Adding a design document for Podman 6. it is a high level design that tries to encompasses proposed changes to Podman and its runtime environment. It should highlight major changes and features; but you will also find nitty detailed changes that have been idenitified. It is quite possible things in this document will change but it allows for open, transparent communication.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Add a new directory, which I'm currently dubbing "Features", in
which will live design documents - descriptions of Podman
features that will be implemented or are being implemented.
Add a README and template to this directory to make the purpose
clear and enable easy addition of new design documents.
Signed-off-by: Matt Heon <matthew.heon@pm.me>
We already used `x` in tmpfiles, to ensure systemd did not remove
our directories or clean their contents (we really need them to
be left unmodified). However, systemd-tmpfiles lets us use more
than one directive per line, which means we can safely add an R!
(recursive remove on reboot) to these lines to ensure that, if
/tmp is not a tmpfs, systemd-tmpfiles will still remove our
temporary files, ensuring reboots are still accurately detected.
Signed-off-by: Matt Heon <mheon@redhat.com>
As part of my debloat activity I wrote a small script that makes use of
goda[1] to check our imports and what we can likely trim to reduce the
binary size.
I also added a readme to document what I did basically. This should help
anyone doing this work in the future again.
[1] github.com/loov/goda
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Bump bundled krunkit to 0.2.2. This bundle also includes libkrun
1.14.0, allowing us to enable nested virt on M3 and M4 systems by
default.
Signed-off-by: Sergio Lopez <slp@redhat.com>
We used this to load the iptables module, since f41 we use nftables by
default which does not need this at all so drop the module load file.
If some distros default still to the legacy iptables they can manually
add the moduled load file back.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This script does not bring accurate results. For nice dependency
analysis I can recommend goda:
https://github.com/loov/goda
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The config file is installed in the remote zip as an example but the
content in there is not being updated and no longer really the way to do
things. With podman 5.0 we have a proper system connection file and
people in general should just use the system connection commands.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This script was used when dependabot could not deal with vendoring, we
long since moved to renovate which handles it fine with manual steps so
remove this script.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It doesn't seem to be used anywhere and is not maintained. An up to date
specfile is found in the c/common repo.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
changing the validate-in-container make target to use
quay.io/libpod/validatepr:latest. this allows `make validate` to run to
completion doing linting, ed's perl checks, and pre-commit.]
The image is now based on F42 `awk` is not part of the base image, so I added `awk`.
Signed-off-by: Brent Baude <bbaude@redhat.com>
We do our proper machine os image builds in podman-machine-os now and
with [1] we also publish a next tag for easy testing. As such this
action is no longer needed.
[1] https://github.com/containers/podman-machine-os/pull/128
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This is a followup of https://github.com/containers/podman/pull/26048
It fixes `process-release.ps1` that was always looking for the amd64 release
zip file, even if `$env:PODMAN_ARCH` was set to arm64. With this fix it looks
for the right zip file.
It fixes `winmake.ps1` that, when the `-arch` param was not passed, set `$env:PODMAN_ARCH`
to the empty string instead of the local `$env:GOARCH`.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
Winmake could only build amd64 artifacts (podman-remote, gvproxy,
win-sshproxy, podman.msi and podman-setup.exe).
This commit makes the necessary change to winmake so that it:
1) builds arm64 artifacts when executed on arm64
2) cross-compiles to arm64/amd64 with the `-architecture` parameter
It depends on https://github.com/containers/podman/pull/26023 that
removes the need to build `check.c` code (that is not used anyway).
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
This PR removes the file `check.c` and the instructions
to build it. The file was still built but the resulting
dll was not used by the installer anymore (see
https://github.com/containers/podman/pull/25237).
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
Instead of hardcoding gvisor version in different build files, we get gvisor version from go.mod file.
Signed-off-by: Yevhen Vydolob <yvydolob@redhat.com>
golangci-lint v2 introduced a new command, fmt, which runs configured
formatters (see formatters in .golangci.yml).
Use this for generated files. Drop separate goimports binary.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
As of commit d4c7ca39f ("update c/{buildah,common,image,storage} to
latest main") no dependencies use exclude_graphdriver_devicemapper tag.
