(Replaces #1873 as it had lint issues that were timing out tests that I couldn't
track down easily)
Prior to this fix, if someone did `buildah bud --pull=false .` and the image in
the Containerfile's FROM statement was not local, the build would fail. The same
build on Docker will succeed. In Docker, when `--pull` is set to false, it only
pulls the image from the registry if there was not one locally. Buildah would never
pull the image and if the image was not locally available, it would throw an error.
In certain Kubernetes environments, this was especially troublesome.
To retain the old `--pull=false` functionality, I've created a new `--pull-never`
option that fails if an image is not locally available just like the old
`--pull=false` option used to do.
In addition, if there was a newer version of the image on the repository than
the one locally, the `--pull=true` option would not pull the image as it should
have, this corrects that.
Changes both the from and bud commands.
Addresses: #1675
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1959
Approved by: rhatdan
The previous log-level implementation does not seem to work, which is
now fixed and aligns to other projects like podman and CRI-O. Therefore
the `--debug` flag has been deprecated and is now hidden.
Added documentation as well as integration tests.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Closes: #1811
Approved by: rhatdan
...and make the "$output" argument implicit, as well as the
description text. This greatly simplifies its invocation.
Also: make it test for exact matches unless --substring
option is passed; this eases my mind about a few potentially
ambiguous situations such as the one in #1464.
Also: add comments to two truth-table check functions
Also: reorder some config checks alphabetically, for ease
of reading.
Thanks to Tom Sweeney for the suggestions and encouragement.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Closes: #1492
Approved by: rhatdan
Make the name of the image to create an optional parameter. If none is
specified, use a temporary mostly-random name that can't be interpreted
as an ID, so that the image copying logic will compute the correct ID to
assign to the new image, and remove the temporary name before returning.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1486
Approved by: rhatdan
This started off as bug fixes necessary to get BATS tests
actually working on RHEL8 (they weren't). It grew. I will
defend my actions in the first comment post.
Primary change: import some helpers from podman BATS tests,
most importantly 'run_buildah' and 'is'. The vast majority
of the changes you'll see here are of the form:
- run buildah ...
- [ $status = 0 ]
- [ check $output ]
+ run_buildah ... ! automatically checks status
+ is "$output" "..."
Also: chmod'ed some files -x. Necessary because rpmbuild tries
to be oh-so-clever about requirements, and when it sees an
executable file with a shebang line like '#!env bats' it
helpfully adds 'Requires: /usr/bin/bats' to the rpm, which
then fails to install because RHEL8 does not have bats.
Also: refactored duplicate code in a few places, by writing
and invoking module-specific helper functions.
Also: changed a handful of 'buildah's to run_buildah, in
order to get error checking and debug logging.
Also: added descriptive reasons to many "skip"s.
Also: selinux test: some tweakery to make it run on production
system (context is different if /usr/bin/buildah is chcon'ed
appropriately). I can't get this test to pass on Fedora from
a build dir, and I'm actually not convinced that this test
has ever passed, but let's see what CI shows.
Also: selinux test: skip broken test (#1465).
Also: version test: skip parts of it if running w/o sources.
Tests are now passing as root on RHEL8; rootless has numerous
failures which I don't believe are related to this PR.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Closes: #1472
Approved by: TomSweeneyRedHat
Check that when we use "buildah commit" to create an image, we always
specify a value in the created-by field in the item that we're appending
to the image's history.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
When committing an image to local storage, compressing the new layers
only wastes time because they need to be decompressed again when being
written to local storage.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1274
Approved by: rhatdan
Allow util.ResolveName() to return errors from libraries that it uses.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #948
Approved by: rhatdan
When testing --quiet, turn off debugging, have the image ID written to a
file, and verify that we get no output.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Recognize cases when we're committing to local storage, but in a
location other than where the working container is, by checking if the
base image (by ID, in case it's tagged and the tag points to a different
image with different layers) is present in the destination's store.
In those cases, we can't just assume that we can skip exporting the base
image's layers.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
caiges
Qi Wang
TomSweeneyRedHat
Sascha Grunert
Ed Santiago
Nalin Dahyabhai
baude
Boaz Shuster
Zhou Hao