In case a future maintainer asks "why" all these weird looking
four-letter architectures are present here and in CI.
Signed-off-by: Chris Evich <cevich@redhat.com>
Since gvisor-tap-vsock 0.7.1, the upstream project ships pre-built
Windows binaries for gvproxy and win-sshproxy. These binaries are built
with -Hwindowsgui as needed by podman.
This makes the same change in winmake.ps1, but I had to hardcode
gvisor-tap-vsock version in one more place.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
I'm not sure about apparmor tag. Atleast runc isn't using it anymore.
"apparmor (since runc v1.0.0-rc93 the feature is always enabled)" from https://github.com/opencontainers/runc
containers-common still seems to check for apparmor, so not touching it for now.
Signed-off-by: Rahil Bhimjiani <rahil3108@gmail.com>
Shortcuts like unix:path and unix:/path do not work everywhere,
so make sure to use unix://path when quoting the url (or address)
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
The mandoc(1) utility is used for this on FreeBSD systems. This fixes a
confusing (but harmless) series of error messages when building manpages
on FreeBSD.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
This tool sometimes throws nonsensical or difficult to debug errors.
Verifying DCO and white-space issues in commits has long since been
moved to other tools (github-actions and git pre-commit hooks). There's
no need to duplicate these checks with the git-validation tool.
Signed-off-by: Chris Evich <cevich@redhat.com>
go-md2man is fragile, especially around tables (#18678, #19278).
Podman man pages are finely tuned to look OK using v2.02, which
is what we vendor in test/tools, so we should really use it
instead of whatever is installed on the system.
This fixes 'make docs' on RHEL8, broken as of #19278.
Signed-off-by: Ed Santiago <santiago@redhat.com>
A small number of tests are assuming that TMPDIR == /tmp. These
tests fail when that assumption does not hold.
Set TMPDIR=/var/tmp on prior-fedora, as a way to catch those.
/dev/shm would be a slightly better choice, because the
string "tmp" does not appear it in, but it's way too
small to be of any use: it fills up in the e2e prefetch.
This PR exposed a nasty bug in our Makefile: using "TMPDIR"
as temporary variable completely unrelated to (and inconsistent
with) the actual established use of TMPDIR. Solution: rename
that variable and make it lower case. Do the same with two
other ALL-CAP variables.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This was replaced by the setup.exe burn installer several releases ago,
and only kept around as a fallback. Remove it since it is no longer
maintained and not recommended for use.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Every so often we hear reports of a corrupt man page table,
where columns are misaligned in nonsensical ways. The
traditional symptom looks like:
|----------------|--------------|
| option name | |
|----------------|--------------|
| | description |
|----------------|--------------|
Cause: one of the tools in the man page generation chain,
maybe 'man' itself, has an undocumented length limit on
table cells, _and_ an undocumented page width as well.
If you exceed these undocumented limits, you get corrupt
man pages. Silently.
This adds a horrible test for those. And I mean horrible:
- unreadable
- unmaintainable
- unreliable (heuristic, no guarantees)
- slows down 'make docs' (less than a second, but still)
I've tested by adding long '| sdf sdf | dsf |' rows to
a few man pages, and it triggers. That's the only good
thing I can say about it.
Other approaches I tried:
- man -l -Tascii | grep non-ascii-art
- man -l ... 2>&1 | grep "table wider than"
- perusing the generated .1/.5 pages, seeing if my eye
can detect something different about too-long cells
- same, using 'tbl'
- checking for too-long cells in the source document
...and more that I've forgotten. This was the only way
that produced reliable errors. If you have a better way,
please oh please submit it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
package and package-install targets have been renamed
to rpm and rpm-install respectively for clarity.
`make rpm` will now build rpm using HEAD.
Resolves: #18817
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
1.18 is EOL and we should not have to set this since the current
versions should generate compatible go.sum files anyway.
This is an attempt to fix broken renovate PRs which create a different
go.sum and thus do not pass CI checks.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Podman is basically unusable without cgo, checking if it compiles
without adds no value and just tricks people into thinking it works when
it does not.
This means we do not need extra to NOP out a lot of cgo calls with
functions that just return an error like `XXX is not supported without
cgo`.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This flag is not supported on BSD-derived systems including FreeBSD and
macos. We can get exactly the same symlink by passing the desired
relative path as source argument to 'ln -sf'.
Signed-off-by: Doug Rabson <dfr@rabson.org>
It's a bit cumbersome to manage a tooling version buried deep in a
command, let alone one also buried deep in a `Makefile`. Add a
variable to hold the version number so renovate can easily manage it.
This happens via a `regex` manager in the shared configuration
include `containers/automation//renovate/defaults.json5`. Also add a
helpful note/reminder to humans who may want to manually change the
version for some reason.
Depends on: https://github.com/containers/automation/pull/145
Signed-off-by: Chris Evich <cevich@redhat.com>
This commit creates a new command `podmansh` command which can be used by
administrators to provide a confined shell to their users.
