From 764afe4c722d0949e8909507486876651eed51e7147a2fe4a3fab72bc895d8de Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Tue, 28 Aug 2018 07:24:39 +0000 Subject: [PATCH] Accepting request 631794 from devel:kubic OBS-URL: https://build.opensuse.org/request/show/631794 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/podman?expand=0&rev=23 --- _service | 22 +++-- ...b31b5d4f5ed54511a47cde7190c61c28677.tar.xz | 3 + libpod.conf | 57 +++++++++++++ podman-0.8.1.tar.xz | 3 - podman-0.8.4.tar.xz | 3 + podman.changes | 84 +++++++++++++++++++ podman.spec | 43 +++++++--- 7 files changed, 192 insertions(+), 23 deletions(-) create mode 100644 conmon-git.662dbb31b5d4f5ed54511a47cde7190c61c28677.tar.xz create mode 100644 libpod.conf delete mode 100644 podman-0.8.1.tar.xz create mode 100644 podman-0.8.4.tar.xz diff --git a/_service b/_service index d6610d7..1605a7b 100644 --- a/_service +++ b/_service @@ -1,11 +1,23 @@ -https://github.com/projectatomic/libpod.git +https://github.com/containers/libpod.git git podman -0.8.1 -v0.8.1 +0.8.4 +v0.8.4 + + + +podman + + + +https://github.com/kubernetes-incubator/cri-o.git +git +conmon +git.%H +662dbb31b5d4f5ed54511a47cde7190c61c28677 @@ -13,8 +25,4 @@ xz - -podman - - diff --git a/conmon-git.662dbb31b5d4f5ed54511a47cde7190c61c28677.tar.xz b/conmon-git.662dbb31b5d4f5ed54511a47cde7190c61c28677.tar.xz new file mode 100644 index 0000000..4a1c46c --- /dev/null +++ b/conmon-git.662dbb31b5d4f5ed54511a47cde7190c61c28677.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3694c2555b87fc3b221827b007b025adb739cfb5217397e4b5cea403e74a5961 +size 3119196 diff --git a/libpod.conf b/libpod.conf new file mode 100644 index 0000000..aaf2dab --- /dev/null +++ b/libpod.conf @@ -0,0 +1,57 @@ +# libpod.conf is the default configuration file for all tools using libpod to +# manage containers + +# Default transport method for pulling and pushing for images +image_default_transport = "docker://" + +# Paths to look for a valid OCI runtime (runc, runv, etc) +runtime_path = [ + "/usr/bin/runc", + "/usr/sbin/runc", +] + +# Paths to look for the Conmon container manager binary +conmon_path = [ + "/usr/lib/podman/bin/conmon", +] + +# Environment variables to pass into conmon +conmon_env_vars = [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +] + +# CGroup Manager - valid values are "systemd" and "cgroupfs" +cgroup_manager = "cgroupfs" + +# Directory for persistent libpod files (database, etc) +# By default, this will be configured relative to where containers/storage +# stores containers +# Uncomment to change location from this default +#static_dir = "/var/lib/containers/storage/libpod" + +# Directory for temporary files. Must be tmpfs (wiped after reboot) +tmp_dir = "/var/run/libpod" + +# Maximum size of log files (in bytes) +# -1 is unlimited +max_log_size = -1 + +# Whether to use chroot instead of pivot_root in the runtime +no_pivot_root = false + +# Directory containing CNI plugin configuration files +cni_config_dir = "/etc/cni/net.d/" + +# Directories where the CNI plugin binaries may be located +cni_plugin_dir = [ + "/usr/lib/cni", + "/opt/cni/bin" +] + +# Default libpod namespace +# If libpod is joined to a namespace, it will see only containers and pods +# that were created in the same namespace, and will create new containers and +# pods in that namespace. +# The default namespace is "", which corresponds to no namespace. When no +# namespace is set, all containers and pods are visible. +#namespace = "" diff --git a/podman-0.8.1.tar.xz b/podman-0.8.1.tar.xz deleted file mode 100644 index 2dd8ad6..0000000 --- a/podman-0.8.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ea3f94a0c6a3ce4ae3b820d44456fb8f5379b4e512b50a34524ef8c4263f0583 -size 3181528 diff --git a/podman-0.8.4.tar.xz b/podman-0.8.4.tar.xz new file mode 100644 index 0000000..05fb1ed --- /dev/null +++ b/podman-0.8.