Starting with runc 1.3.0 it errors when we pass unknown mount options to
the runtime, the copy/nocopy options are specific to podman when we
mount the volume and are not valid mount options for the runtime.
Fixes: #26938
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Starting with runc 1.3.0 it errors when we pass unknown mount options to
the runtime, the volume-opt options are specifc to the volume we create
and should not be passed to the mount in the oci spec.
Fixes: #26938
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
In the journald driver there is a bug where the network event
attributes are not preserved. This causes the network driver to be
missing and that in turn causes the ToHumanReadable() function to print
an empty line. Fix it by making sure we preserve the network driver in
the event attributes.
Fixes: https://issues.redhat.com/browse/RHEL-109790
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add support for loading images directly from machine paths to avoid
unnecessary file transfers when the image archive is already accessible
on the running machine through mounted directories.
Changes include:
- New /libpod/local/images/load API endpoint for direct machine loading
- Machine detection and path mapping functionality
- Fallback in tunnel mode to try optimized loading first
This optimization significantly speeds up image loading operations
when working with remote Podman machines by eliminating redundant
file transfers for already-accessible image archives.
Fixes: https://issues.redhat.com/browse/RUN-3249
Fixes: https://github.com/containers/podman/issues/26321
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
Recognize that pseudoversions that look like
v0.0.0-20250814150820-1f7f1d285d22 are also not real branch names.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Prior to this commit `artifact remove --all` was not supported on remote
clients.
This patch adds a new artifact API endpoint `artifact/remove` which can
either take a list of artifacts to remove or remove all artifacts by
setting all=true.
This patch removes the temporary warning message in the tunnel interface
implementation of ArtifactRm if `--all` was passed on the command line
and uses the new `artifact/remove` endpoint.
This patch also updates the `artifact remove` command both remote and
local to accept a list of artifacts to remove rather than limiting to
just one.
Signed-off-by: Lewis Roy <lewis@redhat.com>
There is a rather surprising bug in the current test checkout logic. The
go.mod version parsing never actually consider a go.mod replace for
buildah and always read the main version.
This meant a buildah replace actually is testing the old version with
the new code and that means the new tests are not run leading people in
false belive when testing a buildah vendor that it worked. But then
later it fails when doing the proper update without replace.
To fix this first use go list to parse go.mod which is more robust. Then
first check if there is a replace and then use that repo/version
instead.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Added log_path variable in containers/common, User sets default log path in containers.conf under the `[containers]` section.
The directory has to exist beforehand. Container logs go under this directory, sub-directories named with the container id
and inside the sub-directory a ctr.log file will be created where the container logs for the corresponding container will go.
This path can be overridden by using the `--log-opt` flag.
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
Since compat version 1.43 the VirtualSize field in the
GET /images/{name}/json, GET /images/json, and
GET /system/df responses is deprecated and will no
longer be included in API v1.44. Use the Size field
instead, which contains the same information.
Signed-off-by: Nicola Sella <nsella@redhat.com>
- Add specific check for empty device modes in ParseDevice function
- Change error message from 'invalid device mode: ' to 'empty device mode in device specification: <device>'
- Include full device specification in error message for better context
- Add test cases for empty device mode scenarios
- Resolves issue where '/dev/fuse::' provided unhelpful error message
Fixes#26629
Signed-off-by: Devashish08 <devashish.cs025@gmail.com>
Add the Go bindings implementation necessary to support Artifacts.
Implement the tunnel interface that consumes the Artifacts Go bindings.
With this patch, users of the Podman remote clients will now be able to
manage OCI artifacts via the Podman CLI and Podman machine.
Jira: https://issues.redhat.com/browse/RUN-2714#
Signed-off-by: Lewis Roy <lewis@redhat.com>
- Remove redundant exact match checks in ancestor filter implementations
- Add comprehensive test coverage for both prefix and non-prefix substring matching
- Fix missing output verification in ID filter test
- Improve test reliability with proper length checks and consistent flags
- Remove unnecessary length check to ensure tests fail properly if image ID is too short
- Add -q and --no-trunc flags for consistent test output format
- Focus test on substring ID matching specifically (not image names)
- Restore image name matching functionality for existing tests
- Keep substring ID matching for Docker compatibility
- Ensure both regex matching and substring ID matching work together
The ancestor filter now supports both:
1. Image name matching (existing functionality)
2. Substring ID matching (new Docker compatibility feature)
Fixes: #26623
Signed-off-by: shiavm006 <shivammittal42006@gmail.com>
Add --creds flag to podman create and podman run commands to support
registry authentication during image pulling.
Without this flag, users must perform a separate `podman pull
--creds/--cert-dir` first and then remember to specify `--pull=never`.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
I hastily commented out some tests that were problematic
for the vendor of Buildah v1.41 into Podman main (5.6 to be)
in #26666.
@luap99 noted that I should have skipped them, this PR removes
the comments and puts the Skip into play.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Comment out the problematic "podman diff container and image with same name" test
in test/e2e/diff_test.go. This became a problem with Buildah v1.41 and
if possible, should be addressed by Podman v5.6 final.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Update the "podman diff container and image with same name" e2e test to
not expect a built image to include /etc, since newer buildah won't
include an item in a layer if it was only created in a rootfs in order
to have something mounted onto it while processing a RUN instruction.
A few exceptions are still made for the sake of conformance tests.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Teach our patched version of run_buildah() to notice when a build tries
to write the output image to an oci:/oci-archive:/docker-archive:/dir:
location, and for those cases, adjust the command to commit the image to
local storage and then copy it to the desired location.
It's a hack on top of a hack. I don't love it, but here we are.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Fixed the --build-context flag to properly send files for remote builds. Previously
only the main context was sent over as a tar while additional contexts were passed as
local paths and this would cause builds to fail since the files wouldn't exist.
New changes modifies the Build API to use multipart HTTP requests allowing multiple
build contexts to be used. Each additional context is packaged and
transferred based on its type:
- Local Directories: Sent as tar archives
- Git Repositories: link sent to the server where its then cloned
- Container Images: Image reference sent to the server, it then pulls the image there
- URLs/archives: URL sent to the server, which handles the download
Fixes: #23433
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
