1f3347ff3c
test: re-enable idmapped mounts test on vfs
...
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-03-26 12:11:11 +01:00
7f592742b8
vendor: update c/{common,storage}
...
Closes: https://github.com/containers/podman/issues/25572
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-03-26 12:11:11 +01:00
b58250b35d
Merge pull request #25664 from victortoso/add-kube-subpath
...
Add volume SubPath in generate kube
2025-03-25 14:33:10 +00:00
321634d599
Add volume SubPath in generate kube
...
Trying to generate a Pod yaml file when we are using --mount with
SubPath does not generate a VolumeMount with SubPath. This patch fixes
that.
Note that kube play does support SubPath since 95cc7e052, see:
https://github.com/containers/podman/pull/16803
Signed-off-by: Victor Toso <victortoso@redhat.com>
2025-03-25 11:59:21 +01:00
ffcad3c36d
Merge pull request #25669 from flouthoc/skip-buildah-test
...
buildah-bud,remote: skip `bud-with-mount-cache-like-buildkit` for `podman-remote`
2025-03-25 09:47:03 +00:00
f7fa009e28
Merge pull request #25661 from Luap99/common-buildah
...
update c/{common,buildah} + selinux upgrade fixes
2025-03-25 08:41:06 +00:00
7ca96702ee
buildah-bud: skip bud-with-mount-cache-like-buildkit
...
Following test needs unique cache in TMPDIR so cache of this test does
not conflicts with other tests however for this specific test there is
no convenient way to pass custom TMPDIR.
Skipping this test similar to this already exists in tests/bud.bats but
covers `--mount=type=cache,sharing=locked`
Read more discussion here: https://github.com/containers/podman/issues/25414
Closes: https://github.com/containers/podman/issues/25414
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
2025-03-24 19:28:06 -07:00
f0395f7c49
Merge pull request #25615 from containers/renovate/github.com-containers-gvisor-tap-vsock-0.x
...
fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.5
2025-03-25 01:01:47 +00:00
c1480bd995
Merge pull request #25668 from fice-t/patch-1
...
docs: Fix some typos and improve formatting
2025-03-25 00:59:03 +00:00
bf0a5ee3cf
docs: Use accurate max size of secret content
...
The current max size is defined as `maxSecretSize = 512000` in
`github.com/containers/common/blob/main/pkg/secrets/secrets.go`.
Signed-off-by: Alexander Gramiak <agrambot@gmail.com>
2025-03-24 16:35:57 -06:00
10290d462b
docs: Improve spelling and formatting
...
Signed-off-by: Alexander Gramiak <agrambot@gmail.com>
2025-03-24 16:35:29 -06:00
fa0e5af542
fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-03-24 18:40:12 +00:00
49b756e063
Merge pull request #25665 from Honny1/health-timeout-note
...
Clarify behavior of --health-timeout in man page
2025-03-24 18:20:24 +00:00
db492dcd54
Merge pull request #25658 from Luap99/new-images
...
New images 2025-03-24
2025-03-24 17:58:19 +00:00
68e0a6c89a
Clarify behavior of --health-timeout in man page
...
Fixes: https://issues.redhat.com/browse/RHEL-84682
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
2025-03-24 18:10:04 +01:00
f5fbb4215d
vendor: update c/{common,buildah} to main
...
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-03-24 17:44:43 +01:00
999a11c8b1
replace deprecated selinux/label calls
...
These functions were removed in github.com/opencontainers/selinux
v1.12.0.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-03-24 17:44:43 +01:00
e65687291a
Merge pull request #25646 from baude/noarchset
...
Do not set arch for windows to amd64
2025-03-24 14:21:03 +00:00
2e40f617e5
Merge pull request #25651 from containers/renovate/github.com-onsi-gomega-1.x
...
fix(deps): update module github.com/onsi/gomega to v1.36.3
2025-03-24 13:34:17 +00:00
a0acdb837b
New images 2025-03-24
...
From https://github.com/containers/automation_images/pull/402
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-03-24 14:02:06 +01:00
f6731b0aad
Merge pull request #25648 from Luap99/machine-test-image
...
pkg/machine/e2e: use testimage
2025-03-24 01:39:12 +00:00
7f11ce85e5
Merge pull request #25522 from l0rd/fix-wsl-check
...
Fix WSL checks and run unit tests in CI
2025-03-24 01:36:29 +00:00
6df50bec87
fix(deps): update module github.com/onsi/gomega to v1.36.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-03-21 22:27:21 +00:00
a444a2a0a2
Merge pull request #25468 from flouthoc/libimage-refactor
...
vendor: bump c/common to `dbeb17e40c80`
2025-03-21 18:49:31 +00:00
f91aca8ebc
vendor: bump c/common to dbeb17e40c80
...
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
2025-03-21 10:24:15 -07:00
042c1ffa0b
pkg/machine/e2e: use testimage
...
The alpine_nginx image is a static amd64 only image, just yesterday our
CI broke because the rosetta emulation stopped working. All these tests
should have no need to test emulation and should just run on native arch
here. This should also make them faster.
If we want to test emulation work it should be done in the
podman-machine-os tests instead.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-03-21 17:37:50 +01:00
7d3ee5a5cd
Merge pull request #25635 from giuseppe/mask-thermal-paths
...
Mask thermal paths
2025-03-21 14:44:32 +00:00
b2285f6d46
Merge pull request #25626 from jankaluza/24875
...
Add --env and --unsetenv to podman update.
2025-03-21 13:52:17 +00:00
260035d069
vendor: update common and buildah
...
vendor the following dependencies:
- https://github.com/containers/common/pull/2375
- https://github.com/containers/buildah/pull/6074
Closes: https://github.com/containers/podman/issues/25634
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-03-21 14:36:00 +01:00
701aade262
Add --env and --unsetenv to podman update.
