This is very useful for debugging cgroups v2, especially on
rootless - we need to ensure people are correctly using systemd
cgroups in these cases.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Fix a bug when saving multi-image archives where the progress bars from
copying images was accidentally written to the archive and hence
corrupted it.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add support for the missing hook types [1]:
- createContainer
- createRuntime
- startContainer
Otherwise, Podman won't inject them into the runtime config (and pass it
on to runc/crun) but error out.
[1] 44341cdd36/runtime.md (lifecycle)
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
When we execute podman-remote attach, we were not checking if the
container was in the correct state, this is leading to timeouts and
we had turned off remote testing.
Also added an IfRemote() function so we can turn on more tests when
using the "-l" flag for local, but use container name for remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Update the GitHub action to mark issues and PRs as stale. There are a
couple of useful features, most importantly, the bot will remove the
stale label from issues as soon as there's either an activity or a
comment.
This reduces some manual overhead: the stale bot will only drop a
comment on issues and PRs that are not marked as stale. Hence, as we
appreciated the reminders, we had to manually remove the label which
should now turn into campfire tales.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Update the CONTRIBUTING.md to explain the use of the
new "In Progress" label in the Podman repository.
This emulates the verbiage in Buildah.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
id is the last image id from the set of id's returned via the images
stanza.
id may be deprecated in a future version of the API
Created test_rest_v2_0_0.py to reflect the bump in the API Version.
Fixes#7686
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Currently `podman image unmount` report every image that is mounted
when it unmounts them. We should only report unmounted actually mounted images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a bunch of tests to ensure that --volumes-from
works as expected.
Also align the podman create and run man page.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
- podman network create: new test
- podman pull by-sha + podman images -a (#7651)
- podman image mount: new test
- podman pod: --infra-image and --infra-command (#7167)
For convenience and robustness, build a new testimage
containing a custom file /home/podman/testimage-id
with contents YYYYMMDD (same as image tag). The
image-mount test checks that this file exists and
has the desired content. New testimage also includes
a dummy 'pause' executable, for testing pod infra.
Updates from testimage:20200902 to :20200917
Signed-off-by: Ed Santiago <santiago@redhat.com>
Podman wants to guarantee that exec sessions retain the groups of
the container they are started in, unless explicitly overridden
by the user. This guarantee was broken for containers where the
`--user` flag was specified; this patch resolves that.
Somewhere in the Exec rewrite for APIv2, I changed the location
where the container's User is passed into the exec session
(similar to groups, we also want to preserve user unless
overridden). The lower-level Exec APIs already handled setting
user and group appropriately if not specified when the exec
session was created, but I added duplicate code to handle this
higher in the stack - and that code only handled setting user,
not supplemental groups, breaking support in that specific case.
Two things conspired to make this one hard to track down: first,
things were only broken if the container explicitly set a user;
otherwise, the container user would still appear to be unset to
the lower-level code, which would properly set supplemental
groups (this tricked our existing test into passing). Also, the
`crun` OCI runtime will add the groups without prompting, which
further masked the problem there. I debated making `runc` do the
same, but in the end it's better to fix this in Podman - it's
better to be explicit about what we want done so we will work
with all OCI runtimes.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Installing bats to /usr/local requires root privileges. Without this,
`make install.tools` fails. However, if I do `sudo make install.tools`,
then all of the other dependencies and git clones in the current
directory end up owned by root. This limits root privileges to the part
that needs it.
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
The configuration for this container has moved to the
`containers/automation_images` repository. Leverage the
image built from the new location to guarantee synchronization
with images used in CI.
Also, remove several other targets that haven't worked for a really
long time. Upon discussion, they seem to apply to a minority of
users. Remove them to clean up the `Makefile` and reduce
maintenance burden.
Signed-off-by: Chris Evich <cevich@redhat.com>
