Accepting request 1068441 from devel:microos
OBS-URL: https://build.opensuse.org/request/show/1068441 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/podman?expand=0&rev=103
This commit is contained in:
commit
f38540f762
@ -1,93 +0,0 @@
|
|||||||
From 07151aaec3312b3235847106cfd76608c2d823e5 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dcermak@suse.com>
|
|
||||||
Date: Wed, 7 Dec 2022 17:28:39 +0100
|
|
||||||
Subject: [PATCH] Revert "Default missing hostPort to containerPort is defined
|
|
||||||
in kube.yaml"
|
|
||||||
|
|
||||||
This reverts commit f5fc0960e5eddf64a7d8fbf8fbfd3652b4ee5db3.
|
|
||||||
---
|
|
||||||
pkg/specgen/generate/kube/kube.go | 3 ---
|
|
||||||
test/e2e/play_kube_test.go | 6 ++++++
|
|
||||||
test/system/700-play.bats | 24 ------------------------
|
|
||||||
3 files changed, 6 insertions(+), 27 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
|
|
||||||
index 5186a2f72..b707c52a2 100644
|
|
||||||
--- a/pkg/specgen/generate/kube/kube.go
|
|
||||||
+++ b/pkg/specgen/generate/kube/kube.go
|
|
||||||
@@ -918,9 +918,6 @@ func getPodPorts(containers []v1.Container) []types.PortMapping {
|
|
||||||
if p.HostPort != 0 && p.ContainerPort == 0 {
|
|
||||||
p.ContainerPort = p.HostPort
|
|
||||||
}
|
|
||||||
- if p.HostPort == 0 && p.ContainerPort != 0 {
|
|
||||||
- p.HostPort = p.ContainerPort
|
|
||||||
- }
|
|
||||||
if p.Protocol == "" {
|
|
||||||
p.Protocol = "tcp"
|
|
||||||
}
|
|
||||||
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
|
|
||||||
index 97823e232..6fe299b38 100644
|
|
||||||
--- a/test/e2e/play_kube_test.go
|
|
||||||
+++ b/test/e2e/play_kube_test.go
|
|
||||||
@@ -133,6 +133,8 @@ spec:
|
|
||||||
containers:
|
|
||||||
- name: podnameEqualsContainerNameYaml
|
|
||||||
image: quay.io/libpod/alpine:latest
|
|
||||||
+ ports:
|
|
||||||
+ - containerPort: 80
|
|
||||||
`
|
|
||||||
|
|
||||||
var podWithoutAName = `
|
|
||||||
@@ -237,6 +239,8 @@ spec:
|
|
||||||
- "1.5"
|
|
||||||
name: alpine
|
|
||||||
image: quay.io/libpod/alpine:latest
|
|
||||||
+ ports:
|
|
||||||
+ - containerPort: 80
|
|
||||||
livenessProbe:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
@@ -270,6 +274,8 @@ spec:
|
|
||||||
- "1.5"
|
|
||||||
name: alpine
|
|
||||||
image: quay.io/libpod/alpine:latest
|
|
||||||
+ ports:
|
|
||||||
+ - containerPort: 80
|
|
||||||
livenessProbe:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
diff --git a/test/system/700-play.bats b/test/system/700-play.bats
|
|
||||||
index 5f3eb1ef2..3ff1e1ed6 100644
|
|
||||||
--- a/test/system/700-play.bats
|
|
||||||
+++ b/test/system/700-play.bats
|
|
||||||
@@ -392,27 +392,3 @@ status: {}
|
|
||||||
run_podman rm -a -f
|
|
||||||
run_podman rm -f -t0 myyaml
|
|
||||||
}
|
|
||||||
-
|
|
||||||
-@test "podman kube play - hostport" {
|
|
||||||
- HOST_PORT=$(random_free_port)
|
|
||||||
- echo "
|
|
||||||
-apiVersion: v1
|
|
||||||
-kind: Pod
|
|
||||||
-metadata:
|
|
||||||
- labels:
|
|
||||||
- app: test
|
|
||||||
- name: test_pod
|
|
||||||
-spec:
|
|
||||||
- containers:
|
|
||||||
- - name: server
|
|
||||||
- image: $IMAGE
|
|
||||||
- ports:
|
|
||||||
- - name: hostp
|
|
||||||
- containerPort: $HOST_PORT
|
|
||||||
-" > $PODMAN_TMPDIR/testpod.yaml
|
|
||||||
-
|
|
||||||
- run_podman kube play $PODMAN_TMPDIR/testpod.yaml
|
|
||||||
- run_podman pod inspect test_pod --format "{{.InfraConfig.PortBindings}}"
|
|
||||||
- assert "$output" = "map[$HOST_PORT/tcp:[{ $HOST_PORT}]]"
|
|
||||||
- run_podman kube down $PODMAN_TMPDIR/testpod.yaml
|
|
||||||
-}
|
|
||||||
--
|
|
||||||
2.38.1
|
|
||||||
|
|
@ -1,264 +0,0 @@
|
|||||||
From 575166520c8f7e9c46b63bc2b47721512613614b Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dcermak@suse.com>
|
|
||||||
Date: Tue, 3 Jan 2023 16:34:25 +0100
|
|
||||||
Subject: [PATCH 1/2] Make the priority for picking the storage driver
|
|
||||||
configurable
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
This fixes https://github.com/containers/storage/issues/1457
|
|
||||||
|
|
||||||
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
||||||
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
|
||||||
---
|
|
||||||
.../containers/storage/drivers/driver.go | 18 +++-
|
|
||||||
vendor/github.com/containers/storage/store.go | 89 ++++++++++---------
|
|
||||||
.../containers/storage/types/options.go | 14 ++-
|
|
||||||
3 files changed, 71 insertions(+), 50 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/vendor/github.com/containers/storage/drivers/driver.go b/vendor/github.com/containers/storage/drivers/driver.go
|
|
||||||
index 7d96ebe54..68d1956b8 100644
|
|
||||||
--- a/vendor/github.com/containers/storage/drivers/driver.go
|
|
||||||
+++ b/vendor/github.com/containers/storage/drivers/driver.go
|
|
||||||
@@ -312,6 +312,7 @@ func getBuiltinDriver(name, home string, options Options) (Driver, error) {
|
|
||||||
type Options struct {
|
|
||||||
Root string
|
|
||||||
RunRoot string
|
|
||||||
+ DriverPriority []string
|
|
||||||
DriverOptions []string
|
|
||||||
UIDMaps []idtools.IDMap
|
|
||||||
GIDMaps []idtools.IDMap
|
|
||||||
@@ -327,9 +328,18 @@ func New(name string, config Options) (Driver, error) {
|
|
||||||
|
|
||||||
// Guess for prior driver
|
|
||||||
driversMap := scanPriorDrivers(config.Root)
|
|
||||||
- for _, name := range priority {
|
|
||||||
- if name == "vfs" {
|
|
||||||
- // don't use vfs even if there is state present.
|
|
||||||
+
|
|
||||||
+ // use the supplied priority list unless it is empty
|
|
||||||
+ prioList := config.DriverPriority
|
|
||||||
+ if len(prioList) == 0 {
|
|
||||||
+ prioList = priority
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ for _, name := range prioList {
|
|
||||||
+ if name == "vfs" && len(config.DriverPriority) == 0 {
|
|
||||||
+ // don't use vfs even if there is state present and vfs
|
|
||||||
+ // has not been explicitly added to the override driver
|
|
||||||
+ // priority list
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
if _, prior := driversMap[name]; prior {
|
|
||||||
@@ -362,7 +372,7 @@ func New(name string, config Options) (Driver, error) {
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check for priority drivers first
|
|
||||||
- for _, name := range priority {
|
|
||||||
+ for _, name := range prioList {
|
|
||||||
driver, err := getBuiltinDriver(name, config.Root, config)
|
|
||||||
if err != nil {
|
|
||||||
if isDriverNotSupported(err) {
|
|
||||||
diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go
|
|
||||||
index fb1faaa13..7dc8df948 100644
|
|
||||||
--- a/vendor/github.com/containers/storage/store.go
|
|
||||||
+++ b/vendor/github.com/containers/storage/store.go
|
|
||||||
@@ -606,29 +606,30 @@ type ContainerOptions struct {
|
|
||||||
}
|
|
||||||
|
|
||||||
type store struct {
|
|
||||||
- lastLoaded time.Time
|
|
||||||
- runRoot string
|
|
||||||
- graphLock Locker
|
|
||||||
- usernsLock Locker
|
|
||||||
- graphRoot string
|
|
||||||
- graphDriverName string
|
|
||||||
- graphOptions []string
|
|
||||||
- pullOptions map[string]string
|
|
||||||
- uidMap []idtools.IDMap
|
|
||||||
- gidMap []idtools.IDMap
|
|
||||||
- autoUsernsUser string
|
|
||||||
- additionalUIDs *idSet // Set by getAvailableIDs()
|
|
||||||
- additionalGIDs *idSet // Set by getAvailableIDs()
|
|
||||||
- autoNsMinSize uint32
|
|
||||||
- autoNsMaxSize uint32
|
|
||||||
- graphDriver drivers.Driver
|
|
||||||
- layerStore LayerStore
|
|
||||||
- roLayerStores []ROLayerStore
|
|
||||||
- imageStore ImageStore
|
|
||||||
- roImageStores []ROImageStore
|
|
||||||
- containerStore ContainerStore
|
|
||||||
- digestLockRoot string
|
|
||||||
- disableVolatile bool
|
|
||||||
+ lastLoaded time.Time
|
|
||||||
+ runRoot string
|
|
||||||
+ graphLock Locker
|
|
||||||
+ usernsLock Locker
|
|
||||||
+ graphRoot string
|
|
||||||
+ graphDriverName string
|
|
||||||
+ graphOptions []string
|
|
||||||
+ graphDriverPriority []string
|
|
||||||
+ pullOptions map[string]string
|
|
||||||
+ uidMap []idtools.IDMap
|
|
||||||
+ gidMap []idtools.IDMap
|
|
||||||
+ autoUsernsUser string
|
|
||||||
+ additionalUIDs *idSet // Set by getAvailableIDs()
|
|
||||||
+ additionalGIDs *idSet // Set by getAvailableIDs()
|
|
||||||
+ autoNsMinSize uint32
|
|
||||||
+ autoNsMaxSize uint32
|
|
||||||
+ graphDriver drivers.Driver
|
|
||||||
+ layerStore LayerStore
|
|
||||||
+ roLayerStores []ROLayerStore
|
|
||||||
+ imageStore ImageStore
|
|
||||||
