Commit Graph

20701 Commits

Author SHA1 Message Date
openshift-ci[bot] e5101b28de
Merge pull request #20492 from brlin-tw/patch-1
[CI:DOCS] Fix broken code block markup in Introduction.rst
2023-10-26 17:03:50 +00:00
openshift-ci[bot] 499c608905
Merge pull request #20489 from containers/renovate/go-google.golang.org/grpc-vulnerability
chore(deps): update module google.golang.org/grpc to v1.57.1 [security]
2023-10-26 15:19:57 +00:00
openshift-ci[bot] c1d177e8e7
Merge pull request #20493 from edsantiago/getport_safe
CI: e2e: safer GetPort()
2023-10-26 13:37:13 +00:00
Ed Santiago c841fa9e9a CI: e2e: safer GetPort()
Problem: frequent CI flakes of the form:

   Error: cannot listen on the TCP port: listen tcp4 :5355: bind: address already in use

Always 5355.

Cause: systemd-resolve listens on 5355, but not on 127.0.0.1. So
when GetPort() tries its is-it-in-use check by binding localhost,
it succeeds; but then podman binds * and fails.

Solution: GetPort(): test by binding 0.0.0.0.

Also, improve the failure message.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2023-10-26 05:52:02 -06:00
林博仁(Buo-ren, Lin) fd5140d87a
Fix broken code block markup in Introduction.rst
Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>

Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>
2023-10-26 18:51:45 +08:00
renovate[bot] d0ce60c631
chore(deps): update module google.golang.org/grpc to v1.57.1 [security]
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-26 10:17:03 +00:00
openshift-ci[bot] 642c0c798a
Merge pull request #20478 from lstocchi/i20373
fix: check npipe when executing podman compose on wsl vm
2023-10-26 10:15:49 +00:00
lstocchi 15969a60bc
chore: remove npipe const and use vmtype const for checking
Signed-off-by: lstocchi <lstocchi@redhat.com>
2023-10-26 09:43:04 +02:00
openshift-ci[bot] 0242a7439e
Merge pull request #20470 from edsantiago/curl_port_flake_fix
CI: try to fix more networking flakes
2023-10-25 21:17:03 +00:00
openshift-ci[bot] 84efd2b7e8
Merge pull request #20468 from p-fruck/fix/api-compat-network-docs
[CI:DOCS] (API): Fix compat network (dis-)connect
2023-10-25 19:58:00 +00:00
openshift-ci[bot] 5a47b1e150
Merge pull request #20050 from umohnani8/farm-build-2
Add podman farm build command
2023-10-25 19:54:36 +00:00
openshift-ci[bot] 32ef2d7080
Merge pull request #20479 from ygalblum/quadlet-read-only
Quadlet - explicit support for read-only-tmpfs
2023-10-25 19:28:07 +00:00
Ed Santiago c0fb8fe594 CI: try to fix more networking flakes
There's a whole slew of networking-related flakes whose common
element seems to be improper use of curl. Fix those by:

  * add --retry --retry-connrefused; and/or
  * add -S ("show errors". Plain -s silences everything!); and/or
  * test exit status from curl; and/or
  * add wait_for_port after "podman run -d", to avoid races
  * log commands, to make debugging easier

Important note: wait_for_port() was not working with rootless
podman ports. Trivial proof:

  $ podman run -d --name foo -p 8192:80 \
      quay.io/libpod/testimage:20221018 \
      /bin/busybox-extras httpd -f -p 80
  $ grep :2000 /proc/net/tcp
  [no results]

Solution: use ss tool; it seems to handle this just fine.
There may be a better solution.

Oh, also, add -t1 to a podman restart, to shave 18s from test run.