The user will only have access to the volumes and capabilities for that
user.
Co-authored-by: Paul Holzinger <pholzing@redhat.com>
Co-authored-by: Daniel Walsh <dwalsh@redhat.com>
Co-authored-by: Petr Lautrbach <lautrbach@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Because of a c/storage change[1] all we get a lot of new dependencies in
rootlessport despite not using them. Add build tags to exclude storage
drivers to make the binary smaller until it get addressed in c/storage.
This saves about 800 MB but the bloat due that change is still causing
us to gain over 2 MB. This is not ideal but we should get vendoring
going and not wait any longer.
[1] https://github.com/containers/storage/pull/1618
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
On FreeBSD, it usually lives in /usr/local/bin/bash. This uses the shell
'commmand' builtin to find the path which works in bash, dash and the
FreeBSD /bin/sh.
Signed-off-by: Doug Rabson <dfr@rabson.org>
Work around a go-md2man bug, and add a check script to make sure
this doesn't hit us again.
Background: go-md2man can't deal with a left-hand column > 31 chars.
It produces man pages that look like:
| Something With >31 Character | |
| | ..description |
(should be all on one row). It also has trouble when the vertical
bars are misaligned: it completely removes the right-hand side.
There's almost certainly a better solution: fix go-md2man, or
use a different conversion tool, or maybe even pre/postprocess.
But this is a quick interim solution.
Sorry for the perl. This could be done in bash/sed/awk/grep,
but not with any sort of sane error messages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Get rid of `podman.spec.rpkg` in favour of
`rpm/podman.spec` which gets synced with fedora dist-git on every
upstream release. The version in the new spec file is set to `0` by
default and gets updated by packit automatically on every packit task.
For local manual rpm builds using the spec, the helper script in the
`rpm/` subdir will update the Version field with the latest version
found in the upstream repo.
Packit will automatically create a PR on fedora dist-git on every new
upstream release. A sample PR will look like:
https://src.fedoraproject.org/rpms/container-selinux/pull-request/10#
A dry run for this can be triggered using:
`$ packit propose-downstream --local-content`
To run this command locally, you would need to have your packit
user-configuration-file set.
Ref: https://packit.dev/docs/configuration/#user-configuration-file
along with a fedora api key created at:
https://src.fedoraproject.org/settings#nav-api-tab with sufficient ACLs.
Also includes a revised `package` Makefile target which will build rpms
using `rpm/podman.spec`. Fixes: #18421.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
When running ginkgo tests locally we often only want to test a small
subset. I think most people just add the `FIt` block but then you need
to remember to undo that before pushing the changes.
With this change you can just run:
```
make localintegration FOCUS="test name here"
make localintegration FOCUS_FILE="some_test.go"
```
I updated the test Readme to use this new syntax.
The options just map to the ginkgo options, see the upstream docs
linked in the readme for more information about syntax.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
There are days when I really, really, really hate GNU. Remember
when someone decided that 'head -1' would no longer work, and
that it was OK to break an infinite number of legacy production
scripts? Someone now decided that egrep/fgrep are deprecated,
and our CI logs (especially pr-should-include-tests) are now
filled with hundreds of warning lines, making it difficult
to find actual errors.
I expect that those warnings will be removed quickly after
furious community backlash, just like the 'head -1' fiasco
was quietly reverted, but ITM the warnings are annoying
so I capitulate.
Signed-off-by: Ed Santiago <santiago@redhat.com>
ginkgo v2 has new options, --junit-report and --json-report.
The JUNIT one is utterly worthless: no timing data, no
separation between test output (podman commands) and
ginkgo output (filenames, linenumbers). JSON goes the
other direction, super-complicated, but I think I can
work with it. Let's try it.
This PR does not actually _do_ anything with the json; all
we do is save it. Over time, I'll download and play with it
and see what I can do with it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
while reworking ginkgo to use -p by default we also forced the machine
tests to be run in parallel. Right now this does not work at all
(something that should be fixed).
Using -p is easier becuase that will let ginkgo decide how many parallel
nodes to use so it much faster on high core counts.
So use some makefile magic to instaed of using `GINKGONODES` use
`GINKGO_PARALLEL` and set it to `y` by default. The machine tests will
then use that var to disable it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Porting them over to v2 requires a full rewrite.
IT is not clear who actually uses these benchmarks, Valentin who wrote
them originally is in favor of removing them. He recommends to use
script from hack/perf instead.
This commit also drop the CI integration, it is not clear who actually
uses this data. If it is needed for something please speak up.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using -p autodetect the number of cores and thus spins up workers as
needed, this should help speeding up e2e tests, especially locally.
Also -vv for mor everbose logging.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
- switch long flags to use `--`
- move the renamed flages noColor, flakeAttempts, outputdir
- remove no longer needed flag -progress
also see https://onsi.github.io/ginkgo/MIGRATING_TO_V2
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Chris Evich