Previously, it was quite difficult to affect changes to VM cache images
without lots of manual work. This commit adds a new optional testing
task which mirrors the official-image build task which only runs on
master. In contrast, the new task may be run at any time in a PR, but
including a magic phrase in the PR description.
Update documentation to describe the new task and inform on it's usage.
Signed-off-by: Chris Evich <cevich@redhat.com>
replace two usage of kwait.ExponentialBackoff in favor of WaitForFile
that uses inotify when possible.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
force the resources block to be empty instead of having default
values.
Regression introduced by 8e88461511
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Mark hidden all references to signature-policy
Default all uses of --authfile
Add --authfile support to podman run and podman create.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
enable polling also when using inotify. It is generally useful to
have it as under high load inotify can lose notifications. It also
solves a race condition where the file is created while the watcher
is configured and it'd wait until the timeout and fail.
Closes: https://github.com/containers/libpod/issues/2942
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Mainly add support for podman build using --overlay mounts.
Updates containers/image also adds better support for new registries.conf
file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
I'd left this out in a4b483c848 (libpod/container_internal: Deprecate
implicit hook directories, 2018-12-02, #1920).
Signed-off-by: W. Trevor King <wking@tremily.us>
`string.Split()` splits into slice of size greater than 2
which may result in loss of environment variables
fixes#3132
Signed-off-by: Divyansh Kamboj <kambojdivyansh2000@gmail.com>
add a shortcut for joining immediately the namespace so we don't need
to re-exec Podman.
With the pause process simplificaton, we can now attempt to join the
namespaces as soon as Podman starts (and before the Go runtime kicks
in), so that we don't need to re-exec and use just one process.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
use a pause process to keep the user and mount namespace alive.
The pause process is created immediately on reload, and all successive
Podman processes will refer to it for joining the user&mount
namespace.
This solves all the race conditions we had on joining the correct
namespaces using the conmon processes.
As a fallback if the join fails for any reason (e.g. the pause process
was killed), then we try to join the running containers as we were
doing before.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
For people who want to install podman remote or podman
only we need to separate out the two install commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
There were some build issues updating cri-o to cri-o/cri-o. Since the only thing we need cri-o for is conmon, we should just build using conmon.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
Chris Evich
OpenShift Merge Robot
Giuseppe Scrivano
TomSweeneyRedHat
Daniel J Walsh
Divyansh Kamboj
Matthew Heon
W. Trevor King
Nathaniel Kofalt
Peter Hunt
Matthew Heon
Nalin Dahyabhai
Valentin Rothberg