2024-10-18 15:37:29 +02:00
-------------------------------------------------------------------
Wed Oct 16 06:53:35 UTC 2024 - Danish Prakash <danish.prakash@suse.com>
- Add patch for CVE-2024-9675 (bsc#1231499):
* 0003-Properly-validate-cache-IDs-and-sources.patch
- Rebase patches:
* 0001-CVE-2024-9407-validate-bind-propagation-flag-setting.patch
* 0002-conmon-pkg-subscriptions-use-securejoin-for-the-cont.patch
2024-10-11 09:59:39 +02:00
-------------------------------------------------------------------
Wed Oct 2 10:24:41 UTC 2024 - Dan Čermák <dcermak@suse.com>
- Add patches for CVE-2024-9407 and CVE-2024-9341:
* 0001-CVE-2024-9407-validate-bind-propagation-flag-setting.patch (bsc#1231208
aka CVE-2024-9407)
* 0002-conmon-pkg-subscriptions-use-securejoin-for-the-cont.patch (bsc#1231230
aka CVE-2024-9341)
2024-07-22 16:59:09 +02:00
-------------------------------------------------------------------
Fri May 10 13:56:57 UTC 2024 - danish.prakash@suse.com
- Update to version 1.35.4:
* [release-1.35] Bump to Buildah v1.35.4
* [release-1.35] CVE-2024-3727 updates (bsc#1224117)
* integration test: handle new labels in "bud and test --unsetlabel"
* [release-1.35] Bump go-jose CVE-2024-28180
* [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180
-------------------------------------------------------------------
Tue Apr 02 12:49:59 UTC 2024 - dcermak@suse.com
- Update to version 1.35.3:
* [release-1.35] Bump to Buildah v1.35.3
* [release-1.35] correctly configure /etc/hosts and resolv.conf
* [release-1.35] buildah: refactor resolv/hosts setup.
* [release-1.35] rename the hostFile var to reflect
* [release-1.35] Bump c/common to v0.58.1
* [release-1.35] Bump Buildah to v1.35.2
* [release-1.35] CVE-2024-24786 protobuf to 1.33
* [release-1.35] Bump to v1.35.2-dev
2024-10-11 09:59:39 +02:00
-------------------------------------------------------------------
Tue Mar 19 11:22:35 UTC 2024 - Dan Čermák <dcermak@suse.com>
- Add patch for CVE-2024-1753 / bsc#1221677:
0001-CVE-2024-1753-container-escape-fix.patch
2024-07-22 16:59:09 +02:00
-------------------------------------------------------------------
Tue Mar 19 10:23:06 UTC 2024 - dcermak@suse.com
- Update to version 1.35.1:
* [release-1.35] Bump to v1.35.1
* [release-1.35] CVE-2024-1753 container escape fix (bsc#1221677)
2024-10-11 09:59:39 +02:00
- Remove upstreamed patches:
- 0001-CVE-2024-1753-container-escape-fix.patch
2024-07-22 16:59:09 +02:00
-------------------------------------------------------------------
Mon Mar 18 11:25:51 UTC 2024 - Dan Čermák <dcermak@suse.com>
- Buildah dropped cni support, require netavark instead (boo#1221243)
-------------------------------------------------------------------
Thu Mar 14 08:30:53 UTC 2024 - Dan Čermák <dcermak@suse.com>
- Remove obsolete requires libcontainers-image & libcontainers-storage
-------------------------------------------------------------------
Thu Mar 14 05:32:57 UTC 2024 - Danish Prakash <danish.prakash@suse.com>
- Require passt for rootless networking (poo#156955)
Buildah moved to passt/pasta for rootless networking from slirp4netns
(https://github.com/containers/common/pull/1846)
-------------------------------------------------------------------
Thu Mar 07 15:46:25 UTC 2024 - dcermak@suse.com
- Update to version 1.35.0:
* Bump v1.35.0
* Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0
* conformance tests: don't break on trailing zeroes in layer blobs
* Add a conformance test for copying to a mounted prior stage
* fix(deps): update module github.com/stretchr/testify to v1.9.0
* cgroups: reuse version check from c/common
* Update vendor of containers/(common,image)
* fix(deps): update github.com/containers/storage digest to eadc620
* fix(deps): update github.com/containers/luksy digest to ceb12d4
* fix(deps): update github.com/containers/image/v5 digest to cdc6802
* manifest add: complain if we get artifact flags without --artifact
* Use retry logic from containers/common
* Vendor in containers/(storage,image,common)
* Update module golang.org/x/crypto to v0.20.0
* Add comment re: Total Success task name
* tests: skip_if_no_unshare(): check for --setuid
* Properly handle build --pull=false
* [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1
* Update module go.etcd.io/bbolt to v1.3.9
* Revert "Reduce official image size"
* Update module github.com/opencontainers/image-spec to v1.1.0
* Reduce official image size
* Build with CNI support on FreeBSD
* build --all-platforms: skip some base "image" platforms
* Bump main to v1.35.0-dev
* Vendor in latest containers/(storage,image,common)
* Split up error messages for missing --sbom related flags
* `buildah manifest`: add artifact-related options
* cmd/buildah/manifest.go: lock lists before adding/annotating/pushing
* cmd/buildah/manifest.go: don't make struct declarations aliases
* Use golang.org/x/exp/slices.Contains
* Disable loong64 again
* Fix a couple of typos in one-line comments
* egrep is obsolescent; use grep -E
* Try Cirrus with a newer VM version
* Set CONTAINERS_CONF in the chroot-mount-flags integration test
* Update to match dependency API update
* Update github.com/openshift/imagebuilder and containers/common
* docs: correct default authfile path
* fix(deps): update module github.com/containerd/containerd to v1.7.13
* tests: retrofit test for heredoc summary
* build, heredoc: show heredoc summary in build output
* manifest, push: add support for --retry and --retry-delay
* fix(deps): update github.com/openshift/imagebuilder digest to b767bc3
* imagebuildah: fix crash with empty RUN
* fix(deps): update github.com/containers/luksy digest to b62d551
* fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security]
* fix(deps): update module github.com/moby/buildkit to v0.12.5 [security]
* Make buildah match podman for handling of ulimits
* docs: move footnotes to where they're applicable
* Allow users to specify no-dereference
* Run codespell on code
* Fix FreeBSD version parsing
* Fix a build break on FreeBSD
* Remove a bad FROM line
* fix(deps): update module github.com/onsi/gomega to v1.31.1
* fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6
* docs: use reversed logo for dark theme in README
* build,commit: add --sbom to scan and produce SBOMs when committing
* commit: force omitHistory if the parent has layers but no history
* docs: fix a couple of typos
* internal/mkcw.Archive(): handle extra image content
* stage_executor,heredoc: honor interpreter in heredoc
* stage_executor,layers: burst cache if heredoc content is changed
* fix(deps): update module golang.org/x/crypto to v0.18.0
* Replace map[K]bool with map[K]struct{} where it makes sense
* fix(deps): update module golang.org/x/sync to v0.6.0
* fix(deps): update module golang.org/x/term to v0.16.0
* Bump CI VMs
* Replace strings.SplitN with strings.Cut
* fix(deps): update github.com/containers/storage digest to ef81e9b
* fix(deps): update github.com/containers/image/v5 digest to 1b221d4
* fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1
* Document use of containers-transports values in buildah
* fix(deps): update module golang.org/x/crypto to v0.17.0 [security]
* chore(deps): update dependency containers/automation_images to v20231208
* manifest: addCompression use default from containers.conf
* commit: add a --add-file flag
* mkcw: populate the rootfs using an overlay
* chore(deps): update dependency containers/automation_images to v20230517
* [skip-ci] Update actions/stale action to v9
* fix(deps): update module github.com/containernetworking/plugins to v1.4.0
* fix(deps): update github.com/containers/image/v5 digest to 7a40fee
* Bump to v1.34.1-dev
* Ignore errors if label.Relabel returns ENOSUP
-------------------------------------------------------------------
Wed Feb 28 17:18:07 UTC 2024 - Danish Prakash <danish.prakash@suse.com>
- Require cni-plugins (bsc#1220568)
-------------------------------------------------------------------
Fri Feb 23 06:24:24 UTC 2024 - dcermak@suse.com
- Update to version 1.34.1:
* [release-1.34] Bump to v1.34.1
* [release-1.34] Vendor bumps (fixes bsc#1219563)
* manifest: addCompression use default from containers.conf
* Build with CNI support on FreeBSD
* tests: retrofit test for heredoc summary
* build, heredoc: show heredoc summary in build output
* docs: correct default authfile path
* Make buildah match podman for handling of ulimits
* imagebuildah: fix crash with empty RUN
* docs: move footnotes to where they're applicable
* Run codespell on code
* Fix FreeBSD version parsing
* Allow users to specify no-dereference
* Fix a build break on FreeBSD
* Remove a bad FROM line
* commit: force omitHistory if the parent has layers but no history
* docs: fix a couple of typos
* stage_executor,heredoc: honor interpreter in heredoc
* stage_executor,layers: burst cache if heredoc content is changed
* Replace map[K]bool with map[K]struct{} where it makes sense
* Replace strings.SplitN with strings.Cut
* Document use of containers-transports values in buildah
* commit: add a --add-file flag
* mkcw: populate the rootfs using an overlay
* Ignore errors if label.Relabel returns ENOSUP
* manifest: addCompression use default from containers.conf
2024-05-03 11:26:24 +02:00
-------------------------------------------------------------------
Thu Feb 22 12:59:44 UTC 2024 - Thorsten Kukuk <kukuk@suse.com>
2024-07-22 16:59:09 +02:00
- Allow to disable apparmor support (ALP supports only SELinux)
2024-05-03 11:26:24 +02:00
-------------------------------------------------------------------
Thu Dec 14 07:42:07 UTC 2023 - danish.prakash@suse.com
- Drop 0001-set-makefile-target-entrypoint.gz-as-.PHONY-on-non-x.patch
(merged upstream; https://github.com/containers/buildah/pull/5183)
- Update to version 1.34.0:
* Bump to v1.34.0
* fix(deps): update module github.com/containerd/containerd to v1.7.11
* fix(deps): update github.com/containers/storage digest to 15c3cb7
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.13.2
* fix(deps): update github.com/containers/common digest to 630c929
* fix(deps): update module github.com/moby/buildkit to v0.12.4
* fix(deps): update github.com/openshift/imagebuilder digest to ef2a5fe
* [CI:DOCS] man pages: underscores, too-wide lines
* fix(deps): update module github.com/containerd/containerd to v1.7.10
* run.bats: use --quiet --pull=false when using a prefetched image
* internal/mkcw/embed/entrypoint.gz: rename to include the arch
* internal/mkcw/embed/entrypoint.gz: compress with -n9
* fix(deps): update module golang.org/x/crypto to v0.16.0
* Integration tests: make skip_if_no_unshare check --map-users
* fix(deps): update module golang.org/x/term to v0.15.0
* fix(deps): update module golang.org/x/sys to v0.15.0
* fix(deps): update module github.com/onsi/ginkgo to v2
* vendor: update c/{common,image,storage}
* run: Allow using just one jail per container on FreeBSD
* Remove makefile targets entrypoint{,.gz} for non x86_64
-------------------------------------------------------------------
Mon Nov 27 07:04:59 UTC 2023 - dcermak@suse.com
- Update to version 1.33.2:
* [release-1.33.2] Bump to v1.33.2
* Update minimum to golang 1.20
* fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.0
* fix(deps): update module github.com/moby/buildkit to v0.12.3
* Bump to v1.33.2-dev
-------------------------------------------------------------------
Mon Nov 20 07:16:52 UTC 2023 - dcermak@suse.com
- Add patch:
* 0001-set-makefile-target-entrypoint.gz-as-.PHONY-on-non-x.patch (fixes
builds on non x86_64)
- Update to version 1.33.1:
* Bump to v1.33.1
* Bump to v1.31.2-dev
* Bump to v1.31.1
* fix(deps): update module github.com/moby/buildkit to v0.11.4 [security]
* test,heredoc: use fedora instead of docker.io/library/python:latest
* Bump to v1.33.1-dev
* Bump to v1.33.0
* Never omit layers for emptyLayer instructions when squashing/cwing
* Add OverrideChanges and OverrideConfig to CommitOptions
* buildah: add heredoc support for RUN, COPY and ADD
* vendor: bump imagebuilder to v1.2.6-0.20231110114814-35a50d57f722
* conformance tests: archive the context directory as 0:0 (#5171)
* blobcacheinfo,test: blobs must be resued when pushing across registry
* Bump c/storage v1.51.0, c/image v5.29.0, c/common v0.57.0
* pkg/util.MirrorToTempFileIfPathIsDescriptor(): don't leak an fd
* StageExecutor.Execute: force a commit for --unsetenv, too
* Increase a copier+chroot test timeout
* Add support for --compat-auth-file in login/logout
* Update existing tests for error message change
* Update c/image and c/common to latest
* fix(deps): update module github.com/containerd/containerd to v1.7.9
* build: downgrade to go 1.20
* Add godoc for pkg/parse.GetTempDir
* conformance tests: use go-dockerclient for BuildKit builds
* Make TEE types case-insensitive
* fix(deps): update module golang.org/x/crypto to v0.15.0
* Tweak some help descriptions
* Stop using DefaultNetworkSysctl and use containers.conf only
* Implement ADD checksum flag #5135
* vendor of openshift/imagebuilder #5135
* Pass secrets from the host down to internal podman containers
* Update cirrus and version of golang
* image: replace GetStoreImage with ResolveReference
* vendor: bump c/image to 373c52a9466f
* pkg/parse.Platform(): minor simplification
* createConfigsAndManifests: clear history before cw-specific logic
* Use a constant definition instead of "scratch"
* conformance: use require.NoErrorf() more
* fix(deps): update module golang.org/x/term to v0.14.0
* fix(deps): update module golang.org/x/sync to v0.5.0
* fix(deps): update module github.com/spf13/cobra to v1.8.0
* fix(deps): update module golang.org/x/sys to v0.14.0
* fix(deps): update github.com/containers/common digest to 8354404
* fix(deps): update module github.com/opencontainers/runc to v1.1.10
* fix(deps): update github.com/containers/luksy digest to b5a7f79
* Log the platform for build errors during multi-platform builds
* Use mask definitions from containers/common
* Vendor in latest containers/common
* fix(deps): update module github.com/containerd/containerd to v1.7.8
* fix(deps): update module go.etcd.io/bbolt to v1.3.8
* container.conf: support attributed string slices
* fix(deps): update module sigs.k8s.io/yaml to v1.4.0
* Use cutil.StringInSlice rather then contains
* Add --no-hostname option to buildah containers
* vendor c/common: appendable containers.conf strings, Part 1
* fix(deps): update module github.com/onsi/gomega to v1.28.1
* chroot.setupChrootBindMounts: pay more attention to flags
* chore(deps): update dependency containers/automation_images to v20231004
* Vendor containers/common
* chore(deps): update module golang.org/x/net to v0.17.0 [security]
* run: use internal.GetTempDir with os.MkdirTemp
* fix(deps): update module github.com/containerd/containerd to v1.7.7
* imagebuildah,multi-stage: do not remove base images
* gitignore: add mkcw binary
* mkcw: remove entrypoint binaries
* fix(deps): update module golang.org/x/crypto to v0.14.0
* fix(deps): update module golang.org/x/sys to v0.13.0
* fix(deps): update module golang.org/x/sync to v0.4.0
* Update some comments related to confidential workload
* Use the parent's image ID in the config that we pass to imagebuilder
* fix(deps): update github.com/containers/common digest to 8892536
* fix(deps): update github.com/containers/luksy digest to 6df88cb
* bug: Ensure the mount type is always BindMount by default
* Protocol can be specified with --port. Ex. --port 514/udp
* fix(deps): update module github.com/onsi/gomega to v1.28.0
* build,config: add support for --unsetlabel
* tests/bud: add tests
* [CI:BUILD] Packit: tag @containers/packit-build on copr build failures
* stage_executor: allow images without layers
* vendor of containers/common
* Removing selinux_tag.sh as no longer needed after 580356f [NO NEW TESTS NEEDED]
* add/copy: make sure we handle relative path names correctly
* fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5
* Bump to v1.33.0-dev
* imagebuildah: consider ignorefile with --build-context
-------------------------------------------------------------------
Wed Nov 01 07:26:09 UTC 2023 - dcermak@suse.com
- Update to version 1.32.2:
* Mask /sys/devices/virtual/powercap by default
* tag v1.32.2
-------------------------------------------------------------------
Tue Oct 24 15:18:09 UTC 2023 - dcermak@suse.com
- Update to version 1.32.1:
* tag v1.32.1
* chroot.setupChrootBindMounts: pay more attention to flags
* .cirrus.yml: run tests relative to the release-1.32 branch
-------------------------------------------------------------------
Fri Oct 6 13:23:05 UTC 2023 - Dan Čermák <dcermak@suse.com>
- Bump BuildRequired golang version to >= 1.21, fixes bsc#1216005
-------------------------------------------------------------------
Wed Sep 27 06:18:12 UTC 2023 - danish.prakash@suse.com
- Update to version 1.32.0:
* Tag v1.32.0
* GetTmpDir is not using ImageCopyTmpdir correctly
* Run codespell on code
* Bump vendor containers/(common, storage, image)
* Cirrus: Remove multi-arch buildah image builds
* fix(deps): update module github.com/containerd/containerd to v1.7.6
* Split GetTempDir from internal/util
* Move most of internal/parse to internal/volumes
* copier: remove libimage dependency via util package
* Add some docs for `build --cw`, `commit --cw`, and `mkcw`
* Add `buildah mkcw`, add `--cw` to `buildah commit` and `buildah build`
* Make sure that pathnames picked up from the environment are absolute
* fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.4
* fix(deps): update module github.com/docker/docker to v24.0.6+incompatible
* Don't try to look up names when committing images
* fix(deps): update module golang.org/x/crypto to v0.13.0
* docs: use valid github repo
* fix(deps): update module golang.org/x/sys to v0.12.0
* vendor containers/common@12405381ff45
* push: --force-compression should be true with --compression-format
* Update module github.com/containerd/containerd to v1.7.5
* [skip-ci] Update tim-actions/commit-message-checker-with-regex action to v0.3.2
* docs: add reference to oci-hooks
* Support passing of ULimits as -1 to mean max
* GHA: Attempt to fix discussion_lock workflow
* Fixing the owner of the storage.conf.
