the varlink build was not working as designed and required some touch-ups:
* return a struct that includes logs and the new image ID
* pass namespaceoption so that networking in buildah works
Signed-off-by: baude <bbaude@redhat.com>
Closes: #903
Approved by: rhatdan
The default timeout of one second when using podman-varlink can confuse
users as podman exits in silence after this timeout in case no
connection to the endpoint is alive. Print a log (info level) that the
varlink service has expired to guide the user.
This change requires to vendor in the latest master of varlink/go.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #899
Approved by: rhatdan
Remove the bash completion's shebang, which isn't required as the file
is only meant to be sourced. rpmlint was complaining about that.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #901
Approved by: rhatdan
This fix the issues when you are trying to build from a non existant
image or the registries in registries.conf do not include the registry.
./bin/podman build -t dan -f Dockerfile.suse ~
STEP 1: FROM opensuse:tumbleweed
error creating build container: image "opensuse:tumbleweed" not found in /etc/containers/registries.conf registries: image not known
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
v#
Closes: #897
Approved by: mheon
Add following test cases for security-opt:
- Check default selinux value
- Disable security options in container
- Setup selinux type in security-opt
- Disable seccomp protection
- Configure custom seccomp.json
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
Use function in opencontainers/selinux/go-selinux to check the
selinux status in our test.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
Also add annotations from the image the container was created
from.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #886
Approved by: rhatdan
Change the level of missing /etc/containers/mount.conf to a debug, since
this is expected on most machines.
Also raised the level of some warnings to errors, so they will be better seen,
even if we are skipping.
Fixed the wording of one error, since stating is not the correct word.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #882
Approved by: mheon
We've had logrus logging in the monitor code since it landed in
68eb128f (pkg/hooks: Version the hook structure and add 1.0.0 hooks,
2018-04-27, #686). This commit adds similar logging to the initial
hook.New() and Manager.Hooks() calls to make it easier to see if those
are working as expected.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
The typo is a copy/paste error from 68eb128f (pkg/hooks: Version the
hook structure and add 1.0.0 hooks, 2018-04-27, #686).
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
This typo from 68eb128f (pkg/hooks: Version the hook structure and add
1.0.0 hooks, 2018-04-27, #686) was causing any 'annotations' entries
in hook JSON to be silently ignored.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
The continue here is from 5676597f (hooks/read: Ignore IsNotExist for
JSON files in ReadDir, 2018-04-27, #686), where it was intended to
silently ignore missing JSON files. However, the old logic was also
silently ignoring not-exist errors from the os.Stat(hook.Hook.Path)
from 68eb128f (pkg/hooks: Version the hook structure and add 1.0.0
hooks, 2018-04-27, #686). This commit adjusts the check so JSON
not-exist errors continue to be silently ignored while hook executable
not-exist errors become fatal.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
This vendor will improve the performance of using userns
since it will save aside the image layer of the chown, so
followup runnings of podman will use the new layer rather
then chowning again.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #881
Approved by: mheon
Bump it to the next version (without a -dev suffix), based on the
precedent set by 70672652 (Bump to v0.6.1-dev, 2018-05-25, #834).
Previously I had VERSION there, which was a copy/paste error.
I've also added an explicit write_spec_version to release_commit.
That *should* be a no-op, with the spec version having already been
set by the previous release's dev_version_commit. But better to be
safe than to cut a release with the wrong version number in the spec
file (e.g. maybe we guessed NEXT_VERSION wrong during the last
release).
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #879
Approved by: mheon
Since 727ecfea (Use Version from spec file in setup.py, 2018-05-18, #807),
setup.py has been pulling this from a PODMAN_VERSION environment
variable (which can be set in spec files), and there's no need for us
to bump it as part of our releases.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #879
Approved by: mheon
Add the endpoint and methods for build so users can build an image
with varlink. build can also use the more method for streaming
output back more regularily; however, it looks like a bug in buildah
does not output all build output to the writer provided.
Tidy up some create fixes and add endpoint for GetImage requested by
jhonce.
Signed-off-by: baude <bbaude@redhat.com>
when obtaining the inspect information for a container through varlink, we need
to extract more container related information by parsing the data through the
method 'GetCtrInspectInfo' which was previously only in podman's main.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #866
Approved by: rhatdan
I'd been getting the failed-to-reap errors locally, but on an
unrelated pull-request the FAH27 suite successfully reaped that hook
[1]:
--- FAIL: TestRunKillTimeout (0.50s)
assertions.go:226:
Error Trace: exec_test.go:210
Error: Expect "signal: killed" to match "^failed to reap process within 0s of the kill signal$"
FAIL
The successful-reap cases limit our coverage, but I don't think that's
a big enough problem to be worth repeated polling or similar until we
do get the failed-to-reap error.
[1]: 96c1535fdc.0.1527811547665239762/output.log
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #868
Approved by: rhatdan
Matthew had expressed interest in a lovely release script on IRC.
Here's my attempt to encode the changes from the v0.5.4 release
branch. I've also added tag signing, so you may be prompted for your
passphrase during that step.
The version scheme for 0.x.y is 0.${month}.${count_that_month} [1].
We could automatically calculate those with a dozen or so lines of
shell script, but we don't think that's worth the maintenance burden
when it's easy enough for the caller to think them up on their own
[2].
The spec sed also bumps the Python package version to match, which
seems like the intended behavior until 1.0 when the Python code will
move into its own repository [3].
[1]: https://github.com/projectatomic/libpod/pull/867#issuecomment-393731907
[2]: https://github.com/projectatomic/libpod/pull/867#issuecomment-393743295
[3]: https://github.com/projectatomic/libpod/issues/786#issuecomment-390682012
Signed-off-by: W. Trevor King <wking@tremily.us>
We need to map slices set for both UID and GID maps to be equivalent if
not specified by user. Currently if you do not specify both the containers
are not running.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #865
Approved by: baude
when there are no registries configured for the system and the user provided
a short image name, we panic'd due a logic bug in recent image pull changes.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #841
Approved by: rhatdan
