- add information about netavark plugins
- add missing arguments to options the require an arg
- document that container dns is only supported with bridge
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Allow users to customize the network_interface option is the network
config. For bridge this allows users to change the bridge name and for
maclvan it will be the same as `--opt parent=...`.
However the main reason for this option is to allow netavark plugins to
make use of it. I demoed the host-device plugin which makes use of this
as an example. While we could let users set them via --opt it is more
natural to just use the field which is designed for that purpose.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It's desireable for renovate to mange `test/tools/go.mod` however, the
default ignorePaths is:
```
"ignorePaths": [
"**/node_modules/**",
"**/bower_components/**",
"**/vendor/**",
"**/examples/**",
"**/__tests__/**",
"**/test/**",
"**/tests/**",
"**/__fixtures__/**"
]
```
Update this list to only include `vendor` and `docs`.
Signed-off-by: Chris Evich <cevich@redhat.com>
Wait for the expected logs to appear in the journal before using
`journalctl`. #18132 is likely flaking because `journalctl` does
not yet see the container's logs.
Also force the test to use the `passthrough` log driver to make sure
`podman logs` continues being tests.
Fixes: #18132
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Use the kube_generate_type from the containers.conf as
the default value for the --type flag for kube generate.
Override the default when userexplicitly sets the --type
flag.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Debian system tests failing due to unwanted warning:
skipping device /dev/char/10:200 for systemd:
stat /sys/dev/char/10:200: no such file or directory
Let's see if modprobing tun will eliminate the warning.
Add loud comments requesting removal once runc bug is fixed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
If resource limits is not set, do not display the following warning message:
`Resource limits are not supported and ignored on cgroups V1 rootless systems`
Ref: #17582
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
The path was missing a slash between the libexec path and the binary
name. This was never noticed because the code already falls back to a
builtt-in pause process.
Fixes: 71f96c2e6ff7 ("rootless: define LIBEXECPODMAN")
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Currently --tmpdir changes the location of the pause.pid file. this
causes issues because the c code in pkg/rootless does not know about
that. I tried to fix this[1] by fixing the c code to not use the
shortcut. While this fix worked it will result in many pause processes
leaking in the integrration tests.
Commit ab88632 added this behavior but following the disccusion it was
never the intention that we end up having more than one pause process.
The issues that was trying to fix was caused by somthing else AFAICT,
the main problem seems to be that the pause.pid file parent directory
may not be created when we try to create the pid file so it failed with
ENOENT. This patch fixes it by creating this directory always and revert
the change to no longer depend on the tmpdir value.
With this commit we now always use XDG_RUNTIME_DIR/libpod/tmp/pause.pid
for all podman processes. This allows the c shortcut to work reliably
and should therefore improve perfomance over my other approach.
A system test is added to ensure we see the right behavior and that
podman system migrate actually stops the pause process. Thanks to Ed
Santiago for the improved test to make it work for both `catatonit` and
`podman pause`.
This should fix the issues with namespace missmatches that we can see in
CI as flakes.
[1] https://github.com/containers/podman/pull/18057Fixes#18057
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Windows: Flush machine config writes before renaming
Windows: Previously this code was changed to improve atomicity by changing
the persitence approach to a two-step process (write + rename).
However, the first-step write operation was not fully flushed,
leading to the possibility of incomplete writes.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
It's nearly impossible for humans to tell semantic-version differences
by looking at a commit sha. Since all the actions in question come from
github, there's little security/safety benefit to using SHAs.
Signed-off-by: Chris Evich <cevich@redhat.com>
Buildah uses a different logic to pass environment variable to executor
now after: https://github.com/containers/buildah/pull/4702/files so
podman should same logic and pass env by reference.
Signed-off-by: Aditya R <arajan@redhat.com>
Bump containers/(storage, common, buildah and image)
Changes since 2023-01-01:
- skip mount-cache-selinux-long-name test under remote, with
a FIXME requesting that someone see if it can be made to work.
- skip six tests that fail under rootless-remote
- add new --build-arg-file option:
- update man page
Squash of:
* cf56eb1865
* 561f082772
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Aditya R <arajan@redhat.com>
Ensure that we are actually looking up the service container
ID and actually removing it during kube teardown for the --wait
use case. This ensures that we don't have a service container waiting
around in removing state before we return from kube play in the remote
case.
[NO NEW TESTS NEEDED]
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
The `UserNS` key will replace the `RemapGid`, `RemapUid`, `RemapUidSize`
and `RemapUsers` options which are therefore marked as deprecated by
this commit.
Closes#17984
Signed-off-by: Cedric Staniewski <cedric@gmx.ca>