* pkg/chrootuser: Ignore comments when parsing /etc/group on FreeBSD
* Use buildah repo rather then podman repo
* GHA: Closed issue/PR comment-lock test
* fix(deps): update module github.com/containers/storage to v1.49.0
* chore(deps): update dependency containers/automation_images to v20230816
* Replace troff code with markdown in buildah-{copy,add}.1.md
* [CI:BUILD] rpm: spdx compatible license field
* executor: build-arg warnings must honor global args
* fix(deps): update module github.com/containers/ocicrypt to v1.1.8
* chroot: `setSeccomp` add support for `ArchPARISC(64)` and `ArchRISCV64`
* make,cross: restore loong64
* Clear CommonBuildOpts when loading Builder status
* buildah/push/manifest-push: add support for --force-compression
* vendor: bump c/common to v0.55.1-0.20230811093040-524b4d5c12f9
* chore(deps): update dependency containers/automation_images to v20230809
* [CI:BUILD] RPM: fix buildtags
* fix(deps): update module github.com/opencontainers/runc to v1.1.9
* chore(deps): update dependency ubuntu to v22
* chore(deps): update dependency containers/automation_images to v20230807
* [CI:BUILD] Packit: add fedora-eln targets
* [CI:BUILD] RPM: build docs with vendored go-md2man
* packit: Build PRs into default packit COPRs
* Update install.md
* Update install.md changes current Debian stable version name
* fix(deps): update module golang.org/x/term to v0.11.0
* fix(deps): update module golang.org/x/crypto to v0.12.0
* tests: fix layer-label tests
* buildah: add --layer-label for setting labels on layers
* Cirrus: container/rootless env. var. passthrough
* Cirrus: Remove duplicate env. var. definitions
* fix(deps): update github.com/containers/storage digest to c3da76f
* Add a missing .Close() call on an ImageSource
* Create only a reference when that's all we need
* Add a missing .Close() call on an ImageDestination
* CI:BUILD] RPM: define gobuild macro for rhel/centos stream
* manifest/push: add support for --add-compression
* manifest/inspect: add support for tls-verify and authfile
* vendor: bump c/common to v0.55.1-0.20230727095721-647ed1d4d79a
* vendor: bump c/image to v5.26.1-0.20230726142307-8c387a14f4ac
* fix(deps): update module github.com/containerd/containerd to v1.7.3
* fix(deps): update module github.com/onsi/gomega to v1.27.10
* fix(deps): update module github.com/docker/docker to v24.0.5+incompatible
* fix(deps): update module github.com/containers/image/v5 to v5.26.1
* fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0
* Update vendor of containers/(storage,image,common)
* fix(deps): update module github.com/opencontainers/runc to v1.1.8
* [CI:BUILD] Packit: remove pre-sync action
* fix(deps): update module github.com/containers/common to v0.55.2
* [CI:BUILD] Packit: downstream task script needs GOPATH
* Vendor in containers/(common, image, storage)
* fix(deps): update module golang.org/x/term to v0.10.0
* [CI:BUILD] Packit: fix pre-sync action for downstream tasks
* contrib/buildahimage: set config correctly for rootless build user
* fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc4
* Bump to v1.32.0-dev
* Update debian install instructions
* pkg/overlay: add limited support for FreeBSD
-------------------------------------------------------------------
Wed Sep 13 06:04:08 UTC 2023 - danish.prakash@suse.com
- Update to version 1.31.3:
* [release-1.31] Bump to v1.31.3
* [release-1.31] Bump c/common 0.55.4, c/image 5.26.2, c/storage 1.48.1
* rpm: spdx compatible license field
* RPM: fix buildtags
* [release-1.31] Bump to v1.31.3-dev
-------------------------------------------------------------------
Fri Aug 11 05:43:19 UTC 2023 - danish.prakash@suse.com
- Update to version 1.31.2:
* [release-1.31] Bump to v1.31.2
* [release-1.31] Bump to v1.31.2-dev
* [release-1.31] Bump to v1.31.1
* [release-1.31] Remove zstd:chunked from man, bump c/common to v0.55.3
* [CI:BUILD] Packit: add fedora-eln targets
* [CI:BUILD] RPM: build docs with vendored go-md2man
* packit: Build PRs into default packit COPRs
* [CI:BUILD] Packit: remove pre-sync action
* CI:BUILD] RPM: define gobuild macro for rhel/centos stream
-------------------------------------------------------------------
Thu Jul 20 15:49:31 UTC 2023 - dcermak@suse.com
- Update to version 1.31.1:
* [release-1.31] Bump c/common
-------------------------------------------------------------------
Mon Jul 03 06:10:49 UTC 2023 - dcermak@suse.com
- Update to version 1.31.0:
* Bump 1.31.0
* Bump c/common to 0.55.1 and c/image to 5.26.1
* Update vendor of containers/common
* Run unit tests for copier and chroot without -cover
* Fix transition test to work with latest selinux policy
* Bump c/image to 5.26.0 and c/common to 0.54.0
* chore: replace `github.com/ghodss/yaml` with `sigs.k8s.io/yaml`
* rootless: use default_rootless_network_cmd config
* vendor: update c/{common,image,storage} to latest
* chore: pkg imported more than once
* buildah: add pasta(1) support
* use slirp4netns package from c/common
* update c/common to latest
* add hostname to /etc/hosts when running with host network
* vendor: update c/common to latest
* [CI:BUILD] Packit: add jobs for downstream Fedora package builds
* fix(deps): update module golang.org/x/sync to v0.3.0
* fix(deps): update module golang.org/x/crypto to v0.10.0
* Add smoke tests for encryption CLI helpers
* fix(deps): update module golang.org/x/term to v0.9.0
* fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0-rc.3
* Remove device mapper support
* Remove use of deprecated tar.TypeRegA
* Update tooling to support newer golangci-lint
* Make cli.EncryptConfig,DecryptConfig, GetFormat public
* Don't decrypt images by default
* fix(deps): update module github.com/onsi/gomega to v1.27.8
* fix(deps): update github.com/containers/storage digest to 3f3fb2f
* Renovate: Don't touch fragile test stuffs
* [CI:DOCS] Update comment to remove ambiguity
* fix(deps): update github.com/containers/image/v5 digest to abe5133
* fix(deps): update module github.com/sirupsen/logrus to v1.9.3
* fix(deps): update module github.com/containerd/containerd to v1.7.2
* Explicitly ref. quay images for CI
* At startup, log the effective capabilities for debugging
* parse: use GetTempDir from internal utils
* GetTmpDir: honor image_copy_tmp_dir from containers.conf
* docs/Makefile: don't show sed invocations
* CI: Support testing w/ podman-next COPR packages
* intermediate-images inherit-label test: make it debuggable
* fix(deps): update github.com/containers/common digest to 462ccdd
* Add a warning to `--secret` docs
* vendor: bump c/storage to v1.46.2-0.20230526114421-55ee2d19292f
* executor: apply label to only final stage
* remove registry.centos.org
* Go back to setting SysProcAttr.Pdeathsig for child processes
* Fix auth.json path (validated on Fedora 38) wq Signed-off-by: Andreas Mack <andreas.mack@gmail.com>
* fix(deps): update module github.com/stretchr/testify to v1.8.3
* CI: fix test broken by renovatebot
* chore(deps): update quay.io/libpod/testimage docker tag to v20221018
* fix(deps): update module github.com/onsi/gomega to v1.27.7
* test: use debian instead of docker.io/library/debian:testing-slim
* vendor: bump logrus to 1.9.2
* [skip-ci] Update tim-actions/get-pr-commits action to v1.3.0
* Revert "Proof of concept: nightly dependency treadmill"
* fix(deps): update module github.com/sirupsen/logrus to v1.9.1
* vendor in containers/(common,storage,image)
* fix(deps): update module github.com/docker/distribution to v2.8.2+incompatible
* run: drop Pdeathsig
* chroot: lock thread before setPdeathsig
* tests: add a case for required=false
* fix(deps): update module github.com/openshift/imagebuilder to v1.2.5
* build: validate volumes on backend
* secret: accept required flag w/o value
* fix(deps): update module github.com/containerd/containerd to v1.7.1
* fix(deps): update module golang.org/x/crypto to v0.9.0
* Update the demos README file to fix minor typos
* fix(deps): update module golang.org/x/sync to v0.2.0
* fix(deps): update module golang.org/x/term to v0.8.0
* manifest, push: use source as destination if not specified
* run,mount: remove path only if they didnt pre-exist
* Cirrus: Fix meta task failing to find commit
* parse: filter edge-case for podman-remote
* fix(deps): update module github.com/opencontainers/runc to v1.1.7
* fix(deps): update module github.com/docker/docker to v23.0.5+incompatible
* build: --platform must accept only arch
* fix(deps): update module github.com/containers/common to v0.53.0
* makefile: increase conformance timeout
* Cap suffixDigitsModulo to a 9-digits suffix.
* Rename conflict to suffixDigitsModulo
* fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0-rc.2
* fix(deps): update module github.com/opencontainers/runc to v1.1.6
* chore(deps): update centos docker tag to v8
* Clarify the need for qemu-user-static package
* chore(deps): update quay.io/centos/centos docker tag to v8
* Renovate: Ensure test/tools/go.mod is managed
* Revert "buildah image should not enable fuse-overlayfs for rootful mode"
* Bump to v1.31.0-dev
* parse: add support for relabel bind mount option
-------------------------------------------------------------------
Mon Apr 10 05:32:16 UTC 2023 - danish.prakash@suse.com
- Update to version 1.30.0:
* Bump to v1.30.0
* fix(deps): update module github.com/containers/common to v0.52.0
* fix(deps): update module golang.org/x/crypto to v0.8.0
* chore(deps): update dependency containers/automation_images to v20230405
* vendor c/common ff62cdebdd0e
* vendor in latest containers/(storage, image)
* fix(deps): update module github.com/opencontainers/runc to v1.1.5
* fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.7
* buildah image should not enable fuse-overlayfs for rootful mode
* stage_executor: inline network add default string
* build: pass process environment variables by reference
* run: pass process environment variables by reference
* fix(deps): update module github.com/containers/common to v0.51.2
* chore(deps): update dependency containers/automation_images to v20230330
* fix(deps): update module github.com/docker/docker to v23.0.2+incompatible
* chore(deps): update dependency containers/automation_images to v20230320
* fix(deps): update module github.com/onsi/gomega to v1.27.6
* fix(deps): update github.com/opencontainers/runtime-tools digest to e931285
* [skip-ci] Update actions/stale action to v8
* test: don't allow to override io.buildah.version
* executor: only apply label on the final stage
* Update docs/buildah-build.1.md
* update build instruction for Ubuntu
* code review
* build: accept arguments from file with --build-arg-file
* run_linux: Update heuristic for mounting /sys
* [CI:BUILD] Packit: Enable Copr builds on PR and commit to main
* fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.6
* Update to Go 1.18
* Disable dependabot in favor of renovate
* chore(deps): update dependency containers/automation_images to v20230314
* Fix requiring tests on Makefile changes
* Vendor in latest containers/(storage, common, image)
* imagebuildah: set len(short_image_id) to 12
* Re-enable conformance tests
* Skip conformance test failures with Docker 23.0.1
* Cirrus: Replace Ubuntu -> Debian SID
* run: add support for inline --network in RUN stmt
* vendor: bump imagebuilder to a3c3f8358ca31b1e4daa6
* stage_executor: attempt to push cache only when cacheKey is valid
* Add "ifnewer" as option in help message for pull command
* build: document behaviour of buildah's distributed cache
* fix(deps): update module golang.org/x/term to v0.6.0
* Add default list of capabilities required to run buildah in a container
* executor,copy: honor default ARG value while eval stage
* sshagent: use ExtendedAgent instead of Agent
* tests/bud: remove unwated test
* executor: do not warn on builtin default args
* executor: don't warn about unused TARGETARCH,TARGETOS,TARGETPLATFORM
* Fix tutorial for rootless mode
* Vendor in latest containers/(common, storage, image)
* Ignore the base image's base image annotations
* fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.5
* build(deps): bump github.com/containers/storage from 1.45.3 to 1.45.4
* Vendor in latest containers/common
* docs/tutorials/04: add defaults for Run()
* imagebuildah.StageExecutor: suppress bogus "Pushing cache []:..."
* executor: also add stage with no children to cleanupStages
* [CI:BUILD] copr: fix el8 builds
* Fix documentation on which Capabilities are allowed by default
* Skip subject-length validation for renovate PRs
* Temporarily hard-skip bud-multiple-platform-values test
* fix(deps): update github.com/openshift/imagebuilder digest to 86828bf
* build(deps): bump github.com/containerd/containerd from 1.6.16 to 1.6.17
* build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0
* build(deps): bump github.com/containers/image/v5 from 5.24.0 to 5.24.1
* [skip-ci] Update tim-actions/get-pr-commits digest to 55b867b
* build(deps): bump github.com/opencontainers/selinux
* build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0
* Add renovate configuration
* Run codespell on codebase
* login: support interspersed args for password
* conformance: use scratch for minimal test
* pkg/parse: expose public CleanCacheMount API
* build(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7
* build(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.16
* docs: specify order preference for FROM
* Bump to v1.30.0-dev
-------------------------------------------------------------------
Fri Feb 17 04:41:55 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
- Update to version 1.29.1:
* [release-1.29] Bump to Buildah v1.29.1
* Update to c/image 5.24.1
-------------------------------------------------------------------
Thu Jan 26 15:20:28 UTC 2023 - dcermak@suse.com
- Update to version 1.29.0:
* Bump to v1.29.0
* tests: improve build-with-network-test
* Bump c/storagev1.45.3, c/imagev5.24.0, c/commonv0.51.0
* build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0
* Flake 3710 has been closed. Reenable the test.
* [CI:DOCS] Fix two diversity issues in a tutorial
* build(deps): bump github.com/fsouza/go-dockerclient from 1.9.2 to 1.9.3
* vendor in latests containers/(storage, common, image)
* fix bud-multiple-platform-with-base-as-default-arg flake
* stage_executor: while mounting stages use freshly built stage
* build(deps): bump github.com/fsouza/go-dockerclient from 1.9.0 to 1.9.2
* build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.25.0
* vendor in latests containers/(storage, common, image, ocicyrpt)
* [Itests: change the runtime-flag test for crun
* [CI:DOCS] README: drop sudo
* Fix multi-arch manifest-list build timeouts
* Cirrus: Update VM Images
* bud: Consolidate multiple synthetic LABEL instructions
* build, secret: allow realtive mountpoints wrt to work dir
* fixed squash documentation
* build(deps): bump github.com/containerd/containerd from 1.6.14 to 1.6.15
* Correct minor comment
* Vendor in latest containers/(common, image, storage)
* system tests: remove unhelpful assertions
* buildah: add prune command and expose CleanCacheMount API
* vendor: bump c/storage to a747b27
* Add support for --group-add to buildah from
* build(deps): bump actions/stale from 6 to 7
* Add documentation for buildah build --pull=missing
* build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.14
* build(deps): bump github.com/docker/docker
* parse: default ignorefile must not point to symlink outside context
* buildah: wrap network setup errors
* build, mount: allow realtive mountpoints wrt to work dir
* Update to F37 CI VM Images, re-enable prior-fedora
* Update vendor or containers/(image, storage, common)
* build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0
* Update contact information
* build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0
* Replace io/ioutil calls with os calls
* [skip-ci] GHA/Cirrus-cron: Fix execution order
* Vendor in containers/common
* build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0
* remote-cache: support multiple sources and destinations
* Update c/storage after https://github.com/containers/storage/pull/1436
* util.SortMounts(): make the returned order more stable
* version: Bump to 1.29.0-dev
* [CI:BUILD] Cirrus: Migrate OSX task to M1
* Update vendor of containers/(common, storage, image)
* mount=type=cache: seperate cache parent on host for each user
* Fix installation instructions for Gentoo Linux
* build(deps): bump github.com/containerd/containerd from 1.6.9 to 1.6.10
* GHA: Reuse both cirrus rerun and check workflows
* Vendor in latest containers/(common,image,storage)
* build(deps): bump github.com/onsi/gomega from 1.24.0 to 1.24.1
* copier.Put(): clear up os/syscall mode bit confusion
* build(deps): bump golang.org/x/sys from 0.1.0 to 0.2.0
* Use TypeBind consistently to name bind/nullfs mounts
* Add no-new-privileges flag
* Update vendor of containers/(common, image, storage)
* imagebuildah:build with --all-platforms must honor args for base images
* codespell code
* Expand args and env when using --all-platforms
* build(deps): bump github.com/onsi/gomega from 1.23.0 to 1.24.0
* GHA: Simplify Cirrus-Cron check slightly
* Stop using ubi8
* remove unnecessary (hence misleading) rmi
* chroot: fix mounting of ro bind mounts
* executor: honor default ARG value while eval base name
* userns: add arbitrary steps/stage to --userns=auto test
* Don't set allow.mount in the vnet jail on Freebsd
* copier: Preserve file flags when copying archives on FreeBSD
* Remove quiet flag, so that it works in podman-remote
* test: fix preserve rootfs with --mount for podman-remote
* test: fix prune logic for cache-from after adding content summary
* vendor in latest containers/(storage, common, image)
* Fix RUN --mount=type=bind,from=<stage> not preserving rootfs of stage
* Define and use a safe, reliable test image
* Fix word missing in Container Tools Guide
* Makefile: Use $(MAKE) to start sub-makes in install.tools
* imagebuildah: pull cache from remote repo after adding content summary
* Makefile: Fix install on FreeBSD
* Ensure the cache volume locks are unlocked on all paths
* Vendor in latest containers/(common,storage)
* Simplify the interface of GetCacheMount and getCacheMount
* Fix cache locks with multiple mounts
* Remove calls to Lockfile.Locked()
* Maintain cache mount locks as lock objects instead of paths
* test: cleaning cache must not clean lockfiles
* run: honor lockfiles for multiple --mount instruction
* mount,cache: lockfiles must not be part of users cache content
* Update vendor containers/(common,image,storage)
* [CI:BUILD] copr: buildah rpm should depend on containers-common-extra
* pr-should-include-tests: allow specfile, golangci
* build(deps): bump dawidd6/action-send-mail from 3.7.0 to 3.7.1
* build(deps): bump github.com/docker/docker
* build(deps): bump github.com/fsouza/go-dockerclient from 1.8.3 to 1.9.0
* Update vendor containers/(common,image,storage)
* build(deps): bump actions/upload-artifact from 2 to 3
* build(deps): bump actions/checkout from 2 to 3
* build(deps): bump actions/stale from 1 to 6
* build(deps): bump dawidd6/action-send-mail from 2.2.2 to 3.7.0
* build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0
* sshagent: LockOSThread before setting SocketLabel
* Update tests for error message changes
* Update c/image after https://github.com/containers/image/pull/1299
* Fix ident for dependabot gha block
* build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6
* Fix man pages to match latest cobra settings
* build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0
* build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1
* test: retrofit 'bud with undefined build arg directory'
* imagebuildah: warnOnUnsetBuildArgs while processing stages from executor
* Update contrib/buildahimage/Containerfile
* Cirrus CI add flavor parameter
* Correction - `FLAVOR` not `FLAVOUR`
