On external monitors with different resolutions, our pkginstaller logo renders poorly. Using vector graphics solves this problem.
Signed-off-by: Ashley Cui <acui@redhat.com>
The current macos installer gvproxy version has a number of issues
around dns handling[1,2]. They should be fixed now in 0.8.3 as they
reverted the dns changes back to the 0.7.5 code. This should make it
work like it used to be. Our 5.3.2 installer ships the 0.7.5 version so
users of the podman installer never noticed that but we got plenty of
reports from brew users. This needs to be backported into v5.4 to make
sure we do not ship the broken version as part of the installer.
[1] https://github.com/containers/gvisor-tap-vsock/issues/462
[2] https://github.com/containers/gvisor-tap-vsock/issues/466
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
BuildOrigin is a field that can be set at build time by packagers. This helps us trace how and where the binary was built and installed from, allowing us to see if the issue is due to a specfic installation or a general podman bug. This field shows up in podman version and in podman info when populated. Note that podman info has a new field, Client, that only appears when running podman info using the remote client.
Automatically set the BuildOrigin field when building the macOS pkginstaller to pkginstaller.
Usage: make podman-remote BUILD_ORIGIN="mypackaging"
Signed-off-by: Ashley Cui <acui@redhat.com>
The go module was update to 0.6.0 but podman is still installing an
older binary. This is not really a problem, but better to use the
latest version.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
This PR adds the man1 pages to the mac installer. It also sticks a
small configuration file into /usr/local/etc/man.d that allows macos
and the man binary to look for the podman pages in /opt/podman/docs/man.
Fixes#24756
Signed-off-by: Brent Baude <bbaude@redhat.com>
This contains a fix for a gvproxy crash on macos on fast connections
with heavy network load.
This should fix https://github.com/containers/podman/issues/23114
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Extend Makefile and package.sh to download, sign and bundle krunkit and
its dependencies into the package.
Signed-off-by: Sergio Lopez <slp@redhat.com>
we are having second thoughts about *requiring* a policy.json on podman
machine hosts. we are concerned that we need to work out some more use
cases to be sure we do not make choices now that limit us in the near
term future. for example, should the policy files be the same for
container images and machine images? And should one live on the host
machine and the other live in the machine?
therefore, if a policy.json *is* present in the correct location, we will use and honor it; however, if it does not, we will allow the machine image to be pulled without a policy.
Signed-off-by: Brent Baude <baude@redhat.com>
Co-authored-by: Paul Holzinger <45212748+Luap99@users.noreply.github.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
vfkit needs the com.apple.security.virtualization entitlement or it
wont' be able to start virtual machines:
Error: Error Domain=VZErrorDomain Code=2 Description="Invalid virtual machine configuration. The process doesn’t have the “com.apple.security.virtualization” entitlement." UserInfo={
NSLocalizedFailure = "Invalid virtual machine configuration.";
NSLocalizedFailureReason = "The process doesn\U2019t have the \U201ccom.apple.security.virtualization\U201d entitlement.";
}
This fixes https://github.com/containers/podman/issues/21842
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
When there is no signing identity to pass to the macOS `codesign` tool,
we can use `-` instead as the identity to perform ad-hoc signing.
From `man codesign`:
> If identity is the single letter "-" (dash), ad-hoc signing is
> performed. Ad-hoc signing does not use an identity at all
This makes it easier to test the sign() code-path in package.sh as
we'll run the same code regardless of `NO_CODESIGN` being set or not.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
This updates the Windows installer and macOS installer to ship the newer
binaries, as well as the vendored gvisor-tap-vsock code.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Make sure we can install podman even when the podman-mac-helper install
command fails. This used to be the behavior but commit bae07b6ea2 caused
the regression because the binary now returns 1 as exit code on errors.
[NO NEW TESTS NEEDED] I am not sure if we can test the install step in
CI.
Fixes#17910
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Allow the pkginstaller makefile target to take advantage of Podman's version binary, alleviating the need to manually set Podman's version (and inevitably forgetting to do so). This means the pkginstaller Makefile will automatically detect what version of Podman we're packaging.
Signed-off-by: Ashley Cui <acui@redhat.com>
to compile arm bits the GOARCH should be set to amd64 script
was wrongly using aarch64 instead
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
we were not using the correct GOARCH to build the podman remote
and podman-mac-helper binaries, this uses the ARCH value passed
to the make invocation to set the GORACH
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
this updates downloading of gvproxy and qemu using a standard
makefile rule which will avoid downloading them again if its
already downloaded
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
add file hvf.entitlements which has the com.apple.security.hypervisor
entitlement needed for qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
it installs podman and supporting binaries along with
qemu to have a functioning podman install using a pkg
podman and podman-mac-helper is compiled from source
gvproxy binary is downloaded from its github releases
and qemu from github release of containers/podman-machine-qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
openshift-merge-bot[bot]
Yevhen Vydolob
Ashley Cui
Paul Holzinger
Christophe Fergeau
Brent Baude
Sergio Lopez
Gunjan Vyas
Brent Baude
Jake Correnti
Anjan Nath
Jason T. Greene
OpenShift Merge Robot