The `rpm` command warns about commas in changelog entry starters, so fix
them and add a validation script so that we don't backslide.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Ship `cpp` with the Buildah container images to make sure that
preprocessing .in files works as expected and documented.
Fixes: #3822
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add cirrus boiler plate for rootless testing infrastructure.
Following commit introduces only neccassary foundation and skeleton
which will be used by rootless testing of buildah.
[NO NEW TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
We have a limit of 50000 for subuid and subgid in the buildah container image
for the build user which may be too low for when running rootless
Increasing the value to 65535 skipping build own id (1000) which should be good
enough for most cases.
Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>
allow to override the cgroup manager with a global option
--cgroup-manager=MANAGER that has the same semantic as Podman.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We need to use the default from containers.conf and not hardcode them in
buildah. This fixes an issue with the cni network backend since it would
try to access /etc/cni/net.d/ even as rootless user. This regression was
introduced in commit f9cff07b81.
Also hide the cni flags as we do not expect users to change this. The
recommended way is to change them in containers.conf.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The Fedora 35 cloud images have switched to UEFI boot with a GPT
partition. Formerly, all Fedora images included support for runtime
re-partitioning. However, the requirement to test alternate storage
has since been dropped/removed. Rather than maintain a disused
feature, and supporting scripts, these Fedora VM images have reverted
to the default: Automatically resize to 100% on boot.
Signed-off-by: Chris Evich <cevich@redhat.com>
Add the variant field, along with methods for setting and querying it,
and expose them in the `buildah config` and `buildah inspect` commands.
When setting an initial architecture for a container based on an image
which doesn't contain an architecture, or from "scratch", normalize the
architecture name we've been given, and set both it and the variant
field at the same time.
Provide normalized architecture+variant values in `buildah info`.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
During VM image build, a number of packages are downloaded but not
installed, since they may interfere with some testing. Then at runtime,
where required, the packages are installed from cache and used.
However, between image build and runtime it's possible the repository
contents change, which will invalidate the package cache. Since the
`--no-download --ignore-missing` options were used, the install will
fail.
Ref: https://github.com/containers/automation_images/issues/95
Fortunately, when it comes to the docker packages, no other dependencies
are required and so `apt-get` isn't required. Switch to using a simple
dpkg install command on the necessary files. If this ever breaks due
to new dependencies, the list of files may simply be updated.
Signed-off-by: Chris Evich <cevich@redhat.com>
Add a --all-platforms that instructs the builder to build for the
intersection of all platforms for which the build's base images are
available. Returns an error if any of them aren't references to
manifest lists. We've learned that we can't really trust architecture
and OS information stored in image config blobs, so we don't try to
salvage that case.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a pkg/parse.PlatformsFromOptions() which understands a "variant"
value as an optional third value in an OS/ARCH[/VARIANT] argument value,
which accepts a comma-separated list of them, and which returns a list
of platforms.
Teach "from" and "pull" about the --platform option and add integration
tests for them, warning if --platform was given multiple values.
Add a define.BuildOptions.JobSemaphore which an imagebuildah executor
will use in preference to one that it might allocate for itself.
In main(), allocate a JobSemaphore if the number of jobs is not 0 (which
we treat as "unlimited", and continue to allow executors to do).
In addManifest(), take a lock on the manifest list's image ID so that we
don't overwrite changes that another thread might be making while we're
attempting to make changes to it. In main(), create an empty list if
the list doesn't already exist before we start down this path, so that
we don't get two threads trying to create that manifest list at the same
time later on. Two processes could still try to create the same list
twice, but it's an incremental improvement.
Finally, if we've been given multiple platforms to build for, run their
builds concurrently and gather up their results.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Base images don't have shadow-utils permissions set correctly, this
change should speed up the building of images a little bit.
[NO TESTS NEEDED] This does not change buildah in any way, so no need to
tests.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The `IgnorePlatform` options has been removed from the
`LookupImageOptions` in libimage to properly support multi-arch images.
Buildah always set it to true.
Also temporarily remove /usr/share/containers/containers.conf. c/common
is now throwing warnings when facing unknown keys which unfortunately is
the case with the upstream containers.conf and ultimately breaks CI
since some output checks are failing.
Once an updated containers.conf has been shipped, we can revert the
change.
[NO TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Installing packages at runtime (from an external source) is problematic
for many reasons. Specifically in the case of buildah/docker
conformance testing, it means the current "latest" pacakges are
always installed. This is a problem as new release branches are
created, because it presents an opportunity for test-environment changes
to happen after buildah/test code is stabilized.
Fix this by using new/special VM images which cache the required docker
packages. At runtime then, the required packages may be installed from
this cache instead of reaching out to the repository. Since images used
by tests on release branches never change, this will also serve to
stabilize the package versions for that specific environment.
Signed-off-by: Chris Evich <cevich@redhat.com>
David Shea
tomsweeneyredhat
Nalin Dahyabhai
Aditya R
Chris Evich
Valentin Rothberg
OpenShift Merge Robot
Chmouel Boudjnah
Giuseppe Scrivano
Paul Holzinger
Daniel J Walsh
Kirill Shirinkin
Valentin Rothberg
dependabot[bot]