- Changelog for v1.39.3 (2025-03-12) * [release-1.39] Bump c/storage to v1.57.2, c/image v5.34.2, c/common v0.62.2 - Changelog for v1.39.2 (2025-03-03) * [release-1.39] Bump c/image to v5.34.1, c/common v0.62.1 - Changelog for v1.39.1 (2025-02-25) * chroot createPlatformContainer: use MS_REMOUNT * chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security] - Changelog for v1.39.0 (2025-01-31) * Bump c/storage v1.57.1, c/image 5.34.0, c/common v0.62.0 * Update module github.com/containers/storage to v1.57.0 * CI, .cirrus: parallelize containerized integration * ed's comment: cleanup * use seperate blobinfocache for flaky test * bump CI VMs to 4 CPUs (was: 2) for integration tests * cleanup, debug, and disable parallel in blobcache tests * bats tests - parallelize * pkg/overlay: cleanups * RPM: include check section to silence rpmlint * RPM: use default gobuild macro on RHEL * tests: remove masked /sys/dev/block check * vendor to latest c/{common,image,storage} * build, run: record hash or digest in image history * Accept image names as sources for cache mounts * Run(): always clean up options.ExternalImageMounts * refactor: replace golang.org/x/exp with stdlib * Update to c/image @main * fix broken doc link * run_freebsd.go: only import runtime-spec once * fix(deps): update module github.com/docker/docker to v27.5.1+incompatible * bump github.com/vbatts/tar-split * Add more checks to the --mount flag parsing logic * chroot mount flags integration test: copy binaries * fix(deps): update module github.com/moby/buildkit to v0.19.0 * relabel(): correct a misleading parameter name * Fix TOCTOU error when bind and cache mounts use "src" values * define.TempDirForURL(): always use an intermediate subdirectory * internal/volume.GetBindMount(): discard writes in bind mounts * pkg/overlay: add a MountLabel flag to Options * pkg/overlay: add a ForceMount flag to Options * Add internal/volumes.bindFromChroot() * Add an internal/open package * fix(deps): update module github.com/containers/common to v0.61.1 * fix(deps): update module github.com/containers/image/v5 to v5.33.1 * [CI:DOCS] Touch up changelogs * fix(deps): update module github.com/docker/docker to v27.5.0+incompatible * copy-preserving-extended-attributes: use a different base image * fix(deps): update github.com/containers/luksy digest to a3a812d * chore(deps): update module golang.org/x/net to v0.33.0 [security] * fix(deps): update module golang.org/x/crypto to v0.32.0 * New VM Images * fix(deps): update module github.com/opencontainers/runc to v1.2.4 * fix(deps): update module github.com/docker/docker to v27.4.1+incompatible * fix(deps): update module github.com/containers/ocicrypt to v1.2.1 * Add support for --security-opt mask and unmask * Allow cache mounts to be stages or additional build contexts * [skip-ci] RPM: cleanup changelog conditionals * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.6 * fix(deps): update module github.com/moby/buildkit to v0.18.2 * Fix an error message in the chroot unit test * copier: use .PAXRecords instead of .Xattrs * chroot: on Linux, try to pivot_root before falling back to chroot * manifest add: add --artifact-annotation * Add context to an error message * Update module golang.org/x/crypto to v0.31.0 * Update module github.com/opencontainers/runc to v1.2.3 * Update module github.com/docker/docker to v27.4.0+incompatible * Update module github.com/cyphar/filepath-securejoin to v0.3.5 * CI: don't build a binary in the unit tests task * CI: use /tmp for $GOCACHE * CI: remove dependencies on the cross-build task * CI: run cross-compile task with make -j * Update module github.com/docker/docker to v27.4.0-rc.4+incompatible * Update module github.com/moby/buildkit to v0.18.1 * Update module golang.org/x/crypto to v0.30.0 * Update golang.org/x/exp digest to 2d47ceb * Update github.com/opencontainers/runtime-tools digest to f7e3563 * [skip-ci] Packit: remove rhel copr build jobs * [skip-ci] Packit: switch to fedora-all for copr * Update module github.com/stretchr/testify to v1.10.0 * Update module github.com/moby/buildkit to v0.17.2 * Makefile: use `find` to detect source files * Tests: make _prefetch() parallel-safe * Update module github.com/opencontainers/runc to v1.2.2 * executor: allow to specify --no-pivot-root * Update module github.com/moby/sys/capability to v0.4.0 * Makefile: mv codespell config to .codespellrc * Fix some codespell errors * Makefile,install.md: rm gopath stuff * Makefile: rm targets working on .. * build: rm exclude_graphdriver_devicemapper tag * Makefile: rm unused var * Finish updating to go 1.22 * CI VMs: bump again * Bump to Buidah v1.39.0-dev * stage_executor: set avoidLookingCache only if mounting stage * imagebuildah: additionalContext is not a local built stage - Changelog for v1.38.0 (2024-11-08) * Bump to c/common v0.61.0, c/image v5.33.0, c/storage v1.56.0 * fix(deps): update module golang.org/x/crypto to v0.29.0 * fix(deps): update module github.com/moby/buildkit to v0.17.1 * fix(deps): update module github.com/containers/storage to v1.56.0 * tests: skip two ulimit tests * CI VMs: bump f40 -> f41 * tests/tools: rebuild tools when we change versions * tests/tools: update golangci-lint to v1.61.0 * fix(deps): update module github.com/moby/buildkit to v0.17.0 * Handle RUN --mount with relative targets and no configured workdir * tests: bud: make parallel-safe * fix(deps): update module github.com/opencontainers/runc to v1.2.1 * fix(deps): update golang.org/x/exp digest to f66d83c * fix(deps): update github.com/opencontainers/runtime-tools digest to 6c9570a * tests: blobcache: use unique image name * tests: sbom: never write to cwd * tests: mkcw: bug fixes, refactor * deps: bump runc to v1.2.0 * deps: switch to moby/sys/userns * tests/test_runner.sh: remove some redundancies * Integration tests: run git daemon on a random-but-bind()able port * fix(deps): update module github.com/opencontainers/selinux to v1.11.1 * go.mod: remove unnecessary replace * Document more buildah build --secret options * Add support for COPY --exclude and ADD --exclude options * fix(deps): update github.com/containers/luksy digest to e2530d6 * chore(deps): update dependency containers/automation_images to v20241010 * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.4 * Properly validate cache IDs and sources * [skip-ci] Packit: constrain koji job to fedora package to avoid dupes * Audit and tidy OWNERS * fix(deps): update module golang.org/x/crypto to v0.28.0 * tests: add quotes to names * vendor: update c/common to latest * CVE-2024-9407: validate "bind-propagation" flag settings * vendor: switch to moby/sys/capability * Don't set ambient capabilities * Document that zstd:chunked is downgraded to zstd when encrypting * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.3 * buildah-manifest-create.1: Fix manpage section * chore(deps): update dependency ubuntu to v24 * Make `buildah manifest push --all` true by default * chroot: add newlines at the end of printed error messages * Do not error on trying to write IMA xattr as rootless * fix: remove duplicate conditions * fix(deps): update module github.com/moby/buildkit to v0.16.0 * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.2 * Document how entrypoint is configured in buildah config * In a container, try to register binfmt_misc * imagebuildah.StageExecutor: clean up volumes/volumeCache * build: fall back to parsing a TARGETPLATFORM build-arg * `manifest add --artifact`: handle multiple values * Packit: split out ELN jobs and reuse fedora downstream targets * Packit: Enable sidetags for bodhi updates * fix(deps): update module github.com/docker/docker to v27.2.1+incompatible * tests/bud.bats: add git source * add: add support for git source * Add support for the new c/common pasta options * vendor latest c/common * fix(deps): update module golang.org/x/term to v0.24.0 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.12.0 * packit: update fedora and epel targets * cirrus: disable f39 testing * cirrus: fix fedora names * update to go 1.22 * Vendor c/common:9d025e4cb348 * copier: handle globbing with "**" path components * fix(deps): update golang.org/x/exp digest to 9b4947d * fix(deps): update github.com/containers/luksy digest to 2e7307c * imagebuildah: make scratch config handling toggleable * fix(deps): update module github.com/docker/docker to v27.2.0+incompatible * Add a validation script for Makefile $(SOURCES) * fix(deps): update module github.com/openshift/imagebuilder to v1.2.15 * New VMs * Update some godocs, use 0o to prefix an octal in a comment * buildah-build.1.md: expand the --layer-label description * fix(deps): update module github.com/containers/common to v0.60.2 * run: fix a nil pointer dereference on FreeBSD * CI: enable the whitespace linter * Fix some govet linter warnings * Commit(): retry committing to local storage on storage.LayerUnknown * CI: enable the gofumpt linter * conformance: move weirdly-named files out of the repository * fix(deps): update module github.com/docker/docker to v27.1.2+incompatible * fix(deps): update module github.com/containers/common to v0.60.1 * *: use gofmt -s, add gofmt linter * *: fix build tags * fix(deps): update module github.com/containers/image/v5 to v5.32.1 * Add(): re-escape any globbed items that included escapes * conformance tests: use mirror.gcr.io for most images * unit tests: use test-specific policy.json and registries.conf * fix(deps): update module golang.org/x/sys to v0.24.0 * Update to spun-out "github.com/containerd/platforms" * Bump github.com/containerd/containerd * test/tools/Makefile: duplicate the vendor-in-container target * linters: unchecked error * linters: don't end loop iterations with "else" when "then" would * linters: unused arguments shouldn't have names * linters: rename checkIdsGreaterThan5() to checkIDsGreaterThan5() * linters: don't name variables "cap" * `make lint`: use --timeout instead of --deadline * Drop the e2e test suite * fix(deps): update module golang.org/x/crypto to v0.26.0 * fix(deps): update module github.com/onsi/gomega to v1.34.1 * `make vendor-in-container`: use the caller's Go cache if it exists * fix(deps): fix test/tools ginkgo typo * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.1 * Update to keep up with API changes in storage * fix(deps): update github.com/containers/luksy digest to 1f482a9 * install: On Debian/Ubuntu, add installation of libbtrfs-dev * fix(deps): update module golang.org/x/sys to v0.23.0 * fix(deps): update golang.org/x/exp digest to 8a7402a * fix(deps): update module github.com/fsouza/go-dockerclient to v1.11.2 * Use Epoch: 2 and respect the epoch in dependencies. * Bump to Buildah v1.38.0-dev * AddAndCopyOptions: add CertPath, InsecureSkipTLSVerify, Retry fields * Add PrependedLinkedLayers/AppendedLinkedLayers to CommitOptions * integration tests: teach starthttpd() about TLS and pid files - Changelog for v1.37.0 (2024-07-26) * Bump c/storage, c/image, c/common for v1.37.0 * "build with basename resolving user arg" tests: correct ARG use * bud-multiple-platform-no-run test: correct ARG use * imagebuildah: always have default values for $TARGET... args ready * bump github.com/openshift/imagebuilder to v1.2.14 * fix(deps): update module github.com/docker/docker to v27.1.1+incompatible * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.1 * fix(deps): update module github.com/docker/docker to v27.1.0+incompatible * CI: use local registry, part 2 of 2 * CI: use local registry, part 1 of 2 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.11.1 * Revert "fix(deps): update github.com/containers/image/v5 to v5.31.1" * Replace libimage.LookupReferenceFunc with the manifests version * conformance tests: enable testing CompatVolumes * conformance tests: add a test that tries to chown a volume * imagebuildah: make traditional volume handling not the default * StageExecutor.prepare(): mark base image volumes for preservation * fix(deps): update module github.com/containers/image/v5 to v5.31.1 * Vendor in latest containers/(common, storage, image) * fix(deps): update module golang.org/x/term to v0.22.0 * fix(deps): update module golang.org/x/sys to v0.22.0 * fix(deps): update golang.org/x/exp digest to 7f521ea * fix(deps): update github.com/containers/luksy digest to a8846e2 * imagebuildah.StageExecutor.Copy(): reject new flags for now * bump github.com/openshift/imagebuilder to v1.2.11 * Rework parsing of --pull flags * fix(deps): update module github.com/containers/image/v5 to v5.31.1 * imagebuildah.StageExecutor.prepare(): log the --platform flag * CI VMs: bump * buildah copy: preserve owner info with --from= a container or image * conformance tests: enable testing CompatSetParent * containerImageRef.NewImageSource(): move the FROM comment to first * commit: set "parent" for docker format only when requested * Update godoc for Builder.EnsureContainerPathAs * fix(deps): update module github.com/spf13/cobra to v1.8.1 * fix(deps): update module github.com/containernetworking/cni to v1.2.0 * fix(deps): update module github.com/opencontainers/runc to v1.1.13 * Change default for podman build to --pull missing * fix(deps): update module github.com/containers/common to v0.59.1 * Clarify definition of --pull options * buildah: fix a nil pointer reference on FreeBSD * Use /var/tmp for $TMPDIR for vfs conformance jobs * Cirrus: run `df` during job setup * conformance: use quay.io/libpod/centos:7 instead of centos:8 * Stop setting "parent" in docker format * conformance: check if workdir trims path separator suffixes * push integration test: pass password to docker login via stdin * Re-enable the "copy with chown" conformance test * healthcheck: Add support for `--start-interval` * fix(deps): update module github.com/docker/docker to v26.1.4+incompatible * fix(deps): update module github.com/containerd/containerd to v1.7.18 * tests: set _CONTAINERS_USERNS_CONFIGURED=done for libnetwork * Cross-build on Fedora * Drop copyStringSlice() and copyStringStringMap() * fix(deps): update module golang.org/x/crypto to v0.24.0 * fix(deps): update module github.com/openshift/imagebuilder to v1.2.10 * Provide an uptime_netbsd.go * Spell unix as "!windows" * Add netbsd to lists-of-OSes * fix(deps): update golang.org/x/exp digest to fd00a4e * [skip-ci] Packit: enable c10s downstream sync * CI VMs: bump, to debian with cgroups v2 * Document when BlobDirectory is overridden * fix secret mounts for env vars when using chroot isolation * Change to take a types.ImageReference arg * imagebuildah: Support custom image reference lookup for cache push/pull * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.0 * Bump to v1.37.0-dev * CI: Clarify Debian use for conformance tests - Changelog for v1.36.0 (2024-05-23) * build: be more selective about specifying the default OS * Bump to c/common v0.59.0 * Fix buildah prune --help showing the same example twice * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0 * fix(deps): update module github.com/containers/image/v5 to v5.31.0 * bud tests: fix breakage when vendoring into podman * Integration tests: fake up a replacement for nixery.dev/shell * copierWithSubprocess(): try to capture stderr on io.ErrClosedPipe * Don't expand RUN heredocs ourselves, let the shell do it * Don't leak temp files on failures * Add release note template to split dependency chores * fix CentOS/RHEL build - no BATS there * fix(deps): update module github.com/containers/luksy to v0.0.0-20240506205542-84b50f50f3ee * Address CVE-2024-3727 * chore(deps): update module github.com/opencontainers/runtime-spec to v1.2.0 * Builder.cdiSetupDevicesInSpecdefConfig(): use configured CDI dirs * Setting --arch should set the TARGETARCH build arg * fix(deps): update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f * [CI:DOCS] Add link to Buildah image page to README.md * Don't set GOTOOLCHAIN=local * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.5 * Makefile: set GOTOOLCHAIN=local * Integration tests: switch some base images * containerImageRef.NewImageSource: merge the tar filters * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.2 * fix(deps): update module github.com/containers/luksy to v0.0.0-20240408185936-afd8e7619947 * Disable packit builds for centos-stream+epel-next-8 * Makefile: add missing files to $(SOURCES) * CI VMs: bump to new versions with tmpfs /tmp * chore(deps): update module golang.org/x/net to v0.23.0 [security] * integration test: handle new labels in "bud and test --unsetlabel" * Switch packit configuration to use epel-9-$arch ... * Give unit tests a bit more time * Integration tests: remove a couple of duplicated tests * Integration tests: whitespace tweaks * Integration tests: don't remove images at start or end of test * Integration tests: use cached images more * Integration tests _prefetch: use registry configs * internal: use fileutils.(Le|E)xists * pkg/parse: use fileutils.(Le|E)xists * buildah: use fileutils.(Le|E)xists * chroot: use fileutils.