Fixes: #20335 and, I think, a handful of others

Signed-off-by: Ed Santiago <santiago@redhat.com>
2023-10-25 07:24:16 -06:00
openshift-ci[bot] 556898511c
Merge pull request #20481 from vrothberg/fix-20469
compat API: fix image-prune --all
2023-10-25 11:29:30 +00:00
lstocchi c21f28813e
fix: check wsl npipe when executing podman compose
Signed-off-by: lstocchi <lstocchi@redhat.com>
2023-10-25 13:28:10 +02:00
openshift-ci[bot] 532804be54
Merge pull request #20482 from containers/renovate/golangci-golangci-lint-1.x
[CI:DOCS] Update dependency golangci/golangci-lint to v1.55.1
2023-10-25 11:26:21 +00:00
renovate[bot] 9ea1ed6d49
[CI:DOCS] Update dependency golangci/golangci-lint to v1.55.1
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-25 10:48:36 +00:00
openshift-ci[bot] 151a01917c
Merge pull request #20480 from ygalblum/makefile-user-control
Makefile - allow more control over Ginkgo parameters
2023-10-25 10:48:08 +00:00
Ygal Blum 76cca08f8a Quadlet - explicit support for read-only-tmpfs
Add Quadlet key and disconnect relationship withr read-only
Update and add tests
Update man with new key

Remove the reference to VolatileTmpfs in the man page to reduce its
usage, since the same functionality can be achieved using the Tmpfs key
while keeping its support to maintain backward compatibility

Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
2023-10-25 13:28:15 +03:00
Valentin Rothberg c13b8e3c9c compat API: fix image-prune --all
Docker deals with the --all flag on the client side while Podman does it
on the server side.  Hence, make sure to not set the dangling filter
with two different values in the backend.

Fixes: #20469
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2023-10-25 10:58:00 +02:00
Ygal Blum 0e15861c59 Makefile - allow more control over Ginkgo parameters
Allow the user to control flake retry and color output
Update README

Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
2023-10-25 09:48:36 +03:00
openshift-ci[bot] 242d223196
Merge pull request #20463 from vrothberg/RUN-1934
vendor c/{buildah,common}: appendable containers.conf strings, Part 1
2023-10-24 23:18:06 +00:00
Urvashi Mohnani ebe01ca292 Add e2e tests for farm build
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2023-10-24 17:32:47 -04:00
Valentin Rothberg 989afd910e vendor c/{buildah,common}: appendable containers.conf strings, Part 1
This change is the first step of integrating appendable string arrays
into containers.conf and starts with enabling the `Env`, `Mounts`, and
`Volumes` fields in the `[Containers]` table.

Both, Buildah and Podman, read (and sometimes write) the fields of the
`Config` struct at various places, so I decided to migrate the fields
step-by-step.  The ones in this change are most critical ones for
customers.  Once all string slices/arrays are migrated, the docs of
containers.conf will be updated.  The current changes are entirely
transparent to users.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2023-10-24 20:33:36 +02:00
openshift-ci[bot] 35121f67bf
Merge pull request #20455 from rhatdan/play
Use buildah default isolation when working with podman play kube
2023-10-24 18:29:23 +00:00
Urvashi Mohnani dd8f57a3b4 Add podman farm build command
Add podman farm build command that sends out builds to
nodes defined in the farm, builds the images on the farm
nodes, and pulls them back to the local machine to create
a manifest list.

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2023-10-24 12:58:39 -04:00
Urvashi Mohnani 2e88d580a9 Add emulation package
Add emulation pkg to be used with farm build when
determining emulated platforms for the farm nodes.

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2023-10-24 12:21:27 -04:00
Daniel J Walsh 06b7264977
Use buildah default isolation when working with podman play kube
Users can specify BUILDAH_ISOLATION environment variable to change the
default.

Fixes: https://github.com/containers/podman/issues/20024

Currently podman play kube is defaulting to chroot, which is the least
safe version of build, we should always default to secure whenever
possible. Chroot should only be used when building within a container.