* Changed build argument from `RELEASE` to `FLAVOUR`
* Combine buildahimage Containerfiles
* bud.bats refactoring: $TEST_SCRATCH_DIR, part 2 of 2
* bud.bats refactoring: $TEST_SCRATCH_DIR, part 1 of 2
* System test cleanup: document, clarify, fix
* test: removing unneeded/expensive COPY
* test: warning behaviour for unset/set TARGETOS,TARGETARCH,TARGETPLATFORM
* Bump to v1.28.1-dev
-------------------------------------------------------------------
Mon Nov 28 08:55:11 UTC 2022 - dcermak@suse.com
- Update to version 1.28.2:
* version: bump to 1.28.2
* Stop using ubi8
* Define and use a safe, reliable test image
-------------------------------------------------------------------
Wed Nov 23 10:30:12 UTC 2022 - dcermak@suse.com
- Update to version 1.28.1:
* version: bump to v1.28.1
* copier.Put(): clear up os/syscall mode bit confusion
* retrofit, test: ubi8 changed architecture string
- Only build targets that we install
-------------------------------------------------------------------
Fri Oct 07 08:53:06 UTC 2022 - dcermak@suse.com
- Update to version 1.28.0:
* Bump to v1.28.0
* No longer modify buildah.spec
* Update for https://github.com/klauspost/pgzip/pull/50
* Update vendor containers/(common,image)
* [CI:DOCS] Add quay-description update reminder
* vendor: bump c/common to v0.49.2-0.20220929111928-2d1b45ae2423
* build(deps): bump github.com/opencontainers/selinux
* Vendor in latest containers/storage
* Changing shell list operators from `;` to `&&`
* Fix buildahimage container.conf permissions regression
* Set sysctls from containers.conf
* refactor: stop using Normalize directly from containerd package
* config,builder: process variant while populating image spec
* Proof of concept: nightly dependency treadmill
* Run codespell on code
* Check for unset build args after TARGET args
* pkg/cli: improve completion test
* vendor in latest containers/(common,storage,image)
* copier: work around freebsd bug for "mkdir /"
* vendor: update c/image
* test: run in the host cgroup namespace
* vendor: update c/storage
* vendor: update c/common
* cmd: check for user UID instead of privileges
* run,build: conflict --isolation=chroot and --network
* Fix broken dns test (from merge collision)
* Fix stutters
* Fix broken command completion
* buildah bud --network=none should have no network
* build: support --skip-unused-stages for multi-stage builds
* Prevent use of --dns* options with --net=none
* buildah: make --cache-ttl=0s equivalent to --no-cache
* parse: make processing flags in --mount order agnostic
* Minor test fix for podman-remote
* build: honor <Containerfile>.containerignore as ignore file
* Update install.md: Debian 11 (Bullseye) is stable
* build(deps): bump github.com/docker/docker
* Use constants from containers/common for finding seccomp.json
* Don't call os.Exit(1) from manifest exist
* manifest: add support for buildah manifest exists
* Buildah should ignore /etc/crio/seccomp.json
* chroot: Fix cross build break
* chroot: Move isDevNull to run_common.go
* chroot: Fix setRlimit build on FreeBSD
* chroot: Move parseRLimits and setRlimits to run_common.go
* chroot: Fix runUsingChrootExecMain on FreeBSD
* chroot: Move runUsingChrootExecMain to run_common.go
* chroot: Factor out Linux-specific unshare options from runUsingChroot
* chroot: Move runUsingChroot to run_common.go
* chroot: Move RunUsingChroot and runUsingChrootMain to run_common.go
* chroot: Factor out /dev/ptmx pty implementation
* chroot: Add FreeBSD support for run with chroot isolation
* build(deps): bump github.com/docker/go-units from 0.4.0 to 0.5.0
* Replace k8s.gcr.io/pause in tests with registry.k8s.io/pause
* build(deps): bump github.com/onsi/gomega from 1.20.0 to 1.20.1
* Cirrus: use image with fewer downloaded dependencies
* build(deps): bump github.com/opencontainers/runc from 1.1.3 to 1.1.4
* run: add container gid to additional groups (CVE-2022-2990 / bsc#1202812)
* buildah: support for --retry and --retry-delay for push/pull failures
* Makefile: always call $(GO) instead of `go`
* build(deps): bump github.com/fsouza/go-dockerclient from 1.8.2 to 1.8.3
* test: use `T.TempDir` to create temporary test directory
* mount,cache: enable SElinux shared content label option by default
* commit: use race-free RemoveNames instead of SetNames
* Drop util/util.Cause()
* cmd/buildah: add "manifest create --amend"
* build(deps): bump github.com/fsouza/go-dockerclient from 1.8.1 to 1.8.2
* docs: specify git protocol is not supported for github hosted repo
* Scrub user and group names from layer diffs
* build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.8
* version: bump to 1.28.0-dev
-------------------------------------------------------------------
Wed Sep 21 07:41:42 UTC 2022 - dcermak@suse.com
- Update to version 1.27.2:
* tag v1.27.2
* Fix broken command completion
* build: support --skip-unused-stages for multi-stage builds
-------------------------------------------------------------------
Mon Sep 12 09:57:27 UTC 2022 - dcermak@suse.com
- Update to version 1.27.1:
* release: bump to v1.27.1
* run: add container gid to additional groups
- Drop add-container-gid-to-additional-groups.patch
(merged upstream)
-------------------------------------------------------------------
Fri Aug 26 12:13:12 UTC 2022 - Dan Čermák <dcermak@suse.com>
- Add fix for CVE-2022-2990 / bsc#1202812
add: add-container-gid-to-additional-groups.patch
-------------------------------------------------------------------
Tue Aug 09 06:54:52 UTC 2022 - dcermak@suse.com
- Update to version 1.27.0:
* release: tag v1.27.0
* make,cross: ignore loong64 from target list
* Allow chflags operations inside the container
* Don't try to call runLabelStdioPipes if spec.Linux is not set
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* build: support filtering cache by duration using --cache-ttl
* build: support building from commit when using git repo as build context
* build: clean up git repos correctly when using subdirs
* integration tests: quote "?" in shell scripts
* Fix a copy/paste error
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* vendor c/common@v0.49.1
* test: manifest inspect should have OCIv1 annotation
* vendor: bump to c/common@87fab4b7019a
* Failure to determine a file or directory should print an error
* build(deps): bump github.com/containernetworking/cni from 1.1.1 to 1.1.2
* refactor: remove unused CommitOptions from generateBuildOutput
* stage_executor: generate output for cases with no commit
* stage_executor, commit: output only if last stage in build
* Use errors.Is() instead of os.Is{Not,}Exist
* Minor test tweak for podman-remote compatibility
* Cirrus: Use the latest imgts container
* imagebuildah: complain about the right Dockerfile
* tests: don't try to wrap `nil` errors
* cmd/buildah.commitCmd: don't shadow "err"
* cmd/buildah.pullCmd: complain about DecryptConfig/EncryptConfig
* Fix a copy/paste error message
* Fix a typo in an error message
* build,cache: support pulling/pushing cache layers to/from remote sources
* Update vendor of containers/(common, storage, image)
* Rename chroot/run.go to chroot/run_linux.go
* Don't bother telling codespell to skip files that don't exist
* Set user namespace defaults correctly for the library
* imagebuildah: optimize cache hits for COPY and ADD instructions
* Cirrus: Update VM images w/ updated bats
* build(deps): bump github.com/onsi/gomega from 1.19.0 to 1.20.0
* docs, run: show SELinux label flag for cache and bind mounts
* build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
* imagebuildah, build: remove undefined concurrent writes
* bump github.com/opencontainers/runtime-tools
* Add FreeBSD support for 'buildah info'
* Vendor in latest containers/(storage, common, image)
* Add freebsd cross build targets
* Make the jail package build on 32bit platforms
* Cirrus: Ensure the build-push VM image is labeled
* GHA: Fix dynamic script filename
* Vendor in containers/(common, storage, image)
* Run codespell
* Remove import of github.com/pkg/errors
* Avoid using cgo in pkg/jail
* Rename footypes to fooTypes for naming consistency
* Move cleanupTempVolumes and cleanupRunMounts to run_common.go
* Make the various run mounts work for FreeBSD
* Move get{Bind,Tmpfs,Secret,SSH}Mount to run_common.go
* Move runSetupRunMounts to run_common.go
* Move cleanableDestinationListFromMounts to run_common.go
* Make setupMounts and runSetupBuiltinVolumes work on FreeBSD
* Move setupMounts and runSetupBuiltinVolumes to run_common.go
* Tidy up - runMakeStdioPipe can't be shared with linux
* Move runAcceptTerminal to run_common.go
* Move stdio copying utilities to run_common.go
* Move runUsingRuntime and runCollectOutput to run_common.go
* Move fileCloser, waitForSync and contains to run_common.go
* Move checkAndOverrideIsolationOptions to run_common.go
* Move DefaultNamespaceOptions to run_common.go
* Move getNetworkInterface to run_common.go
* Move configureEnvironment to run_common.go
* Don't crash in configureUIDGID if Process.Capabilities is nil
* Move configureUIDGID to run_common.go
* Move runLookupPath to run_common.go
* Move setupTerminal to run_common.go
* Move etc file generation utilities to run_common.go
* Add run support for FreeBSD
* Add a simple FreeBSD jail library
* Add FreeBSD support to pkg/chrootuser
* Sync call signature for RunUsingChroot with chroot/run.go
* test: verify feature to resolve basename with args
* vendor: bump openshift/imagebuilder to master@4151e43
* GHA: Remove required reserved-name use
* buildah: set XDG_RUNTIME_DIR before setting default runroot
* imagebuildah: honor build output even if build container is not commited
* chroot: honor DefaultErrnoRet
* [CI:DOCS] improve pull-policy documentation
* tests: retrofit test since --file does not supports dir
* Switch to golang native error wrapping
* BuildDockerfiles: error out if path to containerfile is a directory
* define.downloadToDirectory: fail early if bad HTTP response
* GHA: Allow re-use of Cirrus-Cron fail-mail workflow
* add: fail on bad http response instead of writing to container
* build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0
* [CI:DOCS] Update buildahimage comment
* lint: inspectable is never nil
* vendor: c/common to common@7e1563b
* build: support OCI hooks for ephemeral build containers
* [CI:BUILD] Install latest buildah instead of compiling
* Add subid support with BuildRequires and BUILDTAG [NO NEW TESTS NEEDED]
* build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.5
* Make sure cpp is installed in buildah images
* demo: use unshare for rootless invocations
* buildah.spec.rpkg: initial addition
* build: fix test for subid 4
* build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0
* build, userns: add support for --userns=auto
* Fix building upstream buildah image
* Remove redundant buildahimages-are-sane validation
* Docs: Update multi-arch buildah images readme
* Cirrus: Migrate multiarch build off github actions
* retrofit-tests: we skip unused stages so use stages
* stage_executor: dont rely on stage while looking for additional-context
* buildkit, multistage: skip computing unwanted stages
* More test cleanup
* copier: work around freebsd bug for "mkdir /"
* Replace $BUILDAH_BINARY with buildah() function
* Fix up buildah images
* Make util and copier build on FreeBSD
* Vendor in latest github.com/sirupsen/logrus
* build(deps): bump github.com/opencontainers/runc from 1.1.2 to 1.1.3
* Makefile: allow building without .git
* run_unix: don't return an error from getNetworkInterface
* run_unix: return a valid DefaultNamespaceOptions
* Update vendor of containers/storage
* chroot: use ActKillThread instead of ActKill
* use resolvconf package from c/common/libnetwork
* update c/common to latest main
* copier: add `NoOverwriteNonDirDir` option
* Sort buildoptions and move cli/build functions to internal
* build(deps): bump github.com/fsouza/go-dockerclient from 1.8.0 to 1.8.1
* build(deps): bump github.com/docker/docker
* build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2
* build(deps): bump github.com/containerd/containerd from 1.6.5 to 1.6.6
* Fix TODO: de-spaghettify run mounts
* Move options parsing out of build.go and into pkg/cli
* [CI:DOCS] Tutorial 04 - Include Debian/Ubuntu deps
* build, multiarch: support splitting build logs for --platform
* build(deps): bump github.com/containerd/containerd from 1.6.4 to 1.6.5
* [CI:BUILD] WIP Cleanup Image Dockerfiles
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.11 to 1.8.0
* cli remove stutter
* docker-parity: ignore sanity check if baseImage history is null
* build, commit: allow disabling image history with --omit-history
* Fix use generic/ambiguous DEBUG name
* build(deps): bump github.com/containernetworking/cni from 1.1.0 to 1.1.1
* Cirrus: use Ubuntu 22.04 LTS
* Fix codespell errors
* Remove util.StringInSlice because it is defined in containers/common
* buildah: add support for renaming a device in rootless setups
* squash: never use build cache when computing last step of last stage
* Update vendor of containers/(common, storage, image)
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* buildkit: supports additionalBuildContext in builds via --build-context
* test cleanup
* buildah source pull/push: show progress bar
* run: allow resuing secret twice in different RUN steps
* test helpers: default to being rootless-aware
* Add --cpp-flag flag to buildah build
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* build: accept branch and subdirectory when context is git repo
* build(deps): bump github.com/docker/docker
* Vendor in latest containers/common
* build(deps): bump github.com/opencontainers/runc from 1.1.1 to 1.1.2
* vendor: update c/storage and c/image
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* Fix gentoo install docs
* build(deps): bump github.com/docker/docker
* copier: move NSS load to new process
* Add test for prevention of reusing encrypted layers
* Make `buildah build --label foo` create an empty "foo" label again
* Bump to v1.27.0-dev
-------------------------------------------------------------------
Thu Aug 04 06:27:00 UTC 2022 - dcermak@suse.com
- Update to version 1.26.4:
* tag v1.26.4
* build, multiarch: support splitting build logs for --platform
* copier: add `NoOverwriteNonDirDir` option
* docker-parity: ignore sanity check if baseImage history is null
* build, commit: allow disabling image history with --omit-history
* buildkit: supports additionalBuildContext in builds via --build-context
* Add --cpp-flag flag to buildah build
-------------------------------------------------------------------
Wed Aug 03 11:54:24 UTC 2022 - fcrozat@suse.com
- Update to version 1.26.3:
* release: bump to v1.26.3
* define.downloadToDirectory: fail early if bad HTTP response
* add: fail on bad http response instead of writing to container
* squash: never use build cache when computing last step of last stage
* run: allow resuing secret twice in different RUN steps
* integration tests: update expected error messages
* integration tests: quote "?" in shell scripts
* Use errors.Is() to check for storage errors
* lint: inspectable is never nil
* chroot: use ActKillThread instead of ActKill
* chroot: honor DefaultErrnoRet
* Bump dependencies
* Set user namespace defaults correctly for the library
* contrib/rpm/buildah.spec: fix `rpm` parser warnings
- Drop requires on apparmor pattern, should be moved elsewhere
for systems which want AppArmor instead of SELinux.
- Drop binutils-gold workaround, no longer needed.
- Update BuildRequires to libassuan-devel >= 2.5.2, pkgconfig file
is required to build.
-------------------------------------------------------------------
Thu Jul 07 09:00:47 UTC 2022 - dcermak@suse.com
- Update to version 1.26.2:
* Bump to v1.26.2
* Bump github.com/containers/storage from v1.40.2 to v1.40.3
* buildah: add support for renaming a device in rootless setups
-------------------------------------------------------------------
Thu May 05 06:18:56 UTC 2022 - dcermak@suse.com
- Update to version 1.26.1:
* Bump to v1.26.1
* Make `buildah build --label foo` create an empty "foo" label again
* Bump to v1.26.0
* build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
* imagebuildah,build: move deepcopy of args before we spawn goroutine
* Vendor in containers/storage v1.40.2
* buildah.BuilderOptions.DefaultEnv is ignored, so mark it as deprecated
* help output: get more consistent about option usage text
* Handle OS version and features flags
* buildah build: --annotation and --label should remove values
* buildah build: add a --env
* buildah: deep copy options.Args before performing concurrent build/stage
* test: inline platform and builtinargs behaviour
* vendor: bump imagebuilder to master/009dbc6
* build: automatically set correct TARGETPLATFORM where expected
* build(deps): bump github.com/fsouza/go-dockerclient
* Vendor in containers/(common, storage, image)
* imagebuildah, executor: process arg variables while populating baseMap
* buildkit: add support for custom build output with --output
* Cirrus: Update CI VMs to F36
* fix staticcheck linter warning for deprecated function
* Fix docs build on FreeBSD
* build(deps): bump github.com/containernetworking/cni from 1.0.1 to 1.1.0
* copier.unwrapError(): update for Go 1.16
* copier.PutOptions: add StripSetuidBit/StripSetgidBit/StripStickyBit
* copier.Put(): write to read-only directories
* build(deps): bump github.com/cpuguy83/go-md2man/v2 in /tests/tools
* Rename $TESTSDIR (the plural one), step 4 of 3
* Rename $TESTSDIR (the plural one), step 3 of 3
* Rename $TESTSDIR (the plural one), step 2 of 3
* Rename $TESTSDIR (the plural one), step 1 of 3
* build(deps): bump github.com/containerd/containerd from 1.6.2 to 1.6.3
* Ed's periodic test cleanup
* using consistent lowercase 'invalid' word in returned err msg
* Update vendor of containers/(common,storage,image)
* use etchosts package from c/common
* run: set actual hostname in /etc/hostname to match docker parity
* update c/common to latest main
* Update vendor of containers/(common,storage,image)
* Stop littering
* manifest-create: allow creating manifest list from local image
* Update vendor of storage,common,image
* Bump golang.org/x/crypto to 7b82a4e
* Initialize network backend before first pull
* oci spec: change special mount points for namespaces
* tests/helpers.bash: assert handle corner cases correctly
* buildah: actually use containers.conf settings
* integration tests: learn to start a dummy registry
* Fix error check to work on Podman
* buildah build should accept at most one arg
* tests: reduce concurrency for flaky bud-multiple-platform-no-run
* vendor in latest containers/common,image,storage
* manifest-add: allow override arch,variant while adding image
* Remove a stray `\` from .containerenv
* Vendor in latest opencontainers/selinux v1.10.1
* build, commit: allow removing default identity labels
* Create shorter names for containers based on image IDs
* test: skip rootless on cgroupv2 in root env
* fix hang when oci runtime fails
* Set permissions for GitHub actions
* copier test: use correct UID/GID in test archives
* run: set parent-death signals and forward SIGHUP/SIGINT/SIGTERM
* Bump back to v1.26.0-dev
* build(deps): bump github.com/opencontainers/runc from 1.1.0 to 1.1.1
* Included the URL to check the SHA
-------------------------------------------------------------------
Thu Mar 31 06:48:03 UTC 2022 - dcermak@suse.com
- remove obsolete check for TW, SLE 15 & Leap 15
- add workaround for https://bugzilla.opensuse.org/show_bug.cgi?id=1183043
- Update to version 1.25.1:
* Bump to v1.25.1
* buildah: create WORKDIR with USER permissions
* vendor: update github.com/openshift/imagebuilder
* copier: attempt to open the dir before adding it
* Updated dependabot to get updates for GitHub actions.