(Le|E)xists * vendor: update containers/(common|storage) * Fix issue/pr lock workflow * [CI:DOCS] Add golang 1.21 update warning * heredoc: honor inline COPY irrespective of ignorefiles * Update install.md * source-push: add support for --digestfile * Fix caching when mounting a cached stage with COPY/ADD * fix(deps): update github.com/containers/luksy digest to 3d2cf0e * Makefile: softcode `strip`, use it from env var * Man page updates * Add support for passing CDI specs to --device * Update comments on some API objects * pkg/parse.DeviceFromPath(): dereference src symlinks * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1 - Changelog for v1.35.0 (2024-03-06) * fix(deps): update module github.com/stretchr/testify to v1.9.0 * cgroups: reuse version check from c/common * Update vendor of containers/(common,image) * fix(deps): update github.com/containers/storage digest to eadc620 * fix(deps): update github.com/containers/luksy digest to ceb12d4 * fix(deps): update github.com/containers/image/v5 digest to cdc6802 * manifest add: complain if we get artifact flags without --artifact * Use retry logic from containers/common * Vendor in containers/(storage,image,common) * Update module golang.org/x/crypto to v0.20.0 * Add comment re: Total Success task name * tests: skip_if_no_unshare(): check for --setuid * Properly handle build --pull=false * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1 * Update module go.etcd.io/bbolt to v1.3.9 * Revert "Reduce official image size" * Update module github.com/opencontainers/image-spec to v1.1.0 * Reduce official image size * Build with CNI support on FreeBSD * build --all-platforms: skip some base "image" platforms * Bump main to v1.35.0-dev * Vendor in latest containers/(storage,image,common) * Split up error messages for missing --sbom related flags * `buildah manifest`: add artifact-related options * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing * cmd/buildah/manifest.go: don't make struct declarations aliases * Use golang.org/x/exp/slices.Contains * Disable loong64 again * Fix a couple of typos in one-line comments * egrep is obsolescent; use grep -E * Try Cirrus with a newer VM version * Set CONTAINERS_CONF in the chroot-mount-flags integration test * Update to match dependency API update * Update github.com/openshift/imagebuilder and containers/common * docs: correct default authfile path * fix(deps): update module github.com/containerd/containerd to v1.7.13 * tests: retrofit test for heredoc summary * build, heredoc: show heredoc summary in build output * manifest, push: add support for --retry and --retry-delay * fix(deps): update github.com/openshift/imagebuilder digest to b767bc3 * imagebuildah: fix crash with empty RUN * fix(deps): update github.com/containers/luksy digest to b62d551 * fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security] * fix(deps): update module github.com/moby/buildkit to v0.12.5 [security] * Make buildah match podman for handling of ulimits * docs: move footnotes to where they're applicable * Allow users to specify no-dereference * Run codespell on code * Fix FreeBSD version parsing * Fix a build break on FreeBSD * Remove a bad FROM line * fix(deps): update module github.com/onsi/gomega to v1.31.1 * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6 * docs: use reversed logo for dark theme in README * build,commit: add --sbom to scan and produce SBOMs when committing * commit: force omitHistory if the parent has layers but no history * docs: fix a couple of typos * internal/mkcw.Archive(): handle extra image content * stage_executor,heredoc: honor interpreter in heredoc * stage_executor,layers: burst cache if heredoc content is changed * fix(deps): update module golang.org/x/crypto to v0.18.0 * Replace map[K]bool with map[K]struct{} where it makes sense * fix(deps): update module golang.org/x/sync to v0.6.0 * fix(deps): update module golang.org/x/term to v0.16.0 * Bump CI VMs * Replace strings.SplitN with strings.Cut * fix(deps): update github.com/containers/storage digest to ef81e9b * fix(deps): update github.com/containers/image/v5 digest to 1b221d4 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1 * Document use of containers-transports values in buildah * fix(deps): update module golang.org/x/crypto to v0.17.0 [security] * chore(deps): update dependency containers/automation_images to v20231208 * manifest: addCompression use default from containers.conf * commit: add a --add-file flag * mkcw: populate the rootfs using an overlay * chore(deps): update dependency containers/automation_images to v20230517 * [skip-ci] Update actions/stale action to v9 * fix(deps): update module github.com/containernetworking/plugins to v1.4.0 * fix(deps): update github.com/containers/image/v5 digest to 7a40fee * Bump to v1.34.1-dev * Ignore errors if label.Relabel returns ENOSUP - Changelog for v1.34.0 (2023-12-11) * vendor: update c/{common,image,storage} * run: Allow using just one jail per container on FreeBSD * Remove makefile targets entrypoint{,.gz} for non x86_64 - Changelog for v1.33.2 (2023-11-22) * Update minimum to golang 1.20 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.0 * fix(deps): update module github.com/moby/buildkit to v0.12.3 * Bump to v1.33.2-dev - Changelog for v1.33.1 (2023-11-18) * fix(deps): update module github.com/moby/buildkit to v0.11.4 [security] * test,heredoc: use fedora instead of docker.io/library/python:latest * Bump to v1.33.1-dev - Changelog for v1.33.0 (2023-11-17) * Never omit layers for emptyLayer instructions when squashing/cwing * Add OverrideChanges and OverrideConfig to CommitOptions * buildah: add heredoc support for RUN, COPY and ADD * vendor: bump imagebuilder to v1.2.6-0.20231110114814-35a50d57f722 * conformance tests: archive the context directory as 0:0 (#5171) * blobcacheinfo,test: blobs must be resued when pushing across registry * Bump c/storage v1.51.0, c/image v5.29.0, c/common v0.57.0 * pkg/util.MirrorToTempFileIfPathIsDescriptor(): don't leak an fd * StageExecutor.Execute: force a commit for --unsetenv, too * Increase a copier+chroot test timeout * Add support for --compat-auth-file in login/logout * Update existing tests for error message change * Update c/image and c/common to latest * fix(deps): update module github.com/containerd/containerd to v1.7.9 * build: downgrade to go 1.20 * Add godoc for pkg/parse.GetTempDir * conformance tests: use go-dockerclient for BuildKit builds * Make TEE types case-insensitive * fix(deps): update module golang.org/x/crypto to v0.15.0 * Tweak some help descriptions * Stop using DefaultNetworkSysctl and use containers.conf only * Implement ADD checksum flag #5135 * vendor of openshift/imagebuilder #5135 * Pass secrets from the host down to internal podman containers * Update cirrus and version of golang * image: replace GetStoreImage with ResolveReference * vendor: bump c/image to 373c52a9466f * pkg/parse.Platform(): minor simplification * createConfigsAndManifests: clear history before cw-specific logic * Use a constant definition instead of "scratch" * conformance: use require.NoErrorf() more * fix(deps): update module golang.org/x/term to v0.14.0 * fix(deps): update module golang.org/x/sync to v0.5.0 * fix(deps): update module github.com/spf13/cobra to v1.8.0 * fix(deps): update module golang.org/x/sys to v0.14.0 * fix(deps): update github.com/containers/common digest to 8354404 * fix(deps): update module github.com/opencontainers/runc to v1.1.10 * fix(deps): update github.com/containers/luksy digest to b5a7f79 * Log the platform for build errors during multi-platform builds * Use mask definitions from containers/common * Vendor in latest containers/common * fix(deps): update module github.com/containerd/containerd to v1.7.8 * fix(deps): update module go.etcd.io/bbolt to v1.3.8 * container.conf: support attributed string slices * fix(deps): update module sigs.k8s.io/yaml to v1.4.0 * Use cutil.StringInSlice rather then contains * Add --no-hostname option to buildah containers * vendor c/common: appendable containers.conf strings, Part 1 * fix(deps): update module github.com/onsi/gomega to v1.28.1 * chroot.setupChrootBindMounts: pay more attention to flags * chore(deps): update dependency containers/automation_images to v20231004 * Vendor containers/common * chore(deps): update module golang.org/x/net to v0.17.0 [security] * run: use internal.GetTempDir with os.MkdirTemp * fix(deps): update module github.com/containerd/containerd to v1.7.7 * imagebuildah,multi-stage: do not remove base images * gitignore: add mkcw binary * mkcw: remove entrypoint binaries * fix(deps): update module golang.org/x/crypto to v0.14.0 * fix(deps): update module golang.org/x/sys to v0.13.0 * fix(deps): update module golang.org/x/sync to v0.4.0 * Update some comments related to confidential workload * Use the parent's image ID in the config that we pass to imagebuilder * fix(deps): update github.com/containers/common digest to 8892536 * fix(deps): update github.com/containers/luksy digest to 6df88cb * bug: Ensure the mount type is always BindMount by default * Protocol can be specified with --port. Ex. --port 514/udp * fix(deps): update module github.com/onsi/gomega to v1.28.0 * build,config: add support for --unsetlabel * tests/bud: add tests * [CI:BUILD] Packit: tag @containers/packit-build on copr build failures * stage_executor: allow images without layers * vendor of containers/common * Removing selinux_tag.sh as no longer needed after 580356f [NO NEW TESTS NEEDED] * add/copy: make sure we handle relative path names correctly * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 * Bump to v1.33.0-dev * imagebuildah: consider ignorefile with --build-context - Changelog for v1.32.0 (2023-09-14) * GetTmpDir is not using ImageCopyTmpdir correctly * Run codespell on code * Bump vendor containers/(common, storage, image) * Cirrus: Remove multi-arch buildah image builds * fix(deps): update module github.com/containerd/containerd to v1.7.6 * Split GetTempDir from internal/util * Move most of internal/parse to internal/volumes * copier: remove libimage dependency via util package * Add some docs for `build --cw`, `commit --cw`, and `mkcw` * Add `buildah mkcw`, add `--cw` to `buildah commit` and `buildah build` * Make sure that pathnames picked up from the environment are absolute * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.4 * fix(deps): update module github.com/docker/docker to v24.0.6+incompatible * Don't try to look up names when committing images * fix(deps): update module golang.org/x/crypto to v0.13.0 * docs: use valid github repo * fix(deps): update module golang.org/x/sys to v0.12.0 * vendor containers/common@12405381ff45 * push: --force-compression should be true with --compression-format * Update module github.com/containerd/containerd to v1.7.5 * [skip-ci] Update tim-actions/commit-message-checker-with-regex action to v0.3.2 * docs: add reference to oci-hooks * Support passing of ULimits as -1 to mean max * GHA: Attempt to fix discussion_lock workflow * Fixing the owner of the storage.conf. * pkg/chrootuser: Ignore comments when parsing /etc/group on FreeBSD * Use buildah repo rather then podman repo * GHA: Closed issue/PR comment-lock test * fix(deps): update module github.com/containers/storage to v1.49.0 * chore(deps): update dependency containers/automation_images to v20230816 * Replace troff code with markdown in buildah-{copy,add}.1.md * [CI:BUILD] rpm: spdx compatible license field * executor: build-arg warnings must honor global args * fix(deps): update module github.com/containers/ocicrypt to v1.1.8 * chroot: `setSeccomp` add support for `ArchPARISC(64)` and `ArchRISCV64` * make,cross: restore loong64 * Clear CommonBuildOpts when loading Builder status * buildah/push/manifest-push: add support for --force-compression * vendor: bump c/common to v0.55.1-0.20230811093040-524b4d5c12f9 * chore(deps): update dependency containers/automation_images to v20230809 * [CI:BUILD] RPM: fix buildtags * fix(deps): update module github.com/opencontainers/runc to v1.1.9 * chore(deps): update dependency ubuntu to v22 * chore(deps): update dependency containers/automation_images to v20230807 * [CI:BUILD] Packit: add fedora-eln targets * [CI:BUILD] RPM: build docs with vendored go-md2man * packit: Build PRs into default packit COPRs * Update install.md * Update install.md changes current Debian stable version name * fix(deps): update module golang.org/x/term to v0.11.0 * fix(deps): update module golang.org/x/crypto to v0.12.0 * tests: fix layer-label tests * buildah: add --layer-label for setting labels on layers * Cirrus: container/rootless env. var. passthrough * Cirrus: Remove duplicate env. var. definitions * fix(deps): update github.com/containers/storage digest to c3da76f * Add a missing .Close() call on an ImageSource * Create only a reference when that's all we need * Add a missing .Close() call on an ImageDestination * CI:BUILD] RPM: define gobuild macro for rhel/centos stream * manifest/push: add support for --add-compression * manifest/inspect: add support for tls-verify and authfile * vendor: bump c/common to v0.55.1-0.20230727095721-647ed1d4d79a * vendor: bump c/image to v5.26.1-0.20230726142307-8c387a14f4ac * fix(deps): update module github.com/containerd/containerd to v1.7.3 * fix(deps): update module github.com/onsi/gomega to v1.27.10 * fix(deps): update module github.com/docker/docker to v24.0.5+incompatible * fix(deps): update module github.com/containers/image/v5 to v5.26.1 * fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0 * Update vendor of containers/(storage,image,common) * fix(deps): update module github.com/opencontainers/runc to v1.1.8 * [CI:BUILD] Packit: remove pre-sync action * fix(deps): update module github.com/containers/common to v0.55.2 * [CI:BUILD] Packit: downstream task script needs GOPATH * Vendor in containers/(common, image, storage) * fix(deps): update module golang.org/x/term to v0.10.0 * [CI:BUILD] Packit: fix pre-sync action for downstream tasks * contrib/buildahimage: set config correctly for rootless build user * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc4 * Bump to v1.32.0-dev * Update debian install instructions * pkg/overlay: add limited support for FreeBSD - Changelog for v1.31.0 (2023-06-30) * Bump c/common to 0.55.1 and c/image to 5.26.1 * Bump c/image to 5.26.0 and c/common to 0.54.0 * vendor: update c/{common,image,storage} to latest * chore: pkg imported more than once * buildah: add pasta(1) support * use slirp4netns package from c/common * update c/common to latest * add hostname to /etc/hosts when running with host network * vendor: update c/common to latest * [CI:BUILD] Packit: add jobs for downstream Fedora package builds * fix(deps): update module golang.org/x/sync to v0.3.0 * fix(deps): update module golang.org/x/crypto to v0.10.0 * Add smoke tests for encryption CLI helpers * fix(deps): update module golang.org/x/term to v0.9.0 * fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0-rc.3 * Remove device mapper support * Remove use of deprecated tar.TypeRegA * Update tooling to support newer golangci-lint * Make cli.EncryptConfig,DecryptConfig, GetFormat public * Don't decrypt images by default * fix(deps): update module github.com/onsi/gomega to v1.27.8 * fix(deps): update github.com/containers/storage digest to 3f3fb2f * Renovate: Don't touch fragile test stuffs * [CI:DOCS] Update comment to remove ambiguity * fix(deps): update github.com/containers/image/v5 digest to abe5133 * fix(deps): update module github.com/sirupsen/logrus to v1.9.3 * fix(deps): update module github.com/containerd/containerd to v1.7.2 * Explicitly ref. quay images for CI * At startup, log the effective capabilities for debugging * parse: use GetTempDir from internal utils * GetTmpDir: honor image_copy_tmp_dir from containers.conf * docs/Makefile: don't show sed invocations * CI: Support testing w/ podman-next COPR packages * intermediate-images inherit-label test: make it debuggable * fix(deps): update github.com/containers/common digest to 462ccdd * Add a warning to `--secret` docs * vendor: bump c/storage to v1.46.2-0.20230526114421-55ee2d19292f * executor: apply label to only final stage * remove registry.centos.org * Go back to setting SysProcAttr.Pdeathsig for child processes * Fix auth.json path (validated on Fedora 38) wq Signed-off-by: Andreas Mack * fix(deps): update module github.com/stretchr/testify to v1.8.3 * CI: fix test broken by renovatebot * chore(deps): update quay.io/libpod/testimage docker tag to v20221018 * fix(deps): update module github.com/onsi/gomega to v1.27.7 * test: use debian instead of docker.io/library/debian:testing-slim * vendor: bump logrus to 1.9.2 * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.0 * Revert "Proof of concept: nightly dependency treadmill" * fix(deps): update module github.com/sirupsen/logrus to v1.9.1 * vendor in containers/(common,storage,image) * fix(deps): update module github.com/docker/distribution to v2.8.2+incompatible * run: drop Pdeathsig * chroot: lock thread before setPdeathsig * tests: add a case for required=false * fix(deps): update module github.com/openshift/imagebuilder to v1.2.5 * build: validate volumes on backend * secret: accept required flag w/o value * fix(deps): update module github.com/containerd/containerd to v1.7.1 * fix(deps): update module golang.org/x/crypto to v0.9.0 * Update the demos README file to fix minor typos * fix(deps): update module golang.org/x/sync to v0.2.0 * fix(deps): update module golang.org/x/term to v0.8.0 * manifest, push: use source as destination if not specified * run,mount: remove path only if they didnt pre-exist * Cirrus: Fix meta task failing to find commit * parse: filter edge-case for podman-remote * fix(deps): update module github.com/opencontainers/runc to v1.1.7 * fix(deps): update module github.com/docker/docker to v23.0.5+incompatible * build: --platform must accept only arch * fix(deps): update module github.com/containers/common to v0.53.0 * makefile: increase conformance timeout * Cap suffixDigitsModulo to a 9-digits suffix. * Rename conflict to suffixDigitsModulo * fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0-rc.2 * fix(deps): update module github.com/opencontainers/runc to v1.1.6 * chore(deps): update centos docker tag to v8 * Clarify the need for qemu-user-static package * chore(deps): update quay.io/centos/centos docker tag to v8 * Renovate: Ensure test/tools/go.mod is managed * Revert "buildah image should not enable fuse-overlayfs for rootful mode" * Bump to v1.31.0-dev * parse: add support for relabel bind mount option - Changelog for v1.30.0 (2023-04-06) * fix(deps): update module github.com/opencontainers/runc to v1.1.5 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.7 * buildah image should not enable fuse-overlayfs for rootful mode * stage_executor: inline network add default string * fix(deps): update module github.com/containers/common to v0.51.2 * chore(deps): update dependency containers/automation_images to v20230330 * fix(deps): update module github.com/docker/docker to v23.0.2+incompatible * chore(deps): update dependency containers/automation_images to v20230320 * fix(deps): update module github.com/onsi/gomega to v1.27.6 * fix(deps): update github.com/opencontainers/runtime-tools digest to e931285 * [skip-ci] Update actions/stale action to v8 * test: don't allow to override io.buildah.version * executor: only apply label on the final stage * Update docs/buildah-build.1.md * update build instruction for Ubuntu * code review * build: accept arguments from file with --build-arg-file * run_linux: Update heuristic for mounting /sys * [CI:BUILD] Packit: Enable Copr builds on PR and commit to main * fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.6 * Update to Go 1.18 * Disable dependabot in favor of renovate * chore(deps): update dependency containers/automation_images to v20230314 * Fix requiring tests on Makefile changes * Vendor in latest containers/(storage, common, image) * imagebuildah: set len(short_image_id) to 12 * Re-enable conformance tests * Skip conformance test failures with Docker 23.0.1 * Cirrus: Replace Ubuntu -> Debian SID * run: add support for inline --network in RUN stmt * vendor: bump imagebuilder to a3c3f8358ca31b1e4daa6 * stage_executor: attempt to push cache only when cacheKey is valid * Add "ifnewer" as option in help message for pull command * build: document behaviour of buildah's distributed cache * fix(deps): update module golang.org/x/term to v0.6.0 * Add default list of capabilities required to run buildah in a container * executor,copy: honor default ARG value while eval stage * sshagent: use ExtendedAgent instead of Agent * tests/bud: remove unwated test * executor: do not warn on builtin default args * executor: don't warn about unused TARGETARCH,TARGETOS,TARGETPLATFORM * Fix tutorial for rootless mode * Vendor in latest containers/(common, storage, image) * Ignore the base image's base image annotations * fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.5 * build(deps): bump github.com/containers/storage from 1.45.3 to 1.45.4 * Vendor in latest containers/common * docs/tutorials/04: add defaults for Run() * imagebuildah.StageExecutor: suppress bogus "Pushing cache []:..." * executor: also add stage with no children to cleanupStages * [CI:BUILD] copr: fix el8 builds * Fix documentation on which Capabilities are allowed by default * Skip subject-length validation for renovate PRs * Temporarily hard-skip bud-multiple-platform-values test * fix(deps): update github.com/openshift/imagebuilder digest to 86828bf * build(deps): bump github.com/containerd/containerd from 1.6.16 to 1.6.17 * build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0 * build(deps): bump github.com/containers/image/v5 from 5.24.0 to 5.24.1 * [skip-ci] Update tim-actions/get-pr-commits digest to 55b867b * build(deps): bump github.com/opencontainers/selinux * build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 * Add renovate configuration * Run codespell on codebase * login: support interspersed args for password * conformance: use scratch for minimal test * pkg/parse: expose public CleanCacheMount API * build(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 * build(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.16 * docs: specify order preference for FROM * Bump to v1.30.0-dev - Changelog for v1.29.0 (2023-01-25) * tests: improve build-with-network-test * Bump c/storagev1.45.3, c/imagev5.24.0, c/commonv0.51.0 * build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0 * Flake 3710 has been closed. Reenable the test. * [CI:DOCS] Fix two diversity issues in a tutorial * build(deps): bump github.com/fsouza/go-dockerclient from 1.9.2 to 1.9.3 * vendor in latests containers/(storage, common, image) * fix bud-multiple-platform-with-base-as-default-arg flake * stage_executor: while mounting stages use freshly built stage * build(deps): bump github.com/fsouza/go-dockerclient from 1.9.0 to 1.9.2 * build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.25.0 * vendor in latests containers/(storage, common, image, ocicyrpt) * [Itests: change the runtime-flag test for crun * [CI:DOCS] README: drop sudo * Fix multi-arch manifest-list build timeouts * Cirrus: Update VM Images * bud: Consolidate multiple synthetic LABEL instructions * build, secret: allow realtive mountpoints wrt to work dir * fixed squash documentation * build(deps): bump github.com/containerd/containerd from 1.6.14 to 1.6.15 * Correct minor comment * Vendor in latest containers/(common, image, storage) * system tests: remove unhelpful assertions * buildah: add prune command and expose CleanCacheMount API * vendor: bump c/storage to a747b27 * Add support for --group-add to buildah from * build(deps): bump actions/stale from 6 to 7 * Add documentation for buildah build --pull=missing * build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.14 * build(deps): bump github.com/docker/docker * parse: default ignorefile must not point to symlink outside context * buildah: wrap network setup errors * build, mount: allow realtive mountpoints wrt to work dir * Update to F37 CI VM Images, re-enable prior-fedora * Update vendor or containers/(image, storage, common) * build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 * Update contact information * build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0 * Replace io/ioutil calls with os calls * [skip-ci] GHA/Cirrus-cron: Fix execution order * Vendor in containers/common * build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0 * remote-cache: support multiple sources and destinations * Update c/storage after https://github.com/containers/storage/pull/1436 * util.SortMounts(): make the returned order more stable * version: Bump to 1.29.0-dev * [CI:BUILD] Cirrus: Migrate OSX task to M1 * Update vendor of containers/(common, storage, image) * mount=type=cache: seperate cache parent on host for each user * Fix installation instructions for Gentoo Linux * build(deps): bump github.com/containerd/containerd from 1.6.9 to 1.6.10 * GHA: Reuse both cirrus rerun and check workflows * Vendor in latest containers/(common,image,storage) * build(deps): bump github.com/onsi/gomega from 1.24.0 to 1.24.1 * copier.Put(): clear up os/syscall mode bit confusion * build(deps): bump golang.org/x/sys from 0.1.0 to 0.2.0 * Use TypeBind consistently to name bind/nullfs mounts * Add no-new-privileges flag * Update vendor of containers/(common, image, storage) * imagebuildah:build with --all-platforms must honor args for base images * codespell code * Expand args and env when using --all-platforms * build(deps): bump github.com/onsi/gomega from 1.23.0 to 1.24.0 * GHA: Simplify Cirrus-Cron check slightly * Stop using ubi8 * remove unnecessary (hence misleading) rmi * chroot: fix mounting of ro bind mounts * executor: honor default ARG value while eval base name * userns: add arbitrary steps/stage to --userns=auto test * Don't set allow.mount in the vnet jail on Freebsd * copier: Preserve file flags when copying archives on FreeBSD * Remove quiet flag, so that it works in podman-remote * test: fix preserve rootfs with --mount for podman-remote * test: fix prune logic for cache-from after adding content summary * vendor in latest containers/(storage, common, image) * Fix RUN --mount=type=bind,from= not preserving rootfs of stage * Define and use a safe, reliable test image * Fix word missing in Container Tools Guide * Makefile: Use $(MAKE) to start sub-makes in install.tools * imagebuildah: pull cache from remote repo after adding content summary * Makefile: Fix install on FreeBSD * Ensure the cache volume locks are unlocked on all paths * Vendor in latest containers/(common,storage) * Simplify the interface of GetCacheMount and getCacheMount * Fix cache locks with multiple mounts * Remove calls to Lockfile.Locked() * Maintain cache mount locks as lock objects instead of paths * test: cleaning cache must not clean lockfiles * run: honor lockfiles for multiple --mount instruction * mount,cache: lockfiles must not be part of users cache content * Update vendor containers/(common,image,storage) * [CI:BUILD] copr: buildah rpm should depend on containers-common-extra * pr-should-include-tests: allow specfile, golangci * build(deps): bump dawidd6/action-send-mail from 3.7.0 to 3.7.1 * build(deps): bump github.com/docker/docker * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.3 to 1.9.0 * Update vendor containers/(common,image,storage) * build(deps): bump actions/upload-artifact from 2 to 3 * build(deps): bump actions/checkout from 2 to 3 * build(deps): bump actions/stale from 1 to 6 * build(deps): bump dawidd6/action-send-mail from 2.2.2 to 3.7.0 * build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0 * sshagent: LockOSThread before setting SocketLabel * Update tests for error message changes * Update c/image after https://github.com/containers/image/pull/1299 * Fix ident for dependabot gha block * build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6 * Fix man pages to match latest cobra settings * build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 * build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1 * test: retrofit 'bud with undefined build arg directory' * imagebuildah: warnOnUnsetBuildArgs while processing stages from executor * Update contrib/buildahimage/Containerfile * Cirrus CI add flavor parameter * Correction - `FLAVOR` not `FLAVOUR` * Changed build argument from `RELEASE` to `FLAVOUR` * Combine buildahimage Containerfiles * bud.bats refactoring: $TEST_SCRATCH_DIR, part 2 of 2 * bud.bats refactoring: $TEST_SCRATCH_DIR, part 1 of 2 * System test cleanup: document, clarify, fix * test: removing unneeded/expensive COPY * test: warning behaviour for unset/set TARGETOS,TARGETARCH,TARGETPLATFORM * Bump to v1.28.1-dev - Changelog for v1.28.0 (2022-09-30) * Update vendor containers/(common,image) * [CI:DOCS] Add quay-description update reminder * vendor: bump c/common to v0.49.2-0.20220929111928-2d1b45ae2423 * build(deps): bump github.com/opencontainers/selinux * Vendor in latest containers/storage * Changing shell list operators from `;` to `&&` * Fix buildahimage container.conf permissions regression * Set sysctls from containers.conf * refactor: stop using Normalize directly from containerd package * config,builder: process variant while populating image spec * Proof of concept: nightly dependency treadmill * Run codespell on code * Check for unset build args after TARGET args * pkg/cli: improve completion test * vendor in latest containers/(common,storage,image) * copier: work around freebsd bug for "mkdir /" * vendor: update c/image * test: run in the host cgroup namespace * vendor: update c/storage * vendor: update c/common * cmd: check for user UID instead of privileges * run,build: conflict --isolation=chroot and --network * Fix broken dns test (from merge collision) * Fix stutters * Fix broken command completion * buildah bud --network=none should have no network * build: support --skip-unused-stages for multi-stage builds * Prevent use of --dns* options with --net=none * buildah: make --cache-ttl=0s equivalent to --no-cache * parse: make processing flags in --mount order agnostic * Minor test fix for podman-remote * build: honor .containerignore as ignore file * Update install.md: Debian 11 (Bullseye) is stable * build(deps): bump github.com/docker/docker * Use constants from containers/common for finding seccomp.json * Don't call os.Exit(1) from manifest exist * manifest: add support for buildah manifest exists * Buildah should ignore /etc/crio/seccomp.json * chroot: Fix cross build break * chroot: Move isDevNull to run_common.go * chroot: Fix setRlimit build on FreeBSD * chroot: Move parseRLimits and setRlimits to run_common.go * chroot: Fix runUsingChrootExecMain on FreeBSD * chroot: Move runUsingChrootExecMain to run_common.go * chroot: Factor out Linux-specific unshare options from runUsingChroot * chroot: Move runUsingChroot to run_common.go * chroot: Move RunUsingChroot and runUsingChrootMain to run_common.go * chroot: Factor out /dev/ptmx pty implementation * chroot: Add FreeBSD support for run with chroot isolation * build(deps): bump github.com/docker/go-units from 0.4.0 to 0.5.0 * Replace k8s.gcr.io/pause in tests with registry.k8s.io/pause * build(deps): bump github.com/onsi/gomega from 1.20.0 to 1.20.1 * Cirrus: use image with fewer downloaded dependencies * build(deps): bump github.com/opencontainers/runc from 1.1.3 to 1.1.4 * run: add container gid to additional groups * buildah: support for --retry and --retry-delay for push/pull failures * Makefile: always call $(GO) instead of `go` * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.2 to 1.8.3 * test: use `T.TempDir` to create temporary test directory * mount,cache: enable SElinux shared content label option by default * commit: use race-free RemoveNames instead of SetNames * Drop util/util.Cause() * cmd/buildah: add "manifest create --amend" * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.1 to 1.8.2 * docs: specify git protocol is not supported for github hosted repo * Scrub user and group names from layer diffs * build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.8 * version: bump to 1.28.0-dev - Changelog for v1.27.0 (2022-08-01) * build: support filtering cache by duration using `--cache-ttl`. * build: support building from commit when using git repo as build context. * build: clean up git repos correctly when using subdirs. * build: add support for distributing cache to remote sources using `--cache-to` and `--cache-from`. * imagebuildah: optimize cache hits for `COPY` and `ADD` instructions. * build: support OCI hooks for ephemeral build containers. * build: add support for `--userns=auto`. * copier: add NoOverwriteNonDirDir option . * add initial support for building images using Buildah on FreeBSD. * multistage: this now skips the computing of unwanted stages to improve performance. * multiarch: support splitting build logs for `--platform` using `--logsplit`. * build: add support for building images where the base image has no history. * commit: allow disabling image history with `--omit-history`. * build: add support for renaming a device in rootless setups. * build: now supports additionalBuildContext in builds via the `--build-context` option. * build: `--output` produces artifacts even if the build container is not committed. * build: now accepts `-cpp-flag`, allowing users to pass in CPP flags when processing a Containerfile with C Preprocessor-like syntax. * build: now accepts a branch and a subdirectory when the build context is a git repository. * build: output now shows a progress bar while pushing and pulling images * build: now errors out if the path to Containerfile is a directory. * build: support building container images on environments that are rootless and without any valid login sessions. * fix: `--output` now generates artifacts even if the entire build is cached. * fix: `--output` generates artifacts only for the target stage in multi-stage builds. * fix,add: now fails on a bad HTTP response instead of writing to container * fix,squash: never use build cache when computing the last step of the last stage * fix,build,run: allow reusing secret more than once in different RUN steps * fix: compatibility with Docker build by making its --label and --annotate options set empty labels and annotations when given a name but no `=` or label value. - Changelog for v1.26.0 (2022-05-04) * imagebuildah,build: move deepcopy of args before we spawn goroutine * Vendor in containers/storage v1.40.2 * buildah.BuilderOptions.DefaultEnv is ignored, so mark it as deprecated * help output: get more consistent about option usage text * Handle OS version and features flags * buildah build: --annotation and --label should remove values * buildah build: add a --env * buildah: deep copy options.Args before performing concurrent build/stage * test: inline platform and builtinargs behaviour * vendor: bump imagebuilder to master/009dbc6 * build: automatically set correct TARGETPLATFORM where expected * build(deps): bump github.com/fsouza/go-dockerclient * Vendor in containers/(common, storage, image) * imagebuildah, executor: process arg variables while populating baseMap * buildkit: add support for custom build output with --output * Cirrus: Update CI VMs to F36 * fix staticcheck linter warning for deprecated function * Fix docs build on FreeBSD * build(deps): bump github.com/containernetworking/cni from 1.0.1 to 1.1.0 * copier.unwrapError(): update for Go 1.16 * copier.PutOptions: add StripSetuidBit/StripSetgidBit/StripStickyBit * copier.Put(): write to read-only directories * build(deps): bump github.com/cpuguy83/go-md2man/v2 in /tests/tools * Rename $TESTSDIR (the plural one), step 4 of 3 * Rename $TESTSDIR (the plural one), step 3 of 3 * Rename $TESTSDIR (the plural one), step 2 of 3 * Rename $TESTSDIR (the plural one), step 1 of 3 * build(deps): bump github.com/containerd/containerd from 1.6.2 to 1.6.3 * Ed's periodic test cleanup * using consistent lowercase 'invalid' word in returned err msg * Update vendor of containers/(common,storage,image) * use etchosts package from c/common * run: set actual hostname in /etc/hostname to match docker parity * update c/common to latest main * Update vendor of containers/(common,storage,image) * Stop littering * manifest-create: allow creating manifest list from local image * Update vendor of storage,common,image * Bump golang.org/x/crypto to 7b82a4e * Initialize network backend before first pull * oci spec: change special mount points for namespaces * tests/helpers.bash: assert handle corner cases correctly * buildah: actually use containers.conf settings * integration tests: learn to start a dummy registry * Fix error check to work on Podman * buildah build should accept at most one arg * tests: reduce concurrency for flaky bud-multiple-platform-no-run * vendor in latest containers/common,image,storage * manifest-add: allow override arch,variant while adding image * Remove a stray `\` from .containerenv * Vendor in latest opencontainers/selinux v1.10.1 * build, commit: allow removing default identity labels * Create shorter names for containers based on image IDs * test: skip rootless on cgroupv2 in root env * fix hang when oci runtime fails * Set permissions for GitHub actions * copier test: use correct UID/GID in test archives * run: set parent-death signals and forward SIGHUP/SIGINT/SIGTERM * Bump back to v1.26.0-dev * build(deps): bump github.com/opencontainers/runc from 1.1.0 to 1.1.1 * Included the URL to check the SHA - Changelog for v1.25.1 (2022-03-30) * buildah: create WORKDIR with USER permissions * vendor: update github.com/openshift/imagebuilder * copier: attempt to open the dir before adding it * Updated dependabot to get updates for GitHub actions. * Switch most calls to filepath.Walk to filepath.WalkDir * build: allow --no-cache and --layers so build cache can be overrided * build(deps): bump github.com/onsi/gomega from 1.18.1 to 1.19.0 * Bump to v1.26.0-dev * build(deps): bump github.com/golangci/golangci-lint in /tests/tools - Changelog for v1.25.0 (2022-03-25) * install: drop RHEL/CentOS 7 doc * build(deps): bump github.com/containers/common from 0.47.4 to 0.47.5 * Bump c/storage to v1.39.0 in main * Add a test for CVE-2022-27651 * build(deps): bump github.com/docker/docker * Bump github.com/prometheus/client_golang to v1.11.1 * [CI:DOCS] man pages: sort flags, and keep them that way * build(deps): bump github.com/containerd/containerd from 1.6.1 to 1.6.2 * Don't pollute * network setup: increase timeout to 4 minutes * do not set the inheritable capabilities * build(deps): bump github.com/golangci/golangci-lint in /tests/tools * build(deps): bump github.com/containers/ocicrypt from 1.1.2 to 1.1.3 * parse: convert exposed GetVolumes to internal only * buildkit: mount=type=cache support locking external cache store * .in support: improve error message when cpp is not installed * buildah image: install cpp * build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 * build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 * build(deps): bump github.com/docker/docker * Add --no-hosts flag to eliminate use of /etc/hosts within containers * test: remove skips for rootless users * test: unshare mount/umount if test is_rootless * tests/copy: read correct containers.conf * build(deps): bump github.com/docker/distribution * cirrus: add seperate task and matrix for rootless * tests: skip tests for rootless which need unshare * buildah: test rootless integration * vendor: bump c/storage to main/93ce26691863 * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.9 to 1.7.10 * tests/copy: initialize the network, too * [CI:DOCS] remove references to Kubic for CentOS and Ubuntu * build(deps): bump github.com/containerd/containerd from 1.6.0 to 1.6.1 * use c/image/pkg/blobcache * vendor c/image/v5@v5.20.0 * add: ensure the context directory is an absolute path * executor: docker builds must inherit healthconfig from base if any * docs: Remove Containerfile and containeringore * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.8 to 1.7.9 * helpers.bash: Use correct syntax * speed up combination-namespaces test * build(deps): bump github.com/golangci/golangci-lint in /tests/tools * Bump back to 1.25.0-dev * build(deps): bump github.com/containerd/containerd from 1.5.9 to 1.6.0 - Changelog for v1.24.2 (2022-02-16) * Increase subuid/subgid to 65535 * history: only add proxy vars to history if specified * run_linux: use --systemd-cgroup * buildah: new global option --cgroup-manager * Makefile: build with systemd when available * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.7 to 1.7.8 * Bump c/common to v0.47.4 * Cirrus: Use updated VM images * conformance: add a few "replace-directory-with-symlink" tests * Bump back to v1.25.0-dev - Changelog for v1.24.1 (2022-02-03) * executor: Add support for inline --platform within Dockerfile * caps: fix buildah run --cap-add=all * Update vendor of openshift/imagebuilder * Bump version of containers/image and containers/common * Update vendor of containers/common * System tests: fix accidental vandalism of source dir * build(deps): bump github.com/containers/storage from 1.38.1 to 1.38.2 * imagebuildah.BuildDockerfiles(): create the jobs semaphore * build(deps): bump github.com/onsi/gomega from 1.18.0 to 1.18.1 * overlay: always honor mountProgram * overlay: move mount program invocation to separate function * overlay: move mount program lookup to separate function * Bump to v1.25.0-dev [NO TESTS NEEDED] - Changelog for v1.24.0 (2022-01-26) * Update vendor of containers/common * build(deps): bump github.com/golangci/golangci-lint in /tests/tools * Github-workflow: Report both failures and errors. * build(deps): bump github.com/containers/image/v5 from 5.18.0 to 5.19.0 * Update docs/buildah-build.1.md * [CI:DOCS] Fix typos and improve language * buildah bud --network add support for custom networks * Make pull commands be consistent * docs/buildah-build.1.md: don't imply that -v isn't just a RUN thing * build(deps): bump github.com/onsi/gomega from 1.17.0 to 1.18.0 * Vendor in latest containers/image * Run codespell on code * .github/dependabot.yml: add tests/tools go.mod * CI: rm git-validation, add GHA job to validate PRs * tests/tools: bump go-md2man to v2.0.1 * tests/tools/Makefile: simplify * tests/tools: bump onsi/ginkgo to v1.16.5 * vendor: bump c/common and others * mount: add support for custom upper and workdir with overlay mounts * linux: fix lookup for runtime * overlay: add MountWithOptions to API which extends support for advanced overlay * Allow processing of SystemContext from FlagSet * .golangci.yml: enable unparam linter * util/resolveName: rm bool return * tests/tools: bump golangci-lint * .gitignore: fixups * all: fix capabilities.NewPid deprecation warnings * bind/mount.go: fix linter comment * all: fix gosimple warning S1039 * tests/e2e/buildah_suite_test.go: fix gosimple warnings * imagebuildah/executor.go: fix gosimple warning * util.go: fix gosimple warning * build(deps): bump github.com/opencontainers/runc from 1.0.3 to 1.1.0 * Enable git-daemon tests * Allow processing of id options from FlagSet * Cirrus: Re-order tasks for more parallelism * Cirrus: Freshen VM images * Fix platform handling for empty os/arch values * Allow processing of network options from FlagSet * Fix permissions on secrets directory * Update containers/image and containers/common * bud.bats: use a local git daemon for the git protocol test * Allow processing of common options from FlagSet * Cirrus: Run int. tests in parallel with unit * vendor c/common * Fix default CNI paths * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.6 to 1.7.7 * multi-stage: enable mounting stages across each other with selinux enabled * executor: Share selinux label of first stage with other stages in a build * buildkit: add from field to bind and cache mounts so images can be used as source * Use config.ProxyEnv from containers/common * use libnetwork from c/common for networking * setup the netns in the buildah parent process * build(deps): bump github.com/containerd/containerd from 1.5.8 to 1.5.9 * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.4 to 1.7.6 * build: fix libsubid test * Allow callers to replace the ContainerSuffix * parse: allow parsing anomaly non-human value for memory control group * .cirrus: remove static_build from ci * stage_executor: re-use all possible layers from cache for squashed builds * build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 * Allow rootless buildah to set resource limits on cgroup V2 * build(deps): bump github.com/docker/docker * tests: move buildkit mount tests files from TESTSDIR to TESTDIR before modification * build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3 * Wire logger through to config * copier.Put: check for is-not-a-directory using lstat, not stat * Turn on rootless cgroupv2 tests * Grab all of the containers.conf settings for namespaces. * image: set MediaType in OCI manifests * copier: RemoveAll possibly-directories * Simple README fix * images: accept multiple filter with logical AND * build(deps): bump github.com/containernetworking/cni from 0.8.1 to 1.0.1 * UPdate vendor of container/storage * build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0 * build(deps): bump github.com/containers/image/v5 from 5.16.1 to 5.17.0 * Make LocalIP public function so Podman can use it * Fix UnsetEnv for buildah bud * Tests should rely only on static/unchanging images * run: ensure that stdio pipes are labeled correctly * build(deps): bump github.com/docker/docker * Cirrus: Bump up to Fedora 35 & Ubuntu 21.10 * chroot: don't use the generate default seccomp filter for unit tests * build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8 * ssh-agent: Increase timeout before we explicitly close connection * docs/tutorials: update * Clarify that manifest defaults to localhost as the registry name * "config": remove a stray bit of debug output * "commit": fix a flag typo * Fix an error message: unlocking vs locking * Expand the godoc for CommonBuildOptions.Secrets * chroot: accept an "rw" option * Add --unsetenv option to buildah commit and build * define.TempDirForURL(): show CombinedOutput when a command fails * config: support the variant field * rootless: do not bind mount /sys if not needed * Fix tutorial to specify command on buildah run line * build: history should not contain ARG values * docs: Use guaranteed path for go-md2man * run: honor --network=none from builder if nothing specified * networkpolicy: Should be enabled instead of default when explictly set * Add support for env var secret sources * build(deps): bump github.com/docker/docker * fix: another non-portable shebang * Rootless containers users should use additional groups * Support overlayfs path contains colon * Report ignorefile location when no content added * Add support for host.containers.internal in the /etc/hosts * build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 * imagebuildah: fix nil deref * buildkit: add support for mount=type=cache * Default secret mode to 400 * [CI:DOCS] Include manifest example usage * docs: update buildah-from, buildah-pull 'platform' option compatibility notes * docs: update buildah-build 'platform' option compatibility notes * De-dockerize the man page as much as possible * [CI:DOCS] Touch up Containerfile man page to show ARG can be 1st * docs: Fix and Update Containerfile man page with supported mount types * mount: add tmpcopyup to tmpfs mount option * buildkit: Add support for --mount=type=tmpfs * build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1 * Fix command doc links in README.md * build(deps): bump github.com/containers/image/v5 from 5.16.0 to 5.16.1 * build: Add support for buildkit like --mount=type=bind * Bump containerd to v1.5.7 * build(deps): bump github.com/docker/docker * tests: stop pulling php, composer * Fix .containerignore link file * Cirrus: Fix defunct package metadata breaking cache * build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0 * buildah build: add --all-platforms * Add man page for Containerfile and .containerignore * Plumb the remote logger throughut Buildah * Replace fmt.Sprintf("%d", x) with strconv.Itoa(x) * Run: Cleanup run directory after every RUN step * build(deps): bump github.com/containers/common from 0.45.0 to 0.46.0 * Makefile: adjust -ldflags/-gcflags/-gccgoflags depending on the go implementation * Makefile: check for `-race` using `-mod=vendor` * imagebuildah: fix an attempt to write to a nil map * push: support to specify the compression format * conformance: allow test cases to specify dockerUseBuildKit * build(deps): bump github.com/containers/common from 0.44.1 to 0.45.0 * build(deps): bump github.com/containers/common from 0.44.0 to 0.44.1 * unmarshalConvertedConfig(): handle zstd compression * tests/copy/copy: wire up compression options * Update to github.com/vbauerster/mpb v7.1.5 * Add flouthoc to OWNERS * build: Add additional step nodes when labels are modified * Makefile: turn on race detection whenever it's available * conformance: add more tests for exclusion short-circuiting * Update VM Images + Drop prior-ubuntu testing * Bump to v1.24.0-dev - Changelog for v1.23.0 (2021-09-13) * Vendor in containers/common v0.44.0 * build(deps): bump github.com/containers/storage from 1.35.0 to 1.36.0 * Update 05-openshift-rootless-build.md * build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5 * .cirrus.yml: run cross_build_task on Big Sur * Makefile: update cross targets * Add support for rootless overlay mounts * Cirrus: Increase unit-test timeout * Docs: Clarify rmi w/ manifest/index use * build: mirror --authfile to filesystem if pointing to FD instead of file * Fix build with .git url with branch * manifest: rm should remove only manifests not referenced images. * vendor: bump c/common to v0.43.3-0.20210902095222-a7acc160fb25 * Avoid rehashing and noop compression writer * corrected man page section; .conf file to mention its man page * copy: add --max-parallel-downloads to tune that copy option * copier.Get(): try to avoid descending into directories * tag: Support tagging manifest list instead of resolving to images * Install new manpages to correct sections * conformance: tighten up exception specifications * Add support for libsubid * Add epoch time field to buildah images * Fix ownership of /home/build/.local/share/containers * build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.0 * Rename bud to build, while keeping an alias for to bud. * Replace golang.org/x/crypto/ssh/terminal with golang.org/x/term * build(deps): bump github.com/opencontainers/runc from 1.0.1 to 1.0.2 * build(deps): bump github.com/onsi/gomega from 1.15.0 to 1.16.0 * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.3 to 1.7.4 * build(deps): bump github.com/containers/common from 0.43.1 to 0.43.2 * Move DiscoverContainerfile to pkg/util directory * build(deps): bump github.com/containers/image/v5 from 5.15.1 to 5.15.2 * Remove some references to Docker * build(deps): bump github.com/containers/image/v5 from 5.15.0 to 5.15.1 * imagebuildah: handle --manifest directly * build(deps): bump github.com/containers/common from 0.42.1 to 0.43.1 * build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4 * executor: make sure imageMap is updated with terminatedStage * tests/serve/serve.go: use a kernel-assigned port * Bump go for vendor-in-container from 1.13 to 1.16 * imagebuildah: move multiple-platform building internal * Adds GenerateStructure helper function to support rootfs-overlay. * Run codespell to fix spelling * Implement SSH RUN mount * build(deps): bump github.com/onsi/gomega from 1.14.0 to 1.15.0 * Fix resolv.conf content with run --net=private * run: fix nil deref using the option's logger * build(deps): bump github.com/containerd/containerd from 1.5.1 to 1.5.5 * make vendor-in-container * bud: teach --platform to take a list * set base-image annotations * build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3 * [CI:DOCS] Fix CHANGELOG.md * Bump to v1.23.0-dev [NO TESTS NEEDED] * Accept repositories on login/logout - Changelog for v1.22.0 (2021-08-02) * c/image, c/storage, c/common vendor before Podman 3.3 release * WIP: tests: new assert() * Proposed patch for 3399 (shadowutils) * Fix handling of --restore shadow-utils * build(deps): bump github.com/containers/image/v5 from 5.13.2 to 5.14.0 * runtime-flag (debug) test: handle old & new runc * build(deps): bump github.com/containers/storage from 1.32.6 to 1.33.0 * Allow dst and destination for target in secret mounts * Multi-arch: Always push updated version-tagged img * Add a few tests on cgroups V2 * imagebuildah.stageExecutor.prepare(): remove pseudonym check * refine dangling filter * Chown with environment variables not set should fail * Just restore protections of shadow-utils * build(deps): bump github.com/opencontainers/runc from 1.0.0 to 1.0.1 * Remove specific kernel version number requirement from install.md * Multi-arch image workflow: Make steps generic * chroot: fix environment value leakage to intermediate processes * Update nix pin with `make nixpkgs` * buildah source - create and manage source images * Update cirrus-cron notification GH workflow * Reuse code from containers/common/pkg/parse * Cirrus: Freshen VM images * build(deps): bump github.com/containers/storage from 1.32.5 to 1.32.6 * Fix excludes exception begining with / or ./ * Fix syntax for --manifest example * build(deps): bump github.com/onsi/gomega from 1.13.0 to 1.14.0 * vendor containers/common@main * Cirrus: Drop dependence on fedora-minimal * Adjust conformance-test error-message regex * Workaround appearance of differing debug messages * Cirrus: Install docker from package cache * build(deps): bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2 * Switch rusagelogfile to use options.Out * build(deps): bump github.com/containers/storage from 1.32.4 to 1.32.5 * Turn stdio back to blocking when command finishes * Add support for default network creation * Cirrus: Updates for master->main rename * Change references from master to main * Add `--env` and `--workingdir` flags to run command * build(deps): bump github.com/opencontainers/runc * [CI:DOCS] buildah bud: spelling --ignore-file requires parameter * [CI:DOCS] push/pull: clarify supported transports * Remove unused function arguments * Create mountOptions for mount command flags * Extract version command implementation to function * Add --json flags to `mount` and `version` commands * build(deps): bump github.com/containers/storage from 1.32.2 to 1.32.3 * build(deps): bump github.com/containers/common from 0.40.0 to 0.40.1 * copier.Put(): set xattrs after ownership * buildah add/copy: spelling * build(deps): bump github.com/containers/common from 0.39.0 to 0.40.0 * buildah copy and buildah add should support .containerignore * Remove unused util.StartsWithValidTransport * Fix documentation of the --format option of buildah push * Don't use alltransports.ParseImageName with known transports * build(deps): bump github.com/containers/image/v5 from 5.13.0 to 5.13.1 * man pages: clarify `rmi` removes dangling parents * tests: make it easer to override the location of the copy helper * build(deps): bump github.com/containers/image/v5 from 5.12.0 to 5.13.0 * [CI:DOCS] Fix links to c/image master branch * imagebuildah: use the specified logger for logging preprocessing warnings * Fix copy into workdir for a single file * Fix docs links due to branch rename * Update nix pin with `make nixpkgs` * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.2 to 1.7.3 * build(deps): bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2 * build(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6 * build(deps): bump github.com/containers/storage from 1.32.1 to 1.32.2 * build(deps): bump github.com/mattn/go-shellwords from 1.0.11 to 1.0.12 * build(deps): bump github.com/onsi/ginkgo from 1.16.3 to 1.16.4 * fix(docs): typo * Move to v1.22.0-dev * Fix handling of auth.json file while in a user namespace * Add rusage-logfile flag to optionally send rusage to a file * imagebuildah: redo step logging * build(deps): bump github.com/onsi/ginkgo from 1.16.2 to 1.16.3 * build(deps): bump github.com/containers/storage from 1.32.0 to 1.32.1 * Add volumes to make running buildah within a container easier * build(deps): bump github.com/onsi/gomega from 1.12.0 to 1.13.0 * Add and use a "copy" helper instead of podman load/save * Bump github.com/containers/common from 0.38.4 to 0.39.0 * containerImageRef/containerImageSource: don't buffer uncompressed layers * containerImageRef(): squashed images have no parent images * Sync. workflow across skopeo, buildah, and podman * Bump github.com/containers/storage from 1.31.1 to 1.31.2 * Bump github.com/opencontainers/runc from 1.0.0-rc94 to 1.0.0-rc95 * Bump to v1.21.1-dev [NO TESTS NEEDED] - Changelog for v1.21.0 (2021-05-19) * Don't blow up if cpp detects errors * Vendor in containers/common v0.38.4 * Remove 'buildah run --security-opt' from completion * update c/common * Fix handling of --default-mounts-file * update vendor of