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f16ee083ba487b9531c23b596fc804af11b6342c19d1f927826048f732bb99ee +size 3229104 diff --git a/podman.changes b/podman.changes index fa23a43..38295ac 100644 --- a/podman.changes +++ b/podman.changes @@ -1,3 +1,86 @@ +------------------------------------------------------------------- +Mon Aug 27 06:05:18 UTC 2018 - vrothberg@suse.com + +- Changelog for v0.8.4 (2018-08-24) + * Swap from FFJSON to easyjson + * rootless: allow to override policy.json by the user + * add completion for --pod in run and create + * Fixed formatting and lowered verbosity of pod ps + * Do not try to enable AppArmor in rootless mode + * Reveal information about container capabilities + * Fixing network ns segfault + * Change pause container to infra container + * Added option to share kernel namespaces in libpod and podman + * Add podman pod top + * Include pod stats and top in commands/completions + * Fix syntax description of --ulimit command + * Properly translate users into runc format for exec + * rootless: fix --net host --privileged + * Fixed segfault in stats where container had netNS none or from container + * Enable pod stats with short ID and name + * Touch up cert-dir in man pages + * Support Attach subcommand in pypodman + +------------------------------------------------------------------- +Mon Aug 20 06:40:02 UTC 2018 - vrothberg@suse.com + +- Changelog for v0.8.3 (2018-08-17) + * Switch from github.com/projectatomic to github.com/containers + * Mention that systemd is the default cgroup manager + * Fix handling of socket connection refusal. + * podman: fix --uts=host + * podman pod stats + * Added reason to PodContainerError + * Add Pod API to varlink. + * Revert "spec: bind mount /sys only for rootless containers" + * Document STORAGE_DRIVER and STORAGE_OPTS environment variable + * Create pod CGroups when using the systemd cgroup driver + * Switch systemd default CGroup parent to machine.slice + * spec: bind mount /sys only for rootless containers + * Add create and pull commands + * rootless: not require userns for help/version + * pkg/apparmor: use a pipe instead of a tmp file + * podman in rootless mode will only work with cgroupfs at this point. + * when searching, survive errors for multiple registries + +------------------------------------------------------------------- +Mon Aug 13 06:32:40 UTC 2018 - vrothberg@suse.com + +- Changelog for v0.8.2.1 (2018-08-11) + * Ensure pod inspect is locked and validity-checked + * Swap default CGroup manager to systemd + +- Changelog for v0.8.2 (2018-08-10) + * We need to sort mounts so that one mount does not over mount another. + * search name should include registry + * removeContainer: fix deadlock + * Add FFJSON to build container + * Add FFJSON generation to makefile + * Fixed a bug setting dependencies on the wrong container + * Always connect to the stdout and stderr of stream + * apparmor: respect "unconfined" setting + * oci.go: syslog: fix debug formatting + * add podman pod inspect + * Fix CGroupFS cgroup manager cgroup creation for pods + * Pass newly-added --log-level flag to Conmon + * Cleanup man pages + * Improve ps handling of container start/stop time + * rootless: fix user lookup if USER= is not set + * Add dpkg support for returning oci/conmon versions + * Have info print conmon/oci runtime information + * Better pull error for fully-qualified images + * Add Runc and Conmon versions to Podman Version + +------------------------------------------------------------------- +Thu Aug 9 10:20:19 UTC 2018 - vrothberg@suse.com + +- Add a dedicated conmon for podman as the requirements on the specific + version started to differ from the ones of CRI-O. This change implies + dropping the requirement on the cri-o package. + +- Add libpod.conf as a new source to allow