+ roImageStores []ROImageStore
|
|
||||||
+ containerStore ContainerStore
|
|
||||||
+ digestLockRoot string
|
|
||||||
+ disableVolatile bool
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetStore attempts to find an already-created Store object matching the
|
|
||||||
@@ -724,21 +725,22 @@ func GetStore(options types.StoreOptions) (Store, error) {
|
|
||||||
autoNsMaxSize = AutoUserNsMaxSize
|
|
||||||
}
|
|
||||||
s := &store{
|
|
||||||
- runRoot: options.RunRoot,
|
|
||||||
- graphLock: graphLock,
|
|
||||||
- graphRoot: options.GraphRoot,
|
|
||||||
- graphDriverName: options.GraphDriverName,
|
|
||||||
- graphOptions: options.GraphDriverOptions,
|
|
||||||
- uidMap: copyIDMap(options.UIDMap),
|
|
||||||
- gidMap: copyIDMap(options.GIDMap),
|
|
||||||
- autoUsernsUser: options.RootAutoNsUser,
|
|
||||||
- autoNsMinSize: autoNsMinSize,
|
|
||||||
- autoNsMaxSize: autoNsMaxSize,
|
|
||||||
- additionalUIDs: nil,
|
|
||||||
- additionalGIDs: nil,
|
|
||||||
- usernsLock: usernsLock,
|
|
||||||
- disableVolatile: options.DisableVolatile,
|
|
||||||
- pullOptions: options.PullOptions,
|
|
||||||
+ runRoot: options.RunRoot,
|
|
||||||
+ graphLock: graphLock,
|
|
||||||
+ graphRoot: options.GraphRoot,
|
|
||||||
+ graphDriverName: options.GraphDriverName,
|
|
||||||
+ graphDriverPriority: options.GraphDriverPriority,
|
|
||||||
+ graphOptions: options.GraphDriverOptions,
|
|
||||||
+ uidMap: copyIDMap(options.UIDMap),
|
|
||||||
+ gidMap: copyIDMap(options.GIDMap),
|
|
||||||
+ autoUsernsUser: options.RootAutoNsUser,
|
|
||||||
+ autoNsMinSize: autoNsMinSize,
|
|
||||||
+ autoNsMaxSize: autoNsMaxSize,
|
|
||||||
+ additionalUIDs: nil,
|
|
||||||
+ additionalGIDs: nil,
|
|
||||||
+ usernsLock: usernsLock,
|
|
||||||
+ disableVolatile: options.DisableVolatile,
|
|
||||||
+ pullOptions: options.PullOptions,
|
|
||||||
}
|
|
||||||
if err := s.load(); err != nil {
|
|
||||||
return nil, err
|
|
||||||
@@ -868,11 +870,12 @@ func (s *store) getGraphDriver() (drivers.Driver, error) {
|
|
||||||
return s.graphDriver, nil
|
|
||||||
}
|
|
||||||
config := drivers.Options{
|
|
||||||
- Root: s.graphRoot,
|
|
||||||
- RunRoot: s.runRoot,
|
|
||||||
- DriverOptions: s.graphOptions,
|
|
||||||
- UIDMaps: s.uidMap,
|
|
||||||
- GIDMaps: s.gidMap,
|
|
||||||
+ Root: s.graphRoot,
|
|
||||||
+ RunRoot: s.runRoot,
|
|
||||||
+ DriverOptions: s.graphOptions,
|
|
||||||
+ DriverPriority: s.graphDriverPriority,
|
|
||||||
+ UIDMaps: s.uidMap,
|
|
||||||
+ GIDMaps: s.gidMap,
|
|
||||||
}
|
|
||||||
driver, err := drivers.New(s.graphDriverName, config)
|
|
||||||
if err != nil {
|
|
||||||
diff --git a/vendor/github.com/containers/storage/types/options.go b/vendor/github.com/containers/storage/types/options.go
|
|
||||||
index 4c873b45f..4fbe512a9 100644
|
|
||||||
--- a/vendor/github.com/containers/storage/types/options.go
|
|
||||||
+++ b/vendor/github.com/containers/storage/types/options.go
|
|
||||||
@@ -19,6 +19,7 @@ import (
|
|
||||||
type TomlConfig struct {
|
|
||||||
Storage struct {
|
|
||||||
Driver string `toml:"driver,omitempty"`
|
|
||||||
+ DriverPriority []string `toml:"driver_priority,omitempty"`
|
|
||||||
RunRoot string `toml:"runroot,omitempty"`
|
|
||||||
GraphRoot string `toml:"graphroot,omitempty"`
|
|
||||||
RootlessStoragePath string `toml:"rootless_storage_path,omitempty"`
|
|
||||||
@@ -189,10 +190,16 @@ type StoreOptions struct {
|
|
||||||
// RootlessStoragePath is the storage path for rootless users
|
|
||||||
// default $HOME/.local/share/containers/storage
|
|
||||||
RootlessStoragePath string `toml:"rootless_storage_path"`
|
|
||||||
- // GraphDriverName is the underlying storage driver that we'll be
|
|
||||||
- // using. It only needs to be specified the first time a Store is
|
|
||||||
- // initialized for a given RunRoot and GraphRoot.
|
|
||||||
+ // If the driver is not specified, the best suited driver will be picked
|
|
||||||
+ // either from GraphDriverPriority, if specified, or from the platform
|
|
||||||
+ // dependent priority list (in that order).
|
|
||||||
GraphDriverName string `json:"driver,omitempty"`
|
|
||||||
+ // GraphDriverPriority is a list of storage drivers that will be tried
|
|
||||||
+ // to initialize the Store for a given RunRoot and GraphRoot unless a
|
|
||||||
+ // GraphDriverName is set.
|
|
||||||
+ // This list can be used to define a custom order in which the drivers
|
|
||||||
+ // will be tried.
|
|
||||||
+ GraphDriverPriority []string `json:"driver-priority,omitempty"`
|
|
||||||
// GraphDriverOptions are driver-specific options.
|
|
||||||
GraphDriverOptions []string `json:"driver-options,omitempty"`
|
|
||||||
// UIDMap and GIDMap are used for setting up a container's root filesystem
|
|
||||||
@@ -357,6 +364,7 @@ func ReloadConfigurationFile(configFile string, storeOptions *StoreOptions) erro
|
|
||||||
if storeOptions.GraphDriverName == "" {
|
|
||||||
logrus.Errorf("The storage 'driver' option must be set in %s to guarantee proper operation", configFile)
|
|
||||||
}
|
|
||||||
+ storeOptions.GraphDriverPriority = config.Storage.DriverPriority
|
|
||||||
if config.Storage.RunRoot != "" {
|
|
||||||
storeOptions.RunRoot = config.Storage.RunRoot
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.39.0
|
|
||||||
|
|
||||||
|
|
||||||
From de3c3805b23abf90ce1300cf78686411abc57644 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dcermak@suse.com>
|
|
||||||
Date: Fri, 6 Jan 2023 08:22:57 +0100
|
|
||||||
Subject: [PATCH 2/2] Only warn about 'driver' not being set if the priority
|
|
||||||
list is unset
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
Currently we would display an error when the user does not specify a `driver` in
|
|
||||||
their config file. This has been present for historical reasons mostly to
|
|
||||||
prevent users from accidentally getting the vfs
|
|
||||||
driver (https://github.com/containers/storage/pull/1460#issuecomment-1370866271). Now
|
|
||||||
that most systems support the overlay driver natively, we can reduce this to a
|
|
||||||
warning and only warn about it if the driver_priority list is unset. If it is
|
|
||||||
provided, then clearly the user or the distribution wanted for c/storage to pick
|
|
||||||
a driver itself and the warning would be only confusing to users.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
|
||||||
---
|
|
||||||
vendor/github.com/containers/storage/types/options.go | 6 +++---
|
|
||||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/vendor/github.com/containers/storage/types/options.go b/vendor/github.com/containers/storage/types/options.go
|
|
||||||
index 4fbe512a9..e87f458cc 100644
|
|
||||||
--- a/vendor/github.com/containers/storage/types/options.go
|
|
||||||
+++ b/vendor/github.com/containers/storage/types/options.go
|
|
||||||
@@ -361,10 +361,10 @@ func ReloadConfigurationFile(configFile string, storeOptions *StoreOptions) erro
|
|
||||||
logrus.Warnf("Switching default driver from overlay2 to the equivalent overlay driver")
|
|
||||||
storeOptions.GraphDriverName = overlayDriver
|
|
||||||
}
|
|
||||||
- if storeOptions.GraphDriverName == "" {
|
|
||||||
- logrus.Errorf("The storage 'driver' option must be set in %s to guarantee proper operation", configFile)
|
|
||||||
- }
|
|
||||||
storeOptions.GraphDriverPriority = config.Storage.DriverPriority
|
|
||||||
+ if storeOptions.GraphDriverName == "" && len(storeOptions.GraphDriverPriority) == 0 {
|
|
||||||
+ logrus.Warnf("The storage 'driver' option should be set in %s. A driver was picked automatically.", configFile)
|
|
||||||
+ }
|
|
||||||
if config.Storage.RunRoot != "" {
|
|
||||||
storeOptions.RunRoot = config.Storage.RunRoot
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.39.0
|
|
||||||
|
|
@ -1,44 +0,0 @@
|
|||||||
From 3f6a1954ff440959adcc44cc58372ed13ae2dbb3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dcermak@suse.com>
|
|
||||||
Date: Fri, 13 Jan 2023 14:39:54 +0100
|
|
||||||
Subject: [PATCH] Only override the graphdriver to vfs if the priority is unset
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
This is an amend to https://github.com/containers/storage/pull/1460
|
|
||||||
|
|
||||||
That PR was not addressing the case when the system wide config had the
|
|
||||||
driver_priority option configured and the user had no config file of their
|
|
||||||
own. Then `getRootlessStorageOpts` would be called and it would override the
|
|
||||||
graph driver to "vfs".