containers/storage v1.31.1 * Bump github.com/containers/storage from 1.30.3 to 1.31.0 * Send logrus messages back to caller when building * github: Fix bad repo. ref in workflow config * Check earlier for bad image tags name * buildah bud: fix containers/podman/issues/10307 * Bump github.com/containers/storage from 1.30.1 to 1.30.3 * Cirrus: Support [CI:DOCS] test skipping * Notification email for cirrus-cron build failures * Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94 * Fix race condition * Fix copy race while walking paths * Preserve ownership of lower directory when doing an overlay mount * Bump github.com/onsi/gomega from 1.11.0 to 1.12.0 * Update nix pin with `make nixpkgs` * codespell cleanup * Multi-arch github-action workflow unification * Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0 * Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2 * imagebuildah: ignore signatures when tagging images * update to latest libimage * Bump github.com/containers/common from 0.37.0 to 0.37.1 * Bump github.com/containers/storage from 1.30.0 to 1.30.1 * Upgrade to GitHub-native Dependabot * Document location of auth.json file if XDG_RUNTIME_DIR is not set * run.bats: fix flake in run-user test * Cirrus: Update F34beta -> F34 * pr-should-include-tests: try to make work in buildah * runUsingRuntime: when relaying error from the runtime, mention that * Run(): avoid Mkdir() into the rootfs * imagebuildah: replace archive with chrootarchive * imagebuildah.StageExecutor.volumeCacheSaveVFS(): set up bind mounts * conformance: use :Z with transient mounts when SELinux is enabled * bud.bats: fix a bats warning * imagebuildah: create volume directories when using overlays * imagebuildah: drop resolveSymlink() * namespaces test - refactoring and cleanup * Refactor 'idmapping' system test * Cirrus: Update Ubuntu images to 21.04 * Tiny fixes in bud system tests * Add compabitility wrappers for removed packages * Fix expected message at pulling image * Fix system tests of 'bud' subcommand * [CI:DOCS] Update steps for CentOS runc users * Add support for secret mounts * Add buildah manifest rm command * restore push/pull and util API * [CI:DOCS] Remove older distro docs * Rename rhel secrets to subscriptions * vendor in openshift/imagebuilder * Remove buildah bud --loglevel ... * use new containers/common/libimage package * Fix copier when using globs * Test namespace flags of 'bud' subcommand * Add system test of 'bud' subcommand * Output names of multiple tags in buildah bud * push to docker test: don't get fooled by podman * copier: add Remove() * build(deps): bump github.com/containers/image/v5 from 5.10.5 to 5.11.1 * Restore log timestamps * Add system test of 'buildah help' with a tiny fix * tests: copy.bats: fix infinite hang * Do not force hard code to crun in rootless mode * build(deps): bump github.com/openshift/imagebuilder from 1.2.0 to 1.2.1 * build(deps): bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1 * build(deps): bump github.com/containers/common from 0.35.4 to 0.36.0 * Fix arg missing warning in bud * Check without flag in 'from --cgroup-parent' test * Minor fixes to Buildah as a library tutorial documentation * Add system test of 'buildah version' for packaged buildah * Add a few system tests of 'buildah from' * Log the final error with %+v at logging level "trace" * copier: add GetOptions.NoCrossDevice * Update nix pin with `make nixpkgs` * Bump to v1.20.2-dev - Changelog for v1.20.1 (2021-04-13) * Run container with isolation type set at 'from' * bats helpers.bash - minor refactoring * Bump containers/storage vendor to v1.29.0 * build(deps): bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1 * Cirrus: Update VMs w/ F34beta * CLI add/copy: add a --from option * build(deps): bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0 * Add authentication system tests for 'commit' and 'bud' * fix local image lookup for custom platform * Double-check existence of OCI runtimes * Cirrus: Make use of shared get_ci_vm container * Add system tests of "buildah run" * Update nix pin with `make nixpkgs` * Remove some stuttering on returns errors * Setup alias for --tty to --terminal * Add conformance tests for COPY /... * Put a few more minutes on the clock for the CI conformance test * Add a conformance test for COPY --from $symlink * Add conformance tests for COPY "" * Check for symlink in builtin volume * Sort all mounts by destination directory * System-test cleanup * Export parse.Platform string to be used by podman-remote * blobcache: fix sequencing error * build(deps): bump github.com/containers/common from 0.35.3 to 0.35.4 * Fix URL in demos/buildah_multi_stage.sh * Add a few system tests * [NO TESTS NEEDED] Use --recurse-modules when building git context * Bump to v1.20.1-dev - Changelog for v1.20.0 (2021-03-25) * vendor in containers/storage v1.28.1 * build(deps): bump github.com/containers/common from 0.35.2 to 0.35.3 * tests: prefetch: use buildah, not podman, for pulls * Use faster way to check image tag existence during multi-arch build * Add information about multi-arch images to the Readme * COPY --chown: expand the conformance test * pkg/chrootuser: use a bufio.Scanner * [CI:DOCS] Fix rootful typo in docs * build(deps): bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2 * Add documentation and testing for .containerignore * build(deps): bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1 * build(deps): bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1 * Lookup Containerfile if user specifies a directory * Add Tag format placeholder to docs * copier: ignore sockets * image: propagate errors from extractRootfs * Remove system test of 'buildah containers -a' * Clarify userns options are usable only as root in man pages * Fix system test of 'containers -a' * Remove duplicated code in addcopy * build(deps): bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1 * build(deps): bump github.com/onsi/gomega from 1.10.5 to 1.11.0 * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.1 to 1.7.2 * Update multi-arch buildah build setup with new logic * Update nix pin with `make nixpkgs` * overlay.bats: fix the "overlay source permissions" test * imagebuildah: use overlay for volumes when using overlay * Make PolicyMap and PullPolicy names align * copier: add GetOptions.IgnoreUnreadable * Check local image to match system context * fix: Containerfiles - smaller set of userns u/gids * Set upperdir permissions based on source * Shrink the vendoring size of pkc/cli * Clarify image name match failure message * ADD/COPY: create the destination directory first, chroot to it * copier.GetOptions: add NoDerefSymLinks * copier: add an Eval function * Update system test for 'from --cap-add/drop' * copier: fix a renaming bug * copier: return child process stderr if we can't JSON decode the response * Add some system tests * build(deps): bump github.com/containers/storage from 1.26.0 to 1.27.0 * complement add/copy --chmod documentation * buildah login and logout, do not need to enter user namespace * Add multi-arch image build * chmod/chown added/fixed in bash completions * OWNERS: add @lsm5 * buildah add/copy --chmod dockerfile implementation * bump github.com/openshift/imagebuilder from 1.1.8 to 1.2.0 * buildah add/copy --chmod cli implementation for files and urls * Make sure we set the buildah version label * Isolation strings, should match user input * [CI:DOCS] buildah-from.md: remove dup arch,os * build(deps): bump github.com/containers/image/v5 from 5.10.2 to 5.10.3 * Cirrus: Temp. disable prior-fedora (F32) testing * pr-should-include-tests: recognized "renamed" tests * build(deps): bump github.com/sirupsen/logrus from 1.7.0 to 1.8.0 * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.0 to 1.7.1 * build(deps): bump github.com/containers/common from 0.34.2 to 0.35.0 * Fix reaping of stages with no instructions * add stale bot * Add base image name to comment * build(deps): bump github.com/spf13/cobra from 1.1.1 to 1.1.3 * Don't fail copy to emptydir * buildah: use volatile containers * vendor: update containers/storage * Eliminate the use of containers/building import in pkg subdirs * Add more support for removing config * Improve messages about --cache-from not being supported * Revert patch to allow COPY/ADD of empty dirs. * Don't fail copy to emptydir * Fix tutorial for rootless mode * Fix caching layers with build args * Vendor in containers/image v5.10.2 * build(deps): bump github.com/containers/common from 0.34.0 to 0.34.2 * build(deps): bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0 * 'make validate': require PRs to include tests * build(deps): bump github.com/onsi/gomega from 1.10.4 to 1.10.5 * build(deps): bump github.com/containers/storage from 1.24.5 to 1.25.0 * Use chown function for U volume flag from containers/common repository * --iidfile: print hash prefix * bump containernetworking/cni to v0.8.1 - fix for CVE-2021-20206 * run: fix check for host pid namespace * Finish plumbing for buildah bud --manifest * buildah manifest add localimage should work * Stop testing directory permissions with latest docker * Fix build arg check * build(deps): bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 * [ci:docs] Fix man page for buildah push * Update nix pin with `make nixpkgs` * Bump to containers/image v5.10.1 * Rebuild layer if a change in ARG is detected * Bump golang.org/x/crypto to the latest * Add Ashley and Urvashi to Approvers * local image lookup by digest * Use build-arg ENV val from local environment if set * Pick default OCI Runtime from containers.conf * Added required devel packages * Cirrus: Native OSX Build * Cirrus: Two minor cleanup items * Workaround for RHEL gating test failure * build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0 * build(deps): bump github.com/mattn/go-shellwords from 1.0.10 to 1.0.11 * Reset upstream branch to dev version * If destination does not exists, do not throw error - Changelog for v1.19.0 (2021-01-08) * Update vendor of containers/storage and containers/common * Buildah inspect should be able to inspect manifests * Make buildah push support pushing manifests lists and digests * Fix handling of TMPDIR environment variable * Add support for --manifest flags * Upper directory should match mode of destination directory * Only grab the OS, Arch if the user actually specified them * Use --arch and --os and --variant options to select architecture and os * Cirrus: Track libseccomp and golang version * copier.PutOptions: add an "IgnoreDevices" flag * fix: `rmi --prune` when parent image is in store. * build(deps): bump github.com/containers/storage from 1.24.3 to 1.24.4 * build(deps): bump github.com/containers/common from 0.31.1 to 0.31.2 * Allow users to specify stdin into containers * Drop log message on failure to mount on /sys file systems to info * Spelling * SELinux no longer requires a tag. * build(deps): bump github.com/opencontainers/selinux from 1.6.0 to 1.8.0 * build(deps): bump github.com/containers/common from 0.31.0 to 0.31.1 * Update nix pin with `make nixpkgs` * Switch references of /var/run -> /run * Allow FROM to be overriden with from option * copier: don't assume we can chroot() on Unixy systems * copier: add PutOptions.NoOverwriteDirNonDir, Get/PutOptions.Rename * copier: handle replacing directories with not-directories * copier: Put: skip entries with zero-length names * build(deps): bump github.com/containers/storage from 1.24.2 to 1.24.3 * Add U volume flag to chown source volumes * Turn off PRIOR_UBUNTU Test until vm is updated * pkg, cli: rootless uses correct isolation * build(deps): bump github.com/onsi/gomega from 1.10.3 to 1.10.4 * update installation doc to reflect current status * Move away from using docker.io * enable short-name aliasing * build(deps): bump github.com/containers/storage from 1.24.1 to 1.24.2 * build(deps): bump github.com/containers/common from 0.30.0 to 0.31.0 * Throw errors when using bogus --network flags * pkg/supplemented test: replace our null blobinfocache * build(deps): bump github.com/containers/common from 0.29.0 to 0.30.0 * inserts forgotten quotation mark * Not prefer use local image create/add manifest * Add container information to .containerenv * Add --ignorefile flag to use alternate .dockerignore flags * Add a source debug build * Fix crash on invalid filter commands * build(deps): bump github.com/containers/common from 0.27.0 to 0.29.0 * Switch to using containers/common pkg's * fix: non-portable shebang #2812 * Remove copy/paste errors that leaked `Podman` into man pages. * Add suggests cpp to spec file * Apply suggestions from code review * update docs for debian testing and unstable * imagebuildah: disable pseudo-terminals for RUN * Compute diffID for mapped-layer at creating image source * intermediateImageExists: ignore images whose history we can't read * Bump to v1.19.0-dev * build(deps): bump github.com/containers/common from 0.26.3 to 0.27.0 - Changelog for v1.18.0 (2020-11-16) * Fix testing error caused by simultanious merge * Vendor in containers/storage v1.24.0 * short-names aliasing * Add --policy flag to buildah pull * Stop overwrapping and stuttering * copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs * Run: don't forcibly disable UTS namespaces in rootless mode * test: ensure non-directory in a Dockerfile path is handled correctly * Add a few tests for `pull` command * Fix buildah config --cmd to handle array * build(deps): bump github.com/containers/storage from 1.23.8 to 1.23.9 * Fix NPE when Dockerfile path contains non-directory entries * Update buildah bud man page from podman build man page * Move declaration of decryption-keys to common cli * Run: correctly call copier.Mkdir * util: digging UID/GID out of os.FileInfo should work on Unix * imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache results * Verify userns-uid-map and userns-gid-map input * Use CPP, CC and flags in dep check scripts * Avoid overriding LDFLAGS in Makefile * ADD: handle --chown on URLs * Update nix pin with `make nixpkgs` * (*Builder).Run: MkdirAll: handle EEXIST error * copier: try to force loading of nsswitch modules before chroot() * fix MkdirAll usage * build(deps): bump github.com/containers/common from 0.26.2 to 0.26.3 * build(deps): bump github.com/containers/storage from 1.23.7 to 1.23.8 * Use osusergo build tag for static build * imagebuildah: cache should take image format into account * Bump to v1.18.0-dev - Changelog for v1.17.0 (2020-10-29) * Handle cases where other tools mount/unmount containers * overlay.MountReadOnly: support RO overlay mounts * overlay: use fusermount for rootless umounts * overlay: fix umount * Switch default log level of Buildah to Warn. Users need to see these messages * Drop error messages about OCI/Docker format to Warning level * build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2 * tests/testreport: adjust for API break in storage v1.23.6 * build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7 * build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6 * copier: put: ignore Typeflag="g" * Use curl to get repo file (fix #2714) * build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0 * build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1 * Remove docs that refer to bors, since we're not using it * Buildah bud should not use stdin by default * bump containerd, docker, and golang.org/x/sys * Makefile: cross: remove windows.386 target * copier.copierHandlerPut: don't check length when there are errors * Stop excessive wrapping * CI: require that conformance tests pass * bump(github.com/openshift/imagebuilder) to v1.1.8 * Skip tlsVerify insecure BUILD_REGISTRY_SOURCES * Fix build path wrong https://github.com/containers/podman/issues/7993 * refactor pullpolicy to avoid deps * build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0 * CI: run gating tasks with a lot more memory * ADD and COPY: descend into excluded directories, sometimes * copier: add more context to a couple of error messages * copier: check an error earlier * copier: log stderr output as debug on success * Update nix pin with `make nixpkgs` * Set directory ownership when copied with ID mapping * build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 * build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0 * Cirrus: Remove bors artifacts * Sort build flag definitions alphabetically * ADD: only expand archives at the right time * Remove configuration for bors * Shell Completion for podman build flags * Bump c/common to v0.24.0 * New CI check: xref --help vs man pages * CI: re-enable several linters * Move --userns-uid-map/--userns-gid-map description into buildah man page * add: preserve ownerships and permissions on ADDed archives * Makefile: tweak the cross-compile target * Bump containers/common to v0.23.0 * chroot: create bind mount targets 0755 instead of 0700 * Change call to Split() to safer SplitN() * chroot: fix handling of errno seccomp rules * build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0 * Add In Progress section to contributing * integration tests: make sure tests run in ${topdir}/tests * Run(): ignore containers.conf's environment configuration * Warn when setting healthcheck in OCI format * Cirrus: Skip git-validate on branches * tools: update git-validation to the latest commit * tools: update golangci-lint to v1.18.0 * Add a few tests of push command * Add(): fix handling of relative paths with no ContextDir * build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0 * Lint: Use same linters as podman * Validate: reference HEAD * Fix buildah mount to display container names not ids * Update nix pin with `make nixpkgs` * Add missing --format option in buildah from man page * Fix up code based on codespell * build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7 * build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5 * Improve buildah completions * Cirrus: Fix validate commit epoch * Fix bash completion of manifest flags * Uniform some man pages * Update Buildah Tutorial to address BZ1867426 * Update bash completion of `manifest add` sub command * copier.Get(): hard link targets shouldn't be relative paths * build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2 * Pass timestamp down to history lines * Timestamp gets updated everytime you inspect an image * bud.bats: use absolute paths in newly-added tests * contrib/cirrus/lib.sh: don't use CN for the hostname * tests: Add some tests * Update `manifest add` man page * Extend flags of `manifest add` * build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4 * build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1 * Bump to v1.17.0-dev * CI: expand cross-compile checks - Changelog for v1.16.0 (2020-09-03) * fix build on 32bit arches * containerImageRef.NewImageSource(): don't always force timestamps * Add fuse module warning to image readme * Heed our retry delay option values when retrying commit/pull/push * Switch to containers/common for seccomp * Use --timestamp rather then --omit-timestamp * docs: remove outdated notice * docs: remove outdated notice * build-using-dockerfile: add a hidden --log-rusage flag * build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 * Discard ReportWriter if user sets options.Quiet * build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3 * Fix ownership of content copied using COPY --from * newTarDigester: zero out timestamps in tar headers * Update nix pin with `make nixpkgs` * bud.bats: correct .dockerignore integration tests * Use pipes for copying * run: include stdout in error message * run: use the correct error for errors.Wrapf * copier: un-export internal types * copier: add Mkdir() * in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE * docs/buildah-commit.md: tweak some wording, add a --rm example * imagebuildah: don’t blank out destination names when COPYing * Replace retry functions with common/pkg/retry * StageExecutor.historyMatches: compare timestamps using .Equal * Update vendor of containers/common * Fix errors found in coverity scan * Change namespace handling flags to better match podman commands * conformance testing: ignore buildah.BuilderIdentityAnnotation labels * Vendor in containers/storage v1.23.0 * Add buildah.IsContainer interface * Avoid feeding run_buildah to pipe * fix(buildahimage): add xz dependency in buildah image * Bump github.com/containers/common from 0.15.2 to 0.18.0 * Howto for rootless image building from OpenShift * Add --omit-timestamp flag to buildah bud * Update nix pin with `make nixpkgs` * Shutdown storage on failures * Handle COPY --from when an argument is used * Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0 * Cirrus: Use newly built VM images * Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92 * Enhance the .dockerignore man pages * conformance: add a test for COPY from subdirectory * fix bug manifest inspct * Add documentation for .dockerignore * Add BuilderIdentityAnnotation to identify buildah version * DOC: Add quay.io/containers/buildah image to README.md * Update buildahimages readme * fix spelling mistake in "info" command result display * Don't bind /etc/host and /etc/resolv.conf if network is not present * blobcache: avoid an unnecessary NewImage() * Build static binary with `buildGoModule` * copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit * tarFilterer: handle multiple archives * Fix a race we hit during conformance tests * Rework conformance testing * Update 02-registries-repositories.md * test-unit: invoke cmd/buildah tests with --flags * parse: fix a type mismatch in a test * Fix compilation of tests/testreport/testreport * build.sh: log the version of Go that we're using * test-unit: increase the test timeout to 40/45 minutes * Add the "copier" package * Fix & add notes regarding problematic language in codebase * Add dependency on github.com/stretchr/testify/require * CompositeDigester: add the ability to filter tar streams * BATS tests: make more robust * vendor golang.org/x/text@v0.3.3 * Switch golang 1.12 to golang 1.13 * imagebuildah: wait for stages that might not have even started yet * chroot, run: not fail on bind mounts from /sys * chroot: do not use setgroups if it is blocked * Set engine env from containers.conf * imagebuildah: return the right stage's image as the "final" image * Fix a help string * Deduplicate environment variables * switch containers/libpod to containers/podman * Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3 * Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0 * Mask out /sys/dev to prevent information leak * linux: skip errors from the runtime kill * Mask over the /sys/fs/selinux in mask branch * Add VFS additional image store to container * tests: add auth tests * Allow "readonly" as alias to "ro" in mount options * Ignore OS X specific consistency mount option * Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0 * Bump github.com/containers/common from 0.14.0 to 0.15.2 * Rootless Buildah should default to IsolationOCIRootless * imagebuildah: fix inheriting multi-stage builds * Make imagebuildah.BuildOptions.Architecture/OS optional * Make imagebuildah.BuildOptions.Jobs optional * Resolve a possible race in imagebuildah.Executor.startStage() * Switch scripts to use containers.conf * Bump openshift/imagebuilder to v1.1.6 * Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5 * buildah, bud: support --jobs=N for parallel execution * executor: refactor build code inside new function * Add bud regression tests * Cirrus: Fix missing htpasswd in registry img * docs: clarify the 'triples' format * CHANGELOG.md: Fix markdown formatting * Add nix derivation for static builds * Bump to v1.16.0-dev * add version centos7 for compatible - Changelog for v1.15.0 (2020-06-17) * Bump github.com/containers/common from 0.12.0 to 0.13.1 * Bump github.com/containers/storage from 1.20.1 to 1.20.2 * Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0 * Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 * Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 * Add CVE-2020-10696 to CHANGELOG.md and changelog.txt * Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 * Bump github.com/onsi/ginkgo from 1.12.2 to 1.12.3 * Vendor in containers/common v0.12.0 * fix lighttpd example * Vendor in new go.etcd.io/bbolt * Bump github.com/onsi/ginkgo from 1.12.1 to 1.12.2 * Bump imagebuilder for ARG fix * Bump github.com/containers/common from 0.11.2 to 0.11.4 * remove dependency on openshift struct * Warn on unset build arguments * vendor: update seccomp/containers-golang to v0.4.1 * Ammended docs * Updated docs * clean up comments * update exit code for tests * Implement commit for encryption * implementation of encrypt/decrypt push/pull/bud/from * fix resolve docker image name as transport * Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 * Bump github.com/onsi/ginkgo from 1.12.0 to 1.12.1 * Bump github.com/containers/storage from 1.19.1 to 1.19.2 * Bump github.com/containers/image/v5 from 5.4.3 to 5.4.4 * Add preliminary profiling support to the CLI * Bump github.com/containers/common from 0.10.0 to 0.11.2 * Evaluate symlinks in build context directory * fix error info about get signatures for containerImageSource * Add Security Policy * Cirrus: Fixes from review feedback * Bump github.com/containers/storage from 1.19.0 to 1.19.1 * Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 * imagebuildah: stages shouldn't count as their base images * Update containers/common v0.10.0 * Bump github.com/fsouza/go-dockerclient from 1.6.4 to 1.6.5 * Add registry to buildahimage Dockerfiles * Cirrus: Use pre-installed VM packages + F32 * Cirrus: Re-enable all distro versions * Cirrus: Update to F31 + Use cache images * golangci-lint: Disable gosimple * Lower number of golangci-lint threads * Fix permissions on containers.conf * Don't force tests to use runc * Bump github.com/containers/common from 0.9.1 to 0.9.5 * Return exit code from failed containers * Bump github.com/containers/storage from 1.18.2 to 1.19.0 * Bump github.com/containers/common from 0.9.0 to 0.9.1 * cgroup_manager should be under [engine] * Use c/common/pkg/auth in login/logout * Cirrus: Temporarily disable Ubuntu 19 testing * Add containers.conf to stablebyhand build * Update gitignore to exclude test Dockerfiles * Bump github.com/fsouza/go-dockerclient from 1.6.3 to 1.6.4 * Bump github.com/containers/common from 0.8.1 to 0.9.0 * Bump back to v1.15.0-dev * Remove warning for systemd inside of container - Changelog for v1.14.8 (2020-04-09) * Run (make vendor) * Run (make -C tests/tools vendor) * Run (go mod tidy) before (go mod vendor) again * Fix (make vendor) * Bump validation * Bump back to v1.15.0-dev - Changelog for v1.14.7 (2020-04-07) * Bump github.com/containers/image/v5 from 5.3.1 to 5.4.3 * make vendor: run `tidy` after `vendor` * Do not skip the directory when the ignore pattern matches * Bump github.com/containers/common from 0.7.0 to 0.8.1 * Downgrade siruspen/logrus from 1.4.2 * Fix errorf conventions * dockerignore tests : remove symlinks, rework * Bump back to v1.15.0-dev - Changelog for v1.14.6 (2020-04-02) * bud.bats - cleanup, refactoring * vendor in latest containers/storage 1.18.0 and containers/common v0.7.0 * Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 * Bump github.com/containers/storage from 1.16.5 to 1.17.0 * Bump github.com/containers/image/v5 from 5.2.1 to 5.3.1 * Fix Amazon install step * Bump back to v1.15.0-dev * Fix bud-build-arg-cache test * Make image history work correctly with new args handling * Don't add args to the RUN environment from the Builder * Update github.com/openshift/imagebuilder to v1.1.4 * Add .swp files to .gitignore - Changelog for v1.14.5 (2020-03-26) * revert #2246 FIPS mode change * Bump back to v1.15.0-dev * image with dup layers: we now have one on quay * digest test : make more robust - Changelog for v1.14.4 (2020-03-25) * Fix fips-mode check for RHEL8 boxes * Fix potential CVE in tarfile w/ symlink (Edit 02-Jun-2020: Addresses CVE-2020-10696) * Fix .dockerignore with globs and ! commands * update install steps for Amazon Linux 2 * Bump github.com/openshift/imagebuilder from 1.1.2 to 1.1.3 * Add comment for RUN command in volume ownership test * Run stat command directly for volume ownership test * vendor in containers/common v0.6.1 * Cleanup go.sum * Bump back to v1.15.0-dev - Changelog for v1.14.3 (2020-03-17) * Update containers/storage to v1.16.5 * Bump github.com/containers/storage from 1.16.2 to 1.16.4 * Bump github.com/openshift/imagebuilder from 1.1.1 to 1.1.2 * Update github.com/openshift/imagebuilder vendoring * Update unshare man page to fix script example * Fix compilation errors on non linux platforms * Bump containers/common and opencontainers/selinux versions * Add tests for volume ownership * Preserve volume uid and gid through subsequent commands * Fix FORWARD_NULL errors found by Coverity * Bump github.com/containers/storage from 1.16.1 to 1.16.2 * Fix errors found by codespell * Bump back to v1.15.0-dev * Add Pull Request Template - Changelog for v1.14.2 (2020-03-03) * Add Buildah pull request template * Bump to containers/storage v1.16.1 * run_linux: fix tight loop if file is not pollable * Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3 * Bump github.com/containers/common from 0.4.1 to 0.4.2 * Bump back to v1.15.0-dev * Add Containerfile to build a versioned stable image on quay.io - Changelog for v1.14.1 (2020-02-27) * Search for local runtime per values in containers.conf * Set correct ownership on working directory * BATS : in teardown, umount stale mounts * Bump github.com/spf13/cobra from 0.0.5 to 0.0.6 * Bump github.com/fsouza/go-dockerclient from 1.6.1 to 1.6.3 * Bump github.com/stretchr/testify from 1.4.0 to 1.5.1 * Replace unix with syscall to allow vendoring into libpod * Update to containers/common v0.4.1 * Improve remote manifest retrieval * Fix minor spelling errors in containertools README * Clear the right variable in buildahimage * Correct a couple of incorrect format specifiers * Update to containers/common v0.3.0 * manifest push --format: force an image type, not a list type * run: adjust the order in which elements are added to $PATH * getDateAndDigestAndSize(): handle creation time not being set * Bump github.com/containers/common from 0.2.0 to 0.2.1 * include installation steps for CentOS 8 and Stream * include installation steps for CentOS7 and forks * Adjust Ubuntu install info to also work on Pop!_OS * Make the commit id clear like Docker * Show error on copied file above context directory in build * Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1 * pull/from/commit/push: retry on most failures * Makefile: fix install.cni.sudo * Repair buildah so it can use containers.conf on the server side * Bump github.com/mattn/go-shellwords from 1.0.9 to 1.0.10 * Bump github.com/fsouza/go-dockerclient from 1.6.0 to 1.6.1 * Fixing formatting & build instructions * Add Code of Conduct * Bors: Fix no. req. github reviews * Cirrus+Bors: Simplify temp branch skipping * Bors-ng: Add documentation and status-icon * Bump github.com/onsi/ginkgo from 1.11.0 to 1.12.0 * fix XDG_RUNTIME_DIR for authfile * Cirrus: Disable F29 testing * Cirrus: Add jq package * Cirrus: Fix lint + validation using wrong epoch * Stop using fedorproject registry * Bors: Workaround ineffective required statuses * Bors: Enable app + Disable Travis * Cirrus: Add standardized log-collection * Cirrus: Improve automated lint + validation * Allow passing options to golangci-lint * Cirrus: Fixes from review feedback * Cirrus: Temporarily ignore VM testing failures * Cirrus: Migrate off papr + implement VM testing * Cirrus: Update packages + fixes for get_ci_vm.sh * Show validation command-line * Skip overlay test w/ vfs driver * use alpine, not centos, for various tests * Flake handling: cache and prefetch images * Bump to v1.15.0-dev - Changelog for v1.14.0 (2020-02-05) * bump github.com/mtrmac/gpgme * Update containers/common to v0.1.4 * manifest push: add --format option * Bump github.com/onsi/gomega from 1.8.1 to 1.9.0 * vendor github.com/containers/image/v5@v5.2.0 * info test: deal with random key order * Bump back to v1.14.0-dev - Changelog for v1.13.2 (2020-01-29) * sign.bats: set GPG_TTY=/dev/null * Fix parse_unsupported.go * getDateAndDigestAndSize(): use manifest.Digest * Bump github.com/opencontainers/selinux from 1.3.0 to 1.3.1 * Bump github.com/containers/common from 0.1.0 to 0.1.2 * Touch up os/arch doc * chroot: handle slightly broken seccomp defaults * buildahimage: specify fuse-overlayfs mount options * Bump github.com/mattn/go-shellwords from 1.0.7 to 1.0.9 * copy.bats: make sure we detect failures due to missing source * parse: don't complain about not being able to rename something to itself * Makefile: use a $(GO_TEST) macro, fix a typo * manifests: unit test fix * Fix build for 32bit platforms * Allow users to set OS and architecture on bud * Fix COPY in containerfile with envvar * Bump c/storage to v1.15.7 * add --sign-by to bud/commit/push, --remove-signatures for pull/push * Remove cut/paste error in CHANGELOG.md * Update vendor of containers/common to v0.1.0 * update install instructions for Debian, Raspbian and Ubuntu * Add support for containers.conf * Bump back to v1.14.0-dev - Changelog for v1.13.1 (2020-01-14) * Bump github.com/containers/common from 0.0.5 to 0.0.7 * Bump github.com/onsi/ginkgo from 1.10.3 to 1.11.0 * Bump github.com/pkg/errors from 0.8.1 to 0.9.0 * Bump github.com/onsi/gomega from 1.7.1 to 1.8.1 * Add codespell support * copyFileWithTar: close source files at the right time * copy: don't digest files that we ignore * Check for .dockerignore specifically * Travis: rm go 1.12.x * Don't setup excludes, if their is only one pattern to match * set HOME env to /root on chroot-isolation by default * docs: fix references to containers-*.5 * update openshift/api * fix bug Add check .dockerignore COPY file * buildah bud --volume: run from tmpdir, not source dir * Fix imageNamePrefix to give consistent names in buildah-from * cpp: use -traditional and -undef flags * Fix image reference in tutorial 4 * discard outputs coming from onbuild command on buildah-from --quiet * make --format columnizing consistent with buildah images * Bump to v1.14.0-dev - Changelog for v1.13.0 (2019-12-27) * Bump to c/storage v1.15.5 * Update container/storage to v1.15.4 * Fix option handling for volumes in build * Rework overlay pkg for use with libpod * Fix buildahimage builds for buildah * Add support for FIPS-Mode backends * Set the TMPDIR for pulling/pushing image to $TMPDIR * WIP: safer test for pull --all-tags * BATS major cleanup: blobcache.bats: refactor * BATS major cleanup: part 4: manual stuff * BATS major cleanup, step 3: yet more run_buildah * BATS major cleanup, part 2: use more run_buildah * BATS major cleanup, part 1: log-level * Bump github.com/containers/image/v5 from 5.0.0 to 5.1.0 * Bump github.com/containers/common from 0.0.3 to 0.0.5 * Bump to v1.13.0-dev - Changelog for v1.12.0 (2019-12-13) * Allow ADD to use http src * Bump to c/storage v.1.15.3 * install.md: update golang dependency * imgtype: reset storage opts if driver overridden * Start using containers/common * overlay.bats typo: fuse-overlays should be fuse-overlayfs * chroot: Unmount with MNT_DETACH instead of UnmountMountpoints() * bind: don't complain about missing mountpoints * imgtype: check earlier for expected manifest type * Vendor containers/storage fix * Vendor containers/storage v1.15.1 * Add history names support * PR takeover of #1966 * Tests: Add inspect test check steps * Tests: Add container name and id check in containers test steps * Test: Get permission in add test * Tests: Add a test for tag by id * Tests: Add test cases for push test * Tests: Add image digest test * Tests: Add some buildah from tests * Tests: Add two commit test * Tests: Add buildah bud with --quiet test * Tests: Add two test for buildah add * Bump back to v1.12.0-dev - Changelog for v1.11.6 (2019-12-03) * Handle missing equal sign in --from and --chown flags for COPY/ADD * bud COPY does not download URL * Bump github.com/onsi/gomega from 1.7.0 to 1.7.1 * Fix .dockerignore exclude regression * Ran buildah through codespell * commit(docker): always set ContainerID and ContainerConfig * Touch up commit man page image parameter * Add builder identity annotations. * info: use util.Runtime() * Bump github.com/onsi/ginkgo from 1.10.2 to 1.10.3 * Bump back to v1.12.0-dev - Changelog for v1.11.5 (2019-11-11) * Enhance error on unsafe symbolic link targets * Add OCIRuntime to info * Check nonexsit authfile * Only output image id if running buildah bud --quiet * Fix --pull=true||false and add --pull-never to bud and from (retry) * cgroups v2: tweak or skip tests * Prepwork: new 'skip' helpers for tests * Handle configuration blobs for manifest lists * unmarshalConvertedConfig: avoid using the updated image's ref * Add completions for Manifest commands * Add disableFips option to secrets pkg * Update bud.bats test archive test * Add test for caching based on content digest * Builder.untarPath(): always