* Switch most calls to filepath.Walk to filepath.WalkDir
* build: allow --no-cache and --layers so build cache can be overrided
* build(deps): bump github.com/onsi/gomega from 1.18.1 to 1.19.0
* Bump to v1.26.0-dev
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
-------------------------------------------------------------------
Wed Mar 30 08:30:01 UTC 2022 - dcermak@suse.com
- fixes bsc#1197870
- Update to version 1.25.0:
* Bump to v1.25.0
* install: drop RHEL/CentOS 7 doc
* build(deps): bump github.com/containers/common from 0.47.4 to 0.47.5
* Bump c/storage to v1.39.0 in main
* Add a test for CVE-2022-27651
* build(deps): bump github.com/docker/docker
* Bump github.com/prometheus/client_golang to v1.11.1
* [CI:DOCS] man pages: sort flags, and keep them that way
* build(deps): bump github.com/containerd/containerd from 1.6.1 to 1.6.2
* Don't pollute
* network setup: increase timeout to 4 minutes
* do not set the inheritable capabilities
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* build(deps): bump github.com/containers/ocicrypt from 1.1.2 to 1.1.3
* parse: convert exposed GetVolumes to internal only
* buildkit: mount=type=cache support locking external cache store
* .in support: improve error message when cpp is not installed
* buildah image: install cpp
* build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1
* build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0
* build(deps): bump github.com/docker/docker
* Add --no-hosts flag to eliminate use of /etc/hosts within containers
* test: remove skips for rootless users
* test: unshare mount/umount if test is_rootless
* tests/copy: read correct containers.conf
* build(deps): bump github.com/docker/distribution
* cirrus: add seperate task and matrix for rootless
* tests: skip tests for rootless which need unshare
* buildah: test rootless integration
* vendor: bump c/storage to main/93ce26691863
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.9 to 1.7.10
* tests/copy: initialize the network, too
* [CI:DOCS] remove references to Kubic for CentOS and Ubuntu
* build(deps): bump github.com/containerd/containerd from 1.6.0 to 1.6.1
* use c/image/pkg/blobcache
* vendor c/image/v5@v5.20.0
* add: ensure the context directory is an absolute path
* executor: docker builds must inherit healthconfig from base if any
* docs: Remove Containerfile and containeringore
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.8 to 1.7.9
* helpers.bash: Use correct syntax
* speed up combination-namespaces test
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* Bump back to 1.25.0-dev
* build(deps): bump github.com/containerd/containerd from 1.5.9 to 1.6.0
-------------------------------------------------------------------
Thu Feb 17 07:58:57 UTC 2022 - dcermak@suse.com
- Update to version 1.24.2:
* Bump to v1.24.2
* Increase subuid/subgid to 65535
* history: only add proxy vars to history if specified
* run_linux: use --systemd-cgroup
* buildah: new global option --cgroup-manager
* Makefile: build with systemd when available
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.7 to 1.7.8
* Bump c/common to v0.47.4
* Cirrus: Use updated VM images
* conformance: add a few "replace-directory-with-symlink" tests
* Bump back to v1.25.0-dev
-------------------------------------------------------------------
Fri Feb 04 07:31:54 UTC 2022 - dcermak@suse.com
- Update to version 1.24.1:
* overlay: always honor mountProgram by @giuseppe in https://github.com/containers/buildah/pull/3750
* build(deps): bump github.com/onsi/gomega from 1.18.0 to 1.18.1 by @dependabot in https://github.com/containers/buildah/pull/3754
* imagebuildah.BuildDockerfiles(): create the jobs semaphore by @nalind in https://github.com/containers/buildah/pull/3753
* build(deps): bump github.com/containers/storage from 1.38.1 to 1.38.2 by @dependabot in https://github.com/containers/buildah/pull/3760
* System tests: fix accidental vandalism of source dir by @edsantiago in https://github.com/containers/buildah/pull/3761
* Update vendor of containers/storage and containers/common by @rhatdan in https://github.com/containers/buildah/pull/3759
* Bump version of containers/image and containers/common by @rhatdan in https://github.com/containers/buildah/pull/3764
* Update vendor of openshift/imagebuilder by @rhatdan in https://github.com/containers/buildah/pull/3765
* caps: fix buildah run --cap-add=all by @rhatdan in https://github.com/containers/buildah/pull/3766
* stage_executor: Add support for inline `FROM --platform=` within Containerfile/Dockerfile by @flouthoc in https://github.com/containers/buildah/pull/3757
**Full Changelog**: https://github.com/containers/buildah/compare/v1.24.0...v1.24.1
-------------------------------------------------------------------
Thu Jan 27 07:30:30 UTC 2022 - dcermak@suse.com
- Update to version 1.24.0:
* Bump to v1.24.0
* Update vendor of containers/common
* build(deps): bump github.com/golangci/golangci-lint in /tests/tools
* Github-workflow: Report both failures and errors.
* build(deps): bump github.com/containers/image/v5 from 5.18.0 to 5.19.0
* Update docs/buildah-build.1.md
* [CI:DOCS] Fix typos and improve language
* buildah bud --network add support for custom networks
* Make pull commands be consistent
* docs/buildah-build.1.md: don't imply that -v isn't just a RUN thing
* build(deps): bump github.com/onsi/gomega from 1.17.0 to 1.18.0
* Vendor in latest containers/image
* Run codespell on code
* .github/dependabot.yml: add tests/tools go.mod
* CI: rm git-validation, add GHA job to validate PRs
* tests/tools: bump go-md2man to v2.0.1
* tests/tools/Makefile: simplify
* tests/tools: bump onsi/ginkgo to v1.16.5
* vendor: bump c/common and others
* mount: add support for custom upper and workdir with overlay mounts
* linux: fix lookup for runtime
* overlay: add MountWithOptions to API which extends support for advanced overlay
* Allow processing of SystemContext from FlagSet
* .golangci.yml: enable unparam linter
* util/resolveName: rm bool return
* tests/tools: bump golangci-lint
* .gitignore: fixups
* all: fix capabilities.NewPid deprecation warnings
* bind/mount.go: fix linter comment
* all: fix gosimple warning S1039
* tests/e2e/buildah_suite_test.go: fix gosimple warnings
* imagebuildah/executor.go: fix gosimple warning
* util.go: fix gosimple warning
* build(deps): bump github.com/opencontainers/runc from 1.0.3 to 1.1.0
* Enable git-daemon tests
* Allow processing of id options from FlagSet
* Cirrus: Re-order tasks for more parallelism
* Cirrus: Freshen VM images
* Fix platform handling for empty os/arch values
* Allow processing of network options from FlagSet
* Fix permissions on secrets directory
* Update containers/image and containers/common
* bud.bats: use a local git daemon for the git protocol test
* Allow processing of common options from FlagSet
* Cirrus: Run int. tests in parallel with unit
* vendor c/common
* Fix default CNI paths
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.6 to 1.7.7
* multi-stage: enable mounting stages across each other with selinux enabled
* executor: Share selinux label of first stage with other stages in a build
* buildkit: add from field to bind and cache mounts so images can be used as source
* Use config.ProxyEnv from containers/common
* use libnetwork from c/common for networking
* setup the netns in the buildah parent process
* build(deps): bump github.com/containerd/containerd from 1.5.8 to 1.5.9
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.4 to 1.7.6
* build: fix libsubid test
* Allow callers to replace the ContainerSuffix
* parse: allow parsing anomaly non-human value for memory control group
* .cirrus: remove static_build from ci
* stage_executor: re-use all possible layers from cache for squashed builds
* build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0
* Allow rootless buildah to set resource limits on cgroup V2
* build(deps): bump github.com/docker/docker
* tests: move buildkit mount tests files from TESTSDIR to TESTDIR before modification
* build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
* Wire logger through to config
* copier.Put: check for is-not-a-directory using lstat, not stat
* Turn on rootless cgroupv2 tests
* Grab all of the containers.conf settings for namespaces.
* image: set MediaType in OCI manifests
* copier: RemoveAll possibly-directories
* Simple README fix
* images: accept multiple filter with logical AND
* build(deps): bump github.com/containernetworking/cni from 0.8.1 to 1.0.1
* UPdate vendor of container/storage
* build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0
* build(deps): bump github.com/containers/image/v5 from 5.16.1 to 5.17.0
* Make LocalIP public function so Podman can use it
* Fix UnsetEnv for buildah bud
* Tests should rely only on static/unchanging images
* run: ensure that stdio pipes are labeled correctly
* build(deps): bump github.com/docker/docker
* Cirrus: Bump up to Fedora 35 & Ubuntu 21.10
* chroot: don't use the generate default seccomp filter for unit tests
* build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8
* ssh-agent: Increase timeout before we explicitly close connection
* docs/tutorials: update
* Clarify that manifest defaults to localhost as the registry name
* "config": remove a stray bit of debug output
* "commit": fix a flag typo
* Fix an error message: unlocking vs locking
* Expand the godoc for CommonBuildOptions.Secrets
* chroot: accept an "rw" option
* Add --unsetenv option to buildah commit and build
* define.TempDirForURL(): show CombinedOutput when a command fails
* config: support the variant field
* rootless: do not bind mount /sys if not needed
* Fix tutorial to specify command on buildah run line
* build: history should not contain ARG values
* docs: Use guaranteed path for go-md2man
* run: honor --network=none from builder if nothing specified
* networkpolicy: Should be enabled instead of default when explictly set
* Add support for env var secret sources
* build(deps): bump github.com/docker/docker
* fix: another non-portable shebang
* Rootless containers users should use additional groups
* Support overlayfs path contains colon
* Report ignorefile location when no content added
* Add support for host.containers.internal in the /etc/hosts
* build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
* imagebuildah: fix nil deref
* buildkit: add support for mount=type=cache
* Default secret mode to 400
* [CI:DOCS] Include manifest example usage
* docs: update buildah-from, buildah-pull 'platform' option compatibility notes
* docs: update buildah-build 'platform' option compatibility notes
* De-dockerize the man page as much as possible
* [CI:DOCS] Touch up Containerfile man page to show ARG can be 1st
* docs: Fix and Update Containerfile man page with supported mount types
* mount: add tmpcopyup to tmpfs mount option
* buildkit: Add support for --mount=type=tmpfs
* build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
* Fix command doc links in README.md
* build(deps): bump github.com/containers/image/v5 from 5.16.0 to 5.16.1
* build: Add support for buildkit like --mount=type=bind
* Bump containerd to v1.5.7
* build(deps): bump github.com/docker/docker
* tests: stop pulling php, composer
* Fix .containerignore link file
* Cirrus: Fix defunct package metadata breaking cache
* build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0
* buildah build: add --all-platforms
* Add man page for Containerfile and .containerignore
* Plumb the remote logger throughut Buildah
* Replace fmt.Sprintf("%d", x) with strconv.Itoa(x)
* Run: Cleanup run directory after every RUN step
* build(deps): bump github.com/containers/common from 0.45.0 to 0.46.0
* Makefile: adjust -ldflags/-gcflags/-gccgoflags depending on the go implementation
* Makefile: check for `-race` using `-mod=vendor`
* imagebuildah: fix an attempt to write to a nil map
* push: support to specify the compression format
* conformance: allow test cases to specify dockerUseBuildKit
* build(deps): bump github.com/containers/common from 0.44.1 to 0.45.0
* build(deps): bump github.com/containers/common from 0.44.0 to 0.44.1
* unmarshalConvertedConfig(): handle zstd compression
* tests/copy/copy: wire up compression options
* Update to github.com/vbauerster/mpb v7.1.5
* Add flouthoc to OWNERS
* build: Add additional step nodes when labels are modified
* Makefile: turn on race detection whenever it's available
* conformance: add more tests for exclusion short-circuiting
* Update VM Images + Drop prior-ubuntu testing
* Bump to v1.24.0-dev
-------------------------------------------------------------------
Thu Nov 25 15:11:21 UTC 2021 - Dan Čermák <dcermak@suse.com>
- Sync package with Factory (bsc#1192999)
- remove no longer used CVE-2019-10214.patch
-------------------------------------------------------------------
Fri Oct 22 10:16:47 UTC 2021 - rpm@fthiessen.de
- Update to version 1.23.1:
* Update dependencies
* Bugfixes
-------------------------------------------------------------------
Fri Sep 17 10:08:13 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.23.0:
* Update dependencies
* Bugfixes
-------------------------------------------------------------------
Thu Sep 02 15:16:02 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.22.3:
* Update dependencies
* Post-branch commit
* Accept repositories on login/logout
-------------------------------------------------------------------
Fri Aug 06 09:31:59 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.22.0:
* Bump to v1.22.0 [NO TESTS NEEDED]
* c/image, c/storage, c/common vendor before Podman 3.3 release
* WIP: tests: new assert()
* Proposed patch for 3399 (shadowutils)
* Fix handling of --restore shadow-utils
* build(deps): bump github.com/containers/image/v5 from 5.13.2 to 5.14.0
* runtime-flag (debug) test: handle old & new runc
* build(deps): bump github.com/containers/storage from 1.32.6 to 1.33.0
* Allow dst and destination for target in secret mounts
* Multi-arch: Always push updated version-tagged img
* Add a few tests on cgroups V2
* imagebuildah.stageExecutor.prepare(): remove pseudonym check
* refine dangling filter
* Chown with environment variables not set should fail
* Just restore protections of shadow-utils
* build(deps): bump github.com/opencontainers/runc from 1.0.0 to 1.0.1
* Remove specific kernel version number requirement from install.md
* Multi-arch image workflow: Make steps generic
* chroot: fix environment value leakage to intermediate processes
* Update nix pin with `make nixpkgs`
* buildah source - create and manage source images
* Update cirrus-cron notification GH workflow
* Reuse code from containers/common/pkg/parse
* Cirrus: Freshen VM images
* Fix excludes exception begining with / or ./
* Fix syntax for --manifest example
* build(deps): bump github.com/onsi/gomega from 1.13.0 to 1.14.0
* vendor containers/common@main
* Cirrus: Drop dependence on fedora-minimal
* Adjust conformance-test error-message regex
* Workaround appearance of differing debug messages
* Cirrus: Install docker from package cache
* build(deps): bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2
* Switch rusagelogfile to use options.Out
* build(deps): bump github.com/containers/storage from 1.32.4 to 1.32.5
* Turn stdio back to blocking when command finishes
* Add support for default network creation
* Cirrus: Updates for master->main rename
* Change references from master to main
* Add `--env` and `--workingdir` flags to run command
* build(deps): bump github.com/opencontainers/runc
* [CI:DOCS] buildah bud: spelling --ignore-file requires parameter
* [CI:DOCS] push/pull: clarify supported transports
* Remove unused function arguments
* Create mountOptions for mount command flags
* Extract version command implementation to function
* Add --json flags to `mount` and `version` commands
* build(deps): bump github.com/containers/storage from 1.32.2 to 1.32.3
* build(deps): bump github.com/containers/common from 0.40.0 to 0.40.1
* copier.Put(): set xattrs after ownership
* buildah add/copy: spelling
* build(deps): bump github.com/containers/common from 0.39.0 to 0.40.0
* buildah copy and buildah add should support .containerignore
* Remove unused util.StartsWithValidTransport
* Fix documentation of the --format option of buildah push
* Don't use alltransports.ParseImageName with known transports
* build(deps): bump github.com/containers/image/v5 from 5.13.0 to 5.13.1
* man pages: clarify `rmi` removes dangling parents
* tests: make it easer to override the location of the copy helper
* build(deps): bump github.com/containers/image/v5 from 5.12.0 to 5.13.0
* [CI:DOCS] Fix links to c/image master branch
* imagebuildah: use the specified logger for logging preprocessing warnings
* Fix copy into workdir for a single file
* Fix docs links due to branch rename
* Update nix pin with `make nixpkgs`
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.2 to 1.7.3
* build(deps): bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2
* build(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6
* build(deps): bump github.com/containers/storage from 1.32.1 to 1.32.2
* build(deps): bump github.com/mattn/go-shellwords from 1.0.11 to 1.0.12
* build(deps): bump github.com/onsi/ginkgo from 1.16.3 to 1.16.4
* fix(docs): typo
* Move to v1.22.0-dev
* Fix handling of auth.json file while in a user namespace
* Add rusage-logfile flag to optionally send rusage to a file
* imagebuildah: redo step logging
* build(deps): bump github.com/onsi/ginkgo from 1.16.2 to 1.16.3
* build(deps): bump github.com/containers/storage from 1.32.0 to 1.32.1
* Add volumes to make running buildah within a container easier
* build(deps): bump github.com/onsi/gomega from 1.12.0 to 1.13.0
* Add and use a "copy" helper instead of podman load/save
* Bump github.com/containers/common from 0.38.4 to 0.39.0
* containerImageRef/containerImageSource: don't buffer uncompressed layers
* containerImageRef(): squashed images have no parent images
* Sync. workflow across skopeo, buildah, and podman
* Bump github.com/containers/storage from 1.31.1 to 1.31.2
* Bump github.com/opencontainers/runc from 1.0.0-rc94 to 1.0.0-rc95
* Bump to v1.21.1-dev [NO TESTS NEEDED]
-------------------------------------------------------------------
Fri Jul 23 08:35:11 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.21.4:
* Bump to v1.21.4
* tests: make it easer to override the location of the copy helper
* Add and use a "copy" helper instead of podman load/save
* vendor containers/common@v0.38.16
* Bump to v1.21.3
* chroot: fix environment value leakage to intermediate processes
* [release-1.21] Bump to Buildah v1.21.2
* vendor common@v0.38.12 and storage@v1.31.3
* Bump to v1.21.1
* Fix handling of auth.json file while in a user namespace
-------------------------------------------------------------------
Mon Jul 19 12:09:41 UTC 2021 - Fabian Vogt <fvogt@suse.com>
- Set -buildmode=pie properly using GOFLAGS instead of just LDFLAGS
- Exclude building on ppc64, not supported
-------------------------------------------------------------------
Mon May 24 13:59:14 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.21.0:
* Bump to v1.21.0 - [NO TESTS NEEDED]
* Don't blow up if cpp detects errors
* Vendor in containers/common v0.38.4
* Remove 'buildah run --security-opt' from completion
* update c/common
* Fix handling of --default-mounts-file
* update vendor of containers/storage v1.31.1
* Bump github.com/containers/storage from 1.30.3 to 1.31.0
* Send logrus messages back to caller when building
* github: Fix bad repo. ref in workflow config
* Check earlier for bad image tags name
* buildah bud: fix containers/podman/issues/10307
* Bump github.com/containers/storage from 1.30.1 to 1.30.3
* Cirrus: Support [CI:DOCS] test skipping
* Notification email for cirrus-cron build failures
* Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94
* Fix race condition
* Fix copy race while walking paths
* Preserve ownership of lower directory when doing an overlay mount
* Bump github.com/onsi/gomega from 1.11.0 to 1.12.0
* Update nix pin with `make nixpkgs`
* codespell cleanup
* Multi-arch github-action workflow unification
* Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0
* Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
* imagebuildah: ignore signatures when tagging images
* update to latest libimage
* Bump github.com/containers/common from 0.37.0 to 0.37.1
* Bump github.com/containers/storage from 1.30.0 to 1.30.1
* Upgrade to GitHub-native Dependabot
* Document location of auth.json file if XDG_RUNTIME_DIR is not set
* run.bats: fix flake in run-user test
* Cirrus: Update F34beta -> F34
* pr-should-include-tests: try to make work in buildah
* runUsingRuntime: when relaying error from the runtime, mention that
* Run(): avoid Mkdir() into the rootfs
* imagebuildah: replace archive with chrootarchive
* imagebuildah.StageExecutor.volumeCacheSaveVFS(): set up bind mounts
* conformance: use :Z with transient mounts when SELinux is enabled
* bud.bats: fix a bats warning
* imagebuildah: create volume directories when using overlays
* imagebuildah: drop resolveSymlink()
* namespaces test - refactoring and cleanup
* Refactor 'idmapping' system test
* Cirrus: Update Ubuntu images to 21.04
* Tiny fixes in bud system tests
* Add compabitility wrappers for removed packages
* Fix expected message at pulling image
* Fix system tests of 'bud' subcommand
* [CI:DOCS] Update steps for CentOS runc users
* Add support for secret mounts
* Add buildah manifest rm command
* restore push/pull and util API
* [CI:DOCS] Remove older distro docs
* Rename rhel secrets to subscriptions
* vendor in openshift/imagebuilder
* Remove buildah bud --loglevel ...
