Some architectures (i.e., arm64) do not implement the link(2) system
call and ln(1) uses linkat(2) instead.
Use the names array to block both syscalls so the tests works on all
architectures.
Signed-off-by: Ricardo Branco <rbranco@suse.de>
Replace github.com/docker/docker API imports with github.com/moby/moby
across compat handlers, swagger models, and tests to align with upstream
type definitions.
Fixes: #27536.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
This allows things like compose project names to be associated with log
messages and later used in log processing and analysis.
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
For remote operation, start the remote service with --tls-details:
using --tls-details on the client side will only affect client's
connection.
This should eventually include many more tests - track down all current
uses of libpod.Runtime.{SystemContext,imageContext,LibimageRuntime}.
That will come later
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Currently validation that log tag requires journald driver is done in several
places and emits only warning. Making it an error and moving to
`(c *Container) validate()` is a more correct approach.
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
When we have the _precise_ knowledge of where the parameter boundaries
are, and an API that allows us to express that, just _do that_ instead
of completely unnecessarily worrying about spaces in parameter values.
Also, this allows us to format the code to make the option and value
correspondence much easier to see.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Quadlet list always reports the heading, even when using custom
formatting strings. This doesn't follow the behavior of other podman
list commands. Borrow some logic and the "--noheading" flag from the
container list command to make this behavior uniform.
Signed-off-by: Randolph Sapp <rs@ti.com>
Statement
for line in "${lines[*]}"
does not make sense since line will be a single value consisting of
all elements of lines array, space-separated.
It should be
for line in "${lines[@]}"
if we want to iterate through each value.
Fixes: 00292ae1c4 ("systests: test instrumentation")
Fixes: c33ba70f95 ("system tests: instrument, to try to catch unlinkat-ebusy")
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Add a per-volume 'nocreate' option that prevents automatic creation of
named volumes when they don't exist. When specified, Podman will fail
if the volume is not found instead of creating it automatically.
Usage: -v myvolume:/data:nocreate
--mount type=volume,src=myvolume,dst=/data,nocreate
See: #27862
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
ConfigToSpec() serializes the container config to JSON and deserializes
it into a SpecGenerator. Both structs use the JSON tag "secret_env" but
with incompatible types: the container config uses map[string]*secrets.Secret
(complex objects) while the specgen uses map[string]string (env var name
to secret name). This causes an unmarshal error when cloning containers
that use --secret with type=env.
Fix this by saving and clearing EnvSecrets before JSON marshal (same
pattern as existing tmpSystemd/tmpMounts), then converting the secret
objects to name strings and assigning them to the specgen afterward.
Also fix FillOutSpecGen to not overwrite env secrets populated by
ConfigToSpec when no new secrets are provided on the command line.
Fixes: #28130
Signed-off-by: Ozgur As <ozgur@live.com>
That test uses process substitution for the Containerfile which fails
because podman tries to use /dev/fd as context directory.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Given the new config file logic will read many files pritning one
specific one here has no meaning anymore, just delete it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Calling append can lead to resizing the slice. In case we have all
elements beforehand, it is not necessary to call append in the first
place and this avoid resizing.
This is the first part of fixing issues reported by prealloc linter from
golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
The main purpose of the transient services/timers is to trigger the
healthcheck execution in regular intervals, their own state should
not depend on the result of the healthchecks. This way there are no
failing systemd services unless there is actually a fatal error.
Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com>
This is useful for triggering the execution of a healthcheck
without caring about it's result as long as no fatal error occured.
Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com>
With the config file rewrite we now get other error messages so fix the
tests.
Also note the shell completion test is skipped for now as the logic to
get the directories is not yet exposed in container-libs. I enable that
later.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
