podman

mirror of https://github.com/containers/podman synced 2024-10-19 16:54:07 +00:00

Author	SHA1	Message	Date
dependabot[bot]	e78f3e8c47	Bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.7+incompatible to 20.10.8+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.7...v20.10.8) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-08-04 10:04:27 +00:00
dependabot[bot]	bd29ec4c3b	Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4 Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.3 to 0.14.4. - [Release notes](https://github.com/rootless-containers/rootlesskit/releases) - [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.3...v0.14.4) --- updated-dependencies: - dependency-name: github.com/rootless-containers/rootlesskit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-08-04 07:48:36 +00:00
openshift-ci[bot]	cbad561696	Merge pull request #11091 from Luap99/connect-disconnect fix rootless port forwarding with network dis-/connect	2021-08-03 18:59:01 +00:00
Paul Holzinger	e88d8dbeae	fix rootless port forwarding with network dis-/connect The rootlessport forwarder requires a child IP to be set. This must be a valid ip in the container network namespace. The problem is that after a network disconnect and connect the eth0 ip changed. Therefore the packages are dropped since the source ip does no longer exists in the netns. One solution is to set the child IP to 127.0.0.1, however this is a security problem. [1] To fix this we have to recreate the ports after network connect and disconnect. To make this work the rootlessport process exposes a socket where podman network connect/disconnect connect to and send to new child IP to rootlessport. The rootlessport process will remove all ports and recreate them with the new correct child IP. Also bump rootlesskit to v0.14.3 to fix a race with RemovePort(). Fixes #10052 [1] https://nvd.nist.gov/vuln/detail/CVE-2021-20199 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2021-08-03 16:29:09 +02:00
dependabot[bot]	0762c7e977	Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3 Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](https://github.com/opencontainers/selinux/compare/v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-08-03 12:23:52 +00:00
openshift-ci[bot]	bdbc21095a	Merge pull request #10828 from cdoern/scp Created image scp feature	2021-08-02 17:15:54 +00:00
dependabot[bot]	c1156d48b5	Bump github.com/containers/storage from 1.33.0 to 1.33.1 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.0 to 1.33.1. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.33.0...v1.33.1) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-08-02 12:20:13 +00:00
dependabot[bot]	58672847ee	Bump github.com/containers/image/v5 from 5.14.0 to 5.15.0 Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.14.0 to 5.15.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.14.0...v5.15.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-08-01 11:33:58 +00:00
openshift-ci[bot]	4244288716	Merge pull request #11054 from saschagrunert/login-logout-path-tests Add `--accept-repositories` integration tests	2021-08-01 11:25:17 +00:00
cdoern	1d10ca739f	Created scp.go image_scp_test.go and podman-image-scp.1.md added functionality for image secure copying from local to remote. Also moved system connection add code around a bit so functions within that file can be used by scp. Signed-off-by: cdoern <cdoern@redhat.com>	2021-07-30 17:19:24 -04:00
Sascha Grunert	732ece6ae2	Add `--accept-repositories` integration tests This adds the integration tests for the repository or namespaced registry feature introduced in c/common. Signed-off-by: Sascha Grunert <sgrunert@redhat.com>	2021-07-30 14:53:55 +02:00
OpenShift Merge Robot	6c5966cf3c	Merge pull request #10910 from adrianreber/2021-07-12-checkpoint-restore-into-pod Add support for checkpoint/restore into and out of pods	2021-07-28 14:48:28 +02:00
Adrian Reber	3375cbb198	Vendor in go-criu v5.1.0 for Pod checkpoint/restore support Signed-off-by: Adrian Reber <areber@redhat.com>	2021-07-27 16:10:44 +02:00
dependabot[bot]	b090738328	Bump github.com/containers/storage from 1.32.6 to 1.33.0 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.6 to 1.33.0. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.6...v1.33.0) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-27 13:46:11 +00:00
OpenShift Merge Robot	27a487929e	Merge pull request #11028 from containers/dependabot/go_modules/github.com/containers/image/v5-5.14.0 Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0	2021-07-27 15:26:24 +02:00
Valentin Rothberg	1b6423e9f1	refine dangling checks By proxy by vendoring containers/common. Previously, a "dangling" image was an untagged image; just a described in the Docker docs. The definition of dangling has now been refined to an untagged image without children to be compatible with Docker. Further update a redundant image-prune test. Fixes: #10998 Fixes: #10832 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-07-26 09:28:17 +02:00