* use new containers/common/libimage package
* Fix copier when using globs
* Test namespace flags of 'bud' subcommand
* Add system test of 'bud' subcommand
* Output names of multiple tags in buildah bud
* push to docker test: don't get fooled by podman
* copier: add Remove()
* build(deps): bump github.com/containers/image/v5 from 5.10.5 to 5.11.1
* Restore log timestamps
* Add system test of 'buildah help' with a tiny fix
* tests: copy.bats: fix infinite hang
* Do not force hard code to crun in rootless mode
* build(deps): bump github.com/openshift/imagebuilder from 1.2.0 to 1.2.1
* build(deps): bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1
* build(deps): bump github.com/containers/common from 0.35.4 to 0.36.0
* Fix arg missing warning in bud
* Check without flag in 'from --cgroup-parent' test
* Minor fixes to Buildah as a library tutorial documentation
* Add system test of 'buildah version' for packaged buildah
* Add a few system tests of 'buildah from'
* Log the final error with %+v at logging level "trace"
* copier: add GetOptions.NoCrossDevice
* Update nix pin with `make nixpkgs`
* Bump to v1.20.2-dev
-------------------------------------------------------------------
Thu Apr 15 12:28:09 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.20.1:
* Bump to v1.20.1
* Run container with isolation type set at 'from'
* bats helpers.bash - minor refactoring
* Bump containers/storage vendor to v1.29.0
* build(deps): bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1
* Cirrus: Update VMs w/ F34beta
* CLI add/copy: add a --from option
* build(deps): bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0
* Add authentication system tests for 'commit' and 'bud'
* fix local image lookup for custom platform
* Double-check existence of OCI runtimes
* Cirrus: Make use of shared get_ci_vm container
* Add system tests of "buildah run"
* Update nix pin with `make nixpkgs`
* Remove some stuttering on returns errors
* Setup alias for --tty to --terminal
* Add conformance tests for COPY /...
* Put a few more minutes on the clock for the CI conformance test
* Add a conformance test for COPY --from $symlink
* Add conformance tests for COPY ""
* Check for symlink in builtin volume
* Sort all mounts by destination directory
* System-test cleanup
* Export parse.Platform string to be used by podman-remote
* blobcache: fix sequencing error
* build(deps): bump github.com/containers/common from 0.35.3 to 0.35.4
* Fix URL in demos/buildah_multi_stage.sh
* Add a few system tests
* [NO TESTS NEEDED] Use --recurse-modules when building git context
* Bump to v1.20.1-dev
-------------------------------------------------------------------
Mon Mar 29 21:02:40 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.20.0:
* Bump to v1.20.0
* Fix release.sh to generate good releases
* vendor in containers/storage v1.28.1
* build(deps): bump github.com/containers/common from 0.35.2 to 0.35.3
* tests: prefetch: use buildah, not podman, for pulls
* Use faster way to check image tag existence during multi-arch build
* Add information about multi-arch images to the Readme
* COPY --chown: expand the conformance test
* pkg/chrootuser: use a bufio.Scanner
* [CI:DOCS] Fix rootful typo in docs
* build(deps): bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2
* Add documentation and testing for .containerignore
* build(deps): bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1
* build(deps): bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1
* Lookup Containerfile if user specifies a directory
* Add Tag format placeholder to docs
* copier: ignore sockets
* image: propagate errors from extractRootfs
* Remove system test of 'buildah containers -a'
* Clarify userns options are usable only as root in man pages
* Fix system test of 'containers -a'
* Remove duplicated code in addcopy
* build(deps): bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1
* build(deps): bump github.com/onsi/gomega from 1.10.5 to 1.11.0
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.1 to 1.7.2
* Update multi-arch buildah build setup with new logic
* Update nix pin with `make nixpkgs`
* overlay.bats: fix the "overlay source permissions" test
* imagebuildah: use overlay for volumes when using overlay
* Make PolicyMap and PullPolicy names align
* copier: add GetOptions.IgnoreUnreadable
* Check local image to match system context
* fix: Containerfiles - smaller set of userns u/gids
* Set upperdir permissions based on source
* Shrink the vendoring size of pkc/cli
* Clarify image name match failure message
* ADD/COPY: create the destination directory first, chroot to it
* copier.GetOptions: add NoDerefSymLinks
* copier: add an Eval function
* Update system test for 'from --cap-add/drop'
* copier: fix a renaming bug
* copier: return child process stderr if we can't JSON decode the response
* Add some system tests
* build(deps): bump github.com/containers/storage from 1.26.0 to 1.27.0
* complement add/copy --chmod documentation
* buildah login and logout, do not need to enter user namespace
* Add multi-arch image build
* chmod/chown added/fixed in bash completions
* OWNERS: add @lsm5
* buildah add/copy --chmod dockerfile implementation
* bump github.com/openshift/imagebuilder from 1.1.8 to 1.2.0
* buildah add/copy --chmod cli implementation for files and urls
* Make sure we set the buildah version label
* Isolation strings, should match user input
* [CI:DOCS] buildah-from.md: remove dup arch,os
* build(deps): bump github.com/containers/image/v5 from 5.10.2 to 5.10.3
* Cirrus: Temp. disable prior-fedora (F32) testing
* pr-should-include-tests: recognized "renamed" tests
* build(deps): bump github.com/sirupsen/logrus from 1.7.0 to 1.8.0
* build(deps): bump github.com/fsouza/go-dockerclient from 1.7.0 to 1.7.1
* build(deps): bump github.com/containers/common from 0.34.2 to 0.35.0
* Fix reaping of stages with no instructions
* add stale bot
* Add base image name to comment
* build(deps): bump github.com/spf13/cobra from 1.1.1 to 1.1.3
* Don't fail copy to emptydir
* buildah: use volatile containers
* vendor: update containers/storage
* Eliminate the use of containers/building import in pkg subdirs
* Add more support for removing config
* Improve messages about --cache-from not being supported
* Revert patch to allow COPY/ADD of empty dirs.
* Don't fail copy to emptydir
* Fix tutorial for rootless mode
* Fix caching layers with build args
* Vendor in containers/image v5.10.2
* build(deps): bump github.com/containers/common from 0.34.0 to 0.34.2
* build(deps): bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0
* 'make validate': require PRs to include tests
* build(deps): bump github.com/onsi/gomega from 1.10.4 to 1.10.5
* build(deps): bump github.com/containers/storage from 1.24.5 to 1.25.0
* Use chown function for U volume flag from containers/common repository
* --iidfile: print hash prefix
* bump containernetworking/cni to v0.8.1 - fix for CVE-2021-20206 (bsc#1181961)
* run: fix check for host pid namespace
* Finish plumbing for buildah bud --manifest
* buildah manifest add localimage should work
* Stop testing directory permissions with latest docker
* Fix build arg check
* build(deps): bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0
* [ci:docs] Fix man page for buildah push
* Update nix pin with `make nixpkgs`
* Bump to containers/image v5.10.1
* Rebuild layer if a change in ARG is detected
* Bump golang.org/x/crypto to the latest
* Add Ashley and Urvashi to Approvers
* local image lookup by digest
* Use build-arg ENV val from local environment if set
* Pick default OCI Runtime from containers.conf
* Added required devel packages
* Cirrus: Native OSX Build
* Cirrus: Two minor cleanup items
* Workaround for RHEL gating test failure
* build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0
* build(deps): bump github.com/mattn/go-shellwords from 1.0.10 to 1.0.11
* Reset upstream branch to dev version
* If destination does not exists, do not throw error
* Fix version of release to v1.19.1
* use local image name for pull policy checks
* Vendor in common 0.33.1
* Fix conformance test false-failures
* Fix config-flags-verification test on F33
* Fix bud capabilities test
* Cirrus: Support new VM Images in get_ci_vm.sh
* Cirrus: Make tests pass with new VM Images
* Cirrus: Collect cri-o-runc version
* Cirrus: Update VM Images + Rearrange tasks
* Cirrus: Clarify task names / improve readability
* Stop overriding the location of the blob info cache
* build(deps): bump github.com/fsouza/go-dockerclient from 1.6.6 to 1.7.0
* Update nix pin with `make nixpkgs`
* Bump to v1.20.0-dev
* Bump to v1.19.0
* Update vendor of containers/storage and containers/common
* Buildah inspect should be able to inspect manifests
* Make buildah push support pushing manifests lists and digests
* Fix handling of TMPDIR environment variable
* Add support for --manifest flags
* Upper directory should match mode of destination directory
* Only grab the OS, Arch if the user actually specified them
* Use --arch and --os and --variant options to select architecture and os
* Cirrus: Track libseccomp and golang version
* copier.PutOptions: add an "IgnoreDevices" flag
* fix: `rmi --prune` when parent image is in store.
* build(deps): bump github.com/containers/storage from 1.24.3 to 1.24.4
* build(deps): bump github.com/containers/common from 0.31.1 to 0.31.2
* Allow users to specify stdin into containers
* Drop log message on failure to mount on /sys file systems to info
* Spelling
* SELinux no longer requires a tag.
* build(deps): bump github.com/containers/common from 0.31.0 to 0.31.1
* Update nix pin with `make nixpkgs`
* Switch references of /var/run -> /run
* Allow FROM to be overriden with from option
* copier: don't assume we can chroot() on Unixy systems
* copier: add PutOptions.NoOverwriteDirNonDir, Get/PutOptions.Rename
* copier: handle replacing directories with not-directories
* copier: Put: skip entries with zero-length names
* build(deps): bump github.com/containers/storage from 1.24.2 to 1.24.3
* Add U volume flag to chown source volumes
* Turn off PRIOR_UBUNTU Test until vm is updated
* pkg, cli: rootless uses correct isolation
* build(deps): bump github.com/onsi/gomega from 1.10.3 to 1.10.4
* update installation doc to reflect current status
* Move away from using docker.io
* enable short-name aliasing
* build(deps): bump github.com/containers/storage from 1.24.1 to 1.24.2
* build(deps): bump github.com/containers/common from 0.30.0 to 0.31.0
* Throw errors when using bogus --network flags
* pkg/supplemented test: replace our null blobinfocache
* build(deps): bump github.com/containers/common from 0.29.0 to 0.30.0
* inserts forgotten quotation mark
* Not prefer use local image create/add manifest
* Add container information to .containerenv
* Add --ignorefile flag to use alternate .dockerignore flags
* Add a source debug build
* Fix crash on invalid filter commands
* Switch to using containers/common pkg's
* fix: non-portable shebang #2812
* Remove copy/paste errors that leaked `Podman` into man pages.
* Add suggests cpp to spec file
* Apply suggestions from code review
* update docs for debian testing and unstable
* imagebuildah: disable pseudo-terminals for RUN
* Compute diffID for mapped-layer at creating image source
* intermediateImageExists: ignore images whose history we can't read
* Bump to v1.19.0-dev
* Bump to v1.18.0
* build(deps): bump github.com/containers/common from 0.26.3 to 0.27.0
* Fix testing error caused by simultanious merge
* Vendor in containers/storage v1.24.0
* short-names aliasing
* Add --policy flag to buildah pull
* Stop overwrapping and stuttering
* copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs
* Run: don't forcibly disable UTS namespaces in rootless mode
* test: ensure non-directory in a Dockerfile path is handled correctly
* Add a few tests for `pull` command
* Fix buildah config --cmd to handle array
* build(deps): bump github.com/containers/storage from 1.23.8 to 1.23.9
* Fix NPE when Dockerfile path contains non-directory entries
* Update buildah bud man page from podman build man page
* Move declaration of decryption-keys to common cli
* Run: correctly call copier.Mkdir
* util: digging UID/GID out of os.FileInfo should work on Unix
* imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache results
* Verify userns-uid-map and userns-gid-map input
* Use CPP, CC and flags in dep check scripts
* Avoid overriding LDFLAGS in Makefile
* ADD: handle --chown on URLs
* Update nix pin with `make nixpkgs`
* (*Builder).Run: MkdirAll: handle EEXIST error
* copier: try to force loading of nsswitch modules before chroot()
* fix MkdirAll usage
* build(deps): bump github.com/containers/common from 0.26.2 to 0.26.3
* build(deps): bump github.com/containers/storage from 1.23.7 to 1.23.8
* Use osusergo build tag for static build
* imagebuildah: cache should take image format into account
* Bump to v1.18.0-dev
* Bump to v1.17.0
* Handle cases where other tools mount/unmount containers
* overlay.MountReadOnly: support RO overlay mounts
* overlay: use fusermount for rootless umounts
* overlay: fix umount
* Switch default log level of Buildah to Warn. Users need to see these messages
* Drop error messages about OCI/Docker format to Warning level
* build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2
* tests/testreport: adjust for API break in storage v1.23.6
* build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7
* build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6
* copier: put: ignore Typeflag="g"
* Use curl to get repo file (fix #2714)
* build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0
* build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1
* Remove docs that refer to bors, since we're not using it
* Buildah bud should not use stdin by default
* bump containerd, docker, and golang.org/x/sys
* Makefile: cross: remove windows.386 target
* copier.copierHandlerPut: don't check length when there are errors
* Stop excessive wrapping
* CI: require that conformance tests pass
* bump(github.com/openshift/imagebuilder) to v1.1.8
* Skip tlsVerify insecure BUILD_REGISTRY_SOURCES
* Fix build path wrong https://github.com/containers/podman/issues/7993
* refactor pullpolicy to avoid deps
* build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0
* CI: run gating tasks with a lot more memory
* ADD and COPY: descend into excluded directories, sometimes
* copier: add more context to a couple of error messages
* copier: check an error earlier
* copier: log stderr output as debug on success
* Update nix pin with `make nixpkgs`
* Set directory ownership when copied with ID mapping
* Cirrus: Remove bors artifacts
* Sort build flag definitions alphabetically
* ADD: only expand archives at the right time
* Remove configuration for bors
* Shell Completion for podman build flags
* Bump c/common to v0.24.0
* New CI check: xref --help vs man pages
* CI: re-enable several linters
* Move --userns-uid-map/--userns-gid-map description into buildah man page
* add: preserve ownerships and permissions on ADDed archives
* Makefile: tweak the cross-compile target
* Bump containers/common to v0.23.0
* chroot: create bind mount targets 0755 instead of 0700
* Change call to Split() to safer SplitN()
* chroot: fix handling of errno seccomp rules
* build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0
* Add In Progress section to contributing
* integration tests: make sure tests run in ${topdir}/tests
* Run(): ignore containers.conf's environment configuration
* Warn when setting healthcheck in OCI format
* Cirrus: Skip git-validate on branches
* tools: update git-validation to the latest commit
* tools: update golangci-lint to v1.18.0
* Add a few tests of push command
* Add(): fix handling of relative paths with no ContextDir
* build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0
* Lint: Use same linters as podman
* Validate: reference HEAD
* Fix buildah mount to display container names not ids
* Update nix pin with `make nixpkgs`
* Add missing --format option in buildah from man page
* Fix up code based on codespell
* build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7
* build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5
* Improve buildah completions
* Cirrus: Fix validate commit epoch
* Fix bash completion of manifest flags
* Uniform some man pages
* Update Buildah Tutorial to address BZ1867426
* Update bash completion of `manifest add` sub command
* copier.Get(): hard link targets shouldn't be relative paths
* build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2
* Pass timestamp down to history lines
* Timestamp gets updated everytime you inspect an image
* bud.bats: use absolute paths in newly-added tests
* contrib/cirrus/lib.sh: don't use CN for the hostname
* tests: Add some tests
* Update `manifest add` man page
* Extend flags of `manifest add`
* build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4
* build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1
* Bump to v1.17.0-dev
* Bump to v1.16.0
* CI: expand cross-compile checks
* fix build on 32bit arches
* StageExecutor.intermediateImageExists: recognize cached images based on scratch
* containerImageRef.NewImageSource(): don't always force timestamps
* Add fuse module warning to image readme
* Heed our retry delay option values when retrying commit/pull/push
* Switch to containers/common for seccomp
* Use --timestamp rather then --omit-timestamp
* docs: remove outdated notice
* docs: remove outdated notice
* build-using-dockerfile: add a hidden --log-rusage flag
* build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2
* Discard ReportWriter if user sets options.Quiet
* build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3
* Fix ownership of content copied using COPY --from
* newTarDigester: zero out timestamps in tar headers
* Update nix pin with `make nixpkgs`
* bud.bats: correct .dockerignore integration tests
* Use pipes for copying
* run: include stdout in error message
* run: use the correct error for errors.Wrapf
* copier: un-export internal types
* copier: add Mkdir()
* in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE
* docs/buildah-commit.md: tweak some wording, add a --rm example
* imagebuildah: don’ t blank out destination names when COPYing
* Replace retry functions with common/pkg/retry
* StageExecutor.historyMatches: compare timestamps using .Equal
* Update vendor of containers/common
* Fix errors found in coverity scan
* Change namespace handling flags to better match podman commands
* conformance testing: ignore buildah.BuilderIdentityAnnotation labels
* Vendor in containers/storage v1.23.0
* Add buildah.IsContainer interface