This (hopefully) concludes the work of removing devicemapper graph
driver.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This one has two local NVMe's attached so we should be able to use fast
local storage to hopefully speed the test up. The NVMe are not mounted
by default so we have to format and mount them. I have choosen Z as
drive letter as I guess it seems most likely that it is free.
Then we need to set the TMPDIR envs to make the machine tests use the
new location.
This speeds up hyperV tests by 20mins and wsl by 9 mins.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add a new target in winmake.ps1 to run unit tests and use
use it in a new cirrus task.
Fix machine_windows_test.go to make it work in CI machine.
Add the `!windows` tag on tests files that fail on Windows.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
To avoid problems when automatically downloading
`latest` podman windows installer (e.g. the windows
installer hasn't been included in the GH release
because of a problems with the keys to sign it), we
are now hardcoding the version of Podman that is
used to test the upgrade from latest to current
version.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
On external monitors with different resolutions, our pkginstaller logo renders poorly. Using vector graphics solves this problem.
Signed-off-by: Ashley Cui <acui@redhat.com>
The Windows installer was able to automatically enable the
Windows features for WSL or HyperV when they were not
already enabled. This PR removes this capability.
Having the installer to automatically install the right prerequiste
(WSL or HyperV) was helpful as users won't have to do it manually to
use Podman after the installation. But it also made the code of
installer more complicated as it needed to manage the installation
of these OS features and a reboot. And we weren't able to automatically
test these scenarios that required a reboot.
In other words the Windows installer, that merely just extracted
some files in a folder, required, to support the installation of
WSL and HyperV, an advanced knowledge of WiX toolkit and of the
Windows Installer SDK, plus contributors-time to manually test
the scenarios that require a reboot.
We decided to remove this capability based on the following reasons:
- We had a couple of regressions in the last month that were hard to
analyse and fix (#24624 and #24735)
- Podman maintainers currently have a scarce knowledge of the Windows Installer
and there is no plan to invest in that
- Manually installing WSL or HyperV is not hard (e.g. run `wsl --install`) and
are features that admins can manage on their fleet of Windows machines
- Competitors such as Docker Desktop don't automatically install these
components
- Podman `machine init` currently verifies if WSL and HyperV are installed and
guide the user to install them when they are not
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
The current macos installer gvproxy version has a number of issues
around dns handling[1,2]. They should be fixed now in 0.8.3 as they
reverted the dns changes back to the 0.7.5 code. This should make it
work like it used to be. Our 5.3.2 installer ships the 0.7.5 version so
users of the podman installer never noticed that but we got plenty of
reports from brew users. This needs to be backported into v5.4 to make
sure we do not ship the broken version as part of the installer.
[1] https://github.com/containers/gvisor-tap-vsock/issues/462
[2] https://github.com/containers/gvisor-tap-vsock/issues/466
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
go 1.24 on rawhide starts to fail with:
go: could not parse netrc (GOAUTH=netrc): $HOME is not defined
GOAUTH is a new go 1.24 feature, and someone this started to require a
$HOME set. We should have $HOME set already in many places but because
the lib.sh script was not loaded here it was not set.
We have GOPATH set AFAICT otherwise go would never have worked without
$HOME.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
BuildOrigin is a field that can be set at build time by packagers. This helps us trace how and where the binary was built and installed from, allowing us to see if the issue is due to a specfic installation or a general podman bug. This field shows up in podman version and in podman info when populated. Note that podman info has a new field, Client, that only appears when running podman info using the remote client.
Automatically set the BuildOrigin field when building the macOS pkginstaller to pkginstaller.
Usage: make podman-remote BUILD_ORIGIN="mypackaging"
Signed-off-by: Ashley Cui <acui@redhat.com>
If no containers need to be restarted, podman-restart prints "Error: you must provide at least one name or id" then fails.
Update the service file to handle start and stop symmetrically.
See discussion in https://github.com/containers/podman/pull/25131
Signed-off-by: Andrew Sayers <andrew-github.com@pileofstuff.org>
Added a condition in the Windows WiX bundle that
prevents upgrades from v5.3.1 and recommend the
user to upgrade to v5.3.2 first.
That's needed because version 5.3.1 of the installer
had a bug that got patched in v5.3.2 only.
c.f. https://github.com/containers/podman/issues/24735
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
