It is not state needed after assembling the tasks, so remove it to keep
the task struct simpler.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
To replace redundant string scattered across the code with proper
constants. The "status" will further be useful in a future change
as it can be moved into a `task`.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Will simplify the code and speed up things as we do not consult a
container's labels multiple times.
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This will simplify the logic and pave the way for abstracting the
auto-update policies to a certain degree that allows us to better
control _when_ the updates and rollbacks happen and will ultimately
reduce redundant code.
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
If two containers use the same image and one rolled back (i.e., tagged
the old image again), make sure to repull the image for the other
container.
Once an image has caused a rollback, it may be worth marking this image
as broken and not update any other container using it but that is
outside of the scope.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Change the auto-update logic to update unit-by-unit rather by policy.
This allows for, in theory now and in practice later, to have mutliple
containers run in a single systemd unit and update them in sequence
before restarting the unit.
[NO NEW TESTS NEEDED] - should not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Drop a comment on using `chcon` to let the local rollback test pass.
It took me a while to understand why the test failed and future souls
may appreciated the extra breadcrumb.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
A `task` includes data and state for updating a given container image.
It will come in handy in future changes, but we are going there in
baby steps to have smaller incremental changes.
[NO NEW TESTS NEEDED] - should not change behaviour.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Introduce an `updater` type to allow for sharing state.
This will be more useful for future changes.
[NO NEW TESTS NEEDED] as it does not change behavior.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
str.removeprefix() and str.removesuffix() is python 3.9+ only but we need to
support older versions for the OSX cross task.
This fixes broken CI on main.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Secret was populating a generated kube as `null`. Add omitempty
so that when the volume source is not a secret, we do not print unnecessary info
resolves#15156
Signed-off-by: Charlie Doern <cdoern@redhat.com>
this updates downloading of gvproxy and qemu using a standard
makefile rule which will avoid downloading them again if its
already downloaded
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
add file hvf.entitlements which has the com.apple.security.hypervisor
entitlement needed for qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
podman-create and -run have many options in common. To date,
these are copy-pasted and haphazardly maintained.
Solution: add an include mechanism, '@@option foo', such
that multiple md source files can fetch from one common file.
This is a Phase One commit, a very small subset of what's
possible. Purpose of this commit is ease of review. If this
passes review, much more (trickier stuff) will be forthcoming.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The "podman kube down" reads in a structured file of
Kubernetes YAML and removes pods based on the Kubernetes kind described in the YAML,
similiar to "podman play kube --down". Users will still be able to use
"podman play kube --down" and "podman kube play --down" to
perform the same function.
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
When podman kube play was added the endpoint for the kube play/play kube
commands was switched from the "play kube" endpoint to the new "kube play"
endpoint. This caused issues with the remote client, requiring the need
to use the "play kube" endpoint again in order to avoid these issues.
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
podman run/create can accept `-h <hostname>` as argument. When parsing
flags -h throws an help requested error from pflag. To prevent this
error we have to define the help flag.
Fixes#15124
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
