- #15074 ("subtree_control" flake). The flake is NOT FIXED, I
saw it six months ago on my (non-aarch64) laptop. However,
it looks like the frequent-flake-on-aarch64 bug is resolved.
I've been testing in #17831 and have not seen it. So,
tentatively remove the skip and see what happens.
- Closes: #19407 (broken tar, "duplicates of file paths")
All Fedoras now have a fixed tar. Debian DOES NOT, but
we're handling that in our build-ci-vm code. I.e., the
Debian VM we're using has a working tar even though there's
currently a broken tar out in the wild.
Added distro-integration tag so we can catch future problems
like this in OpenQA.
- Closes: #19471 (brq / blkio / loopbackfs in rawhide)
Bug appears to be fixed in rawhide, at least in the VMs we're
using now.
Added distro-integration tag because this test obviously
relies on other system stuff.
Signed-off-by: Ed Santiago <santiago@redhat.com>
When preparing container inspection output, ensure we actually have masked paths to work with.
These will only be available on Linux, which is no longer always true as we also support FreeBSD now.
Fixes#21117
Signed-off-by: Ben Cooksley <bcooksley@kde.org>
Update farm build to directly push images to a registry
after all the builds are complete on all the nodes.
A manifest list is then created locally and pushed to
the registry as well.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
There are no security concerns here; this is a convenience
for people debugging things. Some podman-machine developers
were manually setting a password over SSH for example,
but this is just better than that.
[NO NEW TESTS NEEDED]
Signed-off-by: Colin Walters <walters@verbum.org>
LastUp now correctly reports the lastUp time for podman machine on
AppleHV, for both inspect and list.
[NO NEW TESTS NEEDED]
since this fixes an existing failing test.
Signed-off-by: Ashley Cui <acui@redhat.com>
Before this, for some special Podman commands (system reset,
system migrate, system renumber), Podman would create a first
Libpod runtime to do initialization and flag parsing, then stop
that runtime and create an entirely new runtime to perform the
actual task. This is an artifact of the pre-Podman 2.0 days, when
there was almost no indirection between Libpod and the CLI, and
we only used one runtime because we didn't need a second runtime
for flag parsing and basic init.
This system was clunky, and apparently, very buggy. When we
migrated to SQLite, some logic was introduced where we'd select a
different database location based on whether or not Libpod's
StaticDir was manually set - which differed between the first
invocation of Libpod and the second. So we'd get a different
database for some commands (like `system reset`) and they would
not be able to see existing containers, meaning they would not
function properly.
The immediate cause is obviously the SQLite behavior, but I'm
certain there's a lot more baggage hiding behind this multiple
Libpod runtime logic, so let's just refactor it out. It doesn't
make sense, and complicates the code. Instead, make Reset,
Renumber, and Migrate methods of the libpod Runtime. For Reset
and Renumber, we can shut the runtime down afterwards to achieve
the desired effect (no valid runtime after). Then pipe all of
them through the ContainerEngine so cmd/podman can access them.
As part of this, remove the SystemEngine part of pkg/domain. This
was supposed to encompass these "special" commands, but every
command in SystemEngine is actually a ContainerEngine command.
Reset, Renumber, Migrate - they all need a full Libpod and access
to all containers. There's no point to a separate engine if it
just wraps Libpod in the exact same way as ContainerEngine. This
consolidation saves us a bit more code and complexity.
Signed-off-by: Matt Heon <mheon@redhat.com>
Add a wait_for_ready() to one kube-play test, to make sure
container output has made it to the journal.
Probably does not fix#18501, but I think it might fix its
most common presentation.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Previously, every machine created using appleHV interacted with VFKit using port 8081. This meant that if multiple machines existed on the machine, starting one would start all the machines. This patch assigns a separate random port for each machine, so machine commands interact with just the specified machine.
Signed-off-by: Ashley Cui <acui@redhat.com>
Fixes a bug where a user would be unable to change
a rootless machine to rootful. Also makes sure that
the podman/docker socket service is updated if the
UID or Rootful status of the host user has been
updated.
[NO NEW TESTS NEEDED]
Fixes: #21195
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
It looks like we had some logic for this from #10789 but it does
not appear to have ever worked; we can't pull external containers
out of the DB, so the ContainerRm call failed unconditionally.
Instead, just handle them in Libpod when we're removing images.
We're removing every image, so setting Force when removing images
should get rid of all external containers. It's a little later in
the process than the current (nonfunctional) solution is but I
can't think of a reason why that would be bad.
[NO NEW TESTS NEEDED] We do not currently test `system reset`.
We should probably reevaluate that at some point this year.
Fixes https://issues.redhat.com/browse/RHEL-21261
Signed-off-by: Matt Heon <mheon@redhat.com>
Cut is a cleaner & more performant api relative to SplitN(_, _, 2) added in go 1.18
Previously applied this refactoring to buildah:
https://github.com/containers/buildah/pull/5239
Signed-off-by: Philip Dubé <philip@peerdb.io>
The quotes are interpreted as part of the value, so that, for example,
`HealthCmd="true"` is translated to the podman argument
`--health-cmd "\"true\""`.
Signed-off-by: Cedric Staniewski <cedric@gmx.ca>
Let's support --config option by setting environment variable
DOCKER_CONFIG instead of ignoring it for docker compatibility, so
it could be used to locate config.json as authentication file.
Also add a test case for this change, remove the deprecated one.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
- tmpfs + noswap test: requires noswap feature in kernel.
Check for it, and skip if unimplemented. (Root only.
Rootless test works regardless of kernel).
- podman generate systemd tests: always use --files option,
because otherwise the "DEPRECATED" warning gets written
to the systemd unit file.
- kube play tests: yikes. Fix longstanding bugs when checking
for containers running. This revealed a longstanding bug
in one test: multi-pod YAML never actually worked. Fixed now.
- run_podman(): that new check-for-warnings code we added
in #19878, duh, I skipped it on Debian but should've skipped
when *runc*. Do so now and update the comment. Requires
minor surgery to podman_runtime() helper to avoid
infinite recursion.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Conditional expression duplicates the
code above, therefore, remove it
Found by Linux Verification Center (linuxtesting.org) with SVACE.
[NO NEW TESTS NEEDED]
Signed-off-by: Egor Makrushin <emakrushin@astralinux.ru>
podman-kube-generate created from pod:
1. podman volume create mariadb_data
2. podman run --env MARIADB_ROOT_PASSWORD=x --name some-mariadb \
-v mariadb_data:/var/lib/mysql -P -d mariadb:10.11
3. + command in doc.
podman-run - using MARIADB_ROOT_PASSWORD environment variables for a
while now.
Signed-off-by: Daniel Black <daniel@mariadb.org>
fix https://github.com/containers/podman-desktop/issues/5282
With FCOS we have a limit of 2048 files
But when launching containers like kind containers, we're reaching
easily the limit.
AFAIK as it's inside a dedicated machine, limit should be max
Limit should be only at the container level.
Signed-off-by: Florent Benoit <fbenoit@redhat.com>
Back when we introduced ExitCleanly(), we couldn't use it
on Debian because of too many runc bugs. Now, early 2024:
- #11784 has been closed-wontfix, so add a runc special-case
in the specific test that triggers it.
- #11785 seems to have gone away? Treat it as fixed.
- #19552 is languishing, so let's just close-wontfix it too and
add another runc special case.
- and, one new rootless-cgroupsV1 exception for a warning msg
that snuck in recently.
Signed-off-by: Ed Santiago <santiago@redhat.com>
