... primarily so that it can support OCI artifacts.
2.8 already seems to exist in the repo.
This requires changing WaitContainerReady to also check
stderr (ultimately because docker/distribution was
updated to a more recent sirupsen/logrus, which logs
by default to stderr instead of stdout).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
... instead of hard-coding a copy of the value.
Notably this makes hack/podman_registry actually
support the documented -i option.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
htpasswd is no longer included in docker.io/library/distribution
after 2.7.0, per https://github.com/docker/distribution-library-image/issues/107 ,
and we want to upgrade to a recent version.
At least system tests currently execute htpasswd from the OS,
so it seems that it is likely to be available.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
A prior change added extra whitespace when commenting out several
sections to temporarily disable F35 testing. This restores the sections
to proper indentation, so (in the future) only the `#` character needs
to be removed.
Signed-off-by: Chris Evich <cevich@redhat.com>
While convenient, it can be problematic to rely on a Makefile to install
software. This was found to be the case across multiple environments
WRT `bats`. Fix this by removing the install script and target. A
future commit will ensure the correct version of `bats` is present in
all CI environments where it's required.
Signed-off-by: Chris Evich <cevich@redhat.com>
new file: test/e2e/config_arm64.go
Tests that fail on aarch64 have been skipped with
`skip_if_aarch64`.
Co-authored-by: Chris Evich <cevich@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Allow the cleanup process (and others) to transition the container from
`stopping` to `exited`. This fixes a race condition detected in #14859
where the cleanup process kicks in _before_ the stopping process can
read the exit file. Prior to this fix, the cleanup process left the
container in the `stopping` state and removed the conmon files, such
that the stopping process also left the container in this state as it
could not read the exit files. Hence, `podman wait` timed out (see the
23 seconds execution time of the test [1]) due to the unexpected/invalid
state and the test failed.
Further turn the warning during stop to a debug message since it's a
natural race due to the daemonless/concurrent architecture and nothing
to worry about.
[NO NEW TESTS NEEDED] since we can only monitor if #14859 continues
flaking or not.
[1] https://storage.googleapis.com/cirrus-ci-6707778565701632-fcae48/artifacts/containers/podman/6210434704343040/html/sys-remote-fedora-36-rootless-host.log.html#t--00205Fixes: #14859
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Add section "Starting a socket-activated service".
* Add section "Stopping a socket-activated service".
* Clarify in the diagrams that socket activation
only happens for the first client connection.
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
This bug is reproduced when we execute the following command:
1. podman manifest add <manifest list> <images exist on local storage>
2. podman manifest push --rm <manifest list> dir:<directory>
If pushing succeeds, it is expected to remove only a manifest list.
However, manifest list remains on local storage and images are removed.
This commit fixes `podman manifest push --rm` to remove only a manifest list.
And, supports `manifest push --rm option` in remote environment,
like host environment.
Fixes: https://github.com/containers/podman/issues/15033
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
This Patch will cause podman COMMAND rm --force bogus not fail
This is how Docker works, so Podman should follow this to allow existing
scripts to convert from Docker to Podman.
Fixes: #14612
Oprignal version of this patch came from wufan 1991849113@qq.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
it installs podman and supporting binaries along with
qemu to have a functioning podman install using a pkg
podman and podman-mac-helper is compiled from source
gvproxy binary is downloaded from its github releases
and qemu from github release of containers/podman-machine-qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
Before making / mutable/immutable, podman-machine checks if the mount is
being done in /home or /mnt. However the current check is always going
to be true:
```
!strings.HasPrefix(mount.Target, "/home") || !strings.HasPrefix(mount.Target, "/mnt")
```
is false when mount.Target starts with "/home" and mount.Target starts
with "/mnt", which cannot happen at the same time.
The correct check is:
```
!strings.HasPrefix(mount.Target, "/home") && !strings.HasPrefix(mount.Target, "/mnt")
```
which can also be written as:
```
!(strings.HasPrefix(mount.Target, "/home") || strings.HasPrefix(mount.Target, "/mnt"))
```
The impact is not too bad, it results in extra 'chattr -i' calls which
should be unneeded.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
* Document why the default value for --sdnotify is overridden.
Some was included text from
https://github.com/containers/podman/issues/15029#issuecomment-1192244755
* Document that --sdnotify=ignore is overridden.
Fixes#15029
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
Option defaults in API must be the same as in CLI.
```
% podman image push --help
% podman image pull --help
% podman manifest push --help
% podman image search --help
```
All of these CLI commands them have --tls-verify=true by default:
```
--tls-verify require HTTPS and verify certificates when accessing the registry (default true)
```
As for `podman image build`, it doesn't have any means to control
`tlsVerify` parameter but it must be true by default.
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
Some refer to issues that are closed. Remove them.
Some are runc bugs that will never be fixed. Say so, and remove
the FIXME.
One (bps/iops) should probably be fixed. File an issue for it, and
update comment to include the issue# so my find-obsolete-skips script
can track it.
And one (rootless mount with a "kernel bug?" comment) is still
not fixed. Leave the skip, but add a comment documenting the symptom.
Signed-off-by: Ed Santiago <santiago@redhat.com>
for podman pod create, when we are not sharing any namespaces there is no point for the infra container.
This is especially true since resources have also been decoupled from the container recently.
handle this on the cmd level so that we can still create infra if set explicitly
resolves#15048
Signed-off-by: Charlie Doern <cdoern@redhat.com>
Miloslav Trmač
OpenShift Merge Robot
dependabot[bot]
Jason T. Greene
Chris Evich
Ed Santiago
Daniel J Walsh
Ewout van Mansom
Lokesh Mandvekar
Valentin Rothberg
Erik Sjölund
Toshiki Sonoda
Anjan Nath
Christophe Fergeau
Vladimir Kochnev
Charlie Doern