This will add --layers support.
Also add missing information in man pages on podman build features.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #938
Approved by: umohnani8
Remove the image if all its tags are specified. This didn't work before
as the images have been queried prior to changing them resulting in
inconsistencies regarding repoTags. Now, the images for each specified
tag is loaded one after another to guarantee loading the latest state.
Fixes: #930
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #934
Approved by: rhatdan
Attempt to cleanup as much of the container as possible, even if one
of the cleanup stages fails.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #895
Approved by: mheon
Because it's easier to recover from that if we fail early instead of
going through and creating a "Bump to v1.2.3-dev-dev" commit, etc.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #926
Approved by: rhatdan
podman run command screws up we should get 125
podman run command succeeds but command in container fails to exec 126
podman run command succeeds but command exits with non 0 exit code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #921
Approved by: TomSweeneyRedHat
Use the parsing code to properly setup podman build namespaces
Fixes support for network namespace and user namespace
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #917
Approved by: rhatdan
We have an issue where iptables command is being executed by podman
and attempted to run with a different label. This fix changes podman
to only change the label on the conmon command and then set the
SELinux interface back to the default.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #906
Approved by: giuseppe
Until podman build supports caching, their are no intermediary builds,
but people might still use scripts that use the --all option.
Adding this will not hurt anything and could fix scripts.
Also fixed sorting issues in options handling of images
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #896
Approved by: mheon
the varlink build was not working as designed and required some touch-ups:
* return a struct that includes logs and the new image ID
* pass namespaceoption so that networking in buildah works
Signed-off-by: baude <bbaude@redhat.com>
Closes: #903
Approved by: rhatdan
The default timeout of one second when using podman-varlink can confuse
users as podman exits in silence after this timeout in case no
connection to the endpoint is alive. Print a log (info level) that the
varlink service has expired to guide the user.
This change requires to vendor in the latest master of varlink/go.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #899
Approved by: rhatdan
Remove the bash completion's shebang, which isn't required as the file
is only meant to be sourced. rpmlint was complaining about that.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #901
Approved by: rhatdan
This fix the issues when you are trying to build from a non existant
image or the registries in registries.conf do not include the registry.
./bin/podman build -t dan -f Dockerfile.suse ~
STEP 1: FROM opensuse:tumbleweed
error creating build container: image "opensuse:tumbleweed" not found in /etc/containers/registries.conf registries: image not known
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
v#
Closes: #897
Approved by: mheon
Add following test cases for security-opt:
- Check default selinux value
- Disable security options in container
- Setup selinux type in security-opt
- Disable seccomp protection
- Configure custom seccomp.json
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
Use function in opencontainers/selinux/go-selinux to check the
selinux status in our test.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
Closes: #837
Approved by: rhatdan
Also add annotations from the image the container was created
from.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #886
Approved by: rhatdan
Change the level of missing /etc/containers/mount.conf to a debug, since
this is expected on most machines.
Also raised the level of some warnings to errors, so they will be better seen,
even if we are skipping.
Fixed the wording of one error, since stating is not the correct word.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #882
Approved by: mheon
We've had logrus logging in the monitor code since it landed in
68eb128f (pkg/hooks: Version the hook structure and add 1.0.0 hooks,
2018-04-27, #686). This commit adds similar logging to the initial
hook.New() and Manager.Hooks() calls to make it easier to see if those
are working as expected.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
The typo is a copy/paste error from 68eb128f (pkg/hooks: Version the
hook structure and add 1.0.0 hooks, 2018-04-27, #686).
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
This typo from 68eb128f (pkg/hooks: Version the hook structure and add
1.0.0 hooks, 2018-04-27, #686) was causing any 'annotations' entries
in hook JSON to be silently ignored.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
The continue here is from 5676597f (hooks/read: Ignore IsNotExist for
JSON files in ReadDir, 2018-04-27, #686), where it was intended to
silently ignore missing JSON files. However, the old logic was also
silently ignoring not-exist errors from the os.Stat(hook.Hook.Path)
from 68eb128f (pkg/hooks: Version the hook structure and add 1.0.0
hooks, 2018-04-27, #686). This commit adjusts the check so JSON
not-exist errors continue to be silently ignored while hook executable
not-exist errors become fatal.
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #887
Approved by: rhatdan
This vendor will improve the performance of using userns
since it will save aside the image layer of the chown, so
followup runnings of podman will use the new layer rather
then chowning again.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #881
Approved by: mheon
Bump it to the next version (without a -dev suffix), based on the
precedent set by 70672652 (Bump to v0.6.1-dev, 2018-05-25, #834).
Previously I had VERSION there, which was a copy/paste error.
I've also added an explicit write_spec_version to release_commit.
That *should* be a no-op, with the spec version having already been
set by the previous release's dev_version_commit. But better to be
safe than to cut a release with the wrong version number in the spec
file (e.g. maybe we guessed NEXT_VERSION wrong during the last
release).
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #879
Approved by: mheon