Packit's `pre-sync` action allows modification of spec file prior to
dist-git PR creation. This is already being done on containers-common
rpm to update c/storage and c/image verions tags in spec.
This commit will allow `podman version` to show `Git Commit: $SHA` for
copr as well as koji builds.
Ref: https://raw.githubusercontent.com/containers/common/refs/heads/main/.packit.yaml
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This resolves an ordering issue that prevented quotas from being
applied. XFS quotas are applied recursively, but only for
subdirectories created after the quota is applied; if we create
`_data` before the quota, and then use `_data` for all data in
the volume, the quota will never be used by the volume.
Also, add a test that volume quotas are working as designed using
an XFS formatted loop device in the system tests. This should
prevent any further regressions on basic quota functionality,
such as quotas being shared between volumes.
Fixes#25368
Signed-off-by: Matt Heon <mheon@redhat.com>
Additional rpm patching to show upstream short sha in `podman --version`
caused podman-machine-os tests to fail.
This commit gets rid of that patching and instead sets define.gitCommit
LDFLAG for Copr rpms.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
For Copr builds, it will mention the Copr info from where the rpm is
installed.
For non-copr builds, it will mention the value of the packager macro
if set, and skip this field altogether if not.
On local rpm builds, this shows:
```
Build Origin: Lokesh Mandvekar <lsm5@fedoraproject.org>
```
On koji rpm builds, this shows:
```
Build Origin: Fedora Project
```
On copr rpm builds (for eg. rhcontainerbot/playground), this shows:
```
Build Origin: Copr: rhcontainerbot/playground
```
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
The default `gobuild` macro on CentOS Stream 9 now includes support for
`BUILDTAGS`.
CentOS Stream envs now also define `_user_tmpfilesdir` macro by default.
Both these definitions are no longer needed here.
`libtrust_openssl` buildtag is also set in spec wherever relevant.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
We only need qemu-system-[x86|aarch64]-core based on the architecture
along with qemu-img. So, there's no need to pull in all of qemu.
The qemu-system-[x86|aarch64]-core packages are not present on CentOS
Stream and RHEL, so we use qemu-kvm there instead.
Ref: https://github.com/containers/podman/pull/24369/files#r1883658262
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Generated at build time from troubleshooting.md. Purpose is
to ship an actual man page to end users.
Much more complicated than initial guess, because there was
a bug in my Makefile man page filtering, the sed expression
that cleans up markdown that does not translate to roff.
All I've done here is reorder some of the expressions,
stripping off https links *before* we process
podman man page links.
Signed-off-by: Ed Santiago <santiago@redhat.com>
RHEL10 defaults to nftables and doesn't need
/usr/lib/modules-load.d/podman-iptables.conf so this should be Fedora
only.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
All our active envs except centos stream 9 support autochangelog and the
only place we're building rpms via packit on centos stream 9 is on COPR
where we don't really care about changelogs.
Commit also removes a couple of unnecessary slashes from install paths.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
This subpackage will fetch dependencies for podman machine and create a
symlink /usr/libexecdir/podman/virtiofsd -> ../virtiofsd .
Co-authored-by: Colin Walters <walters@verbum.org>
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
Testing `podman system check` requires that we have a way to
intentionally introduce storage corruptions. Add a hidden `podman
testing` command that provides the necessary internal logic in
subcommands. Stub out the tunnel implementation for now.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
This removes the need for any `Provides: bundled()` we needed in spec
files.
The updated Provides will be visible in the build logs and can also be
verified with `rpm -q --provides $RPM_FILE`.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
This commit bumps containers-common dep such that passt and netavark become hard
deps for podman on fedora 40+.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2269148
With this commit, f40+ envs will use the min name-version-release for
containers-common-extra while other deps will use whatever's available.
This change can be reverted after a few releases to keep conditionals to
a minimum.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
... and fix the style.
Currently, the podmansh(1) manual is shipped by the podman package. It
makes one wonder where the binary is, since they can read the manual.
[NO NEW TESTS NEEDED]
Fixes: 3efaffae43 ("New command: podmansh")
Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
At least in all recent Fedora releases, SOURCE_DATE_EPOCH would be set. But the
build should work even if it not set, e.g. in copr builds on c8s. Add 'date +%s'
as a fallback.
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
This is a copy-paste of commit eaa62a52 in podman fedora dist-git.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
Use $SOURCE_DATE_EPOCH instead of the current date
Using the current timestamp makes every build slightly different, breaking build
reproducibility.
