Hello community, here is the log from the commit of package podman for openSUSE:Factory checked in at 2020-10-02 17:16:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/podman (Old) and /work/SRC/openSUSE:Factory/.podman.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "podman" Fri Oct 2 17:16:45 2020 rev:70 rq:838911 version:2.1.1 Changes: -------- --- /work/SRC/openSUSE:Factory/podman/podman.changes 2020-09-10 22:48:59.467876108 +0200 +++ /work/SRC/openSUSE:Factory/.podman.new.4249/podman.changes 2020-10-02 17:16:58.910110331 +0200 @@ -1,0 +2,192 @@ +Wed Sep 30 14:07:34 UTC 2020 - rha...@suse.com +- Added patch varlink.patch to disable needless varlink code + generation. This would cause compile failures in OBS. + (https://github.com/containers/podman/pull/7854) +- Cleanup %build section a bit and no longer build in GOPATH. + This shouldn't be needed anymore. +- Path BUILDFLAGS via enviroment variable to allow it being + appended to the corresponding Makefile variable instead of + completely overriding it. +- Install new auto-update system units +- Update to v2.1.1: + * Changes + - The `podman info` command now includes the cgroup manager + Podman is using. + * API + - The REST API now includes a Server header in all responses. + - Fixed a bug where the Libpod and Compat Attach endpoints + could terminate early, before sending all output from the + container. + - Fixed a bug where the Compat Create endpoint for containers + did not properly handle the Interactive parameter. + - Fixed a bug where the Compat Kill endpoint for containers + could continue to run after a fatal error. + - Fixed a bug where the Limit parameter of the Compat List + endpoint for Containers did not properly handle a limit of 0 + (returning nothing, instead of all containers) [#7722]. + - The Libpod Stats endpoint for containers is being deprecated + and will be replaced by a similar endpoint with additional + features in a future release. +- Changes in v2.1.0 + * Features + - A new command, `podman image mount`, has been added. This + allows for an image to be mounted, read-only, to inspect its + contents without creating a container from it [#1433]. + - The `podman save` and `podman load` commands can now create + and load archives containing multiple images [#2669]. + - Rootless Podman now supports all `podman network` commands, + and rootless containers can now be joined to networks. + - The performance of `podman build` on `ADD` and `COPY` + instructions has been greatly improved, especially when a + `.dockerignore` is present. + - The `podman run` and `podman create` commands now support a + new mode for the `--cgroups` option, `--cgroups=split`. + Podman will create two cgroups under the cgroup it was + launched in, one for the container and one for Conmon. This + mode is useful for running Podman in a systemd unit, as it + ensures that all processes are retained in systemd's cgroup + hierarchy [#6400]. + - The `podman run` and `podman create` commands can now specify + options to slirp4netns by using the `--network` option as + follows: `--net slirp4netns:opt1,opt2`. This allows for, + among other things, switching the port forwarder used by + slirp4netns away from rootlessport. + - The `podman ps` command now features a new option, + `--storage`, to show containers from Buildah, CRI-O and other + applications. + - The `podman run` and `podman create` commands now feature a + `--sdnotify` option to control the behavior of systemd's + sdnotify with containers, enabling improved support for + Podman in `Type=notify` units. + - The `podman run` command now features a `--preserve-fds` + opton to pass file descriptors from the host into the + container [#6458]. + - The `podman run` and `podman create` commands can now create + overlay volume mounts, by adding the `:O` option to a bind + mount (e.g. `-v /test:/test:O`). Overlay volume mounts will + mount a directory into a container from the host and allow + changes to it, but not write those changes back to the + directory on the host. + - The `podman play kube` command now supports the Socket + HostPath type [#7112]. + - The `podman play kube` command now supports read-only mounts. + - The `podman play kube` command now supports setting labels on + pods from Kubernetes metadata labels. + - The `podman play kube` command now supports setting container + restart policy [#7656]. + - The `podman play kube` command now