|
|
||||||
|
|
||||||
With this commit we only override the graph driver if driver priority is
|
|
||||||
empty. Otherwise we propagate the driver priority into the storage options, so
|
|
||||||
that the driver autodetection works as expected.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
|
||||||
---
|
|
||||||
vendor/github.com/containers/storage/types/options.go | 6 +++++-
|
|
||||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/vendor/github.com/containers/storage/types/options.go b/vendor/github.com/containers/storage/types/options.go
|
|
||||||
index e87f458cc..eb7142ff2 100644
|
|
||||||
--- a/vendor/github.com/containers/storage/types/options.go
|
|
||||||
+++ b/vendor/github.com/containers/storage/types/options.go
|
|
||||||
@@ -274,7 +274,11 @@ func getRootlessStorageOpts(rootlessUID int, systemOpts StoreOptions) (StoreOpti
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if opts.GraphDriverName == "" {
|
|
||||||
- opts.GraphDriverName = "vfs"
|
|
||||||
+ if len(systemOpts.GraphDriverPriority) == 0 {
|
|
||||||
+ opts.GraphDriverName = "vfs"
|
|
||||||
+ } else {
|
|
||||||
+ opts.GraphDriverPriority = systemOpts.GraphDriverPriority
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
|
|
||||||
if os.Getenv("STORAGE_OPTS") != "" {
|
|
||||||
--
|
|
||||||
2.39.0
|
|
||||||
|
|
60
Quadlet-use-the-default-runtime.patch
Normal file
60
Quadlet-use-the-default-runtime.patch
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
From df0fe4fcc7d54a1a8801f74bfac430f9986f0722 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ygal Blum <ygal.blum@gmail.com>
|
||||||
|
Date: Wed, 22 Feb 2023 09:36:20 +0200
|
||||||
|
Subject: [PATCH] Quadlet - use the default runtime
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Do not set the runtime when processing a .container file
|
||||||
|
Let Podman choose the runtime based on its configuration
|
||||||
|
|
||||||
|
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
|
||||||
|
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
||||||
|
(cherry picked from commit 0d75854c52e646f4c83a7a4389d8c4aebbb7ee5c)
|
||||||
|
---
|
||||||
|
pkg/systemd/quadlet/quadlet.go | 6 ++----
|
||||||
|
test/e2e/quadlet/basepodman.container | 2 +-
|
||||||
|
test/e2e/quadlet/basic.container | 1 -
|
||||||
|
3 files changed, 3 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go
|
||||||
|
index 8724eb0e156..091fcb76d46 100644
|
||||||
|
--- a/pkg/systemd/quadlet/quadlet.go
|
||||||
|
+++ b/pkg/systemd/quadlet/quadlet.go
|
||||||
|
@@ -295,11 +295,9 @@ func ConvertContainer(container *parser.UnitFile, isUser bool) (*parser.UnitFile
|
||||||
|
"--log-driver", "passthrough",
|
||||||
|
)
|
||||||
|
|
||||||
|
- // We use crun as the runtime and delegated groups to it
|
||||||
|
+ // We delegate groups to the runtime
|
||||||
|
service.Add(ServiceGroup, "Delegate", "yes")
|
||||||
|
- podman.add(
|
||||||
|
- "--runtime", "/usr/bin/crun",
|
||||||
|
- "--cgroups=split")
|
||||||
|
+ podman.add("--cgroups=split")
|
||||||
|
|
||||||
|
timezone, ok := container.Lookup(ContainerGroup, KeyTimezone)
|
||||||
|
if ok && len(timezone) > 0 {
|
||||||
|
diff --git a/test/e2e/quadlet/basepodman.container b/test/e2e/quadlet/basepodman.container
|
||||||
|
index 91e12ceb9ca..1e2c34141ab 100644
|
||||||
|
--- a/test/e2e/quadlet/basepodman.container
|
||||||
|
+++ b/test/e2e/quadlet/basepodman.container
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-## assert-podman-final-args run --name=systemd-%N --cidfile=%t/%N.cid --replace --rm --log-driver passthrough --runtime /usr/bin/crun --cgroups=split --sdnotify=conmon -d localhost/imagename
|
||||||
|
+## assert-podman-final-args run --name=systemd-%N --cidfile=%t/%N.cid --replace --rm --log-driver passthrough --cgroups=split --sdnotify=conmon -d localhost/imagename
|
||||||
|
|
||||||
|
[Container]
|
||||||
|
Image=localhost/imagename
|
||||||
|
diff --git a/test/e2e/quadlet/basic.container b/test/e2e/quadlet/basic.container
|
||||||
|
index 794ded61e34..af2c325d593 100644
|
||||||
|
--- a/test/e2e/quadlet/basic.container
|
||||||
|
+++ b/test/e2e/quadlet/basic.container
|
||||||
|
@@ -5,7 +5,6 @@
|
||||||
|
## assert-podman-args "--replace"
|
||||||
|
## assert-podman-args "-d"
|
||||||
|
## assert-podman-args "--log-driver" "passthrough"
|
||||||
|
-## assert-podman-args "--runtime" "/usr/bin/crun"
|
||||||
|
## assert-podman-args "--cgroups=split"
|
||||||
|
## assert-podman-args "--sdnotify=conmon"
|
||||||
|
## assert-key-is "Unit" "RequiresMountsFor" "%t/containers"
|
2
_service
2
_service
@ -2,7 +2,7 @@
|
|||||||
<service name="tar_scm" mode="disabled">
|
<service name="tar_scm" mode="disabled">
|
||||||
<param name="url">https://github.com/containers/podman.git</param>
|
<param name="url">https://github.com/containers/podman.git</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="revision">v4.3.1</param>
|
<param name="revision">v4.4.2</param>
|
||||||
<param name="versionformat">@PARENT_TAG@</param>
|
<param name="versionformat">@PARENT_TAG@</param>
|
||||||
<param name="changesgenerate">enable</param>
|
<param name="changesgenerate">enable</param>
|
||||||
<param name="versionrewrite-pattern">v(.*)</param>
|
<param name="versionrewrite-pattern">v(.*)</param>
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<servicedata>
|
<servicedata>
|
||||||
<service name="tar_scm">
|
<service name="tar_scm">
|
||||||
<param name="url">https://github.com/containers/podman.git</param>
|
<param name="url">https://github.com/containers/podman.git</param>
|
||||||
<param name="changesrevision">814b7b003cc630bf6ab188274706c383f9fb9915</param></service></servicedata>
|
<param name="changesrevision">74afe26887f814d1c39925a1624851ef3590e79c</param></service></servicedata>
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:7d3ba29fb78a56d63c8fc3f27560dcdbb2391c62c0b3b4600ebce66dd449fa86
|
|
||||||
size 7652828
|
|
3
podman-4.4.2.tar.xz
Normal file
3
podman-4.4.2.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:11ffd53834db864d08a9757514a9cc28f696cb37a0da3b0036c90707c19591d9
|
||||||
|
size 8808284
|
669
podman.changes
669
podman.changes
@ -1,3 +1,672 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Feb 27 13:54:33 UTC 2023 - Dan Čermák <dcermak@suse.com>
|
||||||
|
|
||||||
|
- Add patch to let quadlet use the default runtime
|
||||||
|
Added patch:
|
||||||
|
* Quadlet-use-the-default-runtime.patch
|
||||||
|
=> Remove dependency on crun
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Feb 24 02:29:18 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
|
||||||
|
|
||||||
|
- Update to version 4.4.2:
|
||||||
|
* Bump to v4.4.2
|
||||||
|
* Release notes for v4.4.2
|
||||||
|
* Revert "CI: Temporarily disable all AWS EC2-based tasks"
|
||||||
|
* kube play: only enforce passthrough in Quadlet
|
||||||
|
* Emergency fix for man pages: check for broken includes
|
||||||
|
* CI: Temporarily disable all AWS EC2-based tasks
|
||||||
|
* quadlet system tests: add useful defaults, logging
|
||||||
|
* volume,container: chroot to source before exporting content
|
||||||
|
* install sigproxy before start/attach
|
||||||
|
* Update to c/image 5.24.1
|
||||||
|
* events + container inspect test: RHEL fixes
|
||||||
|
* Bump to v4.4.2-dev
|
||||||
|
|
||||||
|
- Remove patches (merged upstream):
|
||||||
|
* volume-container-chroot-to-source-before-exporting-content.patch
|
||||||
|
- podman.spec: add `crun` requirement for quadlet
|
||||||
|
(https://github.com/containers/podman/pull/17601)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Feb 21 07:40:30 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
|
||||||
|
|
||||||
|
- podman.spec: set PREFIX at build stage (boo#1208510)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Feb 17 13:39:16 UTC 2023 - Dan Čermák <dcermak@suse.com>
|
||||||
|
|
||||||
|
- Add patch to fix bsc#1208364 aka CVE-2023-0778
|
||||||
|
|
||||||
|
Added patch:
|
||||||
|
* volume-container-chroot-to-source-before-exporting-content.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 09 12:15:40 UTC 2023 - fvogt@suse.com
|
||||||
|
|
||||||
|
- Update to version 4.4.1:
|
||||||
|
* Bump to v4.4.1
|
||||||
|
* Update release notes for Podman 4.4.1
|
||||||
|
* kube play: do not teardown unconditionally on error
|
||||||
|
* Resolve symlink path for qemu directory if possible
|
||||||
|
* events: document journald identifiers
|
||||||
|
* Quadlet: exit 0 when there are no files to process
|
||||||
|
* Cleanup podman-systemd.unit file
|
||||||
|
* Install podman-systemd.unit man page, make quadlet discoverable
|
||||||
|
* Add missing return after errors
|
||||||
|
* oci: bind mount /sys with --userns=(auto|pod:)
|
||||||
|
* docs: specify order preference for FROM
|
||||||
|
* Cirrus: Fix & remove GraphQL API tests
|
||||||
|
* test: adapt test to work on cgroupv1
|
||||||
|
* make hack/markdown-preprocess parallel-safe
|
||||||
|
* Fix default handling of pids-limit
|
||||||
|
* system tests: fix volume exec/noexec test
|
||||||
|
* Bump to v4.4.1-dev
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 02 12:57:45 UTC 2023 - dcermak@suse.com
|
||||||
|
|
||||||
|
- Remove patches (merged upstream or resolved otherwise):
|
||||||
|
* 0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch
|
||||||
|
* 0002-Make-the-priority-for-picking-the-storage-driver-con.patch
|
||||||
|
* 0003-Only-override-the-graphdriver-to-vfs-if-the-priority.patch
|
||||||
|
|
||||||
|
- remove long obsolete update scriptlets
|
||||||
|
|
||||||
|
- Update to version 4.4.0:
|
||||||
|
* Bump to v4.4.0
|
||||||
|
* Final release notes for v4.4.0
