Many dependencies already import gopkg.in/yaml.v2, podman is the only
user of the v3 version except github.com/stretchr/testify but this is
only a testing dependency so it will not end up in the binary.
This change reduces the podman binary size from 54740 to 54260 KB on my
system.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The permissions on disk were wrong since we were not converting to
octal.
Fixes: https://github.com/containers/podman/issues/13108
[NO NEW TESTS NEEDED] Since we don't currently test using the docker
client
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Mention the command "podman unshare chown 0:0 dir1/a"
that changes file ownership to the regular user's UID and GID on
the host.
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
If you want to remove a running machine, you can now pass the --force/-f
to podman machine rm and the machine will be stopped and removed without
confirmations.
Fixes: #13448
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
pprof tests are way too flaky, and are causing problems for
community contributors who don't have privs to press Re-run.
There has been no activity or interest in fixing the bug,
and it's not something I can fix. So, just disable the test.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Secret-verify-leak is causing flakes, when running in parallel tests.
This is because remote secrets are copied into the context directory to
send to the API server, and secret-verify-leak is doing a COPY * and
then checking if the temporary secret file ends up in the container or
not. Since all the temporary files are prefixed with
"podman-build-secret", this test checks if podman-build-secret is in the
image. However, when run in parallel with other tests, other temporary
podman-build-secrets might be in the context dir. Moving
secret-verify-leak into its own directory makes sure that the context
dir is used only by this one test.
Also renamed Dockerfile -> Containerfile and cleaned up unused
Containerfiles.
Signed-off-by: Ashley Cui <acui@redhat.com>
The default rule should be set at the head of device configuration.
Otherwise, rules for user devices are overridden by the default rule so
that any access to the user devices are denied.
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
* Enable support of virtfs in Podman and darwin. At the time of this writing, it requires a special patch not yet included in upstream qemu.
* Prefer to use a specially built qemu to support virtfs. The qemu is installed under libexec/podman.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
* Remove the ending text "(1)" to avoid it from being
displayed in the web tab title for a command man page
on the web. Often such a text indicates that a web
page got an update. For instance GitHub issues shows
the number of new comments that have been written
after the user's last visit.
Fixes#13438
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
Error out if the kube yaml passed to play kube has more
than one container or init container with the same name.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* Add configuration to add report header for python client used in tests
* Move report headers into the individual test runners vs runner.sh
Signed-off-by: Jhon Honce <jhonce@redhat.com>
The current PR process for release bump has the HEAD commit which bumps
version/version.go to the form `release+1-dev`. This makes Cirrus
publish release artifacts with `release+1-dev` and not `release`.
For example, the msi generated at https://cirrus-ci.com/task/5403901196238848
says podman-v4.0.3-dev.msi .
Building locally by checking out the released tag would generate the
correct artifacts and would also be faster and more convenient.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
do not attempt to use cgroups with pods if the cgroups are disabled.
A similar check is already in place for containers.
Closes: https://github.com/containers/podman/issues/13411
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
While resolving `workdir` we mostly create a `workdir` when `stat`
fails with `ENOENT` or `ErrNotExist` however following cases are not
true when user explicitly specifies a `workdir` while `running` using
`--workdir` which tells `podman` to only use workdir if its exists on
the container. Following configuration is implicity set with other
`run` mechanism like `podman play kube`
Problem with explicit `--workdir` or similar implicit config in `podman play
kube` is that currently podman ignores the fact that workdir can also be
a `symlink` and actual `link` could be valid.
Hence following commit ensures that in such scenarios when a `workdir`
is not found and we cannot create a `workdir` podman must perform a
check to ensure that if `workdir` is a `symlink` and `link` is resolved
successfully and resolved link is present on the container then we
return as it is.
Docker performs a similar behviour.
Signed-off-by: Aditya R <arajan@redhat.com>
do not print a warning on cgroup removal if it doesn't exist.
Closes: https://github.com/containers/podman/issues/13382
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