evaluate b.ContentDigester.Hash() * Bump github.com/onsi/ginkgo from 1.10.1 to 1.10.2 * Fix another broken test: copy-url-mtime * yet more fixes * Actual bug fix for 'add' test: fix the expected mode * BATS tests - lots of mostly minor cleanup * build: drop support for ostree * Add support for make vendor-in-container * imgtype: exit with error if storage fails * remove XDG_RUNTIME_DIR from default authfile path * fix troubleshooting redirect instructions * Bump back to v1.12.0-dev - Changelog for v1.11.4 (2019-10-28) * buildah: add a "manifest" command * manifests: add the module * pkg/supplemented: add a package for grouping images together * pkg/manifests: add a manifest list build/manipulation API * Update for ErrUnauthorizedForCredentials API change in containers/image * Update for manifest-lists API changes in containers/image * version: also note the version of containers/image * Move to containers/image v5.0.0 * Enable --device directory as src device * Fix git build with branch specified * Bump github.com/openshift/imagebuilder from 1.1.0 to 1.1.1 * Bump github.com/fsouza/go-dockerclient from 1.4.4 to 1.5.0 * Add clarification to the Tutorial for new users * Silence "using cache" to ensure -q is fully quiet * Add OWNERS File to Buildah * Bump github.com/containers/storage from 1.13.4 to 1.13.5 * Move runtime flag to bud from common * Commit: check for storage.ErrImageUnknown using errors.Cause() * Fix crash when invalid COPY --from flag is specified. * Bump back to v1.12.0-dev - Changelog for v1.11.3 (2019-10-04) * Update c/image to v4.0.1 * Bump github.com/spf13/pflag from 1.0.3 to 1.0.5 * Fix --build-args handling * Bump github.com/spf13/cobra from 0.0.3 to 0.0.5 * Bump github.com/cyphar/filepath-securejoin from 0.2.1 to 0.2.2 * Bump github.com/onsi/ginkgo from 1.8.0 to 1.10.1 * Bump github.com/fsouza/go-dockerclient from 1.3.0 to 1.4.4 * Add support for retrieving context from stdin "-" * Ensure bud remote context cleans up on error * info: add cgroups2 * Bump github.com/seccomp/libseccomp-golang from 0.9.0 to 0.9.1 * Bump github.com/mattn/go-shellwords from 1.0.5 to 1.0.6 * Bump github.com/stretchr/testify from 1.3.0 to 1.4.0 * Bump github.com/opencontainers/selinux from 1.2.2 to 1.3.0 * Bump github.com/etcd-io/bbolt from 1.3.2 to 1.3.3 * Bump github.com/onsi/gomega from 1.5.0 to 1.7.0 * update c/storage to v1.13.4 * Print build 'STEP' line to stdout, not stderr * Fix travis-ci on forks * Vendor c/storage v1.13.3 * Use Containerfile by default * Added tutorial on how to include Buildah as library * util/util: Fix "configuraitno" -> "configuration" log typo * Bump back to v1.12.0-dev - Changelog for v1.11.2 (2019-09-13) * Add some cleanup code * Move devices code to unit specific directory. * Bump back to v1.12.0-dev - Changelog for v1.11.1 (2019-09-11) * Add --devices flag to bud and from * Downgrade .papr to highest atomic verion * Add support for /run/.containerenv * Truncate output of too long image names * Preserve file and directory mount permissions * Bump fedora version from 28 to 30 * makeImageRef: ignore EmptyLayer if Squash is set * Set TMPDIR to /var/tmp by default * replace --debug=false with --log-level=error * Allow mounts.conf entries for equal source and destination paths * fix label and annotation for 1-line Dockerfiles * Enable interfacer linter and fix lints * install.md: mention goproxy * Makefile: use go proxy * Bump to v1.12.0-dev - Changelog for v1.11.0 (2019-08-29) * tests/bud.bats: add --signature-policy to some tests * Vendor github.com/openshift/api * pull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES * Add `--log-level` command line option and deprecate `--debug` * add support for cgroupsV2 * Correctly detect ExitError values from Run() * Disable empty logrus timestamps to reduce logger noise * Remove outdated deps Makefile target * Remove gofmt.sh in favor of golangci-lint * Remove govet.sh in favor of golangci-lint * Allow to override build date with SOURCE_DATE_EPOCH * Update shebangs to take env into consideration * Fix directory pull image names * Add --digestfile and Re-add push statement as debug * README: mention that Podman uses Buildah's API * Use content digests in ADD/COPY history entries * add: add a DryRun flag to AddAndCopyOptions * Fix possible runtime panic on bud * Add security-related volume options to validator * use correct path for ginkgo * Add bud 'without arguments' integration tests * Update documentation about bud * add: handle hard links when copying with .dockerignore * add: teach copyFileWithTar() about symlinks and directories * Allow buildah bud to be called without arguments * imagebuilder: fix detection of referenced stage roots * Touch up go mod instructions in install * run_linux: fix mounting /sys in a userns * Vendor Storage v1.13.2 * Cirrus: Update VM images * Fix handling of /dev/null masked devices * Update `bud`/`from` help to contain indicator for `--dns=none` * Bump back to v1.11.0-dev - Changelog for v1.10.1 (2019-08-08) * Bump containers/image to v3.0.2 to fix keyring issue * Bug fix for volume minus syntax * Bump container/storage v1.13.1 and containers/image v3.0.1 * bump github.com/containernetworking/cni to v0.7.1 * Add overlayfs to fuse-overlayfs tip * Add automatic apparmor tag discovery * Fix bug whereby --get-login has no effect * Bump to v1.11.0-dev - Changelog for v1.10.0 (2019-08-02) * vendor github.com/containers/image@v3.0.0 * Remove GO111MODULE in favor of `-mod=vendor` * Vendor in containers/storage v1.12.16 * Add '-' minus syntax for removal of config values * tests: enable overlay tests for rootless * rootless, overlay: use fuse-overlayfs * vendor github.com/containers/image@v2.0.1 * Added '-' syntax to remove volume config option * delete `successfully pushed` message * Add golint linter and apply fixes * vendor github.com/containers/storage@v1.12.15 * Change wait to sleep in buildahimage readme * Handle ReadOnly images when deleting images * Add support for listing read/only images - Changelog for v1.9.2 (2019-07-19) * from/import: record the base image's digest, if it has one * Fix CNI version retrieval to not require network connection * Add misspell linter and apply fixes * Add goimports linter and apply fixes * Add stylecheck linter and apply fixes * Add unconvert linter and apply fixes * image: make sure we don't try to use zstd compression * run.bats: skip the "z" flag when testing --mount * Update to runc v1.0.0-rc8 * Update to match updated runtime-tools API * bump github.com/opencontainers/runtime-tools to v0.9.0 * Build e2e tests using the proper build tags * Add unparam linter and apply fixes * Run: correct a typo in the --cap-add help text * unshare: add a --mount flag * fix push check image name is not empty * Bump to v1.9.2-dev - Changelog for v1.9.1 (2019-07-12) * add: fix slow copy with no excludes * Add errcheck linter and fix missing error check * Improve tests/tools/Makefile parallelism and abstraction * Fix response body not closed resource leak * Switch to golangci-lint * Add gomod instructions and mailing list links * On Masked path, check if /dev/null already mounted before mounting * Update to containers/storage v1.12.13 * Refactor code in package imagebuildah * Add rootless podman with NFS issue in documentation * Add --mount for buildah run * import method ValidateVolumeOpts from libpod * Fix typo * Makefile: set GO111MODULE=off * rootless: add the built-in slirp DNS server * Update docker/libnetwork to get rid of outdated sctp package * Update buildah-login.md * migrate to go modules * install.md: mention go modules * tests/tools: go module for test binaries * fix --volume splits comma delimited option * Add bud test for RUN with a priv'd command * vendor logrus v1.4.2 * pkg/cli: panic when flags can't be hidden * pkg/unshare: check all errors * pull: check error during report write * run_linux.go: ignore unchecked errors * conformance test: catch copy error * chroot/run_test.go: export funcs to actually be executed * tests/imgtype: ignore error when shutting down the store * testreport: check json error * bind/util.go: remove unused func * rm chroot/util.go * imagebuildah: remove unused `dedupeStringSlice` * StageExecutor: EnsureContainerPath: catch error from SecureJoin() * imagebuildah/build.go: return instead of branching * rmi: avoid redundant branching * conformance tests: nilness: allocate map * imagebuildah/build.go: avoid redundant `filepath.Join()` * imagebuildah/build.go: avoid redundant `os.Stat()` * imagebuildah: omit comparison to bool * fix "ineffectual assignment" lint errors * docker: ignore "repeats json tag" lint error * pkg/unshare: use `...` instead of iterating a slice * conformance: bud test: use raw strings for regexes * conformance suite: remove unused func/var * buildah test suite: remove unused vars/funcs * testreport: fix golangci-lint errors * util: remove redundant `return` statement * chroot: only log clean-up errors * images_test: ignore golangci-lint error * blobcache: log error when draining the pipe * imagebuildah: check errors in deferred calls * chroot: fix error handling in deferred funcs * cmd: check all errors * chroot/run_test.go: check errors * chroot/run.go: check errors in deferred calls * imagebuildah.Executor: remove unused onbuild field * docker/types.go: remove unused struct fields * util: use strings.ContainsRune instead of index check * Cirrus: Initial implementation * Bump to v1.9.1-dev - Changelog for v1.9.0 (2019-06-15) * buildah-run: fix-out-of-range panic (2) * Bump back to v1.9.0-dev - Changelog for v1.8.4 (2019-06-13) Update containers/image to v2.0.0 run: fix hang with run and --isolation=chroot run: fix hang when using run chroot: drop unused function call remove --> before imgageID on build Always close stdin pipe Write deny to setgroups when doing single user mapping Avoid including linux/memfd.h Add a test for the symlink pointing to a directory Add missing continue Fix the handling of symlinks to absolute paths Only set default network sysctls if not rootless Support --dns=none like podman fix bug --cpu-shares parsing typo Fix validate complaint Update vendor on containers/storage to v1.12.10 Create directory paths for COPY thereby ensuring correct perms imagebuildah: use a stable sort for comparing build args imagebuildah: tighten up cache checking bud.bats: add a test verying the order of --build-args add -t to podman run imagebuildah: simplify screening by top layers imagebuildah: handle ID mappings for COPY --from imagebuildah: apply additionalTags ourselves bud.bats: test additional tags with cached images bud.bats: add a test for WORKDIR and COPY with absolute destinations Cleanup Overlay Mounts content - Changelog for v1.8.3 (2019-06-04) * Add support for file secret mounts * Add ability to skip secrets in mounts file * allow 32bit builds * fix tutorial instructions * imagebuilder: pass the right contextDir to Add() * add: use fileutils.PatternMatcher for .dockerignore * bud.bats: add another .dockerignore test * unshare: fallback to single usermapping * addHelperSymlink: clear the destination on os.IsExist errors * bud.bats: test replacing symbolic links * imagebuildah: fix handling of destinations that end with '/' * bud.bats: test COPY with a final "/" in the destination * linux: add check for sysctl before using it * unshare: set _CONTAINERS_ROOTLESS_GID * Rework buildahimamges * build context: support https git repos * Add a test for ENV special chars behaviour * Check in new Dockerfiles * Apply custom SHELL during build time * config: expand variables only at the command line * SetEnv: we only need to expand v once * Add default /root if empty on chroot iso * Add support for Overlay volumes into the container. * Export buildah validate volume functions so it can share code with libpod * Bump baseline test to F30 * Fix rootless handling of /dev/shm size * Avoid fmt.Printf() in the library * imagebuildah: tighten cache checking back up * Handle WORKDIR with dangling target * Default Authfile to proper path * Make buildah run --isolation follow BUILDAH_ISOLATION environment * Vendor in latest containers/storage and containers/image * getParent/getChildren: handle layerless images * imagebuildah: recognize cache images for layerless images * bud.bats: test scratch images with --layers caching * Get CHANGELOG.md updates * Add some symlinks to test our .dockerignore logic * imagebuildah: addHelper: handle symbolic links * commit/push: use an everything-allowed policy * Correct manpage formatting in files section * Remove must be root statement from buildah doc * Change image names to stable, testing and upstream * Bump back to v1.9.0-dev - Changelog for v1.8.2 (2019-05-02) * Vendor Storage 1.12.6 * Create scratch file in TESTDIR * Test bud-copy-dot with --layers picks up changed file * Bump back to 1.9.0-dev - Changelog for v1.8.1 (2019-05-01) * Don't create directory on container * Replace kubernetes/pause in tests with k8s.gcr.io/pause * imagebuildah: don't remove intermediate images if we need them * Rework buildahimagegit to buildahimageupstream * Fix Transient Mounts * Handle WORKDIRs that are symlinks * allow podman to build a client for windows * Touch up 1.9-dev to 1.9.0-dev * Bump to 1.9-dev - Changelog for v1.8.0 (2019-04-26) * Resolve symlink when checking container path * commit: commit on every instruction, but not always with layers * CommitOptions: drop the unused OnBuild field * makeImageRef: pass in the whole CommitOptions structure * cmd: API cleanup: stores before images * run: check if SELinux is enabled * Fix buildahimages Dockerfiles to include support for additionalimages mounted from host. * Detect changes in rootdir * Fix typo in buildah-pull(1) * Vendor in latest containers/storage * Keep track of any build-args used during buildah bud --layers * commit: always set a parent ID * imagebuildah: rework unused-argument detection * fix bug dest path when COPY .dockerignore * Move Host IDMAppings code from util to unshare * Add BUILDAH_ISOLATION rootless back * Travis CI: fail fast, upon error in any step * imagebuildah: only commit images for intermediate stages if we have to * Use errors.Cause() when checking for IsNotExist errors * auto pass http_proxy to container * Bump back to 1.8-dev - Changelog for v1.7.3 (2019-04-16) * imagebuildah: don't leak image structs * Add Dockerfiles for buildahimages * Bump to Replace golang 1.10 with 1.12 * add --dns* flags to buildah bud * Add hack/build_speed.sh test speeds on building container images * Create buildahimage Dockerfile for Quay * rename 'is' to 'expect_output' * squash.bats: test squashing in multi-layered builds * bud.bats: test COPY --from in a Dockerfile while using the cache * commit: make target image names optional * Fix bud-args to allow comma separation * oops, missed some tests in commit.bats * new helper: expect_line_count * New tests for #1467 (string slices in cmdline opts) * Workarounds for dealing with travis; review feedback * BATS tests - extensive but minor cleanup * imagebuildah: defer pulling images for COPY --from * imagebuildah: centralize COMMIT and image ID output * Travis: do not use traviswait * imagebuildah: only initialize imagebuilder configuration once per stage * Make cleaner error on Dockerfile build errors * unshare: move to pkg/ * unshare: move some code from cmd/buildah/unshare * Fix handling of Slices versus Arrays * imagebuildah: reorganize stage and per-stage logic * imagebuildah: add empty layers for instructions * Add missing step in installing into Ubuntu * fix bug in .dockerignore support * imagebuildah: deduplicate prepended "FROM" instructions * Touch up intro * commit: set created-by to the shell if it isn't set * commit: check that we always set a "created-by" * docs/buildah.md: add "containers-" prefixes under "SEE ALSO" * Bump back to 1.8-dev - Changelog for v1.7.2 (2019-03-28) * mount: do not create automatically a namespace * buildah: correctly create the userns if euid!