Netavark v1.15 added new warnings on some invalid names and that
triggerd a new test failure in podman e2e test.
The "Podman kube play with disabled cgroup" case now complains about an
empty name:
podman [options] kube play /tmp/CI_aM20/podman-e2e-3156601197/subtest-3441376193/p/kube.yaml
[WARN netavark::network::bridge] invalid network alias "": name is empty, ignoring this name
This is because this test does not set a container name thus the code
was adding an empty string so to fix it check if the name is not empty
first.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We are not opting into the ostree backend, and it doesn't
build: https://github.com/containers/image/pull/2821 .
So, stop referencing the dependency.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Docker does not require `--type` to be passed, defaulting to
`type=volume` in cases where it's not passed. Do the same in our
volume parsing, and add a test to verify this works as expected.
Fixes#26101
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Given I wrote this and I still mess it up on a regular basis, I
cannot be alone in forgetting whether "dst" or "dest" is the
correct short option for "destination". Let's just make both
valid, I don't see a reason not to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Remove no longer correct statement that quadlet that does not translate
our own custom unit types
Fixes: e498c652 ("Quadlet - translate dependencies on other quadlet units")
Fixes: #26243
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Currently setting log_tag from containers.conf will override any value
set via --log-opt tag=value option. This commit fixes this.
Fixes: https://github.com/containers/podman/issues/26236
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
Per Adrian Reber, the aarch64 kernel doesn't support the soft dirty bit
and support isn't expected anytime soon.
Ref: https://github.com/checkpoint-restore/criu/issues/2676
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
When using `docker compose run --entrypoint ''`, docker sends
`"Entrypoint": []` in the JSON. Podman currently treats that
as `nil` and fallback to default image entrypoint.
This is not what is expected by the user. Instead, it should
not use any entrypoint.
This commit fixes it by properly propagating the `[]` downstream
to libpod.
Fixes: #26078
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
When a container has no image, i.e. using rootfs like our new infra
containers then the Image function crashed trying to show the first 12
image ID chars. If there is no image simply show nothing there.
Fixes: #26224
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Specifically, this does two things:
1. Turn on case-sensitive LIKE queries. Technically, this is not
specific to volumes, as it will also affect container and pod
lookups - but there, it only affects IDs. So `podman rm abc123`
will not be the same as `podman rm ABC123` but I don't think
anyone was manually entering uppercase SHA256 hash IDs so it
shouldn't matter.
2. Escape the _ and % characters in volume lookup queries. These
are SQLite wildcards, and meant that `podman volume rm test_1`
would also match `podman volume rm testa2` (or any character in
place of the underscore). This isn't done with pod and container
lookups, but again those just use LIKE for IDs - so technically
`podman volume rm abc_123` probably works and removes containers
with an ID matching that pattern... I don't think that matters
though.
Fixes#26168
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
After the system reboot, the Rootfs for infra-container can
be removed. This can happen when it is stored on tmpfs.
This commit recreates the infra-container directory which is
used for Rootfs for infra-container before mounting it.
Fixes: #26190
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
The e2e tests for device access involving /dev/kmsg could fail
intermittently. This was due to a race condition where concurrent
writes to the kernel log buffer by other processes, while the test
was reading from /dev/kmsg, could cause the read to fail with ESPIPE.
Fixes: https://github.com/containers/podman/issues/23882
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The Windows source folder path was not converted in the corresponding
machine folder path when the volume was of type overlay as it does for
other bind mount volumes.
Fix#25988
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
getAllDependencies() skips recursing into dependencies that are already
running, but BuildContainerGraph() expects a *complete* set of inputs
and returns an error if any are missing. Thus, podman will fail to start
a container with already-running direct dependencies that, in turn, have
their own dependencies.
None of the other callers of BuildContainerGraph() omit anything from
their list of containers, so follow the same approach here, and just
let startNode figure out if a start is actually needed.
Fixes: containers/podman-compose#921
Signed-off-by: Ryan Gonzalez <ryan.gonzalez@collabora.com>
Hard coding to none without checking containers.conf is not a good idea
as users who liked the previous behavior and the podman default behavior
of keeping the hosts entries can no longer do that.
With this commit they can set base_hosts_file = "/etc/hosts" to restore
the previous behavior.
Fixes: https://issues.redhat.com/browse/RHEL-92995
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Our release is created by a GitHub action, and GitHub prevents workflows from running on events that were caused by other workflows to prevent unlimited recursion.
To get around this, use a reusable workflow to trigger the podman.io version bump from the release action.
Signed-off-by: Ashley Cui <acui@redhat.com>
Access to the cpuset cgroup controller is needed to run these tests.
Configuration on the CI workers prevents access to this controller
for rootless pods.
Signed-off-by: François Poirotte <clicky@erebot.net>
This commit adds two new annotations named
io.podman.annotations.cpuset/$ctrname and
io.podman.annotations.memory-nodes/$ctrname
The first one allows restricting a container's execution to specific
CPU cores while the second restricts memory allocations to specific
NUMA memory nodes. They are also added automatically when the
--cpuset-cpus and --cpuset-mems options are used.
Fixes: containers#26172
Signed-off-by: François Poirotte <clicky@erebot.net>
The podman machine copy test "attempt copying file to a new directory"
was failing because on recent version of Windows the error message
doesn't match the expected error message. To make it work on new and
old version of Windows both old and new error messages are now
considered as valid.
Fixes https://github.com/containers/podman/issues/26056
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
The image quay.io/libpod/alpine_nginx doesn't have a `linux/arm64` version
and the test "Single character volume mount" on Windows ARM64 was
failing. Changing it to TESTIMAGE (quay.io/libpod/testimage) fixes it.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
openshift-merge-bot[bot]
Paul Holzinger
renovate[bot]
Miloslav Trmač
Matthew Heon
Lokesh Mandvekar
Povilas Kanapickas
Jan Kaluza
Giuseppe Scrivano
Mario Loriedo
Ryan Gonzalez
Ashley Cui
François Poirotte