properly handles + `HostAlias` entries. + - The `podman generate kube` command now adds entries to + `/etc/hosts` from `--host-add` generated YAML as `HostAlias` + entries. + - The `podman play kube` and `podman generate kube` commands + now properly support `shareProcessNamespace` to share the PID + namespace in pods. + - The `podman volume ls` command now supports the `dangling` + filter to identify volumes that are dangling (not attached to + any container). + - The `podman run` and `podman create` commands now feature a + `--umask` option to set the umask of the created container. + - The `podman create` and `podman run` commands now feature a + `--tz` option to set the timezone within the container [#5128]. + - Environment variables for Podman can now be added in the + `containers.conf` configuration file. + - The `--mount` option of `podman run` and `podman create` now + supports a new mount type, `type=devpts`, to add a `devpts` + mount to the container. This is useful for containers that + want to mount `/dev/` from the host into the container, but + still create a terminal. + - The `--security-opt` flag to `podman run` and `podman create` + now supports a new option, `proc-opts`, to specify options + for the container's `/proc` filesystem. + - Podman with the `crun` OCI runtime now supports a new option + to `podman run` and `podman create`, `--cgroup-conf`, which + allows for advanced configuration of cgroups on cgroups v2 + systems. + - The `podman create` and `podman run` commands now support a + `--override-variant` option, to override the architecture + variant of the image that will be pulled and ran. + - A new global option has been added to Podman, + `--runtime-flags`, which allows for setting flags to use when + the OCI runtime is called. + - The `podman manifest add` command now supports the + `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify` + options. + * Security + - This release resolves CVE-2020-14370, in which environment + variables could be leaked between containers created using + the Varlink API. + * Changes + - Podman will now retry pulling an image 3 times if a pull + fails due to network errors. + - The `podman exec` command would previously print error + messages (e.g. `exec session exited with non-zero exit code + -1`) when the command run exited with a non-0 exit code. It + no longer does this. The `podman exec` command will still + exit with the same exit code as the command run in the + container did. + - Error messages when creating a container or pod with a name + that is already in use have been improved. + - For read-only containers running systemd init, Podman creates + a tmpfs filesystem at `/run`. This was previously limited to + 65k in size and mounted `noexec`, but is now unlimited size + and mounted `exec`. + - The `podman system reset` command no longer removes + configuration files for rootless Podman. + * API + - The Libpod API version has been bumped to v2.0.0 due to a + breaking change in the Image List API. + - Docker-compatible Volume Endpoints (Create, Inspect, List, + Remove, Prune) are now available! + - Added an endpoint for generating systemd unit files for + containers. + - The `last` parameter to the Libpod container list endpoint + now has an alias, `limit` [#6413]. + - The Libpod image list API new returns timestamps in Unix + format, as integer, as opposed to as strings + - The Compat Inspect endpoint for containers now includes port + information in NetworkSettings. + - The Compat List endpoint for images now features limited + support for the (deprecated) `filter` query parameter [#6797]. + - Fixed a bug where the Compat Create endpoint for containers + was not correctly handling bind mounts. + - Fixed a bug where the Compat Create endpoint for containers + would not return a 404 when the requested image was not + present. + - Fixed a bug where the Compat Create endpoint for containers + did not properly handle Entrypoint and Command from images. + - Fixed a bug where name history information was not properly + added in the Libpod Image List endpoint. + - Fixed a bug where the Libpod image search endpoint improperly + populated the Description field of responses. + - Added a `noTrunc` option to the Libpod image search endpoint. + - Fixed a bug where the Pod List API would return null, instead + of an empty array, when no pods were present [#7392]. + - Fixed a bug where endpoints that