16904 Commits

Author SHA1 Message Date
a301ec164c Merge pull request #16223 from vrothberg/quadlet
move quadlet packages into pkg/systemd
2022-10-19 09:58:43 -04:00
2936e60210 Merge pull request #16220 from edsantiago/testimage_iproute_socat
testimage: add iproute2 & socat, for pasta networking
2022-10-19 08:45:55 -04:00
f6053cea8d Merge pull request #15826 from umohnani8/minikube
Set up minikube for k8s testing
2022-10-19 07:43:38 -04:00
b4374f2bd9 move quadlet packages into pkg/systemd
Reduce the number of top-level packages in ./pkg by moving quadlet
packages under ./pkg/systemd.

[NO NEW TESTS NEEDED] - no functional change.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2022-10-19 13:38:27 +02:00
012260a771 Merge pull request #16210 from alexlarsson/quadlet-docs
Add man page for quadlet
2022-10-19 07:25:47 -04:00
34ee37b91e Add man page for quadlet
This adds the "podman-systemd.unit(5)" manpage that describes
the podman generators from a high level, and all the supported
options.

Signed-off-by: Alexander Larsson <alexl@redhat.com>
2022-10-19 10:30:31 +02:00
120a77e394 testimage: add iproute2 & socat, for pasta networking
PR #16141 introduces a new network type, "pasta". Its tests
rely on running 'ip -j' and socat in the container. Add them.

Also: bump to alpine 3.16.2 (from 3.16.0)
Also: clean up apk cache, this saves us 2MB+ in the image

Also (unrelated): clean up two broken uses of '$(< ...)' that
are causing tests to blow up under bats 1.8 on my laptop

New testimage is 20221018 and, sigh, is 12.7MB (up 4MB).

Signed-off-by: Ed Santiago <santiago@redhat.com>
2022-10-18 11:50:48 -06:00
a30c9ef752 Merge pull request #16203 from dfr/freebsd-top
Add support for 'podman top' on FreeBSD
2022-10-18 10:52:43 -04:00
30e66d6003 Set up minikube for k8s testing
Install and set up minikube so that we can
create a k8s cluster for testing.

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2022-10-18 10:51:27 -04:00
25502d53bc Merge pull request #16198 from lsm5/containers-common-extra
[CI:BUILD] copr: podman rpm should depend on containers-common-extra
2022-10-18 09:27:11 -04:00
cbff46c121 Merge pull request #16209 from jnohlgard/rootless-network
[CI:DOCS] Podman image: Set default_sysctls to empty for rootless containers
2022-10-18 09:22:15 -04:00
cadb64d32d [CI:BUILD] copr: podman rpm should depend on containers-common-extra
containers-common now has a new `-extra` subpackage which handles
dependencies common to podman and buildah and also depends on
the main package `containers-common` itself.

The podman-next copr rebuilds containers-common from the rawhide branch
of dist-git so it will always have the latest version and will also
supersede the official containers-common packages (except on rawhide
where it will be equal).

Fixes: #16137

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2022-10-18 14:02:15 +05:30
02bb7c2cf3 Podman image: Set default_sysctls to empty for rootless containers
Avoids the error "Error: error preparing container xyz... for attach:
crun: open /proc/sys/net/ipv4/ping_group_range: Read-only file system:
OCI runtime error" when using `podman run --net bridge` inside rootful
Podman running without --security-opt unmask=ALL (or 'unmask=/proc/*')

Signed-off-by: Joakim Nohlgård <joakim@nohlgard.se>
2022-10-18 09:27:20 +02:00
2fb7218e63 Merge pull request #16207 from rhatdan/reference
Reference
2022-10-17 17:16:14 -04:00
1a60b30e51 Merge pull request #16035 from alexlarsson/quadlet
Initial quadlet version integrated in golang
2022-10-17 15:13:39 -04:00
234b2230ef Don't use github.com/docker/distribution
containers/image/v5/docker/reference has same content, but
less overhead.