* Avoid feeding run_buildah to pipe
* fix(buildahimage): add xz dependency in buildah image
* Bump github.com/containers/common from 0.15.2 to 0.18.0
* Howto for rootless image building from OpenShift
* Add --omit-timestamp flag to buildah bud
* Update nix pin with `make nixpkgs`
* Shutdown storage on failures
* Handle COPY --from when an argument is used
* Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0
* Cirrus: Use newly built VM images
* Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92
* Enhance the .dockerignore man pages
* conformance: add a test for COPY from subdirectory
* fix bug manifest inspct
* Add documentation for .dockerignore
* Add BuilderIdentityAnnotation to identify buildah version
* DOC: Add quay.io/containers/buildah image to README.md
* Update buildahimages readme
* fix spelling mistake in "info" command result display
* Don't bind /etc/host and /etc/resolv.conf if network is not present
* blobcache: avoid an unnecessary NewImage()
* Build static binary with `buildGoModule`
* copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit
* tarFilterer: handle multiple archives
* Fix a race we hit during conformance tests
* Rework conformance testing
* Update 02-registries-repositories.md
* test-unit: invoke cmd/buildah tests with --flags
* parse: fix a type mismatch in a test
* Fix compilation of tests/testreport/testreport
* build.sh: log the version of Go that we're using
* test-unit: increase the test timeout to 40/45 minutes
* Add the "copier" package
* Fix & add notes regarding problematic language in codebase
* Add dependency on github.com/stretchr/testify/require
* CompositeDigester: add the ability to filter tar streams
* BATS tests: make more robust
* vendor golang.org/x/text@v0.3.3
* Switch golang 1.12 to golang 1.13
* imagebuildah: wait for stages that might not have even started yet
* chroot, run: not fail on bind mounts from /sys
* chroot: do not use setgroups if it is blocked
* Set engine env from containers.conf
* imagebuildah: return the right stage's image as the "final" image
* Fix a help string
* Deduplicate environment variables
* switch containers/libpod to containers/podman
* Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3
* Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0
* Mask out /sys/dev to prevent information leak
* linux: skip errors from the runtime kill
* Mask over the /sys/fs/selinux in mask branch
* Add VFS additional image store to container
* tests: add auth tests
* Allow "readonly" as alias to "ro" in mount options
* Ignore OS X specific consistency mount option
* Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0
* Bump github.com/containers/common from 0.14.0 to 0.15.2
* Rootless Buildah should default to IsolationOCIRootless
* imagebuildah: fix inheriting multi-stage builds
* Make imagebuildah.BuildOptions.Architecture/OS optional
* Make imagebuildah.BuildOptions.Jobs optional
* Resolve a possible race in imagebuildah.Executor.startStage()
* Switch scripts to use containers.conf
* Bump openshift/imagebuilder to v1.1.6
* Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5
* buildah, bud: support --jobs=N for parallel execution
* executor: refactor build code inside new function
* Add bud regression tests
* Cirrus: Fix missing htpasswd in registry img
* docs: clarify the 'triples' format
* CHANGELOG.md: Fix markdown formatting
* Add nix derivation for static builds
* Bump to v1.16.0-dev
* Bump to v1.15.0
* vendor github.com/containers/image/v5@v5.5.1
* add version centos7 for compatible
* vendor github.com/containers/common v0.14.0
* Bump ImageBuilder to v1.1.5
* Bump github.com/containers/common from 0.12.0 to 0.13.1
* Bump github.com/containers/storage from 1.20.1 to 1.20.2
* Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0
* Bump github.com/stretchr/testify from 1.6.0 to 1.6.1
* Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90
* Add CVE-2020-10696 to CHANGELOG.md and changelog.txt (bsc#1167864)
* Bump github.com/stretchr/testify from 1.5.1 to 1.6.0
* Bump github.com/onsi/ginkgo from 1.12.2 to 1.12.3
* Vendor in containers/common v0.12.0
* fix lighttpd example
* Vendor in new go.etcd.io/bbolt
* Bump github.com/onsi/ginkgo from 1.12.1 to 1.12.2
* Bump imagebuilder for ARG fix
* Bump github.com/containers/common from 0.11.2 to 0.11.4
* remove dependency on openshift struct
* Warn on unset build arguments
* vendor: update seccomp/containers-golang to v0.4.1
* Ammended docs
* Updated docs
* clean up comments
* update exit code for tests
* Implement commit for encryption
* implementation of encrypt/decrypt push/pull/bud/from
* fix resolve docker image name as transport
* Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0
* Bump github.com/onsi/ginkgo from 1.12.0 to 1.12.1
* Bump github.com/containers/storage from 1.19.1 to 1.19.2
* Bump github.com/containers/image/v5 from 5.4.3 to 5.4.4
* Add preliminary profiling support to the CLI
* Bump github.com/containers/common from 0.10.0 to 0.11.2
* Evaluate symlinks in build context directory
* fix error info about get signatures for containerImageSource
* Add Security Policy
* Cirrus: Fixes from review feedback
* Bump github.com/containers/storage from 1.19.0 to 1.19.1
* Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0
* imagebuildah: stages shouldn't count as their base images
* Update containers/common v0.10.0
* Bump github.com/fsouza/go-dockerclient from 1.6.4 to 1.6.5
* Add registry to buildahimage Dockerfiles
* Cirrus: Use pre-installed VM packages + F32
* Cirrus: Re-enable all distro versions
* Cirrus: Update to F31 + Use cache images
* golangci-lint: Disable gosimple
* Lower number of golangci-lint threads
* Fix permissions on containers.conf
* Don't force tests to use runc
* Bump github.com/containers/common from 0.9.1 to 0.9.5
* Return exit code from failed containers
* Bump github.com/containers/storage from 1.18.2 to 1.19.0
* Bump github.com/containers/common from 0.9.0 to 0.9.1
* cgroup_manager should be under [engine]
* Use c/common/pkg/auth in login/logout
* Cirrus: Temporarily disable Ubuntu 19 testing
* Add containers.conf to stablebyhand build
* Update gitignore to exclude test Dockerfiles
* Bump github.com/fsouza/go-dockerclient from 1.6.3 to 1.6.4
* Bump github.com/containers/common from 0.8.1 to 0.9.0
* Bump back to v1.15.0-dev
* Bump to v1.14.8
* Remove warning for systemd inside of container
* Run (make vendor)
* Run (make -C tests/tools vendor)
* Run (go mod tidy) before (go mod vendor) again
* Fix (make vendor)
* Bump validation
* Bump back to v1.15.0-dev
* Bump to v1.14.7
* Bump github.com/containers/image/v5 from 5.3.1 to 5.4.3
* make vendor: run `tidy` after `vendor`
* Do not skip the directory when the ignore pattern matches
* Bump github.com/containers/common from 0.7.0 to 0.8.1
* Downgrade siruspen/logrus from 1.4.2
* Fix errorf conventions
* dockerignore tests : remove symlinks, rework
* Bump back to v1.15.0-dev
* Bump to v1.14.6
* bud.bats - cleanup, refactoring
* vendor in latest containers/storage 1.18.0 and containers/common v0.7.0
* Bump github.com/spf13/cobra from 0.0.6 to 0.0.7
* Bump github.com/containers/storage from 1.16.5 to 1.17.0
* Bump github.com/containers/image/v5 from 5.2.1 to 5.3.1
* Fix Amazon install step
* Bump back to v1.15.0-dev
* Bump to v1.14.5
* Fix bud-build-arg-cache test
* Make image history work correctly with new args handling
* Don't add args to the RUN environment from the Builder
* Update github.com/openshift/imagebuilder to v1.1.4
* revert #2246 FIPS mode change
* Add .swp files to .gitignore
* Bump back to v1.15.0-dev
* Bump to v1.14.4
* image with dup layers: we now have one on quay
* Fix fips-mode check for RHEL8 boxes
* digest test : make more robust
* Fix potential CVE in tarfile w/ symlink
* Fix .dockerignore with globs and ! commands
* update install steps for Amazon Linux 2
* Bump github.com/openshift/imagebuilder from 1.1.2 to 1.1.3
* Add comment for RUN command in volume ownership test
* Run stat command directly for volume ownership test
* vendor in containers/common v0.6.1
* Cleanup go.sum
* Bump back to v1.15.0-dev
* Bump to v1.14.3
* Update containers/storage to v1.16.5
* Bump github.com/containers/storage from 1.16.2 to 1.16.4
* Bump github.com/openshift/imagebuilder from 1.1.1 to 1.1.2
* Update github.com/openshift/imagebuilder vendoring
* Update unshare man page to fix script example
* Fix compilation errors on non linux platforms
* Bump containers/common and opencontainers/selinux versions
* Add tests for volume ownership
* Preserve volume uid and gid through subsequent commands
* Fix FORWARD_NULL errors found by Coverity
* Bump github.com/containers/storage from 1.16.1 to 1.16.2
* Fix errors found by codespell
* Bump back to v1.15.0-dev
* Bump to v1.14.2
* Add Pull Request Template
* Bump to containers/storage v1.16.1
* run_linux: fix tight loop if file is not pollable
* Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3
* Bump github.com/containers/common from 0.4.1 to 0.4.2
* Bump back to v1.15.0-dev
* Bump to v1.14.1
* Search for local runtime per values in containers.conf
* Set correct ownership on working directory
* BATS : in teardown, umount stale mounts
* Add Containerfile to build a versioned stable image on quay.io
* Bump github.com/spf13/cobra from 0.0.5 to 0.0.6
* Bump github.com/fsouza/go-dockerclient from 1.6.1 to 1.6.3
* Bump github.com/stretchr/testify from 1.4.0 to 1.5.1
* Replace unix with syscall to allow vendoring into libpod
* Update to containers/common v0.4.1
* Improve remote manifest retrieval
* Fix minor spelling errors in containertools README
* Clear the right variable in buildahimage
* Correct a couple of incorrect format specifiers
* Update to containers/common v0.3.0
* manifest push --format: force an image type, not a list type
* run: adjust the order in which elements are added to $PATH
* getDateAndDigestAndSize(): handle creation time not being set
* Bump github.com/containers/common from 0.2.0 to 0.2.1
* include installation steps for CentOS 8 and Stream
* include installation steps for CentOS7 and forks
* Adjust Ubuntu install info to also work on Pop!_OS
* Make the commit id clear like Docker
* Show error on copied file above context directory in build
* Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1
* pull/from/commit/push: retry on most failures
* Makefile: fix install.cni.sudo
* Repair buildah so it can use containers.conf on the server side
* Bump github.com/mattn/go-shellwords from 1.0.9 to 1.0.10
* Bump github.com/fsouza/go-dockerclient from 1.6.0 to 1.6.1
* Fixing formatting & build instructions
* Add Code of Conduct
* Bors: Fix no. req. github reviews
* Cirrus+Bors: Simplify temp branch skipping
* Bors-ng: Add documentation and status-icon
* Bump github.com/onsi/ginkgo from 1.11.0 to 1.12.0
* fix XDG_RUNTIME_DIR for authfile
* Bump to v1.15.0-dev
* Bump to v1.14.0
* Cirrus: Disable F29 testing
* Cirrus: Add jq package
* Cirrus: Fix lint + validation using wrong epoch
* Stop using fedorproject registry
* Bors: Workaround ineffective required statuses
* Bors: Enable app + Disable Travis
* Cirrus: Add standardized log-collection
* Cirrus: Improve automated lint + validation
* Allow passing options to golangci-lint
* Cirrus: Fixes from review feedback
* Cirrus: Temporarily ignore VM testing failures
* Cirrus: Migrate off papr + implement VM testing
* Cirrus: Update packages + fixes for get_ci_vm.sh
* Show validation command-line
* Skip overlay test w/ vfs driver
* use alpine, not centos, for various tests
* manifest add: always read the individual image manifest
* Flake handling: cache and prefetch images
* Close tarSource when finished using it
* bump github.com/mtrmac/gpgme
* Update containers/common to v0.1.4
* manifest push: add --format option
* Bump github.com/onsi/gomega from 1.8.1 to 1.9.0
* vendor github.com/containers/image/v5@v5.2.0
* info test: deal with random key order
* Bump back to v1.14.0-dev
* Bump to v1.13.2
* selinux spc test: fix CI breakage
* sign test: fix gpg failure on Rawhide
* Adjust copy destination for linked tar files in ADD
* sign.bats: set GPG_TTY=/dev/null
* Fix parse_unsupported.go
* getDateAndDigestAndSize(): use manifest.Digest
* Bump github.com/opencontainers/selinux from 1.3.0 to 1.3.1
* Bump github.com/containers/common from 0.1.0 to 0.1.2
* Touch up os/arch doc
* chroot: handle slightly broken seccomp defaults
* buildahimage: specify fuse-overlayfs mount options
* Bump github.com/mattn/go-shellwords from 1.0.7 to 1.0.9
* copy.bats: make sure we detect failures due to missing source
* parse: don't complain about not being able to rename something to itself
* Makefile: use a $(GO_TEST) macro, fix a typo
* manifests: unit test fix
* Fix build for 32bit platforms
* Allow users to set OS and architecture on bud
* Fix COPY in containerfile with envvar
* Bump c/storage to v1.15.7
* add --sign-by to bud/commit/push, --remove-signatures for pull/push
* Remove cut/paste error in CHANGELOG.md
* Update vendor of containers/common to v0.1.0
* update install instructions for Debian, Raspbian and Ubuntu
* Add support for containers.conf
* Bump back to v1.14.0-dev
* Bump to v1.13.1
* Bump github.com/containers/common from 0.0.5 to 0.0.7
* Bump github.com/onsi/ginkgo from 1.10.3 to 1.11.0
* Bump github.com/pkg/errors from 0.8.1 to 0.9.0
* Bump github.com/onsi/gomega from 1.7.1 to 1.8.1
* Add codespell support
* copyFileWithTar: close source files at the right time
* copy: don't digest files that we ignore
* Check for .dockerignore specifically
* Travis: rm go 1.12.x
* Don't setup excludes, if their is only one pattern to match
* set HOME env to /root on chroot-isolation by default
* docs: fix references to containers-*.5
* update openshift/api
* fix bug Add check .dockerignore COPY file
* buildah bud --volume: run from tmpdir, not source dir
* Fix imageNamePrefix to give consistent names in buildah-from
* cpp: use -traditional and -undef flags
* Fix image reference in tutorial 4
* discard outputs coming from onbuild command on buildah-from --quiet
* make --format columnizing consistent with buildah images
* Bump to v1.14.0-dev
* Bump to v1.13.0
* Bump to c/storage v1.15.5
* Update container/storage to v1.15.4
* Fix option handling for volumes in build
* Rework overlay pkg for use with libpod
* Fix buildahimage builds for buildah
* Add support for FIPS-Mode backends
* Set the TMPDIR for pulling/pushing image to $TMPDIR
* WIP: safer test for pull --all-tags
* BATS major cleanup: blobcache.bats: refactor
* BATS major cleanup: part 4: manual stuff
* BATS major cleanup, step 3: yet more run_buildah
* BATS major cleanup, part 2: use more run_buildah
* BATS major cleanup, part 1: log-level
* Bump github.com/containers/image/v5 from 5.0.0 to 5.1.0
* Bump github.com/containers/common from 0.0.3 to 0.0.5
* Bump to v1.13.0-dev
-------------------------------------------------------------------
Sat Feb 20 10:16:36 UTC 2021 - info@paolostivanin.com
- Update to version 1.19.6:
* Bump c/containers/storage v1.24.6
* Don't fail copy to emptydir
* Workaround for RHEL gating test failure
* Fix config-flags-verification test on F33
* Fix bud capabilities test
* Stop overriding the location of the blob info cache
* Fix caching layers with build args
* Vendor in latest containers/image and common
-------------------------------------------------------------------
Fri Feb 12 08:54:54 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update to version 1.19.4:
* run: fix check for host pid namespace
* bump containernetworking/cni library to v0.8.1 - fix for CVE-2021-20206 (bsc#1181961)
* Finish plumbing for buildah bud --manifest
* buildah manifest add localimage should work
* Fix build arg check
* [ci:docs] Fix man page for buildah push
* Vendor in containers/image v5.10.1
* Rebuild layer if a change in ARG is detected
* Bump golang.org/x/crypto to latest rel-1.19
* local image lookup by digest
* Use build-arg ENV val from local environment if set
* Pick default OCI Runtime from containers.conf
-------------------------------------------------------------------
Fri Jan 22 23:28:28 UTC 2021 - dmueller@suse.com
- Update to version 1.19.2:
* Update vendor of containers/storage and containers/common
* Buildah inspect should be able to inspect manifests
* Make buildah push support pushing manifests lists and digests
* Fix handling of TMPDIR environment variable
* Add support for --manifest flags
* Upper directory should match mode of destination directory
* Only grab the OS, Arch if the user actually specified them
* Use --arch and --os and --variant options to select architecture and os
* Cirrus: Track libseccomp and golang version
* copier.PutOptions: add an "IgnoreDevices" flag
* fix: `rmi --prune` when parent image is in store.
* build(deps): bump github.com/containers/storage from 1.24.3 to 1.24.4
* build(deps): bump github.com/containers/common from 0.31.1 to 0.31.2
* Allow users to specify stdin into containers
* Drop log message on failure to mount on /sys file systems to info
* Spelling
* SELinux no longer requires a tag.
* build(deps): bump github.com/opencontainers/selinux from 1.6.0 to 1.8.0
* build(deps): bump github.com/containers/common from 0.31.0 to 0.31.1
* Update nix pin with `make nixpkgs`
* Switch references of /var/run -> /run
* Allow FROM to be overriden with from option
* copier: don't assume we can chroot() on Unixy systems
* copier: add PutOptions.NoOverwriteDirNonDir, Get/PutOptions.Rename
* copier: handle replacing directories with not-directories
* copier: Put: skip entries with zero-length names
* build(deps): bump github.com/containers/storage from 1.24.2 to 1.24.3
* Add U volume flag to chown source volumes
* Turn off PRIOR_UBUNTU Test until vm is updated
* pkg, cli: rootless uses correct isolation
* build(deps): bump github.com/onsi/gomega from 1.10.3 to 1.10.4
* update installation doc to reflect current status
* Move away from using docker.io
* enable short-name aliasing
* build(deps): bump github.com/containers/storage from 1.24.1 to 1.24.2
* build(deps): bump github.com/containers/common from 0.30.0 to 0.31.0
* Throw errors when using bogus --network flags
* pkg/supplemented test: replace our null blobinfocache
* build(deps): bump github.com/containers/common from 0.29.0 to 0.30.0
* inserts forgotten quotation mark
* Not prefer use local image create/add manifest
* Add container information to .containerenv
* Add --ignorefile flag to use alternate .dockerignore flags
* Add a source debug build
* Fix crash on invalid filter commands
* build(deps): bump github.com/containers/common from 0.27.0 to 0.29.0
* Switch to using containers/common pkg's
* fix: non-portable shebang #2812
* Remove copy/paste errors that leaked `Podman` into man pages.