hijacked would do perform + the hijack too early, before being ready to send and receive + data [#7195]. + - Fixed a bug where Pod endpoints that can operate on multiple + containers at once (e.g. Kill, Pause, Unpause, Stop) would + not forward errors from individual containers that failed. + - The Compat List endpoint for networks now supports filtering + results [#7462]. + - Fixed a bug where the Top endpoint for pods would return both + a 500 and 404 when run on a non-existant pod. + - Fixed a bug where Pull endpoints did not stream progress back + to the client. + - The Version endpoints (Libpod and Compat) now provide version + in a format compatible with Docker. + - All non-hijacking responses to API requests should not + include headers with the version of the server. + - Fixed a bug where Libpod and Compat Events endpoints did not + send response headers until the first event occurred [#7263]. + - Fixed a bug where the Build endpoints (Compat and Libpod) did + not stream progress to the client. + - Fixed a bug where the Stats endpoints (Compat and Libpod) did + not properly handle clients disconnecting. + - Fixed a bug where the Ignore parameter to the Libpod Stop + endpoint was not performing properly. + - Fixed a bug where the Compat Logs endpoint for containers did + not stream its output in the correct format [#7196]. + +------------------------------------------------------------------- Old: ---- podman-2.0.6.tar.xz New: ---- podman-2.1.1.tar.xz varlink.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ podman.spec ++++++ --- /var/tmp/diff_new_pack.cCtdGH/_old 2020-10-02 17:17:01.950110461 +0200 +++ /var/tmp/diff_new_pack.cCtdGH/_new 2020-10-02 17:17:01.950110461 +0200 @@ -16,13 +16,13 @@ # -%define project github.com/containers/libpod +%define project github.com/containers/podman # Build with libostree-devel in Tumbleweed, Leap 15 and SLES 15 %if 0%{?suse_version} >= 1500 %define with_libostree 1 %endif Name: podman -Version: 2.0.6 +Version: 2.1.1 Release: 0 Summary: Daemon-less container engine for managing containers, pods and images License: Apache-2.0 @@ -32,6 +32,7 @@ Source1: podman.conf Source3: %{name}-rpmlintrc Source4: README.SUSE.SLES +Patch0: varlink.patch BuildRequires: bash-completion BuildRequires: cni BuildRequires: device-mapper-devel @@ -82,6 +83,7 @@ %prep %setup -q +%patch0 %package cni-config Summary: Basic CNI configuration for podman @@ -97,16 +99,8 @@ CNI configurations. %build -# We can't use symlinks here because go-list gets confused by symlinks, so we -# have to copy the source to $HOME/go and then use that as the GOPATH. -export GOPATH=$HOME/go -mkdir -pv $HOME/go/src/%{project} -rm -rf $HOME/go/src/%{project}/* -cp -avr * $HOME/go/src/%{project} -cd $HOME/go/src/%{project} - # Build podman -make BUILDFLAGS=-buildmode=pie +BUILDFLAGS="-buildmode=pie" make # Build manpages make %{?_smp_mflags} docs @@ -150,8 +144,12 @@ %{_datadir}/zsh/site-functions/_podman %{_unitdir}/podman.service %{_unitdir}/podman.socket +%{_unitdir}/podman-auto-update.service +%{_unitdir}/podman-auto-update.timer %{_userunitdir}/podman.service %{_userunitdir}/podman.socket +%{_userunitdir}/podman-auto-update.service +%{_userunitdir}/podman-auto-update.timer %ghost /run/podman %ghost %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf %license LICENSE ++++++ _service ++++++ --- /var/tmp/diff_new_pack.cCtdGH/_old 2020-10-02 17:17:01.994110463 +0200 +++ /var/tmp/diff_new_pack.cCtdGH/_new 2020-10-02 17:17:01.998110463 +0200 @@ -4,8 +4,8 @@ <param name="url">https://github.com/containers/podman.git</param> <param name="scm">git</param> <param name="filename">podman</param> -<param name="versionformat">2.0.6</param> -<param name="revision">v2.0.6</param> +<param name="versionformat">2.1.1</param> +<param name="revision">v2.1.1</param> </service> <service name="set_version" mode="disabled"> ++++++ podman-2.0.6.tar.xz -> podman-2.1.1.tar.xz ++++++ ++++ 196486 lines of diff (skipped) ++++++ varlink.patch ++++++ --- ./Makefile 2020/09/30 15:55:41 1.1 +++ ./Makefile 2020/09/30 17:59:12 @@ -615,7 +615,7 @@ # $BUILD_TAGS variable is used in hack/golangci-lint.sh .PHONY: varlink_generate -ifneq (or $(findstring varlink,$(BUILDTAGS)),$(findstring varlink,$(BUILD_TAGS))) +ifneq (,$(or $(findstring varlink,$(BUILDTAGS)),$(findstring varlink,$(BUILD_TAGS)))) varlink_generate: .gopathok pkg/varlink/iopodman.go ## Generate varlink else varlink_generate:
