Because it will cause memory leak if we do not stop timer when the function has completed.
[NO NEW TESTS NEEDED]
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
We do not allow volumes and mounts to be placed at the same
location in the container, with create-time checks to ensure this
does not happen. User-added conflicts cannot be resolved (if the
user adds two separate mounts to, say, /myapp, we can't resolve
that contradiction and error), but for many other volume sources,
we can solve the contradiction ourselves via a priority
hierarchy. Image volumes come first, and are overridden by the
`--volumes-from` flag, which are overridden by user-added mounts,
etc, etc. The problem here is that we were not properly handling
volumes-from overriding image volumes. An inherited volume from
--volumes-from would supercede an image volume, but an inherited
mount would not. Solution is fortunately simple - just clear out
the map entry for the other type when adding volumes-from
volumes.
Makes me wish for Rust sum types - conflict resolution would be a
lot simpler if we could use a sum type for volumes and bind
mounts and thus have a single map instead of two maps, one for
each type.
Fixes#19529
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
This may be helpful in case SHA comparison is needed w/ files elsewhere.
For example, the files uploaded to a github release page.
Signed-off-by: Chris Evich <cevich@redhat.com>
These are visible when running either job manually. Fix the windows
workflow by including a `v` prefix to an obviously fictitious version
number. For consistency, update the mac workflow text to match.
Signed-off-by: Chris Evich <cevich@redhat.com>
Check for duplicate subcommands, flags, and format specifiers.
I assumed this would never be necessary, that code review would
catch dups, but it happened (#19462). Prevent future ones.
Also, make it a fatal error for a --format to be undocumented,
except for 'podman inspect'. So many exceptions ... :(
Signed-off-by: Ed Santiago <santiago@redhat.com>
follow-up for https://github.com/containers/podman/pull/19526
on io.Copy() errors make sure the temporary file is closed.
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The mandoc(1) utility is used for this on FreeBSD systems. This fixes a
confusing (but harmless) series of error messages when building manpages
on FreeBSD.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
For containers using host networking, 'kube generate' crashed in
(*Container).HostNetwork which dereferenced config.Spec.Linux without
checking if its non-nil, which is the case for FreeBSD containers.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
The socket can already exist and is not removed by disabling the systemd unit,
hence it needs to be deleted to get a "vanilla" system. This is a temporary
workaround suggested in:
https://github.com/containers/podman/pull/19478#issuecomment-1665350945
[NO NEW TESTS NEEDED] - this is a CI fix
Signed-off-by: Dan Čermák <dcermak@suse.com>
The `Exists` field of the `RemoteSocket` struct is marshaled to json with the
`omitempty` setting. This has the disadvantage that by default `podman info`
shows a `remotePath` entry (the remote path is set in
`pkg/domain/infra/abi/systems.go`: `(*ContainerEngine).Info`) but not that this
path does not exist:
```
❯ podman info --format json | jq .host.remoteSocket
{
"path": "/run/user/1000/podman/podman.sock"
}
```
By removing the `omitempty`, we ensure that the existence is always shown:
```
❯ bin/podman info --format json | jq .host.remoteSocket
{
"path": "/run/user/1000/podman/podman.sock",
"exists": false
}
```
Signed-off-by: Dan Čermák <dcermak@suse.com>
when init'ing a machine, if the ssh key already exists, then we get a
somewhat oblique error. here we make it clear what the problem was and
early return.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
the method caller for creating the ignition file was accidently
misordered for hyperv. this regression was caused by aa6827a6.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
`git describe` is lagging on main so this commit updates
`rpm/update-sepc-version.sh` to generate the expected version.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Fixes non-blocking nits that were in the PR that consolidated some of
the machine code into common areas.
Fixes a capitalization error in documentation, inverts the logic in
`AddSSHConnectionsToPodmanSocket`, and uses raw strings in
`WaitAPIAndPrintInfo` instead of printing the messages line-by-line.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Compat api for containers/stop should take -1 value
Add support for `podman stop --time -1`
Add support for `podman restart --time -1`
Add support for `podman rm --time -1`
Add support for `podman pod stop --time -1`
Add support for `podman pod rm --time -1`
Add support for `podman volume rm --time -1`
Add support for `podman network rm --time -1`
Fixes: https://github.com/containers/podman/issues/17542
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
On FreeBSD, each container has its own devfs instance with a ruleset
that controls what the container can see. To expose devices to a
container we add rules to its devfs to make the requested devices
visible. For privileged containers, we use 'ruleset=0' which makes
everything visible.
This shares the ParseDevice function with Linux so it moves to
config_common.go from config_linux.go.
Signed-off-by: Doug Rabson <dfr@rabson.org>
