The Docker API deprecates Container and ContainerConfig fields in
the GET /images/{name}/json response are deprecated and
they will no longer be included in API v1.45.
Fixes: https://redhat.atlassian.net/browse/RUN-3323
Signed-off-by: Marek Simek <msimek@redhat.com>
The Docker API 1.44 deprecates the fields HairpinMode, LinkLocalIPv6Address,
LinkLocalIPv6PrefixLen, SecondaryIPAddresses, SecondaryIPv6Addresses available in
NetworkSettings when calling GET /containers/{id}/json and will be removed in a future release.
You should instead look for the default network in NetworkSettings.Networks.
The fields are removed in 1.52. Version gate SecondaryIPAddresses, SecondaryIPv6Addresses
in the handler and update test. HairpinMode, LinkLocalIPv6Address, LinkLocalIPv6PrefixLen
are not returned by the compat endpoint as the response is serialized
to the moby/moby/api structure missing these fields.
Fixes: https://redhat.atlassian.net/browse/RUN-3323
Signed-off-by: Marek Simek <msimek@redhat.com>
The Docker API in version 1.44 deprecates the is_automated field for
the GET /images/search endpoint. The is_automated field has been deprecated
by Docker Hub's search API. Consequently, searching for is-automated=true
will yield no results.
The Docker API in version 1.44 deprecates the is_automated field
in the GET /images/search response and will always be set to false in the
future because Docker Hub is deprecating the is_automated field in its search API.
Return struct moby/api for the compat endpoint that matches the Docker
API response format and deprecates is_automated.
Update test_v2_0_0_image.py::ImageTestCase::test_search_compat
to verify returned format and fix subtests not being asserted (remove mp).
Fixes: https://redhat.atlassian.net/browse/RUN-3323
Signed-off-by: Marek Simek <msimek@redhat.com>
There are more useful checks such as nilness that are not enabled by
default. However fieldalignment and shadow produce a lot of warnings
that are not real issues, i.e. we shadow "err" as variable all the time,
so they get disabled.
see https://golangci-lint.run/docs/linters/configuration/#govet
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The netavark mention is not needed as we only support it now. Then
update it for the new route type syntax which was not documented in
commit daaf8b62ba.
Also add an example and a note that containers with CAP_NET_ADMIN can
alter routes still.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
With netavark v2 we require true not 1.
This was correctly changed in commit bb02e49080 but then reverted in
commit 7612af4c0e again as it did not properly rebase and solve the
conflicts.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Bump bundled krunkit to 1.3.2, which comes with libkrun 1.19.4.
This version of libkrun includes a fix in virtio-fs on macOS for
libkrun/libkrun#769 that potentially impacts podman users.
Signed-off-by: Sergio Lopez <slp@redhat.com>
formatError appended "or use --replace to instruct Podman to do so" to
every error wrapping storage.ErrDuplicateName, even for commands like
"podman manifest create" that have no --replace flag, telling users to
use a flag that does not exist.
Resolve the invoked command via ExecuteContextC and only add the hint
when that command actually defines a --replace flag.
Fixes: #24537
Signed-off-by: Salih Muhammed <root@lr0.org>
When running `make validatepr` from a git worktree, $(CURDIR)/.git is a file
pointing to the parent git dir outside the bind mount. Mount that dir at its
own path so git inside the container can resolve and not throw ownership errors.
Signed-off-by: Danish Prakash <contact@danishpraka.sh>
The current systemd service to mount /etc/containers is not working
right. The Before=podman.socket causes a ordering conflict which causes
the socket to be disabled and thus all podman remote connections fail.
The problem is the unit is wanted by the default.target while the socket
is wanted by sockets.target which can be before the default.target is
triggered. That means that the Before= line cannot be fulfilled and
sometimes systemd thus seems to not start the socket. It is unclear to
me why this is racy as it is sometimes also works.
This was reported by Vladimir Lazar from the PD team, our CI did not
caught this as we use rootless machines by default and the problem only
happens for the rootful socket so we do not see connection failures.
To fix this add at least one rootful socket check.
We do however have a different CI flake that was also caused by the
incorrect mount dependencies. The mount could happen after sshd or other
programs run. So to fix this we must hook the podman-mnt-config.service
into the local-fs.target which runs much earlier and is used for all the
mounts.
Fixes: #29003
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Bump bundled krunkit to 1.3.1, which comes with libkrun 1.19.3.
This version of krunkit makes HTTP parsing on the rest-uri more
robust to ensure it only acts on the right request.
It also enables a new permission semantics mode in libkrun that's
closer to the user expectations on macOS.
Fixes: #21402Fixes: #29084
Signed-off-by: Sergio Lopez <slp@redhat.com>
It was removed, with the hardcoded image reference.
So cache was always off, even for the default image.
Fixes: #29090
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>