...
The --env is used to add new environment variable to container or
override the existing one. The --unsetenv is used to remove
the environment variable.
It is done by sharing "env" and "unsetenv" flags between both
"update" and "create" commands and later handling these flags
in the "update" command handler.
The list of environment variables to add/remove is stored
in newly added variables in the ContainerUpdateOptions.
The Container.Update API call is refactored to take
the ContainerUpdateOptions as an input to limit the number of its
arguments.
The Env and UnsetEnv lists are later handled using the envLib
package and the Container is updated.
The remote API is also extended to handle Env and EnvUnset.
Fixes : #24875
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
2025-03-21 13:15:44 +01:00
94e77af09d
Merge pull request #25638 from containers/renovate/setuptools-77.x
...
chore(deps): update dependency setuptools to v77
2025-03-21 08:00:03 +00:00
5e66d38c9d
Do not set arch for windows to amd64
...
Setting the arch to amd64 breaks arm64 windows builds.
Signed-off-by: Brent Baude <bbaude@redhat.com>
2025-03-20 15:24:52 -05:00
0ca539c3ab
chore(deps): update dependency setuptools to v77
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-03-20 17:05:33 +00:00
3e247db6dc
Merge pull request #25636 from giuseppe/update-common-20-march-2025
...
vendor: update c/common
2025-03-20 17:04:43 +00:00
d211dbf9aa
Merge pull request #25631 from rgaiacs/fix-docs-introduction
...
Fix some code blocks in documentation
2025-03-20 14:41:02 +00:00
88b62d2c27
vendor: update c/common
...
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-03-20 13:37:19 +01:00
67165d8fc2
Fix some code blocks in documentation
...
```release-note
none
```
Signed-off-by: Raniere Silva <Raniere.CostadaSilva@gesis.org>
2025-03-20 13:33:00 +01:00
2b0aef554e
Merge pull request #25619 from l0rd/machine-cp-flake
...
Fix flake on machine cp e2e test
2025-03-19 14:07:54 +00:00
5c9fd29808
Merge pull request #25617 from giuseppe/use-securejoin-openinroot
...
container: replace code with securejoin.OpenInRoot()
2025-03-19 13:37:37 +00:00
0031c9500a
Merge pull request #25625 from giuseppe/set-additional-gids-exec
...
libpod: fix handling of additional gids in exec
2025-03-19 13:26:39 +00:00
51ca839c14
libpod: fix handling of additional gids in exec
...
change the behavior to match what Docker does.
Docker always adds the specified additional gids, no matter the user
specified to exec.
Instead the additional gids read from the /etc/group file are added
only when there is not an explicit group specified in the exec
userspec.
➜ docker run -d --name container-with-groups --group-add mail --group-add news --group-add cron --group-add ftp --rm alpine top
c4190928097f64cabb83af7cac6ec10041a9e74de359433dfd3e5b9d8a7dce1a
➜ docker exec container-with-groups id -G
0 1 2 3 4 6 10 11 12 13 16 20 21 26 27
➜ docker exec --user root container-with-groups id -G
0 1 2 3 4 6 10 11 12 13 16 20 21 26 27
➜ docker exec --user nobody container-with-groups id -G
65534 12 13 16 21
➜ docker exec --user nobody:nobody container-with-groups id -G
65534 12 13 16 21
➜ docker exec --user root:root container-with-groups id -G
0 12 13 16 21
➜ docker exec --user root:root container-with-groups id -G
0 12 13 16 21
Closes: https://github.com/containers/podman/issues/25610
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-03-19 12:56:27 +01:00
c0627de21d
container: replace code with securejoin.OpenInRoot()
...
when the code was first added, there was no securejoin.OpenInRoot().
Since there is a function already provided by a dependency and already
used in libpod, replace the custom code with securejoin.OpenInRoot().
The new version does not report a symlink that points outside the
root, but it is still resolved relative to the specified mountpoint,
since that is the openat2 semantic. It does not affect the security
of the function.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-03-19 09:32:47 +01:00
b4f659754c
Merge pull request #25620 from Luap99/toml
...
vendor: update github.com/burntsushi/toml to v1.5.0
2025-03-19 02:04:29 +00:00
a23511e341
vendor: update github.com/burntsushi/toml to v1.5.0
...
Includes one minor test fix as the line number reported as error was
changed, it seems to be actually correct now.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-03-18 15:34:42 +01:00
029deffdd6
Merge pull request #25555 from baude/roadmapupdate
...
Update roadmap for Q1
2025-03-18 14:09:58 +00:00
ac787b6691
Fix flake on machine cp e2e test
...
Explicitly close file to avoid machine e2e test
to fail on CI from time to time.
See for example this failed execution of the machine-wsl task:
https://api.cirrus-ci.com/v1/artifact/task/6697640798191616/html/machine-wsl-podman-windows-rootless-host-sqlite.log.html
Fix #25614
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
2025-03-18 14:45:43 +01:00
39da6cdf90
Merge pull request #25616 from containers/renovate/setuptools-76.x
...
chore(deps): update dependency setuptools to ~=76.1.0
2025-03-18 12:39:07 +00:00
829cc591df
chore(deps): update dependency setuptools to ~=76.1.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-03-18 11:22:57 +00:00
ba787dabab
Merge pull request #25467 from containers/renovate/golang.org-x-net-0.x
...
fix(deps): update module golang.org/x/net to v0.37.0
2025-03-18 11:20:25 +00:00
98de6f3c10
Merge pull request #25611 from containers/renovate/github.com-opencontainers-runc-1.x
...
fix(deps): update module github.com/opencontainers/runc to v1.2.6
2025-03-18 10:50:09 +00:00
