Bump bundled krunkit to 1.1.1. This is a minor, expedited release
to fix a library linking problem.
Fixes: #27427
Signed-off-by: Sergio Lopez <slp@redhat.com>
The windows installer doesn't like -rc's because it's not strictly semver, but this error can be suppressed.
Signed-off-by: Ashley Cui <acui@redhat.com>
Bump bundled krunkit to 1.1.0. For podman, this release means
better I/O performance due to this libkrun version defaulting to
a more relaxed disk image sync on macOS, and raising the vCPU
limit to the maximum allowed by Hypervisor.framework.
Fixes: #27216
Signed-off-by: Sergio Lopez <slp@redhat.com>
This also includes a number of significant changes to the SQLite
state made possible by removal of the legacy DB.
1. Enable database unit tests for SQLite state, with numerous
tweaks to get tests passing. Most notable changes are to
container removal - where we previously didn't return an error
if there was no container to remove - and RemovePodContainers,
which I don't think ever worked properly from my reading of
the failures.
2. Removal of AddContainerToPod/RemoveContainerToPod. On SQLite,
these functions are identical to AddContainer/RemoveContainer
and there is no reason to retain duplicates.
3. Removal of SafeRewriteContainerConfig - it's identical to
RewriteContainerConfig in SQLite, no reason to have duplicate
entrypoints.
As an exciting side-note, this removes Podman's requirement that
containers and pods cannot share a name, which was a BoltDB
restriction only.
Signed-off-by: Matt Heon <matthew.heon@pm.me>
We started logging this in 5.6. In 5.7, we up to a warning. The
upcoming 5.8 will up the warnings further to errors.
Required as we're removing BoltDB support in 6.0 next Spring.
Signed-off-by: Matt Heon <matthew.heon@pm.me>
Adding a design document for Podman 6. it is a high level design that tries to encompasses proposed changes to Podman and its runtime environment. It should highlight major changes and features; but you will also find nitty detailed changes that have been idenitified. It is quite possible things in this document will change but it allows for open, transparent communication.
Signed-off-by: Brent Baude <bbaude@redhat.com>
This build tag replaces the backend for _verification_
of GPG signatures, to use Sequoia-PGP instead of GNUPG.
Do Rawhide builds with Sequoia; the podman-sequoia package exists
in F43 and later, so we can't do it in earlier versions.
This way we cover both variants (+ containers_image_openpgp
in the podman-remote client, at least that it builds).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add a new directory, which I'm currently dubbing "Features", in
which will live design documents - descriptions of Podman
features that will be implemented or are being implemented.
Add a README and template to this directory to make the purpose
clear and enable easy addition of new design documents.
Signed-off-by: Matt Heon <matthew.heon@pm.me>
We already used `x` in tmpfiles, to ensure systemd did not remove
our directories or clean their contents (we really need them to
be left unmodified). However, systemd-tmpfiles lets us use more
than one directive per line, which means we can safely add an R!
(recursive remove on reboot) to these lines to ensure that, if
/tmp is not a tmpfs, systemd-tmpfiles will still remove our
temporary files, ensuring reboots are still accurately detected.
Signed-off-by: Matt Heon <mheon@redhat.com>
As part of my debloat activity I wrote a small script that makes use of
goda[1] to check our imports and what we can likely trim to reduce the
binary size.
I also added a readme to document what I did basically. This should help
anyone doing this work in the future again.
[1] github.com/loov/goda
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Bump bundled krunkit to 0.2.2. This bundle also includes libkrun
1.14.0, allowing us to enable nested virt on M3 and M4 systems by
default.
Signed-off-by: Sergio Lopez <slp@redhat.com>
We used this to load the iptables module, since f41 we use nftables by
default which does not need this at all so drop the module load file.
If some distros default still to the legacy iptables they can manually
add the moduled load file back.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The config file is installed in the remote zip as an example but the
content in there is not being updated and no longer really the way to do
things. With podman 5.0 we have a proper system connection file and
people in general should just use the system connection commands.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This script was used when dependabot could not deal with vendoring, we
long since moved to renovate which handles it fine with manual steps so
remove this script.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It doesn't seem to be used anywhere and is not maintained. An up to date
specfile is found in the c/common repo.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
changing the validate-in-container make target to use
quay.io/libpod/validatepr:latest. this allows `make validate` to run to
completion doing linting, ed's perl checks, and pre-commit.]
The image is now based on F42 `awk` is not part of the base image, so I added `awk`.
Signed-off-by: Brent Baude <bbaude@redhat.com>
This is a followup of https://github.com/containers/podman/pull/26048
It fixes `process-release.ps1` that was always looking for the amd64 release
zip file, even if `$env:PODMAN_ARCH` was set to arm64. With this fix it looks
for the right zip file.
It fixes `winmake.ps1` that, when the `-arch` param was not passed, set `$env:PODMAN_ARCH`
to the empty string instead of the local `$env:GOARCH`.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
Winmake could only build amd64 artifacts (podman-remote, gvproxy,
win-sshproxy, podman.msi and podman-setup.exe).
This commit makes the necessary change to winmake so that it:
1) builds arm64 artifacts when executed on arm64
2) cross-compiles to arm64/amd64 with the `-architecture` parameter
It depends on https://github.com/containers/podman/pull/26023 that
removes the need to build `check.c` code (that is not used anyway).
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
Instead of hardcoding gvisor version in different build files, we get gvisor version from go.mod file.
Signed-off-by: Yevhen Vydolob <yvydolob@redhat.com>
golangci-lint v2 introduced a new command, fmt, which runs configured
formatters (see formatters in .golangci.yml).
Use this for generated files. Drop separate goimports binary.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
As of commit d4c7ca39f ("update c/{buildah,common,image,storage} to
latest main") no dependencies use exclude_graphdriver_devicemapper tag.
This (hopefully) concludes the work of removing devicemapper graph
driver.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This one has two local NVMe's attached so we should be able to use fast
local storage to hopefully speed the test up. The NVMe are not mounted
by default so we have to format and mount them. I have choosen Z as
drive letter as I guess it seems most likely that it is free.
Then we need to set the TMPDIR envs to make the machine tests use the
new location.
This speeds up hyperV tests by 20mins and wsl by 9 mins.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add a new target in winmake.ps1 to run unit tests and use
use it in a new cirrus task.
Fix machine_windows_test.go to make it work in CI machine.
Add the `!windows` tag on tests files that fail on Windows.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
To avoid problems when automatically downloading
`latest` podman windows installer (e.g. the windows
installer hasn't been included in the GH release
because of a problems with the keys to sign it), we
are now hardcoding the version of Podman that is
used to test the upgrade from latest to current
version.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