|
||||||
|
* Emergency fix for RHEL8 gating tests
|
||||||
|
* Do not mount /dev/tty into rootless containers
|
||||||
|
* Fixes port collision issue on use of --publish-all
|
||||||
|
* Fix usage of absolute windows paths with --image-path
|
||||||
|
* fix #17244: use /etc/timezone where `timedatectl` is missing on Linux
|
||||||
|
* podman-events: document verbose create events
|
||||||
|
* Making gvproxy.exe optional for building Windows installer
|
||||||
|
* Add gvproxy to Windows packages
|
||||||
|
* Match VT device paths to be blocked from mounting exactly
|
||||||
|
* Clean up more language for inclusiveness
|
||||||
|
* Set runAsNonRoot=true in gen kube
|
||||||
|
* quadlet: Add device support for .volume files
|
||||||
|
* fix: running check error when podman is default in wsl
|
||||||
|
* fix: don't output "ago" when container is currently up and running
|
||||||
|
* journald: podman logs only show logs for current user
|
||||||
|
* journald: podman events only show events for current user
|
||||||
|
* Add (podman {image,manifest} push --sign-by-sigstore=param-file.yaml)
|
||||||
|
* DB: make loading container states optional
|
||||||
|
* ps: do not sync container
|
||||||
|
* Allow --device-cgroup-rule to be passed in by docker API
|
||||||
|
* [v4.4] Bump to Buildah v1.29.0
|
||||||
|
* Bump to v4.4.0-dev
|
||||||
|
* Bump to v4.4.0-RC3
|
||||||
|
* Create release notes for v4.4.0
|
||||||
|
* Cirrus: Update operating branch
|
||||||
|
* fix APIv2 python attach test flake
|
||||||
|
* ps: query health check in batch mode
|
||||||
|
* make example volume import, not import volume
|
||||||
|
* Correct output when inspecting containers created with --ipc
|
||||||
|
* Vendor containers/(storage, image, common, buildah)
|
||||||
|
* Get correct username in pod when using --userns=keep-id
|
||||||
|
* ps: get network data in batch mode
|
||||||
|
* build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0
|
||||||
|
* add hack/perf for comparing two container engines
|
||||||
|
* systems: retrofit dns options test to honor other search domains
|
||||||
|
* ps: do not create copy of container config
|
||||||
|
* libpod: set search domain independently of nameservers
|
||||||
|
* libpod,netavark: correctly populate /etc/resolv.conf with custom dns server
|
||||||
|
* podman: relay custom DNS servers to network stack
|
||||||
|
* (fix) mount_program is in storage.options.overlay
|
||||||
|
* Change example target to default in doc
|
||||||
|
* network create: do not allow `default` as name
|
||||||
|
* kube-play: add support for HostPID in podSpec
|
||||||
|
* build(deps): bump github.com/docker/docker
|
||||||
|
* Let's see if #14653 is fixed or not
|
||||||
|
* Add support for podman build --group-add
|
||||||
|
* vendor in latests containers/(storage, common, build, image)
|
||||||
|
* unskip network update test
|
||||||
|
* do not install swagger by default
|
||||||
|
* pasta: skip "Local forwarder, IPv4" test
|
||||||
|
* add testbindings Makefile target
|
||||||
|
* update CI images to include pasta
|
||||||
|
* [CI:DOCS] Add CNI deprecation notices to documentation
|
||||||
|
* Cirrus: preserve podman-server logs
|
||||||
|
* waitPidStop: reduce sleep time to 10ms
|
||||||
|
* StopContainer: return if cleanup process changed state
|
||||||
|
* StopSignal: add a comment
|
||||||
|
* StopContainer: small refactor
|
||||||
|
* waitPidStop: simplify code
|
||||||
|
* e2e tests: reenable long-skipped build test
|
||||||
|
* Add openssh-clients to podmanimage
|
||||||
|
* Reworks Windows smoke test to tunnel through interactive session.
|
||||||
|
* fix bud-multiple-platform-with-base-as-default-arg flake
|
||||||
|
* Remove ReservedAnnotations from kube generate specification
|
||||||
|
* e2e: update test/README.md
|
||||||
|
* e2e: use isRootless() instead of rootless.IsRootless()
|
||||||
|
* Cleanup documentation on --userns=auto
|
||||||
|
* Bump to v4.4.0-dev
|
||||||
|
* Bump to v4.4.0-rc2
|
||||||
|
* Vendor in latest c/common
|
||||||
|
* sig-proxy system test: bump timeout
|
||||||
|
* build(deps): bump github.com/containernetworking/plugins
|
||||||
|
* rootless: rename auth-scripts to preexec-hooks
|
||||||
|
* Docs: version-check updates
|
||||||
|
* commit: use libimage code to parse changes
|
||||||
|
* [CI:DOCS] Remove experimental mac tutorial
|
||||||
|
* man: Document the interaction between --systemd and --privileged
|
||||||
|
* Make rootless privileged containers share the same tty devices as rootfull ones
|
||||||
|
* container kill: handle stopped/exited container
|
||||||
|
* Vendor in latest containers/(image,ocicrypt)
|
||||||
|
* add a comment to container removal
|
||||||
|
* Vendor in latest containers/storage
|
||||||
|
* Cirrus: Run machine tests on PR merge
|
||||||
|
* fix flake in kube system test
|
||||||
|
* kube play: complete container spec
|
||||||
|
* E2E Tests: Use inspect instead of actual data to avoid UDP flake
|
||||||
|
* Use containers/storage/pkg/regexp in place of regexp
|
||||||
|
* Vendor in latest containers/storage
|
||||||
|
* Cirrus: Support using updated/latest NV/AV in PRs
|
||||||
|
* Limit replica count to 1 when deploying from kubernetes YAML
|
||||||
|
* Set StoppedByUser earlier in the process of stopping
|
||||||
|
* podman-play system test: refactor
|
||||||
|
* Bump to v4.4.0-dev
|
||||||
|
* Bump to v4.4.0-RC1
|
||||||
|
* network: add support for podman network update and --network-dns-server
|
||||||
|
* service container: less verbose error logs
|
||||||
|
* Quadlet Kube - add support for PublishPort key
|
||||||
|
* e2e: fix systemd_activate_test
|
||||||
|
* Compile regex on demand not in init
|
||||||
|
* [docker compat] Don't overwrite the NetworkMode if containers.conf overrides netns.
|
||||||
|
* E2E Test: Play Kube set deadline to connection to avoid hangs
|
||||||
|
* Only prevent VTs to be mounted inside privileged systemd containers
|
||||||
|
* e2e: fix play_kube_test
|
||||||
|
* Updated error message for supported VolumeSource types
|
||||||
|
* Introduce pkg retry logic in win installer task
|
||||||
|
* logformatter: include base SHA, with history link
|
||||||
|
* Network tests: ping redhat.com, not podman.io
|
||||||
|
* cobra: move engine shutdown to Execute
|
||||||
|
* Updated options for QEMU on Windows hosts
|
||||||
|
* Update Mac installer to use gvproxy v0.5.0
|
||||||
|
* podman: podman rm -f doesn't leave processes
|
||||||
|
* oci: check for valid PID before kill(pid, 0)
|
||||||
|
* linux: add /sys/fs/cgroup if /sys is a bind mount
|
||||||
|
* Quadlet: Add support for ConfigMap key in Kube section
|
||||||
|
* remove service container _after_ pods
|
||||||
|
* Kube Play - allow setting and overriding published host ports
|
||||||
|
* oci: terminate all container processes on cleanup
|
||||||
|
* Update win-sshproxy to 0.5.0 gvisor tag
|
||||||
|
* Vendor in latest containers/common
|
||||||
|
* Fix a potential defer logic error around locking
|
||||||
|
* logformatter: nicer formatting for bats failures
|
||||||
|
* logformatter: refactor verbose line-print
|
||||||
|
* e2e tests: stop using UBI images
|
||||||
|
* k8s-file: podman logs --until --follow exit after time
|
||||||
|
* journald: podman logs --until --follow exit after time
|
||||||
|
* journald: seek to time when --since is used
|
||||||
|
* podman logs: journald fix --since and --follow
|
||||||
|
* Preprocess files in UTF-8 mode
|
||||||
|
* Bump golang.org/x/tools from 0.4.0 to 0.5.0 in /test/tools
|
||||||
|
* Vendor in latest containers/(common, image, storage)
|
||||||
|
* Switch to C based msi hooks for win installer
|
||||||
|
* hack/bats: improve usage message
|
||||||
|
* hack/bats: add --remote option
|
||||||
|
* hack/bats: fix root/rootless logic
|
||||||
|
* Describe copy volume options
|
||||||
|
* Support sig-proxy for podman-remote attach and start
|
||||||
|
* libpod: fix race condition rm'ing stopping containers
|
||||||
|
* e2e: fix run_volume_test
|
||||||
|
* Add support for Windows ARM64
|
||||||
|
* Add shared --compress to man pages
|
||||||
|
* Add container error message to ContainerState
|
||||||
|
* Man page checker: require canonical name in SEE ALSO
|
||||||
|
* system df: improve json output code
|
||||||
|
* kube play: fix the error logic with --quiet
|
||||||
|
* System tests: quadlet network test
|
||||||
|
* Fix: List container with volume filter
|
||||||
|
* adding -dryrun flag
|
||||||
|
* Quadlet Container: Add support for EnvironmentFile and EnvironmentHost
|
||||||
|
* Kube Play: use passthrough as the default log-driver if service-container is set
|
||||||
|
* System tests: add missing cleanup
|
||||||
|
* System tests: fix unquoted question marks
|
||||||
|
* Build and use a newer systemd image
|
||||||
|
* Quadlet Network - Fix the name of the required network service
|
||||||
|
* System Test Quadlet - Volume dependency test did not test the dependency
|
||||||
|
* fix `podman system connection - tcp` flake
|
||||||
|
* vendor: bump c/storage to a747b27
|
||||||
|
* Fix instructions about setting storage driver on command-line
|
||||||
|
* Test README - point users to hack/bats
|
||||||
|
* System test: quadlet kube basic test
|
||||||
|
* Fixed `podman update --pids-limit`
|
||||||
|
* podman-remote,bindings: trim context path correctly when its emptydir
|
||||||
|
* Quadlet Doc: Add section for .kube files
|
||||||
|
* e2e: fix containers_conf_test
|
||||||
|
* Allow '/' to prefix container names to match Docker
|
||||||
|
* Remove references to qcow2
|
||||||
|
* Fix typos in man page regarding transient storage mode.
