it turns out that when the firewall plugin is not provided as part of the configuration, then the firewall cni plugin will dynamically figure out if it should use firewalld or iptables.
also removing this from the default configuration file
Signed-off-by: Brent Baude <bbaude@redhat.com>
when returning an invalid search, a return was omitted triggering a null on the consumer end.
Fixes: #5228
Signed-off-by: Brent Baude <bbaude@redhat.com>
Before Libpod supported named volumes, we approximated image
volumes by bind-mounting in per-container temporary directories.
This was handled by Libpod, and had a corresponding database
entry to enable/disable it.
However, when we enabled named volumes, we completely rewrote the
old implementation; none of the old bind mount implementation
still exists, save one flag in the database. With nothing
remaining to use it, it has no further purpose.
Signed-off-by: Matthew Heon <mheon@redhat.com>
The package golang-github-cpuguy83-go-md2man has been renamed into golang-github-cpuguy83-md2man
in f31 repository.
That leads to an Error: Unable to find a match: golang-github-cpuguy83-go-md2man
This patch handles the renaming of this package and fixes the command for f31 and the one that will
follows without breaking compatibility with older versions.
Signed-off-by: Allan Jacquet-Cretides <allan.jacquet@gmail.com>
The "create two containers with the same IP" test failed:
https://api.cirrus-ci.com/v1/task/5992323062431744/logs/integration_test.log#t--Podman-create-two-containers-with-the-same-IP
...
(basically, expected error exit code, got 0)
Analysis: the sequence is 'start test1, start test2'. Perhaps it's
possible that 'podman start' exits before the test1 container has
an IP address assigned? There are no checks in the test, so it's
impossible to know what happened.
Solution: add a wait-loop invoking 'podman inspect', waiting
for a nonempty IP address on test 1; then assert that it's
what we expect it to be.
Signed-off-by: Ed Santiago <santiago@redhat.com>
* Make context keys package safe
* Add support for PODMAN_HOST and PODMAN_SSHKEY
* Add slight increasing delay when client connections fail
* Remove usages of path.Join(), added JoinURL(). '/' is not OS
dependent.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
...to try to compensate for flaky host.
registry.fedoraproject.org is just not reliable. It's flaking
with 503 errors, causing massive amounts of wasted CI time
and developer effort.
There is exactly one instance of that registry in these tests.
We can't replace it with quay.io, because "search quay.io/"
(trailing slash) fails with some sort of authentication error.
So let's just try a sleep/retry cycle instead.
Signed-off-by: Ed Santiago <santiago@redhat.com>
PR #5204 added /libpod/containers/create but with the wrong
swagger comment. Fix that.
Also fix some other inconsistencies: missing 'libpod' prefix,
missing 'Container' suffix, and change 'ContainerCreate'
to 'CreateContainer'; all of these changes preserve consistency
with both the invoked function as well as the overall naming
conventions used in this module.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Great timing: this new test collided against #5268, which added
a warning about using command-line --password. CI is now going
to fail all over.
Fix: rework test to use --password-stdin. Am doing so only
in the places where output string is checked; other instances
can keep using '--password xxx' because it's simpler.
Signed-off-by: Ed Santiago <santiago@redhat.com>
in cases where the log file exceeds the available memory of a system, we had a bug that triggered an oom because the entire logfile was being read when the tail parameter was given. this reads in chunks and is more or less memory safe.
fixes: #5131
Signed-off-by: Brent Baude <bbaude@redhat.com>
Looks like a bit of a misunderstanding from early on.
Docker implements --filter=since=IMAGE. Podman implements 'after'
instead of 'since'. Add an equivalent case statement to handle
both, keeping 'after' because we have no way of knowing if it
is used in the field.
Update documentation ... and fix what looks like a complete
misinterpretation of what the code actually does: the man page
claimed that these were time fields, but I don't see any
possible incantation in which a time value works or could
work. Updated docs to reflect IMAGE usage. Also changed
nonworking '==' to single '='.
Added tests. [UPDATE: skip with broken podman-remote]
Fixes: #5040
Signed-off-by: Ed Santiago <santiago@redhat.com>
when using usernamespace, dnsname respondes from cni were not making it into the containers /etc/resolv.conf because of a timing issue. this corrects that behavior.
Fixes: #5256
Signed-off-by: Brent Baude <bbaude@redhat.com>
PR #5235 updated a bunch of entrypoints from {name} to {name:.*},
requiring matching changes to swagger comments. Looks like one
got missed due to the manual nature of this work.
Have I mentioned lately that manual maintenance of duplicate
information is not a great idea?
Discrepancy caught by my script, which I would really like to
look into getting into CI, but is gating on #5238. (I would
actually not like to get this script into CI, I would prefer
to have the duplicate information be autogenerated from
the function calls themselves, but I seem to have lost
that battle)
Signed-off-by: Ed Santiago <santiago@redhat.com>
this uses the specgen structure to create containers rather than the outdated createconfig. right now, only the apiv2 create is wired up. eventually the cli will also have to be done.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Include test to validate pod create, start, stop, restart,
pause, unpause, list, and inspect api bindings.
Also includes bug fixes that resulted in invalid api responses.
Signed-off-by: Sujil02 <sushah@redhat.com>
Test podman login/logout, login with wrong credentials,
auth file contents, auth file path override, push/pull,
and, if skopeo is installed, credentials sharing
Fixes: #4283
Signed-off-by: Ed Santiago <santiago@redhat.com>
