Commit Graph

677 Commits

Author SHA1 Message Date
Daniel J Walsh 6609bb73aa
Fix use of infra image to clarify default
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-01-31 17:21:25 -05:00
tomsweeneyredhat 4a4d86d40f Bump Buildah to v1.24.0
Bumps Buildah to v1.24.0 and adopts the new values for pull:
true, false, never, and always.  The pull-never and pull-always options
for the build command are still usable, but they have been removed from
the man page documentation with this change.

Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
2022-01-27 07:03:56 -05:00
dependabot[bot] ab22a688d8
Bump github.com/containers/image/v5 from 5.18.0 to 5.19.0
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.18.0 to 5.19.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.18.0...v5.19.0)

---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-26 15:15:46 +00:00
dependabot[bot] 9916529880
Bump github.com/containers/storage from 1.38.0 to 1.38.1
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.38.0 to 1.38.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.38.0...v1.38.1)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-26 12:06:51 +00:00
Valentin Rothberg e22b9889d6 vendor c/psgo@v1.7.2
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2022-01-20 16:56:20 +01:00
Aditya R 2c492be00a
vendor: bump c/common and other vendors
This commit bumps majorly c/common so netavark features could be synced
with podman.

But there are some other vendor bumps as well

[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
2022-01-20 12:40:11 +05:30
dependabot[bot] a0165a64b9
Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.0.3...v1.1.0)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 12:09:54 +00:00
Paul Holzinger 774271c38a
upgrade all dependencies
The dependabot does not update dependencies when they do not use a tag.
This patch upgrades all untagged depenencies if possible.

You can upgrade all dependencies with `go get -u ./... && make vendor`
in theory however this failed since the k8s changes do not compile on
go v1.16 so I only updated the other dependencies.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-01-18 16:27:00 +01:00
OpenShift Merge Robot 55ad6188b0
Merge pull request #12900 from containers/dependabot/go_modules/github.com/opencontainers/runc-1.1.0
Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
2022-01-18 10:04:10 -05:00
dependabot[bot] 4adf457ff3
Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.0.3...v1.1.0)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-18 12:08:58 +00:00
Valentin Rothberg bd09b7aa79 bump go module to version 4
Automated for .go files via gomove [1]:
`gomove github.com/containers/podman/v3 github.com/containers/podman/v4`

Remaining files via vgrep [2]:
`vgrep github.com/containers/podman/v3`

[1] https://github.com/KSubedi/gomove
[2] https://github.com/vrothberg/vgrep

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2022-01-18 12:47:07 +01:00
Paul Holzinger 06ad51c83b
update c/common to latest
This contains changes that are needed to enable netavark e2e testing.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-01-17 15:58:45 +01:00
Evan Lezar 968deb7c2c Use new CDI API
This change updates the CDI API to commit 46367ec063fda9da931d050b308ccd768e824364
which addresses some inconistencies in the previous implementation.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
2022-01-14 13:35:22 +01:00
Paul Holzinger 0151e10b62
update buildah to latest and use new network stack
Make sure buildah uses the new network stack.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-01-12 17:40:12 +01:00
OpenShift Merge Robot 2cdab5d539
Merge pull request #12824 from containers/dependabot/go_modules/github.com/BurntSushi/toml-1.0.0
Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
2022-01-12 15:26:20 +01:00
dependabot[bot] 47374aac86
Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 0.4.1 to 1.0.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](https://github.com/BurntSushi/toml/compare/v0.4.1...v1.0.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-12 12:09:14 +00:00
Valentin Rothberg 485305a5fc vendor latest c/common
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2022-01-12 12:43:21 +01:00
Valentin Rothberg b7380a7c36 vendor c/common
Also update the e2e pull test to account for the changes when pulling
from the dir transport.  Images pulled via the dir transport are not
tagged anymore; the path is not a reliable source.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2022-01-10 16:25:37 +01:00
Jason T. Greene 803defbe50 Introduce Windows WSL implementation of podman machine
[NO NEW TESTS NEEDED] for now

Signed-off-by: Jason Greene <jason.greene@redhat.com>
2021-12-24 19:28:10 -06:00
Adrian Reber d669dbfb9f
Error out early if system does not support pre-copy checkpointing
CRIU's pre-copy migration support relies on the soft dirty page tracking
in the Linux kernel:

 https://www.kernel.org/doc/Documentation/vm/soft-dirty.txt

This functionality is not implemented for all architectures and it can
also be turned off in the kernel.

CRIU can check if the combination of architecture/kernel/CRIU supports
the soft dirty page tracking and exports this feature checking
functionality in go-criu.