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
This is a copy-paste of commit a87dd6f50 in podman fedora dist-git.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
The spec file had
%if %{defined rhel} && 0%{?rhel} < 10
%define gobuild(o:) ...
%endif
...
%if !%{defined gobuild}
BuildRequires: go-rpm-macros
%endif
The intent apparently was to use BR:go-rpm-macros where available, and define
%gobuild as a fallback where they are not available. This was unreliable,
because the package may have been installed already, and then %gobuild would be
defined when the srpm was being built, and then the srpm would NOT have the BR.
Instead, use the same condition to wrap the definition of %gobuild and the BR
lines to that the BR is always emitted when appropriate.
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
This is a copy-paste of commit be971d6fb in podman fedora dist-git.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
Rootless users should be defaulted to point DOCKER_HOST at
$XDG_RUNTIME_DIR/podman/podman.sock
When podman-docker package is installed.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Podman v5 will not support cgroups-v1. This commit will print a warning
if it detects a cgroups-v1 system. The warning can be hidden by setting
envvar `PODMAN_CGROUPSV1_WARNING`.
This warning is patched out for RHEL 9 builds as cgroups-v1 will still
be supported on RHEL 9 systems.
Resolves: https://issues.redhat.com/browse/RUN-1957
[NO NEW TESTS NEEDED]
Co-authored-by: Ed Santiago <santiago@redhat.com>
Co-authored-by: Sascha Grunert <sgrunert@redhat.com>
Co-authored-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
The `version_no_tilde` rpm macro correctly handles both `vX.Y.Z` and
`vX.Y.Z-rcN` git tags. Using this macro instead of `version` will soon
allow Packit to handle RC builds correctly.
Accompanying change in Packit to land soon:
https://github.com/packit/packit/pull/2149
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
We don't have a successful rhel build of gvforwarder so far on the
podman-next copr, so any RHEL users of podman-next will have trouble
installing podman if it's a gvforwarder is a hard dep.
Switching gvforwarder to a Recommends until that's resolved.
The ELN environment is an exception as it gets dependencies updated a
lot quicker.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This change will allow `podman --version` from COPR rpm builds to be of
the form `X.Y.Z-dev-SHORT_SHA`.
Also specify a `copr_build` macro as it feels more intuitive
than `copr_username` or `copr_project`.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
gvisor-tap-vsock is now a standalone package for Fedora 38 and higher so
we can simplify the rpm spec a lot by removing all subpackage
references.
If we need to bump podman on Fedora 37, that can be handled manually on
Fedora itself. The Packit config can be left unchanged. Any packit PRs created on
Fedora dist-git for Fedora 37 can simply be closed without merging.
Fedora 37 will go EOL soon so not much of a point to changing packit
config to exclude Fedora 37.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
The lowercase `and` in the License field isn't compatible with spdx
license format.
This commit replaces all `and` with `AND` in the License field in spec.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Include dependencies in rpm/podman.spec to make it easy for end users to
build podman from source. This way users can install all build
dependencies by running `dnf -y builddep rpm/podman.spec`.
This is not usually noticeable except on container environments where
man-db often isn't installed by default.
Refs:
https://github.com/containers/podman.io/issues/157https://github.com/containers/podman.io/pull/174
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
`git describe` is lagging on main so this commit updates
`rpm/update-sepc-version.sh` to generate the expected version.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
go-md2man is fragile, especially around tables (#18678, #19278).
Podman man pages are finely tuned to look OK using v2.02, which
is what we vendor in test/tools, so we should really use it
instead of whatever is installed on the system.
This fixes 'make docs' on RHEL8, broken as of #19278.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The tests & podmansh sub-package depend on podman which already pull in the
LICENSE & doc files. According to the packaging guidelines, these files need not
be added to the subpackages.
[NO NEW TESTS NEEDED]
Signed-off-by: Dan Čermák <dcermak@suse.com>
gvproxy doesn't currently build on rawhide because of go1.21.
It can be included as a standalone package on copr.
It is currently open for review on bugzilla until which fedora releases can't
include it. Official rawhide should be able to fetch the last active build of
gvproxy, the min version requirement has been removed to allow it.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2224434
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Lokesh Mandvekar
Matt Heon
openshift-merge-bot[bot]
Lokesh Mandvekar
Paul Holzinger
Jindrich Novy
Ed Santiago
Nalin Dahyabhai
joshua-stone
Debarshi Ray
Daniel J Walsh
Yaakov Selkowitz
OpenShift Merge Robot
Dan Čermák