We should return the raw state string without any extra formatting in
this case.
`{{.Status}}` returns the nicely formatted string used in the default ps
output, e.g. `Up 2 seconds ago`, while `{{.State}}` returns the state as
string, e.g. `running`.
This matches the docker output and allows better use in scripts.
Fixes#18244
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Resolves Win Installer CI issues where dep processing variance can
pull in gpgme, which doesn't compile on Windows without a
specialized msys2 setup.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
sysinfo.NumCPU already falls back to runtime.NumCPU in case the
platform-specific sysinfo.numCPU returns 0, see
554799639f/pkg/sysinfo/numcpu.go (L8-L13)
Also omit a second call to sysinfo.NumCPU and use the result from the
earlier call.
[NO NEW TESTS NEEDED]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Wire in support for writing the digest of the pushed image to a
user-specified file. Requires some massaging of _internal_ APIs
and the extension of the push endpoint to integrate the raw manifest
(i.e., in bytes) in the stream.
Closes: #18216
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Closes#17767Closes#17768
System test for image list and history dates
* Changed field separator in the test to `;` for easier parsing
* Converted date output from image history and image list to be comparable
Signed-off-by: rbagd <mail@rbagd.eu>
Allow users to customize the network_interface option is the network
config. For bridge this allows users to change the bridge name and for
maclvan it will be the same as `--opt parent=...`.
However the main reason for this option is to allow netavark plugins to
make use of it. I demoed the host-device plugin which makes use of this
as an example. While we could let users set them via --opt it is more
natural to just use the field which is designed for that purpose.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Use the kube_generate_type from the containers.conf as
the default value for the --type flag for kube generate.
Override the default when userexplicitly sets the --type
flag.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Buildah uses a different logic to pass environment variable to executor
now after: https://github.com/containers/buildah/pull/4702/files so
podman should same logic and pass env by reference.
Signed-off-by: Aditya R <arajan@redhat.com>
Bump containers/(storage, common, buildah and image)
Changes since 2023-01-01:
- skip mount-cache-selinux-long-name test under remote, with
a FIXME requesting that someone see if it can be made to work.
- skip six tests that fail under rootless-remote
- add new --build-arg-file option:
- update man page
Squash of:
* cf56eb1865
* 561f082772
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Aditya R <arajan@redhat.com>
At the time of making this commit, the package `github.com/ghodss/yaml`
is no longer actively maintained.
`sigs.k8s.io/yaml` is a permanent fork of `ghodss/yaml` and is actively
maintained by Kubernetes SIG.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
I recently wanted to check which version of Quadlet I was using and
found a `-version` flag to be missing. Since Quadlet and Podman are
bundled together, it seems reasonable to me for them to share the same
version.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Purely cosmetic change for consistency.
[NO NEW TESTS NEEDED] as it doesn't change functionality.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add the command along with the abi and tunnel support
Add e2e tests
Add man page
Add apiv2 test to ensure return codes
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
The podman kube generate command can now generate a
Deployment kind when the --ype flag is set to deployment.
By default, a Pod spec will be generated if --type flag is
not set.
Add --replicas flag to kube generate to allow users to set
the value of replicas in the generated yaml when generating a
Deployment kind.
Add e2e and minikube tests for this feature.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Since commit bae07b6ea2 we exit with 1 one errors. This caused problem
for the mac installer which fails because of the error now.
If the helper is already installed do not treat this as hard error and
just log it instead.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
with libhvee, we are able to do the basics of podman machine management
on hyperv. The basic functions like init, rm, stop, and start are all
functional. Start and stop will periodically throw a benign error
processing the hyperv message being returned from the action. The error
is described in the todo's below.
notable items:
* no podman commands will work (like ps, images, etc)
* the machine must be initialized with --image-path and fed a custom image.
* disk size is set to 100GB statically.
* the vm joins the default hyperv network which is TCP/IP network based.
* podman machine ssh does not work
* podman machine set does not work
* you can grab the ip address from hyperv and fake a machine connection
with `podman system connection`.
* when booting, use the hyperv console to know the boot is complete.
TODOs:
* podman machine ssh
* podman machine set
* podman machine rm needs force bool
* disk size in NewMachine is set to 100GB
* podman start needs to wait until fully booted
* establish a boot complete signal from guest
* implement gvproxy like user networking
* fix benign failures in stop/start -> Error: error 2147749890 (FormatMessage failed with: The system cannot find message text for message number 0x%1 in the message file for %2.)
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
When we searching any image at a container registry,
--cert-dir and --creds could be required
as well as push, pull, etc.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
We should return a proper exit code to signal the failure.
[NO NEW TESTS NEEDED] We do have any tests on macOS.
Fixes#17785
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The --stream flag is being used extensively in the tests and some blog
posts refer to it which has been causing some confusion on why the flag
was hidden. I do not see a good reason to hide it anymore, so unhide it
and add some docs.
[NO NEW TESTS NEEDED] as it's already being tested.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Currently Podman prevents SELinux container separation,
when running within a container. This PR adds a new
--security-opt label=nested
When setting this option, Podman unmasks and mountsi
/sys/fs/selinux into the containers making /sys/fs/selinux
fully exposed. Secondly Podman sets the attribute
run.oci.mount_context_type=rootcontext
This attribute tells crun to mount volumes with rootcontext=MOUNTLABEL
as opposed to context=MOUNTLABEL.
With these two settings Podman inside the container is allowed to set
its own SELinux labels on tmpfs file systems mounted into its parents
container, while still being confined by SELinux. Thus you can have
nested SELinux labeling inside of a container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
there are no commands that are not supported by rootless mode, but
some commands require to run in the user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add a hidden flag to set the database backend and plumb it into
podman-info. Further add a system test to make sure the flag and the
info output are working properly.
Note that the test may need to be changed once we settled on how
to test the sqlite backend in CI.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add a way to keep play kube running in the foreground and terminating all pods
after receiving a a SIGINT or SIGTERM signal. The pods will also be
cleaned up after the containers in it have exited.
If an error occurrs during kube play, any resources created till the
error point will be cleane up also.
Add tests for the various scenarios.
Fixes#14522
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
when running rootless on cgroupv1, Podman+OCI runtime do not setup a
separate cgroup for the container. Spawned containers will run in the
same cgroup as the podman system service process, thus will be killed
when the cgroup is destroyed, as it is the case when running as a
systemd service.
[NO NEW TESTS NEEDED]
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2170444
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
before we can support hyperv as a virtualization option for podman
machine, several areas in machine will require cleanup. this is the
first pass of these changes to keep the review burden low. changes
include:
* convert artifact, format (image format) and compression to enums
with string methods
* rename Provider interface to VirtProvider
* change Provider implementation in QEMU to QEMUVirt
* change Provider implementation in WSL to WSLVirt
as mentioned earlier, there will be several more of these refactoring
PRs because assumptions were made about associations of platforms and
virt providers as well as compression and image formats.
Signed-off-by: Brent Baude <bbaude@redhat.com>
OpenShift Merge Robot
huangyanfeng
Jason T. Greene
Carlo Teubner
Paul Holzinger
Tobias Klauser
openshift-ci[bot]
Valentin Rothberg
rbagd
Park Jaeon
Urvashi Mohnani
Aditya R
Eng Zer Jun
Ygal Blum
Daniel J Walsh
Brent Baude
Toshiki Sonoda
Giuseppe Scrivano
vyasgun
Matt Heon