dependabot[bot]	23a938fa26	Bump github.com/containers/image/v5 from 5.13.2 to 5.14.0 Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.13.2 to 5.14.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](https://github.com/containers/image/compare/v5.13.2...v5.14.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-25 04:54:29 -04:00
dependabot[bot]	0784a5d047	Bump github.com/opencontainers/runc from 1.0.0 to 1.0.1 Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/opencontainers/runc/releases) - [Commits](https://github.com/opencontainers/runc/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-19 12:19:29 +00:00
OpenShift Merge Robot	d32e56658a	Merge pull request #10961 from containers/dependabot/go_modules/k8s.io/api-0.21.3 Bump k8s.io/api from 0.21.2 to 0.21.3	2021-07-16 13:16:45 -04:00
dependabot[bot]	50fcb06e7c	Bump k8s.io/api from 0.21.2 to 0.21.3 Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.21.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-16 15:35:03 +00:00
Valentin Rothberg	2e02942d46	vendor containers/common@main Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-07-16 17:32:37 +02:00
OpenShift Merge Robot	68585b0168	Merge pull request #10848 from vrothberg/update-libimage vendor containers/common@main	2021-07-16 11:12:44 -04:00
Valentin Rothberg	e1ac0c3033	vendor containers/common@main The `IgnorePlatform` options has been removed from the `LookupImageOptions` in libimage to properly support multi-arch images. Skip one buildah-bud test which requires updated CI images. This is currently being done in github.com/containers/podman/pull/10829 but we need to unblock merging common and buildah into podman. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-07-16 14:19:56 +02:00
dependabot[bot]	e3a09c51e2	Bump k8s.io/apimachinery from 0.21.2 to 0.21.3 Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-16 12:18:25 +00:00
dependabot[bot]	7d6f3c4dc6	Bump github.com/google/uuid from 1.2.0 to 1.3.0 Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/google/uuid/releases) - [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-13 12:22:13 +00:00
dependabot[bot]	084dbeb569	Bump github.com/containers/storage from 1.32.5 to 1.32.6 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.5 to 1.32.6. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.5...v1.32.6) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-12 12:20:58 +00:00
dependabot[bot]	563532aef8	Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.14.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-08 12:23:01 +00:00
dependabot[bot]	518457b354	Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3 Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.2...v0.2.3) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-05 12:20:31 +00:00
Paul Holzinger	924cd37a37	Bump github.com/spf13/cobra to v1.2.1 Fixes #9730 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2021-07-02 17:36:30 +02:00
Valentin Rothberg	735be12481	force github.com/spf13/cobra@v1.1.3 v1.2.0 is breaking CI (see containers/podman/pull/10844). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-07-02 13:03:10 +02:00
Valentin Rothberg	7eb9ed9758	vendor containers/common@main Pull in fixes for local image lookups. Fixes: #10835 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-07-02 11:38:28 +02:00
Valentin Rothberg	8b52204baa	vendor containers/common@7482cf851d Make sure that image events are written after execution. Fixes: #10812 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-06-30 13:08:42 +02:00
Daniel J Walsh	05f39af5bd	Bump github.com/containers/storage from 1.32.3 to 1.32.5 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.3 to 1.32.5. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.3...v1.32.5) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>	2021-06-29 15:58:32 -04:00
dependabot[bot]	fb5f70296b	Bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2 Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.1.1 to 1.1.2. - [Release notes](https://github.com/containers/ocicrypt/releases) - [Commits](https://github.com/containers/ocicrypt/compare/v1.1.1...v1.1.2) --- updated-dependencies: - dependency-name: github.com/containers/ocicrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-29 12:30:56 +00:00
Valentin Rothberg	f95b0995e5	remove `pkg/registries` Pull the trigger on the `pkg/registries` package which acted as a proxy for `c/image/pkg/sysregistriesv2`. Callers should be using the packages from c/image directly, if needed at all. Also make use of libimage's SystemContext() method which returns a copy of a system context, further reducing the risk of unintentionally altering global data. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-06-25 09:56:21 +02:00
