I think we forgot to bump the version in the main branch. It should be
v4.1.0-dev now.
Also set the min api version to 4.0.0 as on the podman 4.0 branch.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We need to use the host network when it is set in the config and
--network was not used.
This regression was added in 3e9af2029f.
Fixes#14015
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We should not exclude contianers by name. If a users has a container
with the name "inf" it is currently skipped. This is wrong. The k8s yaml
does not contain infra containers so we do not have to skip them.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The linter ensures a common code style.
- use switch/case instead of else if
- use if instead of switch/case for single case statement
- add space between comment and text
- detect the use of defer with os.Exit()
- use short form var += "..." instead of var = var + "..."
- detect problems with append()
```
newSlice := append(orgSlice, val)
```
This could lead to nasty bugs because the orgSlice will be changed in
place if it has enough capacity too hold the new elements. Thus we
newSlice might not be a copy.
Of course most of the changes are just cosmetic and do not cause any
logic errors but I think it is a good idea to enforce a common style.
This should help maintainability.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Changes as of 2022-04-21:
- apply-podman-deltas: minor cleanup
- buildah-tests.diff: deal with:
. buildah #3894 (the registry one), which affected helpers.bash in
a way that resulted in conflicts here; and
. buildah #3917 (etchosts), which caused offset-only diffs
with no conflicts
- Reevaluate the bud skip list, and reenable some tests that
seems to be passing now under podman:
. bud with specified context ...
. two tests that require a local registry (which buildah now runs)
. bud with --cgroup-parent
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add more benchmarks for the most common and performance-critical image
commands. Benchmarks for `podman build` should go into a separate
section.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
[skip ci]
While chasing a flake, I discovered that our alpine_nginx
image is broken: it returns 404 on all requests. We never
caught this because--surprise!--curl exits 0 even when
server returns 4xx/5xx status.
Let's be strict: add -f (--fail) option to all invocations
of curl.
And, although I couldn't identify the root cause of the
flake (in "run two containers with the same IP" test),
I can at least fix the broken wait-for-nginx loop, bump
up the number of retries, and improve diagnostics on
failure. And add a strict error-message check.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This reverts commit cc3790f332.
We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
Starting the podman service in debug-mode causes aardvark to run in
debug mode. This does unexpected things with file-descriptors leading
to a test-hang. Thanks to @Luap99 for the fix.
Signed-off-by: Chris Evich <cevich@redhat.com>
golint, scopelint and interfacer are deprecated. golint is replaced by
revive. This linter is better because it will also check for our error
style: `error strings should not be capitalized or end with punctuation or a newline`
scopelint is replaced by exportloopref (already endabled)
interfacer has no replacement but I do not think this linter is
important.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Because /etc/hosts is shared for all containers with a shared network
namespace you should not be able to add hosts from a joined container.
Only the primary netns container can set the hosts.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When we connect or disconnect from a network we also have to update
/etc/hosts to ensure we only have valid entries in there.
This also fixes problems with docker-compose since this makes use of
network connect/disconnect.
Fixes#12533
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When we lookup the hostname for a given container we have to check if
the container is joined to another utsns and use this hostname then
instead.
This fixes a problem where the `hostname` command would use the correct
name but /etc/hostname would contain a different name.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Use the new logic from c/common to create the hosts file. This will help
to better allign the hosts files between buildah and podman.
Also this fixes several bugs:
- remove host entries when container is stopped and has a netNsCtr
- add entries for containers in a pod
- do not duplicate entries in the hosts file
- use the correct slirp ip when an userns is used
Features:
- configure host.containers.internal entry in containers.conf
- configure base hosts file in containers.conf
Fixes#12003Fixes#13224
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Following commit ensures that csv escaping is supported while using
inline `--mount=type=......` flag with `podman run` by using
`encoding/csv` to parse options instead of performing a `split.String(`
by `comma`.
Closes: https://github.com/containers/podman/issues/13922
Signed-off-by: Aditya R <arajan@redhat.com>
When run on an F36 host using netavark/aardvark-dns, for whatever
underlying reason most checkpoint/restore tests are emitting an error
similar to:
`criu: Symbol `__rseq_offset' has different size in shared object,
consider re-linking`
This extraneous output is causing the basic checkpoint system test to
fail. Since, all other testing of checkpoint/restore feature is
passing (also with the extraneous message) loosen the system test
sensitivity to match.
Signed-off-by: Chris Evich <cevich@redhat.com>
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.
This would add protection against a hostile process escapping the
container and reading content in your homedir.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
It seems this breaks older version of `podman-remote` users hence it
looks like this patch would be a better candidate for podman `5.0`
Problem
* Client with `4.0` cannot interact with a server of `4.1`
Plan this patch for podman `5.0`
This reverts commit 0cebd158b6.
Signed-off-by: Aditya R <arajan@redhat.com>
On F36 / podman 4, at the time of this commit there is no
`/etc/containers/storage.conf` installed by default. Since the
test volume-mounts this file into the container, it was failing. Fix
this by using a conditional volume-mount based on the file existing (or
not).
Signed-off-by: Chris Evich <cevich@redhat.com>
