TL;DR podman needs "arm64" as arch, not "arm64v8".
Unexpurgated version: docker.io publishes ${ARCH}/alpine for
several values of ARCH. Unfortunately, the arm64 one is
called "arm64v8", which is sensible, but podman needs the
--arch value of the manifest to be exactly "arm64". So we
need to special-case this value in our loop. Do so, and
build/publish a new 20210610 testimage. Use that in tests
moving forward.
And, since we need to jump through the same hoops to build
the nonlocal image, include it in the build loop instead
of as a tacked-on comment. Try to be helpful by determining
the next-available numeric tag.
And: don't push anything by default. Instead, just tell
the user what buildah-push commands to run.
And: refactor $PODMAN_NONLOCAL_IMAGE_TAG, to make it easier
for the RHEL-arch-testing folx to override using envariables
instead of inplace-sed. (Not that they should ever need to
override again, because this is the final multiarch commit
that should be forevermore perfect and need no further commits
ever again).
And, finally, bump up to latest alpine/busybox images.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Unfortunately --pre-checkpointing never worked as intended and recent
changes to runc have shown that it is broken.
To create a pre-checkpoint CRIU expects the paths between the
pre-checkpoints to be a relative path. If having a previous checkpoint
it needs the be referenced like this: --prev-images-dir ../parent
Unfortunately Podman was giving runc (and CRIU) an absolute path.
Unfortunately, again, until March 2021 CRIU silently ignored if
the path was not relative and switch back to normal checkpointing.
This has been now fixed in CRIU and runc and running pre-checkpoint
with the latest runc fails, because runc already sees that the path is
absolute and returns an error.
This commit fixes this by giving runc a relative path.
This commit also fixes a second pre-checkpointing error which was just
recently introduced.
So summarizing: pre-checkpointing never worked correctly because CRIU
ignored wrong parameters and recent changes broke it even more.
Now both errors should be fixed.
[NO TESTS NEEDED]
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Adrian Reber <adrian@lisas.de>
when looking up the container cgroup, ignore named hierarchies since
containers running systemd as payload will create a sub-cgroup and
move themselves there.
Closes: https://github.com/containers/podman/issues/10602
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Podman machine is only intended for amd64 and arm64 architectures, set
the correct buildtags so that the `pkg/machine`, `pkg/machine/qemu` and
`pkg/machine/libvirt` packages compile correctly.
[NO TESTS NEEDED]
Fixes#10625
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
- Bugfix `make nixpkgs` which pin with branch `nixos-21.05`
- Code lint with `nixpkgs-fmt`
- Code sync between x86\_64 and aarch64
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
crun 0.20.1 changed an error message that we relied on. Deal
with it by accepting the old and new message.
Also (unrelated): sneak in some doc fixes to get rid of
nasty go-md2man warnings that have crept into man pages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
commit ab886328357184cd0a8375a5dedf816ba91789f9 changed the path for
the pause.pid file but didn't update the same path in the C code.
This prevented Podman to take the fast path when the userns is already
created and to join it without re-execing itself.
Fix the path in the C code as well so we can join the rootless
user+mount namespace without having to re-exec Podman.
[NO TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
podman-remote build has to handle multiple different locations
for the Containerfile. Currently this works in local mode but not
when using podman-remote.
Fixes: https://github.com/containers/podman/issues/9871
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When 127.0.0.53 is the only nameserver in /etc/resolv.conf assume
systemd-resolved is used. This is better because /etc/resolv.conf does
not have to be symlinked to /run/systemd/resolve/stub-resolv.conf in
order to use systemd-resolved.
[NO TESTS NEEDED]
Fixes: #10570
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Fix a race in the k8s-file logs driver. When "following" the logs,
Podman will print the container's logs until the end. Previously,
Podman logged until the state transitioned into something non-running
which opened up a race with the container still running, possibly in
the "stopping" state.
To fix the race, log until we've seen the wait event for the specific
container. In that case, conmon will have finished writing all logs to
the file, and Podman will read it until EOF.
Further tweak the integration tests for testing `logs -f` on a running
container. Previously, the test only checked for one of two lines
stating that there was a race. Indeed the race was in using `run --rm`
where a log file may be removed before we could fully read it.
Fixes: #10596
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Image prune --filter is fully implemented in the api, http api
yet not connected with the cli execution. User trying to use
filters does not see the effect. This commit adds glue code to enable
possiblity of using --filter in prune in the cli execution.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
If a client closes the http connection during image pull, the
service should cancel the pull operation.
[NO TESTS NEEDED] I have no idea how we could test this reliable.
Fixes: #7558
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The api doc used wrong response examples for both the compat and libpod
network prune endpoints. Change the doc so that it matches the actual
return values. Also fix the endpoints to return an empty array instead
of null when no networks are removed.
[NO TESTS NEEDED]
Fixes: #10564
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Followup to #9740. Nice work, but the _confirm_update() helper
was dangerously broken and I just wasn't able to communicate
that. Given the time zone difference, and my weekly time cost
in reviewing, it's easier for me to fix it myself. (The problem
is that the function was a complete NOP, which would lead to
flakes).
Also: got rid of some clutter, restructured a few minor places
for maintainability.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The rework of namespace handling for rootless CNI broke this, as
CNI networks were being computed incorrectly. Fix handling of
CNI networks for the Compat Create REST API for containers, and
add a test so we don't regress again.
Fixes#10569
Signed-off-by: Matthew Heon <mheon@redhat.com>
Add some cases for podman auto-update:
1. Test with different value for label io.containers.autoupdate
2. Run podman auto-update as systemd timer
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