This commit adds an early check if the user selects pre-copy
checkpointing to error out if the system does not support it.

Signed-off-by: Adrian Reber <areber@redhat.com>
2021-12-23 09:51:38 +00:00
Adrian Reber b746b22564
Update go-criu to v5.3.0
Signed-off-by: Adrian Reber <areber@redhat.com>
2021-12-23 09:51:38 +00:00
Radostin Stoyanov 2d7dbda415
Update github.com/checkpoint-restore/checkpointctl
DevShmCheckpointTar constant has been recently introduced in
checkpointctl. This constant will be used in subsequent patch and this
patch contains auto-generated changes with the following commands:

go get github.com/checkpoint-restore/checkpointctl
go mod tidy
go mod vendor

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2021-12-23 05:36:46 +00:00
Giuseppe Scrivano 3570c38ffe
vendor: update containers/storage
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2021-12-20 10:09:34 +01:00
Paul Holzinger 03a3fc37fe
bump cobra to 1.3.0
This contains some fixes for the shell completion files.

[NO NEW TESTS NEEDED]

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2021-12-16 15:28:39 +01:00
dependabot[bot] 5a071d9f50
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.11+incompatible to 20.10.12+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.11...v20.10.12)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-14 12:28:51 +00:00
dependabot[bot] 6c05961baa
Bump github.com/uber/jaeger-client-go
Bumps [github.com/uber/jaeger-client-go](https://github.com/uber/jaeger-client-go) from 2.29.1+incompatible to 2.30.0+incompatible.
- [Release notes](https://github.com/uber/jaeger-client-go/releases)
- [Changelog](https://github.com/jaegertracing/jaeger-client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber/jaeger-client-go/compare/v2.29.1...v2.30.0)

---
updated-dependencies:
- dependency-name: github.com/uber/jaeger-client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-08 12:25:53 +00:00
Valentin Rothberg d87a9b788b vendor c/image/v5@main
Mainly to pull in fixes for #11636 which handles credential helpers
correctly.

Fixes: #11636
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-12-07 17:20:47 +01:00
dependabot[bot] c91fb244c4
Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Commits](https://github.com/opencontainers/runc/compare/v1.0.2...v1.0.3)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-06 12:28:06 +00:00
Valentin Rothberg 76f5100be5 vendor c/common@main
Update the `--filter reference=...` tests to reflect recent changes in
c/common.  The reference values now match as specified without
implicitly adding wildcards arounds.

Fixes: #11905
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-12-06 09:33:39 +01:00
OpenShift Merge Robot 999fe0d893
Merge pull request #12360 from rhatdan/VENDOR
Bump storage
2021-12-03 14:52:50 +01:00
Daniel J Walsh ecd48325f6
UPdate vendor of image-spec and containers/storage
This should get rid of the nasty warning on the github site.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-12-02 14:04:24 -05:00
Giuseppe Scrivano fe1cdab59f
vendor: update containers/common
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2021-12-02 18:32:13 +01:00
Valentin Rothberg 5bdd571b1e compat API: allow enforcing short-names resolution to Docker Hub
The Docker-compatible REST API has historically behaved just as the rest
of Podman and Buildah (and the atomic Docker in older RHEL/Fedora) where
`containers-registries.conf` is centrally controlling which registries
a short name may resolve to during pull or local image lookups.  Please
refer to a blog for more details [1].

Docker, however, is only resolving short names to docker.io which has
been reported (see #12320) to break certain clients who rely on this
behavior.  In order to support this scenario, `containers.conf(5)`
received a new option to control whether Podman's compat API resolves
to docker.io only or behaves as before.

Most endpoints allow for directly normalizing parameters that represent
an image.  If set in containers.conf, Podman will then normalize the
references directly to docker.io.  The build endpoint is an outlier
since images are also referenced in Dockerfiles.  The Buildah API,
however, supports specifying a custom `types.SystemContext` in which
we can set a field that enforces short-name resolution to docker.io
in `c/image/pkg/shortnames`.

Notice that this a "hybrid" approach of doing the normalization directly
in the compat endpoints *and* in `pkg/shortnames` by passing a system
context.  Doing such a hybrid approach is neccessary since the compat
and the libpod endpoints share the same `libimage.Runtime` which makes
a global enforcement via the `libimage.Runtime.systemContext`
impossible.  Having two separate runtimes for the compat and the libpod
endpoints seems risky and not generally applicable to all endpoints.