Partial fix for: https://github.com/containers/podman/issues/16205

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-10-17 14:42:36 -04:00
9e6b37ec1d libpod: Add support for 'podman top' on FreeBSD
This simply runs ps(1) on the host and filters for processes inside the
container.

[NO NEW TESTS NEEDED]

Signed-off-by: Doug Rabson <dfr@rabson.org>
2022-10-17 16:43:53 +01:00
21081355a7 libpod: Factor out jail name construction from stats_freebsd.go
[NO NEW TESTS NEEDED]

Signed-off-by: Doug Rabson <dfr@rabson.org>
2022-10-17 15:33:18 +01:00
b82b27cc48 pkg/util: Add pid information descriptors for FreeBSD
[NO NEW TESTS NEEDED]

Signed-off-by: Doug Rabson <dfr@rabson.org>
2022-10-17 15:33:04 +01:00
e7d6b681aa Merge pull request #16165 from rhatdan/dups
Allow volume mount dups, iff source and dest dirs
2022-10-17 10:11:09 -04:00
62bb59d3b0 Initial quadlet version integrated in golang
Based on the initial port in https://github.com/containers/quadlet/pull/41

This contains the unit tests and the testcases from the C code as well
as modification to the podman spec file based on what the quadlet
spec file looks like, producing a podman-quadlet subpackage.

Signed-off-by: Alexander Larsson <alexl@redhat.com>
2022-10-17 15:56:03 +02:00
80a6017e2e Merge pull request #16182 from dfr/freebsd-pidfd
libpod: Factor out the call to PidFdOpen from (*Container).WaitForExit
2022-10-17 09:55:43 -04:00
8fef5eb12c Merge pull request #16170 from edsantiago/manpage_generic_include
[CI:DOCS] markdown-preprocess: add generic include mechanism
2022-10-17 09:53:06 -04:00
cd0c9494dd Merge pull request #16011 from vrothberg/lint
bump golangci-lint to v1.49.0
2022-10-17 06:17:34 -04:00
29d0cbe08f Merge pull request #16188 from eriksjolund/fix_issue_15927
rootless: fix return value handling
2022-10-17 04:07:33 -04:00
44bac51fca bump golangci-lint to v1.49.0
Motivated to have a working `make lint` on Fedora 37 (beta).
Most changes come from the new `gofmt` standards.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2022-10-17 09:19:41 +02:00
45fea91a61 Merge pull request #16189 from rhatdan/VENDOR
Update vendor containers/(common,image,storage)
2022-10-16 12:53:32 -04:00
94d3b6572c Merge pull request #16176 from vrothberg/fix-16149
generate systemd: set --stop-timeout for stopping containers
2022-10-16 09:39:04 -04:00
01a3245d7d Update vendor containers/(common,image,storage)
Fixes: https://github.com/containers/podman/issues/16150

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-10-15 09:42:51 -04:00
75222add5a Allow volume mount dups, iff source and dest dirs
Also create one constant for ErrDuplicateDest, rather then have the same
value set three times.

Fixes: https://github.com/containers/podman/issues/4217

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-10-15 07:38:08 -04:00
d21a35630d Merge pull request #16166 from misuto/main
Change to correct break statements to prevent infinite recursion causing OOM
2022-10-15 07:15:02 -04:00
c5c57f0c50 Merge pull request #16144 from presztak/vendor_psgo
vendor containers/psgo@v1.8.0
2022-10-15 07:07:19 -04:00
cb2631bf3a rootless: fix return value handling
[NO NEW TESTS NEEDED]

