter, which makes sure the
assertions are more helpful.
Also replace the deprecated os.SEEK_END with io.SeekEnd.
There is also a new `musttag` linter which checks if struct that are
un/marshalled all have json tags. This results in many warnings so I
disabled the check for now. We can reenable it if we think it is worth
it but for now it way to much work to fix all report problems.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When run make with muitiple jobs, `clean-binaries` could run after
the `podman-remote` target thus delete the newly built `podman-remote`
binary file. And this would cause the error later in the
`docs/remote-docs.sh` script.
Signed-off-by: xxyzz <gitpull@protonmail.com>
Currently we are shipping no data about quadlet, since the
podman-systemd.unit file is not shipped. Also want to add the
quadlet name to the description of the man page so that
man -k quadlet
will help users find the man page.
Also add a link file such that if the user types in
man quadlet
man will show the podman-systemd.unit file.
Also eliminate the subpackage podman-quadlet
Fixes: https://github.com/containers/podman/issues/17349
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Updated build scripts and installer build scripts to include gvproxy.exe.
Includes tutorial on setting up a Podman VM with QEMU and gvproxy on Windows.
Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
It is only needed for one CI task, and that task already calls
`make .install.swagger` in setup_environment.sh.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
