Make sure we do not display the expected error when using podman network
reload. This is already done for iptables-legacy however iptables-nft
creates a slightly different error message so check for this as well.
The error is logged at info level.
[NO TESTS NEEDED] The test VMs do not use iptables-nft so there is no
way to test this. It is already tested for iptables-legacy.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Containers endpoints for HTTP compad and libpod APIs allowed usage of list HTTP
endpoint filter funcs. Documentation in case of libpod and compat API does not allow that.
This commit aligns code with the documentation.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
when automatically downloading fcos for the Apple M1, we needed
to replace a statically defined URL with the dynamically
determined one.
also, it appears boolean qemu options `server` and `onwait` are
not defined as `server=on` and `wait=off`.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
It is tedious and error-prone to update the 'APIVersion=<exact>'
test every time there's a minor bump. Change the test so it
confirms only the major version.
Signed-off-by: Ed Santiago <santiago@redhat.com>
- Build machine also for podman-linux-arm64
- Add default machine type for linux arm64
- Add the required qemu-uefi bios parameter
- Remove hardcoded outdated path and show url
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
users may now provide a fully qualified local file path or a URL to seed
the disk-image to be used in the VM.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
PR #9856 works around a buggy markdown processor that cleverly
converts double dashes to em-dash. The unfortunate result is
that the man page source files are unmaintainable, because
every '--foo' has to be specified as '\-\-foo'. This is
impossible for humans to remember, so let's add a helpful
diagnostic message when we detect new options added without
the escapes.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This change updates the swagger documentation of the
system version response body to match the actual
response.
Fixes: #9522
Signed-off-by: Tristan Cacqueray <tdecacqu@redhat.com>
Issue #9573 (podman build --pull-never is a NOP) is fixed.
Remove the 'skip' in the buildah-bud pull-never test.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Add support for generating powershell completion files. This is especially
useful for people using the podman remote client on windows.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
If I run podman within a container without /sys/fs/cgroups mounted,
we get this warning, which the user can not do much about. I don't
see a reason for requiring this warning to show by default, so we
should drop it to Info.
User can not do anything about it either, and code works well with
the somewhat expected error.
Helps fix: https://github.com/containers/podman/issues/9753
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Escape the two dashes, otherwise they are combined into one long dash.
I tested that this change is safe and still renders correctly on github
and with the man pages.
This commit also contains a small change to make it build locally.
Assuming you have the dependencies installed you can do:
```
cd docs
make html
```
Preview the html files in docs/build/html with
`python -m http.server 8000 --directory build/html`.
Fixescontainers/podman.io#373
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
The 'is' check was intended to be called with three arguments,
the last one being a nice helpful test name. There's a fallback
for two-argument calls, but it was a horrible FIXME.
New fallback: the most recently run podman command. We keep
track of it in each run_podman() invocation.
This is not ideal, because it's theoretically possible to
invoke 'is' on something other than the output of run_podman,
but this at least fixes the by-far-most-common case.
[NO TESTS NEEDED]
Signed-off-by: Ed Santiago <santiago@redhat.com>
if LISTEN_FDS is specified by systemd, we need to use the first fd
after the std files (so fd=3) to read from the activation socket
instead of manually opening the UNIX socket.
[NO TESTS NEEDED]
Closes: https://github.com/containers/podman/issues/9251
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The implementation uses `io.containers.seccomp.profile` while the docs
mentioned `io.podman`. Correct the two references in the docs to
reflect the implementation.
Fixes: #9853
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
since we already have an exported function that does the check,
refactor the code to use it instead of duplicating the logic.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
podman generate systemd --new inserts extra idfile arguments. The
generated unit can break when the user did provide their own idfile
arguments as they overwrite the arguments added by generate systemd.
This also happens when a user tries to generate the systemd unit on
a container already create with a --new unit. This should now
create a identical unit. The solution is to remove all user provided
idfile arguments.
This commit also ensures that we do not remove arguments that are part
off the containers entrypoint.
Fixes#9776
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Add support for secretRef and secretKeyRef to allow env vars to be set
from a secret. As K8S secrets are dictionaries the secret value must
be a JSON dictionary compatible with the data field of a K8S secret
object. The keys must consist of alphanumeric characters, '-', '_'
or '.', and the values must be base64 encoded strings.
Signed-off-by: Alban Bedel <albeu@free.fr>
In K8S the pod creation fails if an env var reference a non existing
config map key. It can be marked as optional, but per default it is
mandatory. Podman on the other hand always treat such references as
optional.
Rework envVarsFrom() and envVarValue() to additionaly return an error
and add support for the optional attribute in configMapRef and
configMapKeyRef.
Signed-off-by: Alban Bedel <albeu@free.fr>
Rework envVarsFromConfigMap() and envVarValue() to simplify supporting
other env sources than config maps. For this we pass the whole spec
generator options struct as parameter instead of just the config maps
list. Then we rename envVarsFromConfigMap() to envVarsFrom() and in
envVarValue() we reposition the loop over the config maps to only run
it when a configMapRef element exists.
Signed-off-by: Alban Bedel <albeu@free.fr>
Make sure fixes that go into local podman commands also work in
podman-remote, by using the same function.
Since this is just a rewrite of existing code, existing tests should
handle it.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Podman machine remove is now called `rm`.
Podman machine create now supports resizing the image to the value of
--disk-size as provided. The default is to 10G.
Added systemd unit file on guest via ignition that sends a Ready message
to the host over a virtio-socket so that we know when the VM is booted
and ready for use.
Podman machine commands no longer require a VM name as an argument. A
default VM name is defined and if no VM name is provided as a arg, the
default will be used.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
When kube play fails to create a volume, it should say which volume had
the problem so the user doesn't have to guess. For the following pod
spec:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: myfrontend
image: nginx
volumeMounts:
- mountPath: "/var/www/html"
name: mypd
volumes:
- name: mypd
hostPath:
path: /var/blah
podman will now report:
Error: failed to create volume "mypd": error in parsing HostPath
in YAML: error checking path "/var/blah": stat /var/blah: no such
file or directory
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
Currently pull policy is set incorrectly when users set --pull-never.
Also pull-policy is not being translated correctly when using
podman-remote.
Fixes: #9573
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Paul Holzinger
Jakub Guzik
OpenShift Merge Robot
baude
Ed Santiago
Anders F Björklund
baude
Matthew Heon
Tristan Cacqueray
Daniel J Walsh
Giuseppe Scrivano
Valentin Rothberg
Alban Bedel
Jordan Christiansen