tweaking the search paths + for openSUSE. This change makes execution slightly faster. + ------------------------------------------------------------------- Mon Aug 6 06:27:09 UTC 2018 - vrothberg@suse.com @@ -205,6 +288,7 @@ Tue Jun 5 13:36:00 UTC 2018 - vrothberg@suse.com * fix panic with podman pull * Remove --net flag and make it an alias for --network * Clear all caps, except the bounding set, when --user is specified. + Fix: bsc#1097970 * do not allow port related args to be used with --network=container: * sort containers and images by create time * Cleanup man pages diff --git a/podman.spec b/podman.spec index b6ec981..75d97fc 100644 --- a/podman.spec +++ b/podman.spec @@ -16,24 +16,29 @@ # -%define project github.com/projectatomic/libpod +%define project github.com/containers/libpod +%define conmon_project github.com/kubernetes-incubator/cri-o +%define conmon_commit 662dbb31b5d4f5ed54511a47cde7190c61c28677 # Build with libostree-devel in Tumbleweed, Leap 15 and SLES 15 %if 0%{?suse_version} >= 1500 %define with_libostree 1 %endif Name: podman -Version: 0.8.1 +Version: 0.8.4 Release: 0 Summary: Debugging tool for pods and images License: Apache-2.0 Group: System/Management -Url: https://github.com/projectatomic/libpod +Url: https://github.com/containers/libpod Source0: %{name}-%{version}.tar.xz -Source1: %{name}-rpmlintrc +Source1: conmon-git.%{conmon_commit}.tar.xz +Source2: libpod.conf +Source3: %{name}-rpmlintrc BuildRequires: bash-completion BuildRequires: cni BuildRequires: device-mapper-devel BuildRequires: fdupes +BuildRequires: git-core BuildRequires: glib2-devel-static BuildRequires: glibc-devel-static BuildRequires: go-go-md2man @@ -47,7 +52,6 @@ BuildRequires: libseccomp-devel BuildRequires: golang(API) >= 1.9 Requires: cni Requires: cni-plugins -Requires: cri-o Requires: libcontainers-common Requires: libcontainers-image Requires: libcontainers-storage @@ -70,6 +74,11 @@ by crio. %prep %setup -q +# unpack conmon into the unpacked podman source +%setup -T -D -a 1 +mkdir -pv $HOME/go/src/%{conmon_project} +mv conmon-git.%{conmon_commit}/* $HOME/go/src/%{conmon_project} +rm -r conmon-git.%{conmon_commit} %package cni-config Summary: Basic CNI configuration for podman @@ -115,32 +124,40 @@ go build -tags "$BUILDTAGS" \ # Build manpages make %{?_smp_mflags} docs +# Build conmon +cd $HOME/go/src/%{conmon_project} +make -C conmon + %check # Too many tests fail due to the restricted permissions in the build enviroment. # Updates must be tested manually. %install -cd $HOME/go/src/%{project} -# Binaries -install -D -m 0755 bin/podman %{buildroot}/%{_bindir}/podman -# Manpages +# libpod +cd $HOME/go/src/%{project} +install -D -m 0755 bin/podman %{buildroot}/%{_bindir}/podman install -d %{buildroot}/%{_mandir}/man1 install -m 0644 docs/podman*.1 %{buildroot}/%{_mandir}/man1 install -d %{buildroot}/%{_mandir}/man5 install -m 0644 docs/libpod*.5 %{buildroot}/%{_mandir}/man5 -# Configs install -D -m 0644 cni/87-podman-bridge.conflist %{buildroot}/%{_sysconfdir}/cni/net.d/87-podman-bridge.conflist -install -D -m 0644 libpod.conf %{buildroot}/%{_sysconfdir}/containers/libpod.conf -install -D -m 0644 libpod.conf %{buildroot}/%{_datadir}/containers/libpod.conf -# Completion +install -D -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/containers/libpod.conf +install -D -m 0644 %{SOURCE2} %{buildroot}/%{_datadir}/containers/libpod.conf install -D -m 0644 completions/bash/podman %{buildroot}/%{_datadir}/bash-completion/completions/podman +# conmon +cd $HOME/go/src/%{conmon_project} +install -D -m 0755 bin/conmon %{buildroot}/%{_libexecdir}/podman/bin/conmon + %fdupes %{buildroot}/%{_prefix} %files # Binaries %{_bindir}/podman +%dir %{_libexecdir}/podman +%dir %{_libexecdir}/podman/bin +%{_libexecdir}/podman/bin/conmon # Manpages %{_mandir}/man1/podman*.1* %{_mandir}/man5/libpod*.5*