* Add suggests cpp to spec file
* Apply suggestions from code review
* update docs for debian testing and unstable
* imagebuildah: disable pseudo-terminals for RUN
* Compute diffID for mapped-layer at creating image source
* intermediateImageExists: ignore images whose history we can't read
* Bump to v1.19.0-dev
* build(deps): bump github.com/containers/common from 0.26.3 to 0.27.0
* Fix testing error caused by simultanious merge
* Vendor in containers/storage v1.24.0
* short-names aliasing
* Add --policy flag to buildah pull
* Stop overwrapping and stuttering
* copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs
* Run: don't forcibly disable UTS namespaces in rootless mode
* test: ensure non-directory in a Dockerfile path is handled correctly
* Add a few tests for `pull` command
* Fix buildah config --cmd to handle array
* build(deps): bump github.com/containers/storage from 1.23.8 to 1.23.9
* Fix NPE when Dockerfile path contains non-directory entries
* Update buildah bud man page from podman build man page
* Move declaration of decryption-keys to common cli
* Run: correctly call copier.Mkdir
* util: digging UID/GID out of os.FileInfo should work on Unix
* imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache results
* Verify userns-uid-map and userns-gid-map input
* Use CPP, CC and flags in dep check scripts
* Avoid overriding LDFLAGS in Makefile
* ADD: handle --chown on URLs
* Update nix pin with `make nixpkgs`
* (*Builder).Run: MkdirAll: handle EEXIST error
* copier: try to force loading of nsswitch modules before chroot()
* fix MkdirAll usage
* build(deps): bump github.com/containers/common from 0.26.2 to 0.26.3
* build(deps): bump github.com/containers/storage from 1.23.7 to 1.23.8
* Use osusergo build tag for static build
* imagebuildah: cache should take image format into account
* Bump to v1.18.0-dev
-------------------------------------------------------------------
Fri Jan 08 11:52:40 UTC 2021 - rbrown@suse.com
- Update to version 1.17.1:
* tag v1.17.1
* copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs
* copier: try to force loading of nsswitch modules before chroot()
* ADD: handle --chown on URLs
* imagebuildah: cache should take image format into account
* Update CI configuration for the release-1.17 branch
-------------------------------------------------------------------
Mon Nov 30 13:24:14 UTC 2020 - Christian Goll <cgoll@suse.com>
- added cni to requires as its needed for buildah to run
(bsc#1187812)
-------------------------------------------------------------------
Tue Nov 3 14:44:18 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- Update to v1.17.0 (bsc#1165184)
* Handle cases where other tools mount/unmount containers
* overlay.MountReadOnly: support RO overlay mounts
* overlay: use fusermount for rootless umounts
* overlay: fix umount
* Switch default log level of Buildah to Warn. Users need to see these messages
* Drop error messages about OCI/Docker format to Warning level
* build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2
* tests/testreport: adjust for API break in storage v1.23.6
* build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7
* build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6
* copier: put: ignore Typeflag="g"
* Use curl to get repo file (fix #2714)
* build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0
* build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1
* Remove docs that refer to bors, since we're not using it
* Buildah bud should not use stdin by default
* bump containerd, docker, and golang.org/x/sys
* Makefile: cross: remove windows.386 target
* copier.copierHandlerPut: don't check length when there are errors
* Stop excessive wrapping
* CI: require that conformance tests pass
* bump(github.com/openshift/imagebuilder) to v1.1.8
* Skip tlsVerify insecure BUILD_REGISTRY_SOURCES
* Fix build path wrong containers/podman#7993
* refactor pullpolicy to avoid deps
* build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0
* CI: run gating tasks with a lot more memory
* ADD and COPY: descend into excluded directories, sometimes
* copier: add more context to a couple of error messages
* copier: check an error earlier
* copier: log stderr output as debug on success
* Update nix pin with make nixpkgs
* Set directory ownership when copied with ID mapping
* build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0
* build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0
* Cirrus: Remove bors artifacts
* Sort build flag definitions alphabetically
* ADD: only expand archives at the right time
* Remove configuration for bors
* Shell Completion for podman build flags
* Bump c/common to v0.24.0
* New CI check: xref --help vs man pages
* CI: re-enable several linters
* Move --userns-uid-map/--userns-gid-map description into buildah man page
* add: preserve ownerships and permissions on ADDed archives
* Makefile: tweak the cross-compile target
* Bump containers/common to v0.23.0
* chroot: create bind mount targets 0755 instead of 0700
* Change call to Split() to safer SplitN()
* chroot: fix handling of errno seccomp rules
* build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0
* Add In Progress section to contributing
* integration tests: make sure tests run in ${topdir}/tests
* Run(): ignore containers.conf's environment configuration
* Warn when setting healthcheck in OCI format
* Cirrus: Skip git-validate on branches
* tools: update git-validation to the latest commit
* tools: update golangci-lint to v1.18.0
* Add a few tests of push command
* Add(): fix handling of relative paths with no ContextDir
* build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0
* Lint: Use same linters as podman
* Validate: reference HEAD
* Fix buildah mount to display container names not ids
* Update nix pin with make nixpkgs
* Add missing --format option in buildah from man page
* Fix up code based on codespell
* build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7
* build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5
* Improve buildah completions
* Cirrus: Fix validate commit epoch
* Fix bash completion of manifest flags
* Uniform some man pages
* Update Buildah Tutorial to address BZ1867426
* Update bash completion of manifest add sub command
* copier.Get(): hard link targets shouldn't be relative paths
* build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2
* Pass timestamp down to history lines
* Timestamp gets updated everytime you inspect an image
* bud.bats: use absolute paths in newly-added tests
* contrib/cirrus/lib.sh: don't use CN for the hostname
* tests: Add some tests
* Update manifest add man page
* Extend flags of manifest add
* build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4
* build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1
* Bump to v1.17.0-dev
* CI: expand cross-compile checks
- SLE: Remove unneeded patch: CVE-2019-10214.patch
-------------------------------------------------------------------
Wed Sep 30 09:01:59 UTC 2020 - Flavio Castelli <fcastelli@suse.com>
- Update to v1.16.2
* fix build on 32bit arches
* containerImageRef.NewImageSource(): don't always force timestamps
* Add fuse module warning to image readme
* Heed our retry delay option values when retrying commit/pull/push
* Switch to containers/common for seccomp
* Use --timestamp rather then --omit-timestamp
* docs: remove outdated notice
* docs: remove outdated notice
* build-using-dockerfile: add a hidden --log-rusage flag
* build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2
* Discard ReportWriter if user sets options.Quiet
* build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3
* Fix ownership of content copied using COPY --from
* newTarDigester: zero out timestamps in tar headers
* Update nix pin with `make nixpkgs`
* bud.bats: correct .dockerignore integration tests
* Use pipes for copying
* run: include stdout in error message
* run: use the correct error for errors.Wrapf
* copier: un-export internal types
* copier: add Mkdir()
* in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE
* docs/buildah-commit.md: tweak some wording, add a --rm example
* imagebuildah: don’ t blank out destination names when COPYing
* Replace retry functions with common/pkg/retry
* StageExecutor.historyMatches: compare timestamps using .Equal
* Update vendor of containers/common
* Fix errors found in coverity scan
* Change namespace handling flags to better match podman commands
* conformance testing: ignore buildah.BuilderIdentityAnnotation labels
* Vendor in containers/storage v1.23.0
* Add buildah.IsContainer interface
* Avoid feeding run_buildah to pipe
* fix(buildahimage): add xz dependency in buildah image
* Bump github.com/containers/common from 0.15.2 to 0.18.0
* Howto for rootless image building from OpenShift
* Add --omit-timestamp flag to buildah bud
* Update nix pin with `make nixpkgs`
* Shutdown storage on failures
* Handle COPY --from when an argument is used
* Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0
* Cirrus: Use newly built VM images
* Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92
* Enhance the .dockerignore man pages
* conformance: add a test for COPY from subdirectory
* fix bug manifest inspct
* Add documentation for .dockerignore
* Add BuilderIdentityAnnotation to identify buildah version
* DOC: Add quay.io/containers/buildah image to README.md
* Update buildahimages readme
* fix spelling mistake in "info" command result display
* Don't bind /etc/host and /etc/resolv.conf if network is not present
* blobcache: avoid an unnecessary NewImage()
* Build static binary with `buildGoModule`
* copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit
* tarFilterer: handle multiple archives
* Fix a race we hit during conformance tests
* Rework conformance testing
* Update 02-registries-repositories.md
* test-unit: invoke cmd/buildah tests with --flags
* parse: fix a type mismatch in a test
* Fix compilation of tests/testreport/testreport
* build.sh: log the version of Go that we're using
* test-unit: increase the test timeout to 40/45 minutes
* Add the "copier" package
* Fix & add notes regarding problematic language in codebase
* Add dependency on github.com/stretchr/testify/require
* CompositeDigester: add the ability to filter tar streams
* BATS tests: make more robust
* vendor golang.org/x/text@v0.3.3
* Switch golang 1.12 to golang 1.13
* imagebuildah: wait for stages that might not have even started yet
* chroot, run: not fail on bind mounts from /sys
* chroot: do not use setgroups if it is blocked
* Set engine env from containers.conf
* imagebuildah: return the right stage's image as the "final" image
* Fix a help string
* Deduplicate environment variables
* switch containers/libpod to containers/podman
* Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3
* Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0
* Mask out /sys/dev to prevent information leak
* linux: skip errors from the runtime kill
* Mask over the /sys/fs/selinux in mask branch
* Add VFS additional image store to container
* tests: add auth tests
* Allow "readonly" as alias to "ro" in mount options
* Ignore OS X specific consistency mount option
* Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0
* Bump github.com/containers/common from 0.14.0 to 0.15.2
* Rootless Buildah should default to IsolationOCIRootless
* imagebuildah: fix inheriting multi-stage builds
* Make imagebuildah.BuildOptions.Architecture/OS optional
* Make imagebuildah.BuildOptions.Jobs optional
* Resolve a possible race in imagebuildah.Executor.startStage()
* Switch scripts to use containers.conf
* Bump openshift/imagebuilder to v1.1.6
* Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5
* buildah, bud: support --jobs=N for parallel execution
* executor: refactor build code inside new function
* Add bud regression tests
* Cirrus: Fix missing htpasswd in registry img
* docs: clarify the 'triples' format
* CHANGELOG.md: Fix markdown formatting
* Add nix derivation for static builds
* Bump to v1.16.0-dev
-------------------------------------------------------------------
Mon Aug 3 06:39:53 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.15.1
* Mask over the /sys/fs/selinux in mask branch
* chroot: do not use setgroups if it is blocked
* chroot, run: not fail on bind mounts from /sys
* Allow "readonly" as alias to "ro" in mount options
* Add VFS additional image store to container
* vendor golang.org/x/text@v0.3.3
* Make imagebuildah.BuildOptions.Architecture/OS optional
-------------------------------------------------------------------
Wed Jun 24 13:24:58 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- Update to v1.15.0
* Add CVE-2020-10696 to CHANGELOG.md and changelog.txt (bsc#1167864)
* fix lighttpd example
* remove dependency on openshift struct
* Warn on unset build arguments
* vendor: update seccomp/containers-golang to v0.4.1
* Updated docs
* clean up comments
* update exit code for tests
* Implement commit for encryption
* implementation of encrypt/decrypt push/pull/bud/from
* fix resolve docker image name as transport
* Add preliminary profiling support to the CLI
* Evaluate symlinks in build context directory
* fix error info about get signatures for containerImageSource
* Add Security Policy
* Cirrus: Fixes from review feedback
* imagebuildah: stages shouldn't count as their base images
* Update containers/common v0.10.0
* Add registry to buildahimage Dockerfiles
* Cirrus: Use pre-installed VM packages + F32
* Cirrus: Re-enable all distro versions
* Cirrus: Update to F31 + Use cache images
* golangci-lint: Disable gosimple
* Lower number of golangci-lint threads
* Fix permissions on containers.conf
* Don't force tests to use runc
* Return exit code from failed containers
* cgroup_manager should be under [engine]
* Use c/common/pkg/auth in login/logout
* Cirrus: Temporarily disable Ubuntu 19 testing
* Add containers.conf to stablebyhand build
* Update gitignore to exclude test Dockerfiles
* Remove warning for systemd inside of container
-------------------------------------------------------------------
Mon Apr 6 06:39:00 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.14.6
* Make image history work correctly with new args handling
* Don't add args to the RUN environment from the Builder
-------------------------------------------------------------------
Mon Mar 30 06:48:28 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.14.5
* Revert FIPS mode change
-------------------------------------------------------------------
Fri Mar 27 07:46:03 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.14.4
* Update unshare man page to fix script example
* Fix compilation errors on non linux platforms
* Preserve volume uid and gid through subsequent commands
* Fix potential CVE in tarfile w/ symlink (CVE-2020-10696 / bsc#1167864)
* Fix .dockerignore with globs and ! commands
-------------------------------------------------------------------
Wed Mar 4 13:43:36 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.14.2
* Search for local runtime per values in containers.conf
* Set correct ownership on working directory
* Improve remote manifest retrieval
* Correct a couple of incorrect format specifiers
* manifest push --format: force an image type, not a list type
* run: adjust the order in which elements are added to $
* getDateAndDigestAndSize(): handle creation time not being set
* Make the commit id clear like Docker
* Show error on copied file above context directory in build
* pull/from/commit/push: retry on most failures
* Repair buildah so it can use containers.conf on the server side
* Fixing formatting & build instructions
* Fix XDG_RUNTIME_DIR for authfile
* Show validation command-line
-------------------------------------------------------------------
Thu Feb 13 08:22:30 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.14.0
* getDateAndDigestAndSize(): use manifest.Digest
* Touch up os/arch doc
* chroot: handle slightly broken seccomp defaults
* buildahimage: specify fuse-overlayfs mount options
* parse: don't complain about not being able to rename something
to itself
* Fix build for 32bit platforms
* Allow users to set OS and architecture on bud
* Fix COPY in containerfile with envvar
* Add --sign-by to bud/commit/push, --remove-signatures for
pull/push
* Add support for containers.conf
* manifest push: add --format option
-------------------------------------------------------------------
Wed Jan 15 07:44:30 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.13.1
* copyFileWithTar: close source files at the right time
* copy: don't digest files that we ignore
* Check for .dockerignore specifically
* Don't setup excludes, if their is only one pattern to match
* set HOME env to /root on chroot-isolation by default
* docs: fix references to containers-*.5
* fix bug Add check .dockerignore COPY file
* buildah bud --volume: run from tmpdir, not source dir
* Fix imageNamePrefix to give consistent names in buildah-from
* cpp: use -traditional and -undef flags
* discard outputs coming from onbuild command on buildah-from --quiet
* make --format columnizing consistent with buildah images
* Fix option handling for volumes in build
* Rework overlay pkg for use with libpod
* Fix buildahimage builds for buildah
* Add support for FIPS-Mode backends
* Set the TMPDIR for pulling/pushing image to $TMPDIR
-------------------------------------------------------------------
Mon Dec 16 08:54:54 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.12.0
* Allow ADD to use http src
* imgtype: reset storage opts if driver overridden
* Start using containers/common
* overlay.bats typo: fuse-overlays should be fuse-overlayfs
* chroot: Unmount with MNT_DETACH instead of UnmountMountpoints()
* bind: don't complain about missing mountpoints
* imgtype: check earlier for expected manifest type
* Add history names support
-------------------------------------------------------------------
Thu Dec 5 08:11:11 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.11.6
* Handle missing equal sign in --from and --chown flags
for COPY/ADD
* bud COPY does not download URL
* Fix .dockerignore exclude regression
* commit(docker): always set ContainerID and ContainerConfig
* Touch up commit man page image parameter
* Add builder identity annotations.
-------------------------------------------------------------------
Tue Nov 12 14:57:37 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.11.5
* buildah: add "manifest" command
* pkg/supplemented: add a package for grouping images together
* pkg/manifests: add a manifest list build/manipulation API
* Update for ErrUnauthorizedForCredentials API change in containers/image
* Update for manifest-lists API changes in containers/image
* version: also note the version of containers/image
* Move to containers/image v5.0.0
* Enable --device directory as src device
* Add clarification to the Tutorial for new users
* Silence "using cache" to ensure -q is fully quiet
* Move runtime flag to bud from common
* Commit: check for storage.ErrImageUnknown using errors.Cause()
* Fix crash when invalid COPY --from flag is specified.
-------------------------------------------------------------------
Tue Oct 29 09:08:07 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.11.4
* buildah: add a "manifest" command
* pkg/manifests: add a manifest list build/manipulation API
* Update for ErrUnauthorizedForCredentials API change in containers/image
* Update for manifest-lists API changes in containers/image
* Move to containers/image v5.0.0
* Enable --device directory as src device
* Add clarification to the Tutorial for new users
* Silence "using cache" to ensure -q is fully quiet
* Move runtime flag to bud from common
* Commit: check for storage.ErrImageUnknown using errors.Cause()
* Fix crash when invalid COPY --from flag is specified.
-------------------------------------------------------------------
Mon Oct 7 06:54:05 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.11.3
* Add cgroups2
* Add support for retrieving context from stdin "-"
* Added tutorial on how to include Buildah as library
* Fix --build-args handling
* Print build 'STEP' line to stdout, not stderr
* Use Containerfile by default
-------------------------------------------------------------------
Mon Sep 23 15:32:41 UTC 2019 - Richard Brown <rbrown@suse.com>
- Update to v1.11.2
* Add some cleanup code
* Move devices code to unit specific directory.
