- Bump version: 3.1.17 → 3.1.18
- Style fixes
- Fix error handling for container check methods
The condition to setup permissions and redo the call
was done when the exec of the call was not possible.
But this is not the right place to check for a permission
denied error. This commit fixes the evaluation of the
error data
- Bump version: 3.1.16 → 3.1.17
- Don't use perform for bool status methods
The perform() call checks the status code and raises an
ExecutionError. This does not allow us to return a
false boolean. Use output() call instead
- Bump version: 3.1.15 → 3.1.16
- No error return for bool method
- Bump version: 3.1.14 → 3.1.15
- Fix call for podman_setup_permissions
Make sure podman_setup_permissions is only called if there
is a permission problem detected.
OBS-URL: https://build.opensuse.org/request/show/1245362
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/flake-pilot?expand=0&rev=10
- Style fixes
- Fix error handling for container check methods
The condition to setup permissions and redo the call
was done when the exec of the call was not possible.
But this is not the right place to check for a permission
denied error. This commit fixes the evaluation of the
error data
- Bump version: 3.1.16 → 3.1.17
- Don't use perform for bool status methods
The perform() call checks the status code and raises an
ExecutionError. This does not allow us to return a
false boolean. Use output() call instead
- Bump version: 3.1.15 → 3.1.16
- No error return for bool method
- Bump version: 3.1.14 → 3.1.15
- Fix call for podman_setup_permissions
Make sure podman_setup_permissions is only called if there
is a permission problem detected.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=44
- Use actions/upload-artifact: v4
- Make clippy happy
- Fix building runtime arguments
Use get_run_cmdline method everywhere
- Fix container cleanup
A flake configured to be attached can also be re-started
using the same container storage. However, the container
was always removed when the command exited. This commit
fixes it to avoid removing the container of attach type
flakes. In addition a flake option %remove was added to
allow removing the container created for resume and attach
type flakes
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=39
- Allow env placeholders for the podman pilot
The podman runtime arguments allows to set environment
variable placeholders starting with '%' and followed by
the name of the environment variable. For example %HOME
will be replaced to the value of $HOME of the calling user.
If the given placeholder cannot be translated into an
existing environment variable it will be turned into the
variable name, $HOME in the above example.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=37
- Include systemfiles.libs for host provisioning
Only use copy-links for the files mentioned in
systemfiles.libs. The other systemfiles are synced in the
usual way.
- Make sure interactive processes can run
- Fixed podman call dead lock
When calling the flake and stdout/stderr gets redirected into
a pipe like `flake | grep ... | cut ...` the pilot binary runs
in a dead lock because there is no reader/writer to feed the
pipe from the child process (podman) executed via the pilot.
This commit fixes it by making sure all data from the child
gets read first and then passed along to stdout/stderr of the
caller.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=34
- Copy symlinks for host dependencies
For provisioning of host dependencies copy symlinks such
that they appear under their name as a file and not as a
symlink. We use this logic for the host dependency sync
only to be less strict on versioned library syncing
- Clippy fix
elide the lifetimes for User instances
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=33
- Fixed the runroot permission fixup
podman differentiates the runroot between root and rootless
calls. If you initially call a flake as a user the initial
podman database gets setup as rootless variant which also
allows root based workloads without permission issues.
However, if you do it the other way round the runroot is
setup for root only which prevents the flake to be called
as normal user. To handle this permission issues we have
fix methods in the flake common code to change the
permissions according to the calling user via sudo. The
code to handle permissions for the runroot target has to
apply for all users as we can't predict if the storage
will be setup initially as rootless or for root only
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=31
- Add support for systemfiles provisioning
If the base container comes with a systemfiles metadata file
it will be used to transfer all the data mentioned in the file
from the host to the instance. In contrast to the removed files
the systemfiles sync will not continue when failed and this
can only be overwritten via the %ignore_sync_error flake option
- Doc clarification
Using the term "container name" can be confusing and interpreted as simply
the name of the container itself. What we really need to make registration
work is the path of the container in the local registry. Clarify the
documentation by adding a not ethat points out this potential pitfall.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=29
- Fixed code still not using flakes config file
- Allow to mount podman storage in rootless mode
Temporary gain root permissions via sudo for mounting
and modifying instance storage. This allows for provisioning
transparent containers also for non root users but still
requires sudo to be configured properly.
- Make sure flake-ctl also reads /etc/flakes.yml
The system wide configuration file was not read by flake-ctl
only by the pilots. This commit fixes it
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=19
- Turn terminal flag setup into function
- Bump version: 3.0.11 → 3.0.12
- Fix race condition on connection check
- set PS1 prompt via sci env
- Add terminal settings for pty stdout in sci
disable ECHO
- Fix invalid early exit condition
- Bump version: 3.0.10 → 3.0.11
- Fix build for Leap
Issues on the gcc side for static targets, disable
sci static build for older targets, e.g Leap
- Prevent use of socat in firecracker-pilot
Do not shell out socat and use proper UnixListener/UnixStream
to do this job. This version of the commit works but I stumbled
across a few issues:
1. Permission denied when the UnixListener runs as user and the
firecracker process was called as root (run_as: root in the flake).
The former implementation ran socat via sudo in the same way as
the firecracker process. Thus if you register the flake to
run as root it can now also only be called as root, which is
acceptable.
2. The behavior in interactive sessions differs compared to socat.
OBS-URL: https://build.opensuse.org/request/show/1166791
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/flake-pilot?expand=0&rev=3
- Fix build for Leap
Issues on the gcc side for static targets, disable
sci static build for older targets, e.g Leap
- Prevent use of socat in firecracker-pilot
Do not shell out socat and use proper UnixListener/UnixStream
to do this job. This version of the commit works but I stumbled
across a few issues:
1. Permission denied when the UnixListener runs as user and the
firecracker process was called as root (run_as: root in the flake).
The former implementation ran socat via sudo in the same way as
the firecracker process. Thus if you register the flake to
run as root it can now also only be called as root, which is
acceptable.
2. The behavior in interactive sessions differs compared to socat.
When sci in the guest is called it creates a pty and all data
is copied to the vsock stream. The host connects via an UDS
socket to this data and we multiplex stdin->stream and
stream->stdout. When doing this with socat the behavior
is different in a way that e.g tabs are effectively interpreted
and the pty prompt allows for input on the same line when
my code now always needs a newline to renew the prompt.
I did not debug further what is needed to make this look
nicer.
This Fixes#8
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=11
- Bump version: 3.0.9 → 3.0.10
- Clippy fixes
- sudo is required
- Fix error handling
Make sure the real command that is called through sudo is
displayed. Also fix that the runas information is really used
- Exit on remove if there is an error
The remove sequence when used with --container or --vm deregisters
all apps associated with the container or VM first. If there is
an error on this deregistration, exit early and do not try to
delete the container/vm
- Update URL in spec file
Point to OSInside Organisation
OBS-URL: https://build.opensuse.org/request/show/1164042
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/flake-pilot?expand=0&rev=2
- Clippy fixes
- sudo is required
- Fix error handling
Make sure the real command that is called through sudo is
displayed. Also fix that the runas information is really used
- Exit on remove if there is an error
The remove sequence when used with --container or --vm deregisters
all apps associated with the container or VM first. If there is
an error on this deregistration, exit early and do not try to
delete the container/vm
- Update URL in spec file
Point to OSInside Organisation
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/flake-pilot?expand=0&rev=9
