make validate should work locally, this check makes no sense in a local
context as it checks for a github label.
To fix this remove this check from the validate target and only use it
as part of the CI validate run.
While at it remove old dnf install step, the issue has been closed for a
long time and it should already be part of our base images.
Fixes#22031
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
we are having second thoughts about *requiring* a policy.json on podman
machine hosts. we are concerned that we need to work out some more use
cases to be sure we do not make choices now that limit us in the near
term future. for example, should the policy files be the same for
container images and machine images? And should one live on the host
machine and the other live in the machine?
therefore, if a policy.json *is* present in the correct location, we will use and honor it; however, if it does not, we will allow the machine image to be pulled without a policy.
Signed-off-by: Brent Baude <baude@redhat.com>
Co-authored-by: Paul Holzinger <45212748+Luap99@users.noreply.github.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
- Sets default search location to always be the peer directory
+ make podman-remote now creates binaries that work the same as release zips
- Updates release zip to match expected search location
- Updates win installer to include the file if present in the repo cross-build
archive
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
pasta only works when we run as container_runtime_exec_t, now that pasta
is the default this means that the current binary will not work when
doing local dev without manually fixing the label.
There are also other parts where the correct label is important. So as a
simple fix always set the proper label in the bin/podman target.
This also means we can drop this line from the hack/bats script.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Lots of small special-case tweaks to logformatter because Macs
have to be different.
Also fix:
- Wrong slash in printf-newline, leading to gray [It] blocks
- echo gitCommit, so we can link to sources
- --image-path is deprecated
Signed-off-by: Ed Santiago <santiago@redhat.com>
This config needs to be included for podman machine pulls to work and
set MACHINE_POLICY_JSON_DIR so that the file should be located next to
the binary.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Allow users to set MACHINE_POLICY_JSON_DIR to the policy.json directory
which is used for podman machine pulls.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Disable the `perfsprint` and `typecheck` linters as they are too noisy.
There are some good issues worthy of fixing but it's too time consuming
at the moment. Hence, let's unblock the PR.
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Rootless users should be defaulted to point DOCKER_HOST at
$XDG_RUNTIME_DIR/podman/podman.sock
When podman-docker package is installed.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Moving from Go module v4 to v5 prepares us for public releases.
Move done using gomove [1] as with the v3 and v4 moves.
[1] https://github.com/KSubedi/gomove
Signed-off-by: Matt Heon <mheon@redhat.com>
New CI validation check: all keys in quadlet.go must be
documented at least once in podman-systemd.unit.5.md.
Adding '// deprecated' next to an enum definition will
exclude said key from the documentation cross-checks.
And, because the md file lists keys in both table and block
form, make sure those all match.
And make sure everything is sorted in lexical order, in
both .go source and in man page.
And add a validation check to make sure it stays that way.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This updates the Windows installer and macOS installer to ship the newer
binaries, as well as the vendored gvisor-tap-vsock code.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Setup and execute podman machine testing on bare-metal M1 Macs
using a pool of shared and semi-persistent hosts. Automated
and manual processes outside this repository are responsible
for providing and maintaining all hosts. Ref.
https://github.com/containers/automation/tree/main/mac_pw_pool
Update the `localmachine` make target to standardize execution
across platforms. Update/simplify podman-machine e2e README to
reflect current reality.
Warning: This CI setup and supporting infrastructure was developed
in favor of expediency vs reliability and stability. There are
many possible failure-modes (known and unknown) which may lead
to undefined test behaviors. Future work may address some of
these as they are encountered or discovered.
[NO NEW TESTS NEEDED]
Signed-off-by: Chris Evich <cevich@redhat.com>
In case a future maintainer asks "why" all these weird looking
four-letter architectures are present here and in CI.
Signed-off-by: Chris Evich <cevich@redhat.com>
Since gvisor-tap-vsock 0.7.1, the upstream project ships pre-built
Windows binaries for gvproxy and win-sshproxy. These binaries are built
with -Hwindowsgui as needed by podman.