-------------------------------------------------------------------
Fri Sep 13 07:07:28 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.11.1
* Add --devices flag to bud and from
* Add support for /run/.containerenv
* Allow mounts.conf entries for equal source and destination paths
* Fix label and annotation for 1-line Dockerfiles
* Preserve file and directory mount permissions
* Replace --debug=false with --log-level=error
* Set TMPDIR to /var/tmp by default
* Truncate output of too long image names
* Ignore EmptyLayer if Squash is set
-------------------------------------------------------------------
Thu Sep 5 15:02:56 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.11.0
* Add --digestfile and Re-add push statement as debug
* Add --log-level command line option and deprecate --debug
* Add security-related volume options to validator
* Allow buildah bud to be called without arguments
* Allow to override build date with SOURCE_DATE_EPOCH
* Correctly detect ExitError values from Run()
* Disable empty logrus timestamps to reduce logger noise
* Fix directory pull image names
* Fix handling of /dev/null masked devices
* Fix possible runtime panic on bud
* Update bud/from help to contain indicator for --dns=none
* Update documentation about bud
* Update shebangs to take env into consideration
* Use content digests in ADD/COPY history entries
* add support for cgroupsV2
* add: add a DryRun flag to AddAndCopyOptions
* add: handle hard links when copying with .dockerignore
* add: teach copyFileWithTar() about symlinks and directories
* imagebuilder: fix detection of referenced stage roots
* pull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES
* run_linux: fix mounting /sys in a userns
- Remove hardly set build tags in favor of the Makefile
-------------------------------------------------------------------
Mon Sep 2 12:02:44 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Add patch for CVE-2019-10214. bsc#1144065
+ CVE-2019-10214.patch
-------------------------------------------------------------------
Fri Aug 16 06:32:33 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update to v1.10.1
* Add automatic apparmor tag discovery
* Add overlayfs to fuse-overlayfs tip
* Bug fix for volume minus syntax
* Bump container/storage v1.13.1 and containers/image v3.0.1
* Bump containers/image to v3.0.2 to fix keyring issue
* Fix bug whereby --get-login has no effect
* Bump github.com/containernetworking/cni to v0.7.1
- Add appamor-pattern requirement
-------------------------------------------------------------------
Mon Aug 5 10:41:41 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Update build process to match the latest repository architecture
- Update to v1.10.0
* vendor github.com/containers/image@v3.0.0
* Remove GO111MODULE in favor of -mod=vendor
* Vendor in containers/storage v1.12.16
* Add '-' minus syntax for removal of config values
* tests: enable overlay tests for rootless
* rootless, overlay: use fuse-overlayfs
* vendor github.com/containers/image@v2.0.1
* Added '-' syntax to remove volume config option
* delete successfully pushed message
* Add golint linter and apply fixes
* vendor github.com/containers/storage@v1.12.15
* Change wait to sleep in buildahimage readme
* Handle ReadOnly images when deleting images
* Add support for listing read/only images
* from/import: record the base image's digest, if it has one
* Fix CNI version retrieval to not require network connection
* Add misspell linter and apply fixes
* Add goimports linter and apply fixes
* Add stylecheck linter and apply fixes
* Add unconvert linter and apply fixes
* image: make sure we don't try to use zstd compression
* run.bats: skip the "z" flag when testing --mount
* Update to runc v1.0.0-rc8
* Update to match updated runtime-tools API
* bump github.com/opencontainers/runtime-tools to v0.9.0
* Build e2e tests using the proper build tags
* Add unparam linter and apply fixes
* Run: correct a typo in the --cap-add help text
* unshare: add a --mount flag
* fix push check image name is not empty
* add: fix slow copy with no excludes
* Add errcheck linter and fix missing error check
* Improve tests/tools/Makefile parallelism and abstraction
* Fix response body not closed resource leak
* Switch to golangci-lint
* Add gomod instructions and mailing list links
* On Masked path, check if /dev/null already mounted before mounting
* Update to containers/storage v1.12.13
* Refactor code in package imagebuildah
* Add rootless podman with NFS issue in documentation
* Add --mount for buildah run
* import method ValidateVolumeOpts from libpod
* Fix typo
* Makefile: set GO111MODULE=off
* rootless: add the built-in slirp DNS server
* Update docker/libnetwork to get rid of outdated sctp package
* Update buildah-login.md
* migrate to go modules
* install.md: mention go modules
* tests/tools: go module for test binaries
* fix --volume splits comma delimited option
* Add bud test for RUN with a priv'd command
* vendor logrus v1.4.2
* pkg/cli: panic when flags can't be hidden
* pkg/unshare: check all errors
* pull: check error during report write
* run_linux.go: ignore unchecked errors
* conformance test: catch copy error
* chroot/run_test.go: export funcs to actually be executed
* tests/imgtype: ignore error when shutting down the store
* testreport: check json error
* bind/util.go: remove unused func
* rm chroot/util.go
* imagebuildah: remove unused dedupeStringSlice
* StageExecutor: EnsureContainerPath: catch error from SecureJoin()
* imagebuildah/build.go: return instead of branching
* rmi: avoid redundant branching
* conformance tests: nilness: allocate map
* imagebuildah/build.go: avoid redundant filepath.Join()
* imagebuildah/build.go: avoid redundant os.Stat()
* imagebuildah: omit comparison to bool
* fix "ineffectual assignment" lint errors
* docker: ignore "repeats json tag" lint error
* pkg/unshare: use ... instead of iterating a slice
* conformance: bud test: use raw strings for regexes
* conformance suite: remove unused func/var
* buildah test suite: remove unused vars/funcs
* testreport: fix golangci-lint errors
* util: remove redundant return statement
* chroot: only log clean-up errors
* images_test: ignore golangci-lint error
* blobcache: log error when draining the pipe
* imagebuildah: check errors in deferred calls
* chroot: fix error handling in deferred funcs
* cmd: check all errors
* chroot/run_test.go: check errors
* chroot/run.go: check errors in deferred calls
* imagebuildah.Executor: remove unused onbuild field
* docker/types.go: remove unused struct fields
* util: use strings.ContainsRune instead of index check
* Cirrus: Initial implementation
* buildah-run: fix-out-of-range panic (2)
* Update containers/image to v2.0.0
* run: fix hang with run and --isolation=chroot
* run: fix hang when using run
* chroot: drop unused function call
* remove --> before imgageID on build
* Always close stdin pipe
* Write deny to setgroups when doing single user mapping
* Avoid including linux/memfd.h
* Add a test for the symlink pointing to a directory
* Add missing continue
* Fix the handling of symlinks to absolute paths
* Only set default network sysctls if not rootless
* Support --dns=none like podman
* fix bug --cpu-shares parsing typo
* Fix validate complaint
* Update vendor on containers/storage to v1.12.10
* Create directory paths for COPY thereby ensuring correct perms
* imagebuildah: use a stable sort for comparing build args
* imagebuildah: tighten up cache checking
* bud.bats: add a test verying the order of --build-args
* add -t to podman run
* imagebuildah: simplify screening by top layers
* imagebuildah: handle ID mappings for COPY --from
* imagebuildah: apply additionalTags ourselves
* bud.bats: test additional tags with cached images
* bud.bats: add a test for WORKDIR and COPY with absolute destinations
* Cleanup Overlay Mounts content
* Add support for file secret mounts
* Add ability to skip secrets in mounts file
* allow 32bit builds
* fix tutorial instructions
* imagebuilder: pass the right contextDir to Add()
* add: use fileutils.PatternMatcher for .dockerignore
* bud.bats: add another .dockerignore test
* unshare: fallback to single usermapping
* addHelperSymlink: clear the destination on os.IsExist errors
* bud.bats: test replacing symbolic links
* imagebuildah: fix handling of destinations that end with '/'
* bud.bats: test COPY with a final "/" in the destination
* linux: add check for sysctl before using it
* unshare: set _CONTAINERS_ROOTLESS_GID
* Rework buildahimamges
* build context: support https git repos
* Add a test for ENV special chars behaviour
* Check in new Dockerfiles
* Apply custom SHELL during build time
* config: expand variables only at the command line
* SetEnv: we only need to expand v once
* Add default /root if empty on chroot iso
* Add support for Overlay volumes into the container.
* Export buildah validate volume functions so it can share code with libpod
* Bump baseline test to F30
* Fix rootless handling of /dev/shm size
* Avoid fmt.Printf() in the library
* imagebuildah: tighten cache checking back up
* Handle WORKDIR with dangling target
* Default Authfile to proper path
* Make buildah run --isolation follow BUILDAH_ISOLATION environment
* Vendor in latest containers/storage and containers/image
* getParent/getChildren: handle layerless images
* imagebuildah: recognize cache images for layerless images
* bud.bats: test scratch images with --layers caching
* Get CHANGELOG.md updates
* Add some symlinks to test our .dockerignore logic
* imagebuildah: addHelper: handle symbolic links
* commit/push: use an everything-allowed policy
* Correct manpage formatting in files section
* Remove must be root statement from buildah doc
* Change image names to stable, testing and upstream
* Don't create directory on container
* Replace kubernetes/pause in tests with k8s.gcr.io/pause
* imagebuildah: don't remove intermediate images if we need them
* Rework buildahimagegit to buildahimageupstream
* Fix Transient Mounts
* Handle WORKDIRs that are symlinks
* allow podman to build a client for windows
* Touch up 1.9-dev to 1.9.0-dev
* Resolve symlink when checking container path
* commit: commit on every instruction, but not always with layers
* CommitOptions: drop the unused OnBuild field
* makeImageRef: pass in the whole CommitOptions structure
* cmd: API cleanup: stores before images
* run: check if SELinux is enabled
* Fix buildahimages Dockerfiles to include support for additionalimages mounted from host.
* Detect changes in rootdir
* Fix typo in buildah-pull(1)
* Vendor in latest containers/storage
* Keep track of any build-args used during buildah bud --layers
* commit: always set a parent ID
* imagebuildah: rework unused-argument detection
* fix bug dest path when COPY .dockerignore
* Move Host IDMAppings code from util to unshare
* Add BUILDAH_ISOLATION rootless back
* Travis CI: fail fast, upon error in any step
* imagebuildah: only commit images for intermediate stages if we have to
* Use errors.Cause() when checking for IsNotExist errors
* auto pass http_proxy to container
* imagebuildah: don't leak image structs
* Add Dockerfiles for buildahimages
* Bump to Replace golang 1.10 with 1.12
* add --dns* flags to buildah bud
* Add hack/build_speed.sh test speeds on building container images
* Create buildahimage Dockerfile for Quay
* rename 'is' to 'expect_output'
* squash.bats: test squashing in multi-layered builds
* bud.bats: test COPY --from in a Dockerfile while using the cache
* commit: make target image names optional
* Fix bud-args to allow comma separation
* oops, missed some tests in commit.bats
* new helper: expect_line_count
* New tests for #1467 (string slices in cmdline opts)
* Workarounds for dealing with travis; review feedback
* BATS tests - extensive but minor cleanup
* imagebuildah: defer pulling images for COPY --from
* imagebuildah: centralize COMMIT and image ID output
* Travis: do not use traviswait
* imagebuildah: only initialize imagebuilder configuration once per stage
* Make cleaner error on Dockerfile build errors
* unshare: move to pkg/
* unshare: move some code from cmd/buildah/unshare
* Fix handling of Slices versus Arrays
* imagebuildah: reorganize stage and per-stage logic
* imagebuildah: add empty layers for instructions
* Add missing step in installing into Ubuntu
* fix bug in .dockerignore support
* imagebuildah: deduplicate prepended "FROM" instructions
* Touch up intro
* commit: set created-by to the shell if it isn't set
* commit: check that we always set a "created-by"
* docs/buildah.md: add "containers-" prefixes under "SEE ALSO"
-------------------------------------------------------------------
Mon Apr 1 14:47:27 UTC 2019 - Richard Brown <rbrown@suse.com>
- Update to v1.7.2
* Updates vendored containers/storage to latest version
* rootless: by default use the host network namespace
-------------------------------------------------------------------
Fri Mar 1 10:12:50 UTC 2019 - Richard Brown <rbrown@suse.com>
- Update to v1.7.1
* Minor fix to vendor in github.com/containers/image 1.5 version
* This fixes a crash on pulling of images
- Stop building from specific commit
-------------------------------------------------------------------
Tue Feb 26 16:51:30 UTC 2019 - Richard Brown <rbrown@suse.com>
- Update to v1.7
* vendor containers/image v1.4
* Make "images --all" faster
* Remove quiet option from pull options
* Support oci layout format
-------------------------------------------------------------------
Thu Jan 17 14:21:58 UTC 2019 - Richard Brown <rbrown@suse.com>
- Update to v1.6
* unshare: do not set USER=root
* run: ignore EIO when flushing at the end, avoid double log
* build-using-dockerfile,commit: disable compression by default
* Make rootless work under no_pivot_root
* Properly format images JSON output
* Assume user 0 group 0, if /etc/passwd file in container.
* Add buildah info command
- Full changelog: https://github.com/containers/buildah/releases/tag/v1.6
-------------------------------------------------------------------
Fri Nov 23 07:57:58 UTC 2018 - Valentin Rothberg <vrothberg@suse.com>
- Changelog for v1.5-1 (2018-11-21)
* Print command in SystemExec as debug information
* Sort CLI flags
* Update imagebuild depdency to support heading ARGs in Dockerfile
* rootless: do not specify --rootless to the OCI runtime
* Exclude --force-rm from common bud cli flags
* run: bind mount /etc/hosts and /etc/resolv.conf if not in a volume
* rootless: use slirp4netns to setup the network namespace
* rootless: only discard network configuration names
* run: only set up /etc/hosts or /etc/resolv.conf with network
* Handle directories better in bud -f
* common: support a per-user registries conf file
* unshare: do not override the configuration
* common: honor the rootless configuration file
* unshare: create a new mount namespace
* unshare: support libpod rootless pkg
* Allow container storage to manage the SELinux labels
* imagebuilder.BuildDockerfiles: return the image ID
* Allow setting --no-pivot default with an env var
* Add man page and bash completion, for --no-pivot
* Add the --no-pivot flag to the run command
* Improve reporting about individual pull failures
* Fix From As in Dockerfile
* Sort CLI flags of buildah bud
* unshare: detect when unprivileged userns are disabled
* buildah: use the same logic for XDG_RUNTIME_DIR as podman
* Make sure we log or return every error
* Correctly set DockerInsecureSkipTLSVerify when pulling images
* chroot: set up seccomp and capabilities after supplemental groups
* chroot: fix capabilities list setup and application
-------------------------------------------------------------------
Sun Nov 4 08:49:19 UTC 2018 - Valentin Rothberg <vrothberg@suse.com>
- Require slirp4netns to enable networking for unprivileged network namespaces
aka networking for rootless buildah.
-------------------------------------------------------------------
Wed Oct 3 07:32:39 UTC 2018 - Valentin Rothberg <vrothberg@suse.com>
- Changelog for v1.4 (2018-10-02)
* Touchup pull manpage
* Export buildah ReserveSELinuxLables so podman can use it
* Update rmi man for prune changes
* Copy ExposedPorts from base image into the config
* Change rmi --prune to not accept an imageID
* Builtin volumes should be owned by the UID/GID of the container
* Move buildah from projecatatomic/buildah to containers/buildah
* bash: Completion options
* Don't build btrfs if it is not installed
* Push: Allow an empty destination
* Fix arg usage in buildah-tag
* Evaluate symbolic links on Add/Copy Commands
* Retain bounding set when running containers as non root
* push: show image digest after push succeed
* Exclude --layers from the common bug cli flags
* Make buildah-from error message clear when flags are after arg
* Warn about using Commands in Dockerfile that are not supported by OCI.
* Document BUILDAH_* environment variables in buildah bud --help output
* Fix --layers ADD from url issue
* Display the correct ID after deleting image
* Handle COPY --chown in Dockerfile
* Document STORAGE_DRIVER and STORAGE_OPTS environment variable
* Expand variables names for --env
-------------------------------------------------------------------
Wed Sep 5 07:47:01 UTC 2018 - Valentin Rothberg <vrothberg@suse.com>
- Set the correct commit for `buildah version`.
- Set the cnilib version for `buildah version`.
-------------------------------------------------------------------
Mon Aug 6 06:17:06 UTC 2018 - vrothberg@suse.com
- Update buildah to v1.3:
* bud should not search context directory for Dockerfile
* Set BUILDAH_ISOLATION=rootless when running unprivileged
* Fix rmi to remove intermediate images associated with an image
* Set the default ulimits to match Docker
* buildah: no args is out of bounds
* preprocess ".in" suffixed Dockerfiles
* Add support for multiple Short options
* Update to latest urvave/cli
* Create buildah pull command
* Allow ping command without NET_RAW Capabilities
* Allow Dockerfile content to come from stdin
* add rename command
* Completion command
* Update vendor for runc to fix 32 bit builds
-------------------------------------------------------------------
Mon Jul 16 06:33:14 UTC 2018 - vrothberg@suse.com
- Update buildah to v1.2:
* build-using-dockerfile: let -t include transports again
* Block use of /proc/acpi and /proc/keys from inside containers
* Fix handling of -registries-conf
* Add -cidfile option to from
* Add a -loglevel option to build-with-dockerfile
* docs: Follow man-pages(7) suggestions for SYNOPSIS
* umount: add all option to umount all mounted containers
* Fix buildah bud -layers
* Force ownership of /etc/hosts and /etc/resolv.conf to 0:0
* build without seccomp
* Add Capabilities lists to BuilderInfo
* Fix ARGS parsing for run commands
* Add info on registries.conf to from manpage
* mount: support multiple inputs
* Allow -userns-uid-map/-userns-gid-map to be global options
* Add -rm and -force-rm to buildah bud
* Add -all,-a flag to buildah images
* Add environment variable BUILDAH_RUNTIME
* Add -layers and -no-cache to buildah bud
* Change 'registries' to 'container registries' in man
* Add registries.conf link to a few man pages
- install missing buildah (1) manpage
- install bash completion at /usr/share/bash-completion/completions
- buildmode=pie: build position independent code
-------------------------------------------------------------------
Mon Jun 11 05:52:37 UTC 2018 - vrothberg@suse.com
- Update buildah to v1.1:
* Drop capabilities if running container processes as non root
* Print Warning message if cmd will not be used based on entrypoint
* Shouldn't add insecure registries to list of search registries
* Report errors on bad transports specification when pushing images
* Add disable-content-trust noop flag to bud
* runCopyStdio(): don't close stdin unless we saw POLLHUP
* Add registry errors for pull
* Give better messages to users when image can not be found
* Add environment variable to buildah --format
* Accept json array input for config entrypoint
* Add OnBuild support for Dockerfiles
* buildah bud should require a context directory or URL
* buildah bud picks up ENV from base image
* Add CLI options for specifying namespace and cgroup setup
* Read UID/GID mapping information from containers and images
* build-using-dockerfile: add --annotation
* Implement --squash for build-using-dockerfile and commit
* Vendor in latest container/storage for devicemapper support
* Test with Go 1.10, too
* Handle /etc/hosts and /etc/resolv.conf properly in container
* Add support for buildah bud --label
* buildah push/from can push and pull images with no reference
* builder-inspect: fix format option
* Add cpu-shares short flag (-c) and cpu-shares CI tests
-------------------------------------------------------------------
Sun Jun 10 23:44:35 UTC 2018 - jengelh@inai.de
- Use noun phrase in summary.
-------------------------------------------------------------------
Thu Jun 7 06:46:21 UTC 2018 - vrothberg@suse.com
- Update buildah to v1.0:
* Update option and documentation for --force-rm
* Update buildah run to make command required
* Do not print directly to stdout in Commit()
* Force "localhost" as a default registry
* Validate host and container paths passed to --volume
* Add --compress, --rm, --squash flags as a noop for bud
* Add FIPS mode secret to buildah run and bud
* Add config --comment/--domainname/--history-comment/--hostname
* 'buildah config': stop replacing Created-By whenever it's not specified
* Modify man pages so they compile correctly in mandb
* Add description on how to do --isolation to buildah-bud man page
* Add support for --iidfile to bud and commit
* Remove tarball as an option from buildah push --help
* Fix secrets patch
* Display imageId after commit
* config: add support for StopSignal
* Allow referencing stages as index and names
* Add multi-stage builds support
* Allow umount to have multi-containers
* buildah bud walks symlinks
* Allow --cmd parameter to have commands as values
* Make default-mounts-file a hidden option
* Add various transport support to buildah from
* shallowCopy: avoid a second read of the container's layer
* Add openSUSE in install section
* run: do not open /etc/hosts if not needed
-------------------------------------------------------------------
Tue Jun 5 08:18:08 UTC 2018 - dcassany@suse.com
- Refactor %license usage to a simpler form
-------------------------------------------------------------------
Mon Jun 4 08:54:58 UTC 2018 - dcassany@suse.com
- Make use of %license macro
-------------------------------------------------------------------
Wed Apr 4 09:52:25 UTC 2018 - vrothberg@suse.com
- Change build date to SOURCE_DATE_EPOCH to make builds reproducible.
-------------------------------------------------------------------
Thu Mar 29 08:50:12 UTC 2018 - vrothberg@suse.com
- Fix `buildah version` by compiling the build date into the binary.
-------------------------------------------------------------------
Tue Mar 6 08:28:55 UTC 2018 - vrothberg@suse.com
- Package buildah v0.12. Buildah is a tool to build OCI images, and is used
by podman-build.