|
||||||
|
* make: Use PYTHON var for .install.pre-commit
|
||||||
|
* Add containers.conf read-only flag support
|
||||||
|
* Explain that relabeling/chowning of volumes can take along time
|
||||||
|
* events: support "die" filter
|
||||||
|
* infra/abi: refactor ContainerRm
|
||||||
|
* When in transient store mode, use rundir for bundlepath
|
||||||
|
* quadlet: Support Type=oneshot container files
|
||||||
|
* hacks/bats: keep QUADLET env var in test env
|
||||||
|
* New system tests for conflicting options
|
||||||
|
* Vendor in latest containers/(buildah, image, common)
|
||||||
|
* Output Size and Reclaimable in human form for json output
|
||||||
|
* podman service: close duplicated /dev/null fd
|
||||||
|
* ginkgo tests: apply ginkgolinter fixes
|
||||||
|
* Add support for hostPath and configMap subpath usage
|
||||||
|
* export: use io.Writer instead of file
|
||||||
|
* rootless: always create userns with euid != 0
|
||||||
|
* rootless: inhibit copy mapping for euid != 0
|
||||||
|
* pkg/domain/infra/abi: introduce `type containerWrapper`
|
||||||
|
* vendor: bump to buildah ca578b290144 and use new cache API
|
||||||
|
* quadlet: Handle booleans that have defaults better
|
||||||
|
* quadlet: Rename parser.LookupBoolean to LookupBooleanWithDefault
|
||||||
|
* Add podman-clean-transient.service service
|
||||||
|
* Stop recording annotations set to false
|
||||||
|
* Unify --noheading and -n to be consistent on all commands
|
||||||
|
* pkg/domain/infra/abi: add `getContainers`
|
||||||
|
* Update vendor of containters/(common, image)
|
||||||
|
* specfile: Drop user-add depedency from quadlet subpackage.
|
||||||
|
* quadlet: Default BINDIR to /usr/bin if tag not specified
|
||||||
|
* Quadlet: add network support
|
||||||
|
* Add comment for jsonMarshal command
|
||||||
|
* Always allow pushing from containers-storage
|
||||||
|
* libpod: move NetNS into state db instead of extra bucket
|
||||||
|
* Add initial system tests for quadlets
|
||||||
|
* quadlet: Add --user option
|
||||||
|
* libpod: remove CNI word were no longer applicable
|
||||||
|
* libpod: fix header length in http attach with logs
|
||||||
|
* podman-kube@ template: use `podman kube`
|
||||||
|
* build(deps): bump github.com/docker/docker
|
||||||
|
* wait: add --ignore option
|
||||||
|
* qudlet: Respect $PODMAN env var for podman binary
|
||||||
|
* e2e: Add assert-key-is-regex check to quadlet e2e testsuite
|
||||||
|
* e2e: Add some assert to quadlet test to make sure testcases are sane
|
||||||
|
* remove unmapped ports from inspect port bindings
|
||||||
|
* update podman-network-create for clarity
|
||||||
|
* Vendor in latest containers/common with default capabilities
|
||||||
|
* pkg/rootless: Change error text ...
|
||||||
|
* rootless: add cli validator
|
||||||
|
* rootless: define LIBEXECPODMAN
|
||||||
|
* doc: fix documentation for idmapped mounts
|
||||||
|
* bump golangci-lint to v1.50.1
|
||||||
|
* build(deps): bump github.com/onsi/gomega from 1.24.1 to 1.24.2
|
||||||
|
* [CI:DOCS] podman-mount: s/umount/unmount/
|
||||||
|
* create/pull --help: list pull policies
|
||||||
|
* Network Create: Add --ignore flag to support idempotent script
|
||||||
|
* Make qemu security model none
|
||||||
|
* libpod: use OCI idmappings for mounts
|
||||||
|
* stop reporting errors removing containers that don't exist
|
||||||
|
* test: added test from wait endpoint with to long label
|
||||||
|
* quadlet: Default VolatileTmp to off
|
||||||
|
* build(deps): bump github.com/ulikunitz/xz from 0.5.10 to 0.5.11
|
||||||
|
* docs/options/ipc: fix list syntax
|
||||||
|
* Docs: Add dedicated DOWNLOAD doc w/ links to bins
|
||||||
|
* Make a consistently-named windows installer
|
||||||
|
* checkpoint restore: fix --ignore-static-ip/mac
|
||||||
|
* add support for subpath in play kube for named volumes
|
||||||
|
* build(deps): bump golang.org/x/net from 0.2.0 to 0.4.0
|
||||||
|
* golangci-lint: remove three deprecated linters
|
||||||
|
* parse-localbenchmarks: separate standard deviation
|
||||||
|
* build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0
|
||||||
|
* podman play kube support container startup probe
|
||||||
|
* Add podman buildx version support
|
||||||
|
* Cirrus: Collect benchmarks on machine instances
|
||||||
|
* Cirrus: Remove escape codes from log files
|
||||||
|
* [CI:DOCS] Clarify secret target behavior
|
||||||
|
* Fix typo on network docs
|
||||||
|
* podman-remote build add --volume support
|
||||||
|
* remote: allow --http-proxy for remote clients
|
||||||
|
* Cleanup kube play workloads if error happens
|
||||||
|
* health check: ignore dependencies of transient systemd units/timers
|
||||||
|
* fix: event read from syslog
|
||||||
|
* Fixes secret (un)marshaling for kube play.
|
||||||
|
* Remove 'you' from man pages
|
||||||
|
* build(deps): bump golang.org/x/tools from 0.3.0 to 0.4.0 in /test/tools
|
||||||
|
* [CI:DOCS] test/README.md: run tests with podman-remote
|
||||||
|
* e2e: keeps the http_proxy value
|
||||||
|
* Makefile: Add podman-mac-helper to darwin client zip
|
||||||
|
* test/e2e: enable "podman run with ipam none driver" for nv
|
||||||
|
* [skip-ci] GHA/Cirrus-cron: Fix execution order
|
||||||
|
* kube sdnotify: run proxies for the lifespan of the service
|
||||||
|
* Update containers common package
|
||||||
|
* podman manpage: Use man-page links instead of file names
|
||||||
|
* e2e: fix e2e tests in proxy environment
|
||||||
|
* Fix test
|
||||||
|
* disable healthchecks automatically on non systemd systems
|
||||||
|
* Quadlet Kube: Add support for userns flag
|
||||||
|
* [CI:DOCS] Add warning about --opts,o with mount's -o
|
||||||
|
* Add podman system prune --external
|
||||||
|
* Add some tests for transient store
|
||||||
|
* runtime: In transient_store mode, move bolt_state.db to rundir
|
||||||
|
* runtime: Handle the transient store options
|
||||||
|
* libpod: Move the creation of TmpDir to an earlier time
|
||||||
|
* network create: support "-o parent=XXX" for ipvlan
|
||||||
|
* compat API: allow MacAddress on container config
|
||||||
|
* Quadlet Kube: Add support for relative path for YAML file
|
||||||
|
* notify k8s system test: move sending message into exec
|
||||||
|
* runtime: do not chown idmapped volumes
|
||||||
|
* quadlet: Drop ExecStartPre=rm %t/%N.cid
|
||||||
|
* Quadlet Kube: Set SyslogIdentifier if was not set
|
||||||
|
* Add a FreeBSD cross build to the cirrus alt build task
|
||||||
|
* Add completion for --init-ctr
|
||||||
|
* Fix handling of readonly containers when defined in kube.yaml
|
||||||
|
* Build cross-compilation fixes
|
||||||
|
* libpod: Track healthcheck API changes in healthcheck_unsupported.go
|
||||||
|
* quadlet: Use same default capability set as podman run
|
||||||
|
* quadlet: Drop --pull=never
|
||||||
|
* quadlet: Change default of ReadOnly to no
|
||||||
|
* quadlet: Change RunInit default to no
|
||||||
|
* quadlet: Change NoNewPrivileges default to false
|
||||||
|
* test: podman run with checkpoint image
|
||||||
|
* Enable 'podman run' for checkpoint images
|
||||||
|
* test: Add tests for checkpoint images
|
||||||
|
* CI setup: simplify environment passthrough code
|
||||||
|
* Init containers should not be restarted
|
||||||
|
* Update c/storage after https://github.com/containers/storage/pull/1436
|
||||||
|
* Set the latest release explicitly
|
||||||
|
* add friendly comment
|
||||||
|
* fix an overriding logic and load config problem
|
||||||
|
* Update the issue templates
|
||||||
|
* Update vendor of containers/(image, buildah)
|
||||||
|
* [CI:DOCS] Skip windows-smoke when not useful
|
||||||
|
* [CI:DOCS] Remove broken gate-container docs
|
||||||
|
* OWNERS: add Jason T. Greene
|
||||||
|
* hack/podmansnoop: print arguments
|
||||||
|
* Improve atomicity of VM state persistence on Windows
|
||||||
|
* [CI:BUILD] copr: enable podman-restart.service on rpm installation
