...it never worked as intended. Cron job has been deleted.
(Note: this is not the same as the *buildah* treadmill, #13808,
which continues to be active and necessary)
Signed-off-by: Ed Santiago <santiago@redhat.com>
We can now use the new API for creating files and directories without
setting the umask to allow parallel usage of those methods.
This patch also bumps c/common for that.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
Ref: https://pkg.go.dev/math/rand@go1.20#Seed
Note: For `runtime_test.go`, this test-case was never actually doing
what appears as it's intent . Fixing it to work as intended would be
require incredibly libpod-invasive changes. Do the least-worse thing and
simply confirm that consecutive generated names are different.
Signed-off-by: Chris Evich <cevich@redhat.com>
Systemd supports unit files with a prefix '-' which
tells the system to check if the content exists before
using it. This would allow the QM project to specify
AddDevice=-/dev/kvm, which would add the /dev/kvm device
to the container iff it exists on the host.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When we encounter an error while pushing a manifest list, don't claim
that we encountered an error while adding an item to the list.
[NO NEW TESTS NEEDED]
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Found a typo today while reading documentation.
Simple enough change :-)
Signed-off-by: Mike Eisemann <me@michaeleisemann.com>
Signed-off-by: AndroidKitKat <me@michaeleisemann.com>
...at least as many as possible. "run/exec -it" make no sense
in a CI environment; I believe the vast majority of these are
the result of fingers typing on autopilot, then copy/pasting
cascades from those. This PR gets rid of as many -it/-ti as
possible. Some are still needed for testing purposes.
Y'all have no idea how much I hate #10927 (the "no logs from conmon"
flake). This does not fix the underlying problem, nor does it even
eliminate the flake (The "exec terminal doesn't hang" test needs
to keep the -ti flag, and that's one of the most popular flakers).
But this at least reduces the scope of the problem. It also removes
a ton of nasty orange "input device is not a TTY" warnings from logs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Nasty test flake, "bad address nc-server.dns.podman"
Cause: "There is absolutely no guarantee that aardvark-dns
is ready before the container is started." (source: Paul).
Workaround (not a real solution): wait before doing a host lookup.
Also: remove a 99%-duplicate test.
Closes: #16272 (I hope)
Signed-off-by: Ed Santiago <santiago@redhat.com>
According to an old upstream issue [1]: "If the first statement after
BEGIN DEFERRED is a SELECT, then a read transaction is started.
Subsequent write statements will upgrade the transaction to a write
transaction if possible, or return SQLITE_BUSY."
So let's move the first SELECT under the same transaction as the table
initialization.
[NO NEW TESTS NEEDED] as it's a hard to cause race.
[1] https://github.com/mattn/go-sqlite3/issues/274#issuecomment-1429054597Fixes: #17859
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
In rare instances, if podman machine start does not exit correctly, the machine can be left in a "Starting" state, when in reality the machine is stopped. This prevents the user from actually starting the machine. This commit makes sure that on `podman machine stop`, we check if this is the case, and correctly set the starting state to false, allowing the user to start their machine again.
Signed-off-by: Ashley Cui <acui@redhat.com>
The problem right now is that --ns contianer: syntax causes use to add
the namespace path to the spec which means the runtime will try to call
setns on that. This works fine for private namespaces but when the host
namspace is used by the container a rootless user is not allowed to
join that namespace so the setns call will return with permission
denied.
The fix is to effectively switch the container to the `host` mode
instead of `container:` when the mention container used the host ns. I
tried to fix this deep into the libpod call when we assign these
namespaces but the problem is that this does not work correctly because
these namespace require much more setup. Mainly different kind of mount
points to work correctly.
We already have similar work-arounds in place for pods because they also
need this.
For some reason this does not work with the user namespace, I don't know
why and I don't think it is really needed so I left this out just to get
at least the rest working. The original issue only reported this for the
network namespace.
Fixes#18027
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When checking for new images on registries, do not suppress
and debug-log errors but return them. Other images and units
will still be processed.
That is important to a) stop hiding flaky registries (see #18321)
b) mark the updates as `failed` instead of `false`
[NO NEW TESTS NEEDED]
Closes: #18321
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Our friend #7096 is still not fixed: it continues to flake,
singletons only, and only in the "create" test (not "run").
My guess: maybe there's a race somewhere in IP assignment,
such that container1 can have an IP, but not yet be running,
and a container2 can sneak in and start with that IP, and
container1 is the one that fails?
Solution: tighten the logic so we wait for container1 to
truly be running before we start container2. And, when we
start container2, do so with -a so we get to see stdout.
(Am not expecting it to be helpful, but who knows).
Also very minor cleanup
Signed-off-by: Ed Santiago <santiago@redhat.com>
Having a container spin-wait on a /stop file, then exit, is
unsafe: 'podman exec $ctr touch /stop' can get sucked into
container cleanup before the exec terminates, resulting in
the podman-exec failing and hence the test failing.
Most existing instances of this pattern are unnecessary.
Replace those with just 'podman rm -f'.
When necessary, use a variety of safer alternatives.
Re-Closes: #10825 (already closed; this addresses remaining cases)
Signed-off-by: Ed Santiago <santiago@redhat.com>