[1] https://www.redhat.com/sysadmin/container-image-short-names

Fixes: #12320
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-11-30 14:22:52 +01:00
Valentin Rothberg 0d1aaf080e image lookup: do not match *any* tags
For reasons buried in the history of Podman, looking up an untagged
image would match any tag of matching image. For instance, looking up
centos would match a local image centos:foobar.  Change that behavior
to only match the latest tag.

Fix: #11964
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-11-23 11:15:03 +01:00
Daniel J Walsh ed83ef2517
Merge pull request #12384 from containers/dependabot/go_modules/github.com/containers/image/v5-5.17.0
Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0
2021-11-22 14:26:45 -05:00
dependabot[bot] 73e95d1c3e
Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.16.1 to 5.17.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.16.1...v5.17.0)

---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-22 17:01:27 +00:00
dependabot[bot] f564c9a342
Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.9.1 to 1.10.0.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.9.1...v1.10.0)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-22 12:28:07 +00:00
Daniel J Walsh 44b2404702
Bump github.com/rootless-containers/rootlesskit from 0.14.5 to 0.14.6
Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.5 to 0.14.6.
- [Release notes](https://github.com/rootless-containers/rootlesskit/releases)
- [Commits](rootless-containers/rootlesskit@v0.14.5...v0.14.6)

---
updated-dependencies:
- dependency-name: github.com/rootless-containers/rootlesskit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-19 14:26:03 -05:00
OpenShift Merge Robot 63196c26a9
Merge pull request #12344 from containers/dependabot/go_modules/github.com/docker/docker-20.10.11incompatible
Bump github.com/docker/docker from 20.10.10+incompatible to 20.10.11+incompatible
2021-11-19 02:40:09 +01:00
dependabot[bot] 19400ec0d6
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.10+incompatible to 20.10.11+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.10...v20.10.11)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-18 19:56:40 +00:00
dependabot[bot] 7f96a8d2d0
Bump k8s.io/api from 0.22.3 to 0.22.4
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.3 to 0.22.4.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.22.3...v0.22.4)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-18 19:42:07 +00:00
Daniel J Walsh 364b242b70
Set config environment variables early in Podman init
Fixes: https://github.com/containers/podman/issues/12296

[NO NEW TESTS NEEDED] because there is no easy way to test this.
Tests are in containers/common.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-11-15 14:36:23 -05:00
Valentin Rothberg 1ef66d6d7f podman load: support downloading files
Support downloading files, for instance via
`podman load -i server.com/image.tar`.  The specified URL is downloaded
in the frontend and stored as a temp file that gets passed down to the
backend.

Also vendor in c/common@main to use the new `pkg/download`.

Fixes: #11970
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-11-10 15:43:16 +01:00
Valentin Rothberg faf450ea18 support health checks from image configs
Health checks may be defined in the container config or the config of an
image.  So far, Podman only looked at the container config.

The plumbing happened in libimage but add a regression test to Podman as
well to make sure the glue code will not regress.

Note that I am pinning github.com/onsi/gomega to v1.16.0 since v1.17.0
requires go 1.16 which in turn is breaking CI.

Fixes: #12226
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-11-09 15:32:36 +01:00
dependabot[bot] 6fee827c7f
Bump github.com/checkpoint-restore/go-criu/v5 from 5.1.0 to 5.2.0
Bumps [github.com/checkpoint-restore/go-criu/v5](https://github.com/checkpoint-restore/go-criu) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/checkpoint-restore/go-criu/releases)
- [Commits](https://github.com/checkpoint-restore/go-criu/compare/v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: github.com/checkpoint-restore/go-criu/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-05 12:28:42 +00:00
dependabot[bot] feebf1bd81
Bump k8s.io/api from 0.22.2 to 0.22.3
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.2 to 0.22.3.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.22.2...v0.22.3)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-28 12:27:17 +00:00
Valentin Rothberg ff31f2264d container create: fix --tls-verify parsing
Make sure that the value is only set if specified on the CLI.  c/image
already defaults to true but if set in the system context, we'd skip
settings in the registries.conf.

Fixes: #11933
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2021-10-27 14:36:25 +02:00
Giuseppe Scrivano 8163d38c60
vendor: update godbus to v5.0.6
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2021-10-26 21:05:22 +02:00
dependabot[bot] 773caf293a
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.9+incompatible to 20.10.10+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.9...v20.10.10)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-26 12:26:52 +00:00
Daniel J Walsh a42c131c80
Update vendor github.com/opencontainers/runtime-tools
This will change mount of /dev within container to noexec, making
containers slightly more secure.

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-25 16:50:45 -04:00