|
||||||
|
* macos: pkg: Use -arm64 suffix instead of -aarch64
|
||||||
|
* linux: Add -linux suffix to podman-remote-static binaries
|
||||||
|
* linux: Build amd64 and arm64 podman-remote-static binaries
|
||||||
|
* container create: add inspect data to event
|
||||||
|
* Allow manual override of install location
|
||||||
|
* Run codespell on code
|
||||||
|
* Add missing parameters for checkpoint/restore endpoint
|
||||||
|
* Add support for startup healthchecks
|
||||||
|
* Add information on metrics to the `network create` docs
|
||||||
|
* Introduce podman machine os commands
|
||||||
|
* Document that ignoreRootFS depends on export/import
|
||||||
|
* Document ignoreVolumes in checkpoint/restore endpoint
|
||||||
|
* Remove leaveRunning from swagger restore endpoint
|
||||||
|
* libpod: Add checks to avoid nil pointer dereference if network setup fails
|
||||||
|
* Address golangci-lint issues
|
||||||
|
* Bump golang version to 1.18
|
||||||
|
* Documenting Hyper-V QEMU acceleration settings
|
||||||
|
* Kube Play: fix the handling of the optional field of SecretVolumeSource
|
||||||
|
* Update Vendor of containers/(common, image, buildah)
|
||||||
|
* Fix swapped NetInput/-Output stats
|
||||||
|
* libpod: Use O_CLOEXEC for descriptors returned by (*Container).openDirectory
|
||||||
|
* chore: Fix MD for Troubleshooting Guide link in GitHub Issue Template
|
||||||
|
* test/tools: rebuild when files are changed
|
||||||
|
* ginkgo tests: apply ginkgolinter fixes
|
||||||
|
* ginkgo: restructure install work flow
|
||||||
|
* Fix manpage emphasis
|
||||||
|
* specgen: support CDI devices from containers.conf
|
||||||
|
* vendor: update containers/common
|
||||||
|
* pkg/trust: Take the default policy path from c/common/pkg/config
|
||||||
|
* Add validate-in-container target
|
||||||
|
* Adding encryption decryption feature
|
||||||
|
* container restart: clean up healthcheck state
|
||||||
|
* Add support for podman-remote manifest annotate
|
||||||
|
* Quadlet: Add support for .kube files
|
||||||
|
* Update vendor of containers/(buildah, common, storage, image)
|
||||||
|
* specgen: honor user namespace value
|
||||||
|
* [CI:DOCS] Migrate OSX Cross to M1
|
||||||
|
* quadlet: Rework uid/gid remapping
|
||||||
|
* GHA: Fix cirrus re-run workflow for other repos.
|
||||||
|
* ssh system test: skip until it becomes a test
|
||||||
|
* shell completion: fix hard coded network drivers
|
||||||
|
* libpod: Report network setup errors properly on FreeBSD
|
||||||
|
* E2E Tests: change the registry for the search test to avoid authentication
|
||||||
|
* pkginstaller: install podman-mac-helper by default
|
||||||
|
* Fix language. Mostly spelling a -> an
|
||||||
|
* podman machine: Propagate SSL_CERT_FILE and SSL_CERT_DIR to systemd environment.
|
||||||
|
* [CI:DOCS] Fix spelling and typos
|
||||||
|
* Modify man page of "--pids-limit" option to correct a default value.
|
||||||
|
* Update docs/source/markdown/podman-remote.1.md
|
||||||
|
* Update pkg/bindings/connection.go
|
||||||
|
* Add more documentation on UID/GID Mappings with --userns=keep-id
|
||||||
|
* support podman-remote to connect tcpURL with proxy
|
||||||
|
* Removing the RawInput from the API output
|
||||||
|
* fix port issues for CONTAINER_HOST
|
||||||
|
* CI: Package versions: run in the 'main' step
|
||||||
|
* build(deps): bump github.com/rootless-containers/rootlesskit
|
||||||
|
* pkg/domain: Make checkExecPreserveFDs platform-specific
|
||||||
|
* e2e tests: fix restart race
|
||||||
|
* Fix podman --noout to suppress all output
|
||||||
|
* remove pod if creation has failed
|
||||||
|
* pkg/rootless: Implement rootless.IsFdInherited on FreeBSD
|
||||||
|
* Fix more podman-logs flakes
|
||||||
|
* healthcheck system tests: try to fix flake
|
||||||
|
* libpod: treat ESRCH from /proc/PID/cgroup as ENOENT
|
||||||
|
* GHA: Configure workflows for reuse
|
||||||
|
* compat,build: handle docker's preconfigured cacheTo,cacheFrom
|
||||||
|
* docs: deprecate pasta network name
|
||||||
|
* utils: Enable cgroup utils for FreeBSD
|
||||||
|
* pkg/specgen: Disable kube play tests on FreeBSD
|
||||||
|
* libpod/lock: Fix build and tests for SHM locks on FreeBSD
|
||||||
|
* podman cp: fix copying with "." suffix
|
||||||
|
* pkginstaller: bump Qemu to version 7.1.0
|
||||||
|
* specgen,wasm: switch to crun-wasm wherever applicable
|
||||||
|
* vendor: bump c/common to v0.50.2-0.20221111184705-791b83e1cdf1
|
||||||
|
* libpod: Make unit test for statToPercent Linux only
|
||||||
|
* Update vendor of containers/storage
|
||||||
|
* fix connection usage with containers.conf
|
||||||
|
* Add --quiet and --no-info flags to podman machine start
|
||||||
|
* Add hidden podman manifest inspect -v option
|
||||||
|
* Bump github.com/onsi/gomega from 1.24.0 to 1.24.1
|
||||||
|
* Add podman volume create -d short option for driver
|
||||||
|
* Vendor in latest containers/(common,image,storage)
|
||||||
|
* Add podman system events alias to podman events
|
||||||
|
* Fix search_test to return correct version of alpine
|
||||||
|
* Bump golang.org/x/tools from 0.1.12 to 0.3.0 in /test/tools
|
||||||
|
* GHA: Fix undefined secret env. var.
|
||||||
|
* Release notes for 4.3.1
|
||||||
|
* GHA: Fix make_email-body script reference
|
||||||
|
* Add release keys to README
|
||||||
|
* GHA: Fix typo setting output parameter
|
||||||
|
* GHA: Fix typo.
|
||||||
|
* New tool, docs/version-check
|
||||||
|
* Formalize our compare-against-docker mechanism
|
||||||
|
* Add restart-sec for container service files
|
||||||
|
* test/tools: bump module to go 1.17
|
||||||
|
* contrib/cirrus/check_go_changes.sh: ignore test/tools/vendor
|
||||||
|
* Bump github.com/coreos/go-systemd/v22 from 22.4.0 to 22.5.0
|
||||||
|
* Bump golang.org/x/term from 0.1.0 to 0.2.0
|
||||||
|
* Bump golang.org/x/sys from 0.1.0 to 0.2.0
|
||||||
|
* Bump github.com/container-orchestrated-devices/container-device-interface
|
||||||
|
* build(deps): bump golang.org/x/tools from 0.1.12 to 0.2.0 in /test/tools
|
||||||
|
* libpod: Add FreeBSD support in packageVersion
|
||||||
|
* Allow podman manigest push --purge|-p as alias for --rm
|
||||||
|
* [CI:DOCS] Add performance tutorial
|
||||||
|
* [CI:DOCS] Fix build targets in build_osx.md.
|
||||||
|
* fix --format {{json .}} output to match docker
|
||||||
|
* remote: fix manifest add --annotation
|
||||||
|
* Skip test if `--events-backend` is necessary with podman-remote
|
||||||
|
* kube play: update the handling of PersistentVolumeClaim
|
||||||
|
* system tests: fix a system test in proxy environment
|
||||||
|
* Use single unqualified search registry on Windows
|
||||||
|
* test/system: Add, use tcp_port_probe() to check for listeners rather than binds
|
||||||
|
* test/system: Add tests for pasta(1) connectivity
|
||||||
|
* test/system: Move network-related helpers to helpers.network.bash
|
||||||
|
* test/system: Use procfs to find bound ports, with optional address and protocol
|
||||||
|
* test/system: Use port_is_free() from wait_for_port()
|
||||||
|
* libpod: Add pasta networking mode
|
||||||
|
* More log-flake work
|
||||||
|
* Fix test flakes caused by improper podman-logs
|
||||||
|
* fix incorrect systemd booted check
|
||||||
|
* Cirrus: Add tests for GHA scripts
|
||||||
|
* GHA: Update scripts to pass shellcheck
|
||||||
|
* Cirrus: Shellcheck github-action scripts
|
||||||
|
* Cirrus: shellcheck support for github-action scripts
|
||||||
|
* GHA: Fix cirrus-cron scripts
|
||||||
|
* Makefile: don't install to tmpfiles.d on FreeBSD
|
||||||
|
* Make sure we can build and read each line of docker py's api client
|
||||||
|
* Docker compat build api - make sure only one line appears per flush
|
||||||
|
* Run codespell on code
|
||||||
|
* Update vendor of containers/(image, storage, common)
|
||||||
|
* Allow namespace path network option for pods.