Fixes: https://github.com/containers/podman/issues/15927

Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
2022-10-15 10:44:17 +02:00
783b4e914a Change to correct break statements
Signed-off-by: Jakob Tigerström <jakob.tigerstrom@gmail.com>
2022-10-15 01:45:20 +02:00
8656ffa563 Merge pull request #15662 from mtrmac/c-image-errors
Update for https://github.com/containers/image/pull/1299 + update tests
2022-10-14 17:56:16 -04:00
b46fb4c607 Merge pull request #16161 from cevich/install_swagger
[CI:DOCS] Add swagger install + allow version updates in CI
2022-10-14 17:53:13 -04:00
70ecade616 Merge pull request #16169 from cevich/fix_win_installer_task
[CI:DOCS] Cirrus: Fix win installer task
2022-10-14 17:50:37 -04:00
a9a436186d Merge pull request #16173 from jesselang/patch-2
[CI:DOCS] Clarify that MacOSX docs are client specific
2022-10-14 17:48:03 -04:00
04c126a3b4 vendor containers/psgo@v1.8.0
Signed-off-by: Piotr Resztak <piotr.resztak@gmail.com>
2022-10-14 17:28:15 +02:00
b712736bd2 Merge pull request #16177 from vrothberg/fix-16142
kill: wait for the container
2022-10-14 10:25:01 -04:00
8ba7cc59d7 Merge pull request #16183 from containers/dependabot/go_modules/github.com/docker/docker-20.10.19incompatible
build(deps): bump github.com/docker/docker from 20.10.18+incompatible to 20.10.19+incompatible
2022-10-14 10:09:31 -04:00
c39b71776d Clarify that MacOSX docs are client specific
Signed-off-by: Jesse Lang <jesse@jesselang.com>
2022-10-14 08:28:02 -05:00
d5d53655c3 Merge pull request #16171 from jesselang/patch-1
[CI:DOCS] Fix markdown header typo
2022-10-14 09:08:11 -04:00
51c376c8a1 libpod: Factor out the call to PidFdOpen from (*Container).WaitForExit
This allows us to add a simple stub for FreeBSD which returns -1,
leading WaitForExit to fall back to the sleep loop approach.

[NO NEW TESTS NEEDED]

Signed-off-by: Doug Rabson <dfr@rabson.org>
2022-10-14 13:24:32 +01:00
bb2b47dc70 Add swagger install + allow version updates in CI
Support swagger testing and optional runtime updates similar to
the current golangci-lint tool.  This allows developers to update the
version of swagger at runtime if needed.  Otherwise new CI VM images
will pick up the prescribed version at image build-time via
`make install.tools`.

Signed-off-by: Chris Evich <cevich@redhat.com>
2022-10-14 08:18:52 -04:00
2a622c8af4 Cirrus: Fix windows clone race
Ref: #16167

According to Cirrus-support, defining and using `$CIRRUS_DEFAULT_WORK`
is responsible for causing a strange race condition on windows.  This is
impacting the agent's ability to clone with errors like:

```
Using built-in Git...
Cloning refs/heads/main...
Failed to clone: read ${CIRRUS_DEFAULT_WORK}\.git\HEAD: The process
cannot access the file because another process has locked a portion of
the file.!
```

Fix this by hard-coding a work directory for this windows task.

Co-authored-by: Jason T. Greene <jason@stacksmash.com>
Signed-off-by: Chris Evich <cevich@redhat.com>
2022-10-14 08:16:05 -04:00
973710c8b7 build(deps): bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.18+incompatible to 20.10.19+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.18...v20.10.19)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-14 12:07:19 +00:00
b35fab6f1c kill: wait for the container
Make sure to wait for the container to exit after kill. While the
cleanup process will take care eventually of transitioning the state, we
need to give a guarantee to the user to leave the container in the
expected state once the (kill) command has finished.

The issue could be observed in a flaking test (#16142) where
`podman rm -f -t0` failed because the preceding `podman kill`
left the container in "running" state which ultimately confused
the "stop" backend.

Note that we should only wait for the container to exit when SIGKILL is
being used.  Other signals have different semantics.

[NO NEW TESTS NEEDED] as I do not know how to reliably reproduce the
issue.  If #16142 stops flaking, we are good.

Fixes: #16142
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2022-10-14 13:21:52 +02:00
40fcbdc40a Merge pull request #16174 from vrothberg/tree-status
hack/tree_status.sh: print diff at the end
2022-10-14 05:48:32 -04:00
ba276e1172 generate systemd: set --stop-timeout for stopping containers
Make sure to always the stop timeout for unit generated via `--new`.

Fixes: #16149
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2022-10-14 10:33:26 +02:00