No great way to tests this.
[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2023-10-24 12:20:11 -04:00
openshift-ci[bot] e9e18acd5f
Merge pull request #20451 from rhatdan/volume
Support size option when creating tmpfs volumes
2023-10-24 15:40:50 +00:00
Philipp Fruck 0a2aae119e
docs(API): Fix compat network (dis-)connect
The endpoints to (dis-)connect networks from/to a container are
no longer no-ops. Furthermore, the 403 error handled since #20365
has been documented

Signed-off-by: Philipp Fruck <dev@p-fruck.de>
2023-10-24 17:37:17 +02:00
openshift-ci[bot] 83d7c3849f
Merge pull request #20464 from Luap99/libpod-remote
add !remote tag to packages that should not be included in the remote client + vendor c/common
2023-10-24 15:33:03 +00:00
Paul Holzinger 1b466ccbdc
test/e2e: do not import buildah
We only care about the version so just import the define package for it,
the main buildah package causes big transitive imports which fail to
build with the remote tag (i.e. libimage)

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 13:52:15 +02:00
openshift-ci[bot] ed58ea7849
Merge pull request #20422 from sstosh/api-skip-cgroupv1
test/apiv2: adapt apiv2 test on cgroups v1 environment
2023-10-24 11:23:51 +00:00
Paul Holzinger 8a0968baa2
pkg/specgen: remove config_unsupported.go
This is not used at all but causes a libimage import for non linux
builds which causes bloat for them, with the new !remote tag this is no
longer possible and we have to remove it to fix the build.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:49:40 +02:00
Paul Holzinger cb9dfeb8ec
pkg/parallel/ctr: add !remote tag
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:23:17 +02:00
Paul Holzinger d4a67cf45c
pkg/domain/filters: add !remote tag
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:22:28 +02:00
Paul Holzinger 9cecae8c20
pkg/ps: add !remote tag
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:21:31 +02:00
Paul Holzinger 1d16309908
pkg/systemd/generate: add !remote tag
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:19:30 +02:00
Paul Holzinger bad25da92e
libpod: add !remote tag
This should never be pulled into the remote client.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:11:34 +02:00
Paul Holzinger abb5c86b62
pkg/autoupdate: add !remote tag
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 12:11:10 +02:00
Paul Holzinger 01a750699e
vendor latest c/common
This adds the !remote tag to c/common/libimage which prenents the remote
client from using it.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 11:43:40 +02:00
Paul Holzinger 3615af9037
libpod: remove build support non linux/freebsd
There is no need to carry these stub implementations that just error
anyway. The libpod package can only ever uses on linux and freebsd
anyway and the remote client should never ever import libpod directly.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2023-10-24 11:35:09 +02:00
openshift-ci[bot] 629278ea9f
Merge pull request #20458 from edsantiago/retry_cache_pulls
ginkgo setup: retry cache pulls
2023-10-24 09:29:32 +00:00
openshift-ci[bot] c3b4711791
Merge pull request #20461 from Alan-Cha/main
Fix logging typo
2023-10-24 09:07:34 +00:00
openshift-ci[bot] 36b41997d0
Merge pull request #20456 from rhatdan/storage
not mounted layers should be reported as info not error
2023-10-24 06:33:59 +00:00
Alan Cha 1850670f1e
Fix typo
Signed-off-by: Alan Cha <Alan.cha1@ibm.com>
2023-10-23 23:21:55 -04:00
Toshiki Sonoda 2e57746ffd test/apiv2: adapt apiv2 test on cgroups v1 environment
Some apiv2 tests are now support on cgroups v1 environment.

Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
2023-10-24 11:52:03 +09:00
Ed Santiago c3ba0221ec ginkgo setup: retry cache pulls
Because all registries flake.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2023-10-23 19:29:18 -06:00
openshift-ci[bot] 83f07729c8
Merge pull request #20454 from containers/renovate/github.com-vbatts-git-validation-1.x
fix(deps): update module github.com/vbatts/git-validation to v1.2.1
2023-10-23 20:42:12 +00:00
openshift-ci[bot] 3abf5c9291
Merge pull request #20452 from edsantiago/cache_k8s_pause
CI: stop using registry.k8s.io
2023-10-23 20:39:08 +00:00