|
||||||
|
* Cirrus: Never skip running Windows Cross task
|
||||||
|
* GHA: Auto. re-run failed cirrus-cron builds once
|
||||||
|
* GHA: Migrate inline script to file
|
||||||
|
* GHA: Simplify script reference
|
||||||
|
* test/e2e: do not use apk in builds
|
||||||
|
* remove container/pod id file along with container/pod
|
||||||
|
* Cirrus: Synchronize windows image
|
||||||
|
* Add --insecure,--tls-verify,--verbose flags to podman manifest inspect
|
||||||
|
* runtime: add check for valid pod systemd cgroup
|
||||||
|
* CI: set and verify DESIRED_NETWORK (netavark, cni)
|
||||||
|
* [CI:DOCS] troubleshooting: document keep-id options
|
||||||
|
* Man pages: refactor common options: --security-opt
|
||||||
|
* Cirrus: Guarantee CNI testing w/o nv/av present
|
||||||
|
* Cirrus: temp. disable all Ubuntu testing
|
||||||
|
* Cirrus: Update to F37beta
|
||||||
|
* buildah bud tests: better handling of remote
|
||||||
|
* quadlet: Warn in generator if using short names
|
||||||
|
* Add Windows Smoke Testing
|
||||||
|
* Add podman kube apply command
|
||||||
|
* docs: offer advice on installing test dependencies
|
||||||
|
* Fix documentation on read-only-tmpfs
|
||||||
|
* version bump to 4.4.0-dev
|
||||||
|
* deps: bump go-criu to v6
|
||||||
|
* Makefile: Add cross build targets for freebsd
|
||||||
|
* pkg/machine: Make this build on FreeBSD/arm64
|
||||||
|
* pkg/rctl: Remove unused cgo dependency
|
||||||
|
* man pages: assorted underscore fixes
|
||||||
|
* Upgrade GitHub actions packages from v2 to v3
|
||||||
|
* vendor github.com/godbus/dbus/v5@4b691ce
|
||||||
|
* [CI:DOCS] fix --tmpdir typos
|
||||||
|
* Do not report that /usr/share/containers/storage.conf has been edited.
|
||||||
|
* Eval symlinks on XDG_RUNTIME_DIR
|
||||||
|
* hack/podmansnoop
|
||||||
|
* rootless: support keep-id with one mapping
|
||||||
|
* rootless: add argument to GetConfiguredMappings
|
||||||
|
* Update vendor containers/(common,storage,buildah,image)
|
||||||
|
* Fix deadlock between 'podman ps' and 'container inspect' commands
|
||||||
|
* Add information about where the libpod/boltdb database lives
|
||||||
|
* Consolidate the dependencies for the IsTerminal() API
|
||||||
|
* Ensure that StartAndAttach locks while sending signals
|
||||||
|
* ginkgo testing: fix podman usernamespace join
|
||||||
|
* Test runners: nuke podman from $PATH before tests
|
||||||
|
* volumes: Fix idmap not working for volumes
|
||||||
|
* FIXME: Temporary workaround for ubi8 CI breakage
|
||||||
|
* System tests: teardown: clean up volumes
|
||||||
|
* update api versions on docs.podman.io
|
||||||
|
* system tests: runlabel: use podman-under-test
|
||||||
|
* system tests: podman network create: use random port
|
||||||
|
* sig-proxy test: bump timeout
|
||||||
|
* play kube: Allow the user to import the contents of a tar file into a volume
|
||||||
|
* Clarify the docs on DropCapability
|
||||||
|
* quadlet tests: Disable kmsg logging while testing
|
||||||
|
* quadlet: Support multiple Network=
|
||||||
|
* quadlet: Add support for Network=...
|
||||||
|
* Fix manpage for podman run --network option
|
||||||
|
* quadlet: Add support for AddDevice=
|
||||||
|
* quadlet: Add support for setting seccomp profile
|
||||||
|
* quadlet: Allow multiple elements on each Add/DropCaps line
|
||||||
|
* quadlet: Embed the correct binary name in the generated comment
|
||||||
|
* quadlet: Drop the SocketActivated key
|
||||||
|
* quadlet: Switch log-driver to passthrough
|
||||||
|
* quadlet: Change ReadOnly to default to enabled
|
||||||
|
* quadlet tests: Run the tests even for (exected) failed tests
|
||||||
|
* quadlet tests: Fix handling of stderr checks
|
||||||
|
* Remove unused script file
|
||||||
|
* notifyproxy: fix container watcher
|
||||||
|
* container/pod id file: truncate instead of throwing an error
|
||||||
|
* quadlet: Use the new podman create volume --ignore
|
||||||
|
* Add podman volume create --ignore
|
||||||
|
* logcollector: include aardvark-dns
|
||||||
|
* build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1
|
||||||
|
* build(deps): bump github.com/BurntSushi/toml from 1.2.0 to 1.2.1
|
||||||
|
* docs: generate systemd: point to kube template
|
||||||
|
* docs: kube play: mention restart policy
|
||||||
|
* Fixes: 15858 (podman system reset --force destroy machine)
|
||||||
|
* fix search flake
|
||||||
|
* use cached containers.conf
|
||||||
|
* adding regex support to the ancestor ps filter function
|
||||||
|
* Fix `system df` issues with `-f` and `-v`
|
||||||
|
* markdown-preprocess: cross-reference where opts are used
|
||||||
|
* Default qemu flags for Windows amd64
|
||||||
|
* build(deps): bump golang.org/x/text from 0.3.8 to 0.4.0
|
||||||
|
* Update main to reflect v4.3.0 release
|
||||||
|
* build(deps): bump github.com/docker/docker
|
||||||
|
* move quadlet packages into pkg/systemd
|
||||||
|
* system df: fix image-size calculations
|
||||||
|
* Add man page for quadlet
|
||||||
|
* Fix small typo
|
||||||
|
* testimage: add iproute2 & socat, for pasta networking
|
||||||
|
* Set up minikube for k8s testing
|
||||||
|
* Makefile: don't install systemd generator binaries on FreeBSD
|
||||||
|
* [CI:BUILD] copr: podman rpm should depend on containers-common-extra
|
||||||
|
* Podman image: Set default_sysctls to empty for rootless containers
|
||||||
|
* Don't use github.com/docker/distribution
|
||||||
|
* libpod: Add support for 'podman top' on FreeBSD
|
||||||
|
* libpod: Factor out jail name construction from stats_freebsd.go
|
||||||
|
* pkg/util: Add pid information descriptors for FreeBSD
|
||||||
|
* Initial quadlet version integrated in golang
|
||||||
|
* bump golangci-lint to v1.49.0
|
||||||
|
* Update vendor containers/(common,image,storage)
|
||||||
|
* Allow volume mount dups, iff source and dest dirs
|
||||||
|
* rootless: fix return value handling
|
||||||
|
* Change to correct break statements
|
||||||
|
* vendor containers/psgo@v1.8.0
|
||||||
|
* Clarify that MacOSX docs are client specific
|
||||||
|
* libpod: Factor out the call to PidFdOpen from (*Container).WaitForExit
|
||||||
|
* Add swagger install + allow version updates in CI
|
||||||
|
* Cirrus: Fix windows clone race
|
||||||
|
* build(deps): bump github.com/docker/docker
|
||||||
|
* kill: wait for the container
|
||||||
|
* generate systemd: set --stop-timeout for stopping containers
|
||||||
|
* hack/tree_status.sh: print diff at the end
|
||||||
|
* Fix markdown header typo
|
||||||
|
* markdown-preprocess: add generic include mechanism
|
||||||
|
* markdown-preprocess: almost complete OO rewrite
|
||||||
|
* Update tests for changed error messages
|
||||||
|
* Update c/image after https://github.com/containers/image/pull/1299
|
||||||
|
* Man pages: refactor common options (misc)
|
||||||
|
* Man pages: Refactor common options: --detach-keys
|
||||||
|
* vendor containers/storage@main
|
||||||
|
* Man pages: refactor common options: --attach
|
||||||
|
* build(deps): bump github.com/fsnotify/fsnotify from 1.5.4 to 1.6.0
|
||||||
|
* KillContainer: improve error message
|
||||||
|
* docs: add missing options
|
||||||
|
* Man pages: refactor common options: --annotation (manifest)
|
||||||
|
* build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0
|
||||||
|
* system tests: health-on-failure: fix broken logic
|
||||||
|
* build(deps): bump golang.org/x/text from 0.3.7 to 0.3.8
|
||||||
|
* build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1
|
||||||
|
* ContainerEngine.SetupRootless(): Avoid calling container.Config()
|
||||||
|
* Container filters: Avoid use of ctr.Config()
|
||||||
|
* Avoid unnecessary calls to Container.Spec()
|
||||||
|
* Add and use Container.LinuxResource() helper
|
||||||
|
* play kube: notifyproxy: listen before starting the pod
|
||||||
|
* play kube: add support for configmap binaryData
|
||||||
|
* Add and use libpod/Container.Terminal() helper
|
||||||
|
* Revert "Add checkpoint image tests"
|
||||||
|
* Revert "cmd/podman: add support for checkpoint images"
|
||||||
|
* healthcheck: fix --on-failure=stop
|
||||||
|
* Man pages: Add mention of behavior due to XDG_CONFIG_HOME
|
||||||
|
* build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6
|
||||||
|
* Avoid unnecessary timeout of 250msec when waiting on container shutdown
|
||||||
|
* health checks: make on-failure action retry aware
|
||||||
|
* libpod: Remove 100msec delay during shutdown
|
||||||
|
* libpod: Add support for 'podman pod' on FreeBSD
|
||||||
|
* libpod: Factor out cgroup validation from (*Runtime).NewPod
|
||||||
|
* libpod: Move runtime_pod_linux.go to runtime_pod_common.go
|
||||||
|
* specgen/generate: Avoid a nil dereference in MakePod
|
||||||
|
* libpod: Factor out cgroups handling from (*Pod).refresh
|
||||||
|
* Adds a link to OSX docs in CONTRIBUTING.md
|
||||||
|
* Man pages: refactor common options: --os-version
|
||||||
|
* Create full path to a directory when DirectoryOrCreate is used with play kube
|
||||||
|
* Return error in podman system service if URI scheme is not unix/tcp
|
||||||
|
* Man pages: refactor common options: --time
|
||||||
|
* man pages: document some --format options: images
|
||||||
|
* Clean up when stopping pods
|
||||||
|
* Update vendor of containers/buildah v1.28.0
|
||||||
|
* Proof of concept: nightly dependency treadmill
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Jan 17 10:42:42 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
|
Tue Jan 17 10:42:42 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
|
||||||
|
|
||||||
|
61
podman.spec
61
podman.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package podman
|
# spec file for package podman
|
||||||
#
|
#
|
||||||
# Copyright (c) 2022 SUSE LLC
|
# Copyright (c) 2023 SUSE LLC
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -18,7 +18,7 @@
|
|||||||
%{!?_user_tmpfilesdir: %global _user_tmpfilesdir %{_datadir}/user-tmpfiles.d}
|
%{!?_user_tmpfilesdir: %global _user_tmpfilesdir %{_datadir}/user-tmpfiles.d}
|
||||||
%define project github.com/containers/podman
|
%define project github.com/containers/podman
|
||||||
Name: podman
|
Name: podman
|
||||||
Version: 4.3.1
|
Version: 4.4.2
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Daemon-less container engine for managing containers, pods and images
|
Summary: Daemon-less container engine for managing containers, pods and images
|
||||||
License: Apache-2.0
|
License: Apache-2.0
|
||||||
@ -27,10 +27,7 @@ URL: https://%{project}
|
|||||||
Source0: %{name}-%{version}.tar.xz
|
Source0: %{name}-%{version}.tar.xz
|
||||||
Source1: podman.conf
|
Source1: podman.conf
|
||||||
Source2: README.SUSE.SLES
|
Source2: README.SUSE.SLES
|
||||||
# hotfix for https://github.com/containers/podman/issues/16765
|
Patch0: https://github.com/containers/podman/pull/17641.patch#./Quadlet-use-the-default-runtime.patch
|
||||||
Patch0: 0001-Revert-Default-missing-hostPort-to-containerPort-is-.patch
|
|
||||||
Patch1: 0002-Make-the-priority-for-picking-the-storage-driver-con.patch
|
|
||||||
Patch2: 0003-Only-override-the-graphdriver-to-vfs-if-the-priority.patch
|
|
||||||
BuildRequires: bash-completion
|
BuildRequires: bash-completion
|
||||||
BuildRequires: cni
|
BuildRequires: cni
|
||||||
BuildRequires: device-mapper-devel
|
BuildRequires: device-mapper-devel
|
||||||
@ -46,7 +43,7 @@ BuildRequires: libbtrfs-devel
|
|||||||
BuildRequires: libcontainers-common
|
BuildRequires: libcontainers-common
|
||||||
BuildRequires: libgpgme-devel
|
BuildRequires: libgpgme-devel
|
||||||
BuildRequires: libseccomp-devel
|
BuildRequires: libseccomp-devel
|
||||||
BuildRequires: golang(API) = 1.17
|
BuildRequires: golang(API) = 1.18
|
||||||
BuildRequires: pkgconfig(libselinux)
|
BuildRequires: pkgconfig(libselinux)
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
Recommends: apparmor-abstractions
|
Recommends: apparmor-abstractions
|
||||||
@ -116,7 +113,7 @@ pages and %{name}.
