Clarify that system test specifc configuration must be done via config
files and not via ad hoc environment variables like in test/e2e.
Also not that we only run the tests with crun so other runtimes may not
work but we accept patches to make them work with runc, e.g. Suse folks
currently run them with runc and contribute patches for them.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Right now, if you call Update with only part of the options struct added, it panics. This fixes that by only adding them if they are not nil.
Signed-off-by: Astrid Gealer <astrid@gealer.email>
create the /etc/passwd and /etc/group files before any user/group
lookup so that the entries added dynamically are found by --user.
As a side effect, do not automatically create the group with same
value as the uid when not specified, since it is expected to run with
gid=0.
Closes: https://github.com/containers/podman/issues/25805
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
A recent change[1] in netavark makes it so we no longer set the default
dns.podman search domain. As such we must no longer test for it.
[1] https://github.com/containers/netavark/pull/1214
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Since commit 945aade38b we do tear down the kube units if all pods
failed to start. This however broke the use case of an empty pod as we
did not consider that being starting successfully which is wrong and
caused a regression for at least one user.
To fix this special case the empty pod and consider that running.
Fixes: #25786
Fixes: 945aade38b ("quadlet kube: correctly mark unit as failed")
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Networks are stored in two ways in the DB, first a static network list
which holds all the network with its option for the container. Second,
the network status which hold the actual network result from netavark
but only when the container is running.
If the container is running they must be in sync and podman inspect has
checks to ensure that as well it errors out of there is a desync between
the two.
As the adding to the db and doing actual networking configuration are
diffeent parts it possible that one worked while the other failed which
triggers the desync. To avoid this make the network connect/disconnect
code more robust against partial failures. When the network calls fail
we update the db again to remove/add the network back.
Fixes: https://issues.redhat.com/browse/RHEL-78037
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This document is to help the maintainers on how to traige new issues.
Adding a link to REVIEWING.md in CONTRIBUTING.md
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
golangci-lint v2 introduced a new command, fmt, which runs configured
formatters (see formatters in .golangci.yml).
Use this for generated files. Drop separate goimports binary.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Saves a few fork/execs, and unify the code since other places are
already using NATIVE_GOOS or GOOS.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This shaves the linting time:
- from 8 to 2 minutes on Cirrus CI with 4 CPUs and 8 GB RAM;
- from 11 to 3 minutes on Cirrus CI with 2 CPUs and 4 GB RAM;
when the cache is reused.
The cache size is quite modest (~3MB compressed, ~7MB uncompressed).
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This could have been done by simply running
GOOS=freebsd ./bin/golangci-lint run [options] ./...
on Linux, but some freebsd code is using cgo (i.e. is linked to C
libraries), so real freebsd environment is required.
This also fixes the issue of ignoring linter errors for Windows and
Darwin (exit 0), introduced by commit c9b108d5b3.
Fixes: c9b108d5b3 ("Bump golangci-lint to v2.0.2")
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
If the --health-cmd flag is not specified, other flags such as --health-interval, --health-timeout, --health-retries, and --health-start-period are ignored if the image contains a Healthcheck. This makes it impossible to modify these Healthcheck configuration when a container is created.
Fixes: https://github.com/containers/podman/issues/20212
Fixes: https://issues.redhat.com/browse/RUN-2629
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
First, remove wrong sentence that says ports are forwarded dynamically
by default. That is wrong and contradicts what is written below.
Second, document that we also set --dns-forward and --map-guest-addr by
default. And lastly document the containers.conf field so users know
they are not forced to set the options on each command.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This is related to #23292 and is needed to replace
pause image container with pause container based
on the rootfs.
Without this change, the GIDs and UIDs are not mapped
in the rootfs container which use overlay if --userns=auto
is used. This leads to an error mounting /dev/pts with gid=5,
becuase GID 5 simply does not exist in the pause container
using rootfs.
All the tests pass with this change, but I have to admit
I did not find out why the original code has been introduced.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
openshift-merge-bot[bot]
Paul Holzinger
Astrid Gealer
Sergio Lopez
renovate[bot]
Giuseppe Scrivano
Mohan Boddu
Kir Kolyshkin
Jan Rodák
Subrat Lima
Jan Kaluza