allow the image to specify an empty list of capabilities, currently
podman chokes when the io.containers.capabilities specified in an
image does not contain at least one capability.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Fixes infrequent but annoying flake in which system tests
call random_free_port(), get a nice-looking port, then
fail with "bind: address already in use".
Signed-off-by: Ed Santiago <santiago@redhat.com>
When removing a container's dependency, getting an error that the
container has already been removed (ErrNoSuchCtr and
ErrCtrRemoved) should not be fatal. We wanted the container gone,
it's gone, no need to error out.
[NO NEW TESTS NEEDED] This is a race and thus hard to test for.
Fixes#18874
Signed-off-by: Matt Heon <mheon@redhat.com>
Primarily, build test images FROM scratch, not alpine, to
avoid image pulls and network flakes and potential pull-
the-rug-out errors if the base alpine image changes.
This was much more complicated than it should've been,
because creating unique arch-specific FROM-scratch images
triggered a weird manifest bug, filed as #19860.
Also:
- add a teardown() to clean up manifests
- remove test for skopeo (skopeo is required for sys tests)
- remove unnecessary intermediate tmpdir
- deduplicate, by looping over amd+arm
- fix indentation
- and, finally, clean up dangling images (this was the initial
reason behind my diving in here. Such a simple thing, I thought.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
it is not possible yet to drop the override since the latest released
version has an indirect dependency on github.com/cilium/ebpf that
causes the binary to grow by ~1MB. Once there is a new runc version,
we can drop the override.
For now just bump to the latest version on main, since we are using a
year old version at this point.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when running rootless, if the specified oom_score_adj for the
container process is lower than the current value, clamp it to the
current value and print a warning.
Closes: https://github.com/containers/podman/issues/19829
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
increase the number of inotify instances to 524288 instead of using
the default value of 128.
Closes: https://github.com/containers/podman/issues/19848
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
From the Go specification:
"3. If the map is nil, the number of iterations is 0." [1]
Therefore, an additional nil check for before the loop is unnecessary.
[NO NEW TESTS NEEDED]
[1]: https://go.dev/ref/spec#For_range
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
The destination `pkg/hooks/README.md` has been moved to a separate
project.
Fixes: ffe5da20a0f2 ("pkg,libpod: remove pkg/hooks and use hooks from c/common")
Signed-off-by: Noritada Kobayashi <noritada.kobayashi@gmail.com>
Added a test that checks that gvproxy properly starts and stops when running podman machine, and that containers properly forward ports to the host when running podman using machine.
Signed-off-by: Ashley Cui <acui@redhat.com>