|
|||||||
|
|
||||||
%build
|
%build
|
||||||
# Build podman
|
# Build podman
|
||||||
BUILDFLAGS="-buildmode=pie" %make_build
|
BUILDFLAGS="-buildmode=pie" PREFIX=%{_prefix} %make_build
|
||||||
|
|
||||||
# Build manpages
|
# Build manpages
|
||||||
%make_build docs
|
%make_build docs
|
||||||
@ -126,7 +123,7 @@ BUILDFLAGS="-buildmode=pie" %make_build
|
|||||||
# Updates must be tested manually.
|
# Updates must be tested manually.
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%make_install PREFIX=/usr LIBEXECDIR=%{_libexecdir} install.completions install.docker
|
%make_install PREFIX=%{_prefix} LIBEXECDIR=%{_libexecdir} install.completions install.docker
|
||||||
|
|
||||||
# remove the user tmpfile on SLE/Leap as it cannot handle them
|
# remove the user tmpfile on SLE/Leap as it cannot handle them
|
||||||
%if 0%{?suse_version} == 1500
|
%if 0%{?suse_version} == 1500
|
||||||
@ -153,6 +150,8 @@ install -D -m 0644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/README.SUSE
|
|||||||
%{_bindir}/podman
|
%{_bindir}/podman
|
||||||
# Manpages
|
# Manpages
|
||||||
%{_mandir}/man1/podman*.1*
|
%{_mandir}/man1/podman*.1*
|
||||||
|
%{_mandir}/man5/podman*.5*
|
||||||
|
%{_mandir}/man5/quadlet*.5*
|
||||||
%exclude %{_mandir}/man1/podman-remote*.1*
|
%exclude %{_mandir}/man1/podman-remote*.1*
|
||||||
# Configs
|
# Configs
|
||||||
%dir %{_prefix}/lib/modules-load.d
|
%dir %{_prefix}/lib/modules-load.d
|
||||||
@ -161,6 +160,7 @@ install -D -m 0644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/README.SUSE
|
|||||||
# Rootless port
|
# Rootless port
|
||||||
%dir %{_libexecdir}/podman
|
%dir %{_libexecdir}/podman
|
||||||
%{_libexecdir}/podman/rootlessport
|
%{_libexecdir}/podman/rootlessport
|
||||||
|
%{_libexecdir}/podman/quadlet
|
||||||
# Completion
|
# Completion
|
||||||
%{_datadir}/bash-completion/completions/podman
|
%{_datadir}/bash-completion/completions/podman
|
||||||
%{_datadir}/zsh/site-functions/_podman
|
%{_datadir}/zsh/site-functions/_podman
|
||||||
@ -173,14 +173,16 @@ install -D -m 0644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/README.SUSE
|
|||||||
%{_unitdir}/podman-kube@.service
|
%{_unitdir}/podman-kube@.service
|
||||||
%{_unitdir}/podman-restart.service
|
%{_unitdir}/podman-restart.service
|
||||||
%{_unitdir}/podman-auto-update.timer
|
%{_unitdir}/podman-auto-update.timer
|
||||||
|
%{_unitdir}/podman-clean-transient.service
|
||||||
%{_userunitdir}/podman.service
|
%{_userunitdir}/podman.service
|
||||||
%{_userunitdir}/podman.socket
|
%{_userunitdir}/podman.socket
|
||||||
%{_userunitdir}/podman-auto-update.service
|
%{_userunitdir}/podman-auto-update.service
|
||||||
%{_userunitdir}/podman-kube@.service
|
%{_userunitdir}/podman-kube@.service
|
||||||
%{_userunitdir}/podman-restart.service
|
%{_userunitdir}/podman-restart.service
|
||||||
%{_userunitdir}/podman-auto-update.timer
|
%{_userunitdir}/podman-auto-update.timer
|
||||||
|
%{_systemdusergeneratordir}/podman-user-generator
|
||||||
|
%{_systemdgeneratordir}/podman-system-generator
|
||||||
%ghost /run/podman
|
%ghost /run/podman
|
||||||
%ghost %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf
|
|
||||||
%license LICENSE
|
%license LICENSE
|
||||||
|
|
||||||
%files remote
|
%files remote
|
||||||
@ -207,50 +209,19 @@ install -D -m 0644 %{SOURCE2} %{buildroot}%{_docdir}/%{name}/README.SUSE
|
|||||||
%tmpfiles_create %{_tmpfilesdir}/podman-docker.conf
|
%tmpfiles_create %{_tmpfilesdir}/podman-docker.conf
|
||||||
|
|
||||||
%pre
|
%pre
|
||||||
%service_add_pre podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%service_add_pre podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer podman-clean-transient.service
|
||||||
# move away any old rpmsave config file to avoid having it re-activated again in
|
|
||||||
# %%posttrans
|
|
||||||
test -f /etc/containers/libpod.conf.rpmsave && mv -v /etc/containers/libpod.conf.rpmsave /etc/containers/libpod.conf.rpmsave.old ||:
|
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%service_add_post podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%service_add_post podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer podman-clean-transient.service
|
||||||
%tmpfiles_create %{_tmpfilesdir}/podman.conf
|
%tmpfiles_create %{_tmpfilesdir}/podman.conf
|
||||||
%systemd_user_post podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%systemd_user_post podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%service_del_preun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%service_del_preun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer podman-clean-transient.service
|
||||||
%systemd_user_preun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%systemd_user_preun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
%service_del_postun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%service_del_postun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer podman-clean-transient.service
|
||||||
%systemd_user_postun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
%systemd_user_postun podman.service podman.socket podman-auto-update.service podman-restart.service podman-auto-update.timer
|
||||||
|
|
||||||
%posttrans
|
|
||||||
# if libpod.conf.rpmsave was created, set an update
|
|
||||||
# message informing about the libpod.conf -> containers.conf change
|
|
||||||
if test -f /etc/containers/libpod.conf.rpmsave ; then
|
|
||||||
cat >> %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf << EOF
|
|
||||||
WARNING: Podman configuration file changes
|
|
||||||
|
|
||||||
With version 2.0 Podman changed to a slightly different configuration file format.
|
|
||||||
Also the name of default configuration file has been changed. The new format is
|
|
||||||
documented in the containers.conf(5) man-page and changes should usually be
|
|
||||||
straight-forward.
|
|
||||||
|
|
||||||
The new default configuration is located in /usr/share/containers/containers.conf.
|
|
||||||
In order to override setting from that file you can create
|
|
||||||
/etc/containers/containers.conf with your changed settings.
|
|
||||||
EOF
|
|
||||||
fi
|
|
||||||
|
|
||||||
%triggerun cni-config -- %{name}-cni-config < 1.6.0
|
|
||||||
# The name of the network bridge changed from cni0 to podman-cni0 with
|
|
||||||
# podman 1.6. We need to rename the existing bridge to the new name to
|
|
||||||
# to avoid network issues after upgrade
|
|
||||||
if ip link show dev cni0 > /dev/null 2>&1; then
|
|
||||||
ip link set dev cni0 down
|
|
||||||
ip link set dev cni0 name cni-podman0
|
|
||||||
ip link set dev cni-podman0 up
|
|
||||||
fi
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
Loading…
Reference in New Issue
Block a user