Valentin Rothberg	5fc622f945	create: support images with invalid platform Much to my regret, there is a number of images in the wild with invalid platforms breaking the platform checks in libimage that want to make sure that a local image is matching the expected platform. Imagine a `podman run --arch=arm64 fedora` with a local amd64 fedora image. We really shouldn't use the local one in this case and pull down the arm64 one. The strict platform checks in libimage in combination with invalid platforms in images surfaced in Podman being able to pull an image but failing to look it up in subsequent presence checks. A `podman run` would hence pull such an image but fail to create the container. Support images with invalid platforms by vendoring the latest HEAD from containers/common. Also remove the partially implemented pull-policy logic from Podman and let libimage handle that entirely. However, whenever --arch, --os or --platform are specified, the pull policy will be forced to "newer". This way, we pessimistically assume that the local image has an invalid platform and we reach out to the registry. If there's a newer image (i.e., one with a different digest), we'll pull it down. Please note that most of the logic has either already been implemented in libimage or been moved down which allows for removing some clutter from Podman. [NO TESTS NEEDED] since c/common has new tests. Podman can rely on the existing tests. Fixes: #10648 Fixes: #10682 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2021-06-23 15:42:13 +02:00
Paul Holzinger	e014608539	Do not use inotify for OCICNI Podman does not need to watch the cni config directory. If a network is not found in the cache, OCICNI will reload the networks anyway and thus even podman system service should work as expected. Also include a change to not mount a "new" /var by default in the rootless cni ns, instead try to use /var/lib/cni first and then the parent dir. This allows users to store cni configs under /var/... which is the case for the CI compose test. [NO TESTS NEEDED] Fixes #10686 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2021-06-22 16:00:47 +02:00
OpenShift Merge Robot	ed511d27d7	Merge pull request #10719 from containers/dependabot/go_modules/k8s.io/api-0.21.2 Bump k8s.io/api from 0.21.1 to 0.21.2	2021-06-22 06:31:07 -04:00
OpenShift Merge Robot	9ec4d04592	Merge pull request #10723 from rhatdan/tmpdir fix systemcontext to use correct TMPDIR	2021-06-21 03:50:31 -04:00
OpenShift Merge Robot	4cf3861168	Merge pull request #10718 from containers/dependabot/go_modules/github.com/containers/storage-1.32.3 Bump github.com/containers/storage from 1.32.2 to 1.32.3	2021-06-20 05:59:29 -04:00
dependabot[bot]	9cc3473b58	Bump k8s.io/api from 0.21.1 to 0.21.2 Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.1 to 0.21.2. - [Release notes](https://github.com/kubernetes/api/releases) - [Commits](https://github.com/kubernetes/api/compare/v0.21.1...v0.21.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-20 09:50:04 +00:00
Daniel J Walsh	7864108ff1	fix systemcontext to use correct TMPDIR Users are complaining about read/only /var/tmp failing even if TMPDIR=/tmp is set. This PR Fixes: https://github.com/containers/podman/issues/10698 [NO TESTS NEEDED] No way to test this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>	2021-06-18 19:53:24 -04:00
dependabot[bot]	b56d6c6460	Bump github.com/containers/storage from 1.32.2 to 1.32.3 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.2 to 1.32.3. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.2...v1.32.3) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-18 14:46:38 +00:00
dependabot[bot]	d398230853	Bump k8s.io/apimachinery from 0.21.1 to 0.21.2 Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.1 to 0.21.2. - [Release notes](https://github.com/kubernetes/apimachinery/releases) - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.1...v0.21.2) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-18 14:46:21 +00:00
Daniel J Walsh	b6662eed3f	Vendor in containers/common v0.40.0 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>	2021-06-17 14:59:42 -04:00
dependabot[bot]	b5890fc86b	Bump github.com/containers/storage from 1.32.1 to 1.32.2 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.1 to 1.32.2. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.1...v1.32.2) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-10 06:28:23 +00:00
dependabot[bot]	346c7fda69	Bump github.com/containers/buildah from 1.21.0 to 1.21.1 Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.21.0 to 1.21.1. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/v1.21.1/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.21.0...v1.21.1) --- updated-dependencies: - dependency-name: github.com/containers/buildah dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-08 12:36:15 +00:00
OpenShift Merge Robot	cbcf0a1dd7	Merge pull request #10545 from containers/dependabot/go_modules/go.etcd.io/bbolt-1.3.6 Bump go.etcd.io/bbolt from 1.3.5 to 1.3.6	2021-06-03 17:58:24 +02:00
OpenShift Merge Robot	0f8ec8e366	Merge pull request #10543 from containers/dependabot/go_modules/github.com/opencontainers/selinux-1.8.2 Bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2	2021-06-03 17:57:25 +02:00
dependabot[bot]	735470ff23	Bump go.etcd.io/bbolt from 1.3.5 to 1.3.6 Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.5 to 1.3.6. - [Release notes](https://github.com/etcd-io/bbolt/releases) - [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.5...v1.3.6) --- updated-dependencies: - dependency-name: go.etcd.io/bbolt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-03 09:34:51 +00:00

1 2 3 4 5 ...

557 commits