Do not use Default() in unit tests, that caches the config in a global
var so it conflicts with other tests also calling it.
Now only the Reload test should test that. The Default() call got broken
by commit c2dee68766 because now the test only unsets the env after the
last Reload() call which should already use the actual default.
Fixes: c2dee68766 ("*_test.go: use t.TempDir, t.Setenv")
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Instead of using os.MkdirTemp in tests, use t.TempDir.
In a few places where the parent directory is already create by t.TempDir,
replace os.MkdirTemp with os.Mkdir.
While at it, make sure to not a leak opened file descriptor returned by
os.CreateTemp.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Using os.Setenv in tests is problematic, because the change is
process-wise and other tests running in parallel might be affected.
Also, a somewhat complicated cleanup is needed.
Both issues are solved by using t.Setenv.
This commit also uses t.TempDir, t.Cleanup, and t.Helper when it makes
sense.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Adds config to pass CDI spec directory, so that it can be overridden.
The enables rootless containers since otherwise users have to write to
one of the shared, usually only root writeable paths at in /etc or /var.
Signed-off-by: Micah Chambers <micahc.vt@gmail.com>
Signed-off-by: Micah Chambers (minerva) <mchambers@anduril.com>
This linter creates better assertions in ginkgo tests.
Fixes were made with `ginkgolinter -fix ./...`.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We no longer use `testing` as the default image from fcos for machine.
Adjust default to "" temporarily, as we're still stablizing the location and images for machine images, but still allow the user to specify a custom image via containers.conf.
Signed-off-by: Ashley Cui <acui@redhat.com>
This makes the code for setting up rootless network namespaces
dependent on what the default rootless network provider is, and
allows Pasta to be used for traffic forwarding on the rootless
netns.
This also switches the default rootless network provider to Pasta
Signed-off-by: Matt Heon <mheon@redhat.com>
We now only use the marker file, see pkg/machine.
The advantage of this is that pkg/machine no longer imports pkg/config
and we use it in rootlessport which means it will debloat the binary
there significantly.
The file approach has been added in podman 4.1 (2 years ago) so
basically all machines should have it now and this shouldn't break
anything.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
podman systemd conenction and farm currently both write containers.conf
to store their settings. Each write removes comments from the user
config file and thus makes it not great to use.
The new approach is to have a seperate file connections.conf (json
format) to store both conenctions and farms for podman. We continue to
read containers.conf for the connections and farms as well and podman
can read both. This means we have a read only store in containers.conf
(manually added by users), they cannot be removed by the podman cli.
This is a breaking chnage and will require many chnages in podman to
migrate to the new APIs added in this commit.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add a new containers.conf attribute to define how to set interface name inside containers.
Relates to: containers/podman#21313
Signed-off-by: Vikas Goel <vikas.goel@gmail.com>
The tests are messy and should be turned into table-driven tests but I
do not have time at the moment.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Commit 395ba05c44 implemented a POC to allow for changing the behavior
when loading multiple container.conf files in sequence. By default, the
TOML encoder will override existing data/fields with the one specified
in the loaded file. The POC has demonstrated how this behavior can be
changed to append string slices instead of overriding/replacing them
entirely.
This change is the first step of integrating these appendable string
arrays into containers.conf and starts with enabling the `Env`,
`Mounts`, and `Volumes` fields in the `[Containers]` table.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
1 CPU core typically is not enough for most use cases, so we default to available cores/2 for new machines.
Signed-off-by: Ashley Cui <acui@redhat.com>
Add `New()` function to create a Config and deprecate `NewConfig` which is
a) not extensible and b) broken in the sense that no external caller was
actually using the argument.
Many call sites use `Default()` which now has improved documentation and
allows for interacting with `New(). Most call sites just need to access
a pro-loaded config (via `Default()`). This config can overridden by
`New()` if the caller sets the specific option - a requirement for an
upcoming feature for Podman allowing to load user-specified configs via
CLI flags.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
It's wasteful and `sut` was not a name I would now understand. Change
the tests that need a default config. The diff also shows that the
tests would benefit a lot from a rewrite into a table-driven form but I
do not want to shave the entire Yak.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This check as part of validation errors out in conditions where
Netavark is used instead of CNI which is rather misleading. Removing
this check from Validation (early on) and expecting it to fail
closer to time-of-use.
Signed-off-by: danishprakash <danish.prakash@suse.com>
Specify one or more external providers for the compose command. The
first found provider is used for execution. Can be an absolute path or a
(file) name. Relative names are invalid. File names are evaluated via
$PATH look ups.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Emit logs on each invocation of the compose command indicating that an
external compose provider is being executed.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add a new field to the network section to allow users to set the default
network program which is used when running rootless containers.
This should be used when you run something like --network private or
--network default as rootless user.
The current default is slirp4netns so we keep that for now. Once I
integrate pasta in the rootless netns then we can consider switching the
default to pasta.
This setting will also be useful then for distros who may not ship pasta
so that they could set it back to slirp if needed.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Users way wish to configure a set of default options that should be used
when running pasta. Options that are given on the cli will be appended,
however the implementation of this needs to happen in podman.
For slirp4netns we already support the network_cmd_options field.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Used `go fmt` rules to migrate away from deprecated functions, for
instance `gofmt -w -s -r 'ioutil.TempDir(a, b) -> os.MkdirTemp(a, b)'`
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Allow distributions to specify the location of the podman image VM
images in the form of URIs with $ARCH and $OS specified. This would
allow a distribution to pull the image based on the current OS and Arch.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit allows using aardvark with an alternate port as per
implementation in containers/netavark#323
Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
gofumpt is a stricter version of gofmt, basically making the code more
readable, and fixing the gocritic's octalLiterar warnings like this one:
pkg/util/util_supported.go:26:17: octalLiteral: use new octal literal style, 0o722 (gocritic)
return (perm & 0722) == 0700
^
Generated by gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Add a new field to set the default subnet pools. They can be used to
change the subnet which is automatically allocated by podman network
create.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This field was only needed for machine to force cni, however you can set
netns="bridge" in the config to have the same effect. This is already
done in the machine setup.
The field was more of a hack and just creates confusion for users so we
remove it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add an option to containers.conf as a knob to enforce short-name
resolution to Docker Hub in Podman's compatibility REST API.
By popular request, turn it on by default.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
The Engine.Env needs to be set very early in the setup process
to make sure no one attempts to use the environment.
Fixes: https://github.com/containers/podman/issues/12296
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Paul Holzinger
Kir Kolyshkin
Nalin Dahyabhai
Micah Chambers (eos)
openshift-merge-bot[bot]
Shion Tanaka
Ashley Cui
Matt Heon
Vikas Goel
Oleksandr Redko
Chetan Giradkar
Valentin Rothberg
Aditya R
Daniel J Walsh
danishprakash
Dominique Martinet
Sascha Grunert
OpenShift Merge Robot
Valentin Rothberg