This makes the same change in winmake.ps1, but I had to hardcode
gvisor-tap-vsock version in one more place.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
I'm not sure about apparmor tag. Atleast runc isn't using it anymore.
"apparmor (since runc v1.0.0-rc93 the feature is always enabled)" from https://github.com/opencontainers/runc
containers-common still seems to check for apparmor, so not touching it for now.
Signed-off-by: Rahil Bhimjiani <rahil3108@gmail.com>
Shortcuts like unix:path and unix:/path do not work everywhere,
so make sure to use unix://path when quoting the url (or address)
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
The mandoc(1) utility is used for this on FreeBSD systems. This fixes a
confusing (but harmless) series of error messages when building manpages
on FreeBSD.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
This tool sometimes throws nonsensical or difficult to debug errors.
Verifying DCO and white-space issues in commits has long since been
moved to other tools (github-actions and git pre-commit hooks). There's
no need to duplicate these checks with the git-validation tool.
Signed-off-by: Chris Evich <cevich@redhat.com>
go-md2man is fragile, especially around tables (#18678, #19278).
Podman man pages are finely tuned to look OK using v2.02, which
is what we vendor in test/tools, so we should really use it
instead of whatever is installed on the system.
This fixes 'make docs' on RHEL8, broken as of #19278.
Signed-off-by: Ed Santiago <santiago@redhat.com>
A small number of tests are assuming that TMPDIR == /tmp. These
tests fail when that assumption does not hold.
Set TMPDIR=/var/tmp on prior-fedora, as a way to catch those.
/dev/shm would be a slightly better choice, because the
string "tmp" does not appear it in, but it's way too
small to be of any use: it fills up in the e2e prefetch.
This PR exposed a nasty bug in our Makefile: using "TMPDIR"
as temporary variable completely unrelated to (and inconsistent
with) the actual established use of TMPDIR. Solution: rename
that variable and make it lower case. Do the same with two
other ALL-CAP variables.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This was replaced by the setup.exe burn installer several releases ago,
and only kept around as a fallback. Remove it since it is no longer
maintained and not recommended for use.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Every so often we hear reports of a corrupt man page table,
where columns are misaligned in nonsensical ways. The
traditional symptom looks like:
|----------------|--------------|
| option name | |
|----------------|--------------|
| | description |
|----------------|--------------|
Cause: one of the tools in the man page generation chain,
maybe 'man' itself, has an undocumented length limit on
table cells, _and_ an undocumented page width as well.
If you exceed these undocumented limits, you get corrupt
man pages. Silently.
This adds a horrible test for those. And I mean horrible:
- unreadable
- unmaintainable
- unreliable (heuristic, no guarantees)
- slows down 'make docs' (less than a second, but still)
I've tested by adding long '| sdf sdf | dsf |' rows to
a few man pages, and it triggers. That's the only good
thing I can say about it.
Other approaches I tried:
- man -l -Tascii | grep non-ascii-art
- man -l ... 2>&1 | grep "table wider than"
- perusing the generated .1/.5 pages, seeing if my eye
can detect something different about too-long cells
- same, using 'tbl'
- checking for too-long cells in the source document
...and more that I've forgotten. This was the only way
that produced reliable errors. If you have a better way,
please oh please submit it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
JiaLing Zhang
renovate[bot]
Cedric Staniewski
Paul Holzinger
Brent Baude
Jason T. Greene
Ed Santiago
Doug Rabson
openshift-merge-bot[bot]
Daniel J Walsh
Matt Heon
Jake Correnti
Christophe Fergeau
Ygal Blum
Chris Evich
openshift-ci[bot]
Rahil Bhimjiani
Ashley Cui
OpenShift Merge Robot
Anders F Björklund
Michal Biesek
Arthur Sengileyev