This commit implements automatic creation timestamp functionality for artifacts
as requested in GitHub issue #27081, allowing users to see when artifacts were created.
Changes made:
- Add org.opencontainers.image.created annotation with Unix nanoseconds timestamp during artifact creation
- Preserve original creation timestamp when using --append option
- Update artifact inspect and add man pages to document the new functionality
- Add comprehensive e2e and system BATS tests to verify creation timestamp behavior
- Store timestamp as integer (Unix nanoseconds) for programmatic access
The creation timestamp helps users understand artifact freshness, particularly
useful for AI models and other time-sensitive artifacts managed by tools like RamaLama.
Usage examples:
podman artifact add myartifact:latest /path/to/file # Creates with timestamp
podman artifact inspect myartifact:latest # Shows created annotation as integer
podman artifact add --append myartifact:latest /file2 # Preserves original timestamp
Fixes: https://github.com/containers/podman/issues/27081
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This reverts commit f517e52167.
The issue #24219 has been fixed a long time ago and this no longer
flakes so we do not need to run with debug logs all the time.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize
+ some manual cleanup in libpod/lock/shm/shm_lock_test.go as it
generated an unused variable
+ restored one removed comment
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
If the `Mount` option inside a quadlet is missing the source=... part,
the code today panics with the following message.
```
panic: runtime error: index out of range [0] with length 0
goroutine 1 [running]:
github.com/containers/podman/v5/pkg/systemd/quadlet.handleStorageSource(0xc000140de0?, 0x1d?, {0x0?, 0x1?}, 0x5634e39e233e?, 0x10?)
...
```
This commit checks for the missing source and returns an error to avoid the panic.
Signed-off-by: Jakob Meier <mail@jakobmeier.ch>
Add support for HttpProxy key in quadlet Container sections to control
proxy environment variable inheritance during image pulls and builds.
- HttpProxy=true enables proxy inheritance (default podman behavior)
- HttpProxy=false disables proxy inheritance
- When omitted, uses podman's default behavior
This addresses the need for declarative proxy configuration in IPv6-only
networks and other scenarios where proxy settings need to be controlled
at the container level without manual workarounds.
Fixes#26925
Signed-off-by: Ondřej Gajdušek <ogajduse@redhat.com>
Starting with runc 1.3.0 it errors when we pass unknown mount options to
the runtime, the copy/nocopy options are specific to podman when we
mount the volume and are not valid mount options for the runtime.
Fixes: #26938
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Starting with runc 1.3.0 it errors when we pass unknown mount options to
the runtime, the volume-opt options are specifc to the volume we create
and should not be passed to the mount in the oci spec.
Fixes: #26938
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Prior to this commit `artifact remove --all` was not supported on remote
clients.
This patch adds a new artifact API endpoint `artifact/remove` which can
either take a list of artifacts to remove or remove all artifacts by
setting all=true.
This patch removes the temporary warning message in the tunnel interface
implementation of ArtifactRm if `--all` was passed on the command line
and uses the new `artifact/remove` endpoint.
This patch also updates the `artifact remove` command both remote and
local to accept a list of artifacts to remove rather than limiting to
just one.
Signed-off-by: Lewis Roy <lewis@redhat.com>
Added log_path variable in containers/common, User sets default log path in containers.conf under the `[containers]` section.
The directory has to exist beforehand. Container logs go under this directory, sub-directories named with the container id
and inside the sub-directory a ctr.log file will be created where the container logs for the corresponding container will go.
This path can be overridden by using the `--log-opt` flag.
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
- Add specific check for empty device modes in ParseDevice function
- Change error message from 'invalid device mode: ' to 'empty device mode in device specification: <device>'
- Include full device specification in error message for better context
- Add test cases for empty device mode scenarios
- Resolves issue where '/dev/fuse::' provided unhelpful error message
Fixes#26629
Signed-off-by: Devashish08 <devashish.cs025@gmail.com>
Add the Go bindings implementation necessary to support Artifacts.
Implement the tunnel interface that consumes the Artifacts Go bindings.
With this patch, users of the Podman remote clients will now be able to
manage OCI artifacts via the Podman CLI and Podman machine.
Jira: https://issues.redhat.com/browse/RUN-2714#
Signed-off-by: Lewis Roy <lewis@redhat.com>
- Remove redundant exact match checks in ancestor filter implementations
- Add comprehensive test coverage for both prefix and non-prefix substring matching
- Fix missing output verification in ID filter test
- Improve test reliability with proper length checks and consistent flags
- Remove unnecessary length check to ensure tests fail properly if image ID is too short
- Add -q and --no-trunc flags for consistent test output format
- Focus test on substring ID matching specifically (not image names)
- Restore image name matching functionality for existing tests
- Keep substring ID matching for Docker compatibility
- Ensure both regex matching and substring ID matching work together
The ancestor filter now supports both:
1. Image name matching (existing functionality)
2. Substring ID matching (new Docker compatibility feature)
Fixes: #26623
Signed-off-by: shiavm006 <shivammittal42006@gmail.com>
I hastily commented out some tests that were problematic
for the vendor of Buildah v1.41 into Podman main (5.6 to be)
in #26666.
@luap99 noted that I should have skipped them, this PR removes
the comments and puts the Skip into play.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Comment out the problematic "podman diff container and image with same name" test
in test/e2e/diff_test.go. This became a problem with Buildah v1.41 and
if possible, should be addressed by Podman v5.6 final.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Update the "podman diff container and image with same name" e2e test to
not expect a built image to include /etc, since newer buildah won't
include an item in a layer if it was only created in a rootfs in order
to have something mounted onto it while processing a RUN instruction.
A few exceptions are still made for the sake of conformance tests.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Fixed the --build-context flag to properly send files for remote builds. Previously
only the main context was sent over as a tar while additional contexts were passed as
local paths and this would cause builds to fail since the files wouldn't exist.
New changes modifies the Build API to use multipart HTTP requests allowing multiple
build contexts to be used. Each additional context is packaged and
transferred based on its type:
- Local Directories: Sent as tar archives
- Git Repositories: link sent to the server where its then cloned
- Container Images: Image reference sent to the server, it then pulls the image there
- URLs/archives: URL sent to the server, which handles the download
Fixes: #23433
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
There is no reason for local and rmeote to use a different error that
just differs in quoting. Make them consitent to simplify the tests.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