=0 * imagebuildah.Build: consolidate cleanup logic * CommitOptions: drop the redundant Store field * Move pkg/chrootuser from libpod to buildah. * imagebuildah: record image IDs and references more often * vendor imagebuilder v1.1.0 * imagebuildah: fix requiresStart/noRunsRemaining confusion * imagebuildah: check for unused args across stages * bump github.com/containernetworking/cni to v0.7.0-rc2 * imagebuildah: use "useCache" instead of "noCache" * imagebuildah.resolveNameToImageRef(): take name as a parameter * Export fields of the DokcerIgnore struct * imagebuildah: drop the duplicate containerIDs list * rootless: by default use the host network namespace * imagebuildah: split Executor and per-stage execution * imagebuildah: move some fields around * golint: make golint happy * docs: 01-intro.md: add missing . in Dockerfile examples * fix bug using .dockerignore * Do not create empty mounts.conf file * images: suppress a spurious blank line with no images * from: distinguish between ADD and COPY * fix bug to not separate each --label value with comma * buildah-bud.md: correct a typo, note a default * Remove mistaken code that got merged in other PR * add sample registries.conf to docs * escape shell variables in README example * slirp4netns: set mtu to 65520 * images: imageReposToMap() already adds : * imagebuildah.ReposToMap: move to cmd * Build: resolve copyFrom references earlier * Allow rootless users to use the cache directory in homedir * bud.bats: use the per-test temp directory * bud.bats: log output before counting length * Simplify checks for leftover args * Print commitID with --layers * fix bug images use the template to print results * rootless: honor --net host * onsi/gomeage add missing files * vendor latest openshift/imagebuilder * Remove noop from squash help * Prepend a comment to files setup in container * imagebuildah resolveSymlink: fix handling of relative links * Errors should be printed to stderr * Add recommends for slirp4netns and fuse-overlay * Update pull and pull-always flags * Hide from users command options that we don't want them to use. * Update secrets fipsmode patch to work on rootless containers * fix unshare option handling and documentation * Vendor in latest containers/storage * Hard-code docker.Transport use in pull --all-tags * Use a types.ImageReference instead of (transport, name) strings in pullImage etc. * Move the computation of srcRef before first pullAndFindImage * Don't throw away user-specified tag for pull --all-tags * CHANGES BEHAVIOR: Remove the string format input to localImageNameForReference * Don't try to parse imageName as transport:image in pullImage * Use reference.WithTag instead of manual string manipulation in Pull * Don't pass image = transport:repo:tag, transport=transport to pullImage * Fix confusing variable naming in Pull * Don't try to parse image name as a transport:image * Fix error reporting when parsing trans+image * Remove 'transport == ""' handling from the pull path * Clean up "pulls" of local image IDs / ID prefixes * Simplify ExpandNames * Document the semantics of transport+name returned by ResolveName * UPdate gitvalidation epoch * Bump back to 1.8-dev - Changelog for v1.7.1 (2019-02-26) * vendor containers/image v1.5 * Move secrets code from libpod into buildah * Update CHANGELOG.md with the past changes * README.md: fix typo * Fix a few issues found by tests/validate/gometalinter.sh * Neutralize buildah/unshare on non-Linux platforms * Explicitly specify a directory to find(1) * README.md: rephrase Buildah description * Stop printing default twice in cli --help * install.md: add section about vendoring * Bump to 1.8-dev - Changelog for v1.7 (2019-02-21) * vendor containers/image v1.4 * Make "images --all" faster * Remove a misleading comment * Remove quiet option from pull options * Make sure buildah pull --all-tags only works with docker transport * Support oci layout format * Fix pulling of images within buildah * Fix tls-verify polarity * Travis: execute make vendor and hack/tree_status.sh * vendor.conf: remove unused dependencies * add missing vendor/github.com/containers/libpod/vendor.conf * vendor.conf: remove github.com/inconshreveable/mousetrap * make vendor: always fetch the latest vndr * add hack/tree_status.sh script * Bump c/Storage to 1.10 * Add --all-tags test to pull * mount: make error clearer * Remove global flags from cli help * Set --disable-compression to true as documented * Help document using buildah mount in rootless mode * healthcheck start-period: update documentation * Vendor in latest c/storage and c/image * dumpbolt: handle nested buckets * Fix buildah commit compress by default * Test on xenial, not trusty * unshare: reexec using a memfd copy instead of the binary * Add --target to bud command * Fix example for setting multiple environment variables * main: fix rootless mode * buildah: force umask 022 * pull.bats: specify registry config when using registries * pull.bats: use the temporary directory, not /tmp * unshare: do not set rootless mode if euid=0 * Touch up cli help examples and a few nits * Add an undocumented dumpbolt command * Move tar commands into containers/storage * Fix bud issue with 2 line Dockerfile * Add package install descriptions * Note configuration file requirements * Replace urfave/cli with cobra * cleanup vendor.conf * Vendor in latest containers/storage * Add Quiet to PullOptions and PushOptions * cmd/commit: add flag omit-timestamp to allow for deterministic builds * Add options for empty-layer history entries * Make CLI help descriptions and usage a bit more consistent * vndr opencontainers/selinux * Bump baseline test Fedora to 29 * Bump to v1.7-dev-1 * Bump to v1.6-1 * Add support for ADD --chown * imagebuildah: make EnsureContainerPath() check/create the right one * Bump 1.7-dev * Fix contrib/rpm/bulidah.spec changelog date - Changelog for v1.6-1 (2019-01-18) * Add support for ADD --chown * imagebuildah: make EnsureContainerPath() check/create the right one * Fix contrib/rpm/bulidah.spec changelog date * Vendor in latest containers/storage * Revendor everything * Revendor in latest code by release * unshare: do not set USER=root * run: ignore EIO when flushing at the end, avoid double log * build-using-dockerfile,commit: disable compression by default * Update some comments * Make rootless work under no_pivot_root * Add CreatedAtRaw date field for use with Format * Properly format images JSON output * pull: add all-tags option * Fix support for multiple Short options * pkg/blobcache: add synchronization * Skip empty files in file check of conformance test * Use NoPivot also for RUN, not only for run * Remove no longer used isReferenceInsecure / isRegistryInsecure * Do not set OCIInsecureSkipTLSVerify based on registries.conf * Remove duplicate entries from images JSON output * vendor parallel-copy from containers/image * blobcache.bats: adjust explicit push tests * Handle one line Dockerfile with layers * We should only warn if user actually requests Hostname be set in image * Fix compiler Warning about comparing different size types * imagebuildah: don't walk if rootdir and path are equal * Add aliases for buildah containers, so buildah list, ls and ps work * vendor: use faster version instead compress/gzip * vendor: update libpod * Properly handle Hostname inside of RUN command * docs: mention how to mount in rootless mode * tests: use fully qualified name for centos image * travis.yml: use the fully qualified name for alpine * mount: allow mount only when using vfs * Add some tests for buildah pull * Touch up images -q processing * Refactor: Use library shared idtools.ParseIDMap() instead of bundling it * bump GITVALIDATE_EPOCH * cli.BudFlags: add `--platform` nop * Makefile: allow packagers to more easily add tags * Makefile: soften the requirement on git * tests: add containers json test * Inline blobCache.putBlob into blobCacheDestination.PutBlob * Move saveStream and putBlob near blobCacheDestination.PutBlob * Remove BlobCache.PutBlob * Update for API changes * Vendor c/image after merging c/image#536 * Handle 'COPY --from' in Dockerfile * Vendor in latest content from github.com/containers/storage * Clarify docker.io default in push with docker-daemon * Test blob caching * Wire in a hidden --blob-cache option * Use a blob cache when we're asked to use one * Add --disable-compression to 'build-using-dockerfile' * Add a blob cache implementation * vendor: update containers/storage * Update for sysregistriesv2 API changes * Update containers/image to 63a1cbdc5e6537056695cf0d627c0a33b334df53 * clean up makefile variables * Fix file permission * Complete the instructions for the command * Show warning when a build arg not used * Assume user 0 group 0, if /etc/passwd file in container. * Add buildah info command * Enable -q when --filter is used for images command * Add v1.5 Release Announcement * Fix dangling filter for images command * Fix completions to print Names as well as IDs * tests: Fix file permissions * Bump 1.6-dev - Changelog for v1.5-1 (2018-11-21) * Bump min go to 1.10 in install.md * vendor: update ostree-go * Update docker build command line in conformance test * Print command in SystemExec as debug information * Add some skip word for inspect check in conformance test * Update regex for multi stage base test * Sort CLI flags * vendor: update containers/storage * Add note to install about non-root on RHEL/CentOS * Update imagebuild depdency to support heading ARGs in Dockerfile * rootless: do not specify --rootless to the OCI runtime * Export resolvesymlink function * Exclude --force-rm from common bud cli flags * run: bind mount /etc/hosts and /etc/resolv.conf if not in a volume * rootless: use slirp4netns to setup the network namespace * Instructions for completing the pull command * Fix travis to not run environment variable patch * rootless: only discard network configuration names * run: only set up /etc/hosts or /etc/resolv.conf with network * common: getFormat: match entire string not only the prefix * vendor: update libpod * Change validation EPOCH * Fixing broken link for container-registries.conf * Restore rootless isolation test for from volume ro test * ostree: fix tag for build constraint * Handle directories better in bud -f * vndr in latest containers/storage * Fix unshare gofmt issue * runSetupBuiltinVolumes(): break up volume setup * common: support a per-user registries conf file * unshare: do not override the configuration * common: honor the rootless configuration file * unshare: create a new mount namespace * unshare: support libpod rootless pkg * Use libpod GetDefaultStorage to report proper storage config * Allow container storage to manage the SELinux labels * Resolve image names with default transport in from command * run: When the value of isolation is set, use the set value instead of the default value. * Vendor in latest containers/storage and opencontainers/selinux * Remove no longer valid todo * Check for empty buildTime in version * Change gofmt so it runs on all but 1.10 * Run gofmt only on Go 1.11 * Walk symlinks when checking cached images for copied/added files * ReserveSELinuxLabels(): handle wrapped errors from OpenBuilder * Set WorkingDir to empty, not / for conformance * Update calls in e2e to addres 1101 * imagebuilder.BuildDockerfiles: return the image ID * Update for changes in the containers/image API * bump(github.com/containers/image) * Allow setting --no-pivot default with an env var * Add man page and bash completion, for --no-pivot * Add the --no-pivot flag to the run command * Improve reporting about individual pull failures * Move the "short name but no search registries" error handling to resolveImage * Return a "search registries were needed but empty" indication in util.ResolveName * Simplify handling of the "tried to pull an image but found nothing" case in newBuilder * Don't even invoke the pull loop if options.FromImage == "" * Eliminate the long-running ref and img variables in resolveImage * In resolveImage, return immediately on success * Fix From As in Dockerfile * Vendor latest containers/image * Vendor in latest libpod * Sort CLI flags of buildah bud * Change from testing with golang 1.9 to 1.11. * unshare: detect when unprivileged userns are disabled * Optimize redundant code * fix missing format param * chroot: fix the args check * imagebuildah: make ResolveSymLink public * Update copy chown test * buildah: use the same logic for XDG_RUNTIME_DIR as podman * V1.4 Release Announcement * Podman --privileged selinux is broken * papr: mount source at gopath * parse: Modify the return value * parse: modify the verification of the isolation value * Make sure we log or return every error * pullImage(): when completing an image name, try docker:// * Fix up Tutorial 3 to account for format * Vendor in latest containers/storage and containers/image * docs/tutorials/01-intro.md: enhanced installation instructions * Enforce "blocked" for registries for the "docker" transport * Correctly set DockerInsecureSkipTLSVerify when pulling images * chroot: set up seccomp and capabilities after supplemental groups * chroot: fix capabilities list setup and application * .papr.yml: log the podman version * namespaces.bats: fix handling of uidmap/gidmap options in pairs * chroot: only create user namespaces when we know we need them * Check /proc/sys/user/max_user_namespaces on unshare(NEWUSERNS) * bash/buildah: add isolation option to the from command - Changelog for v1.4 (2018-10-02) * from: fix isolation option * Touchup pull manpage * Export buildah ReserveSELinuxLables so podman can use it * Add buildah.io to README.md and doc fixes * Update rmi man for prune changes * Ignore file not found removal error in bud * bump(github.com/containers/{storage,image}) * NewImageSource(): only create one Diff() at a time * Copy ExposedPorts from base image into the config * tests: run conformance test suite in Travis * Change rmi --prune to not accept an imageID * Clear intermediate container IDs after each stage * Request podman version for build issues * unshare: keep the additional groups of the user * Builtin volumes should be owned by the UID/GID of the container * Get rid of dangling whitespace in markdown files * Move buildah from projecatatomic/buildah to containers/buildah * nitpick: parse.validateFlags loop in bud cli * bash: Completion options * Add signature policy to push tests * vendor in latest containers/image * Fix grammar in Container Tools Guide * Don't build btrfs if it is not installed * new: Return image-pulling errors from resolveImage * pull: Return image-pulling errors from pullImage * Add more volume mount tests * chroot: create missing parent directories for volume mounts * Push: Allow an empty destination * Add Podman relationship to readme, create container tools guide * Fix arg usage in buildah-tag * Add flags/arguments order verification to other commands * Handle ErrDuplicateName errors from store.CreateContainer() * Evaluate symbolic links on Add/Copy Commands * Vendor in latest containers/image and containers/storage * Retain bounding set when running containers as non root * run container-diff tests in Travis * buildah-images.md: Fix option contents * push: show image digest after push succeed * Vendor in latest containers/storage,image,libpod and runc * Change references to cri-o to point at new repository * Exclude --layers from the common bug cli flags * demos: Increase the executable permissions * run: clear default seccomp filter if not enabled * Bump maximum cyclomatic complexity to 45 * stdin: on HUP, read everything * nitpick: use tabs in tests/helpers.bash * Add flags/arguments order verification to one arg commands * nitpick: decrease cognitive complexity in buildah-bud * rename: Avoid renaming the same name as other containers * chroot isolation: chroot() before setting up seccomp * Small nitpick at the "if" condition in tag.go * cmd/images: Modify json option * cmd/images: Disallow the input of image when using the -a option * Fix examples to include context directory * Update containers/image to fix commit layer issue * cmd/containers: End loop early when using the json option * Make buildah-from error message clear when flags are after arg * Touch up README.md for conformance tests * Update container/storage for lock fix * cmd/rm: restore the correct containerID display * Remove debug lines * Remove docker build image after each test * Add README for conformance test * Update the MakeOptions to accept all command options for buildah * Update regrex to fit the docker output in test "run with JSON" * cmd/buildah: Remove redundant variable declarations * Warn about using Commands in Dockerfile that are not supported by OCI. * Add buildah bud conformance test * Fix rename to also change container name in builder * Makefile: use $(GO) env-var everywhere * Cleanup code to more closely match Docker Build images * Document BUILDAH_* environment variables in buildah bud --help output * Return error immediately if error occurs in Prepare step * Fix --layers ADD from url issue * Add "Sign your PRs" TOC item to contributing.md. * Display the correct ID after deleting image * rmi: Modify the handling of errors * Let util.ResolveName() return parsing errors * Explain Open Container Initiative (OCI) acronym, add link * Update vendor for urfave/cli back to master * Handle COPY --chown in Dockerfile * Switch to Recommends container-selinux * Update vendor for containernetworking, imagebuildah and podman * Document STORAGE_DRIVER and STORAGE_OPTS environment variable * Change references to projectatomic/libpod to containers/libpod * Add container PATH retrieval example * Expand variables names for --env * imagebuildah: provide a way to provide stdin for RUN * Remove an unused srcRef.NewImageSource in pullImage * chroot: correct a comment * chroot: bind mount an empty directory for masking * Don't bother with --no-pivot for rootless isolation * CentOS need EPEL repo * Export a Pull() function * Remove stream options, since docker build does not have it * release v1.3: mention openSUSE * Add Release Announcements directory * Bump to v1.4-dev - Changelog for v1.3 (2018-08-04) * Revert pull error handling from 881 * bud should not search context directory for Dockerfile * Set BUILDAH_ISOLATION=rootless when running unprivileged * .papr.sh: Also test with BUILDAH_ISOLATION=rootless * Skip certain tests when we're using "rootless" isolation * .travis.yml: run integration tests with BUILDAH_ISOLATION=chroot * Add and implement IsolationOCIRootless * Add a value for IsolationOCIRootless * Fix rmi to remove intermediate images associated with an image * Return policy error on pull * Update containers/image to 216acb1bcd2c1abef736ee322e17147ee2b7d76c * Switch to github.com/containers/image/pkg/sysregistriesv2 * unshare: make adjusting the OOM score optional * Add flags validation * chroot: handle raising process limits * chroot: make the resource limits name map module-global * Remove rpm.bats, we need to run this manually * Set the default ulimits to match Docker * buildah: no args is out of bounds * unshare: error message missed the pid * preprocess ".in" suffixed Dockerfiles * Fix the the in buildah-config man page * Only test rpmbuild on latest fedora * Add support for multiple Short options * Update to latest urvave/cli * Add additional SELinux tests * Vendor in latest github.com/containers/{image;storage} * Stop testing with golang 1.8 * Fix volume cache issue with buildah bud --layers * Create buildah pull command * Increase the deadline for gometalinter during 'make validate' * .papr.sh: Also test with BUILDAH_ISOLATION=chroot * .travis.yml: run integration tests with BUILDAH_ISOLATION=chroot * Add a Dockerfile * Set BUILDAH_ISOLATION=chroot when running unprivileged * Add and implement IsolationChroot * Update github.com/opencontainers/runc * maybeReexecUsingUserNamespace: add a default for root * Allow ping command without NET_RAW Capabilities * rmi.storageImageID: fix Wrapf format warning * Allow Dockerfile content to come from stdin * Vendor latest container/storage to fix overlay mountopt * userns: assign additional IDs sequentially * Remove default dev/pts * Add OnBuild test to baseline test * tests/run.bats(volumes): use :z when SELinux is enabled * Avoid a stall in runCollectOutput() * Use manifest from container/image * Vendor in latest containers/image and containers/storage * add rename command * Completion command * Update CHANGELOG.md * Update vendor for runc to fix 32 bit builds * bash completion: remove shebang * Update vendor for runc to fix 32 bit builds - Changelog for v1.2 (2018-07-14) * Vendor in lates containers/image * build-using-dockerfile: let -t include transports again * Block use of /proc/acpi and /proc/keys from inside containers * Fix handling of --registries-conf * Fix becoming a maintainer link * add optional CI test fo darwin * Don't pass a nil error to errors.Wrapf() * image filter test: use kubernetes/pause as a "since" * Add --cidfile option to from * vendor: update containers/storage * Contributors need to find the CONTRIBUTOR.md file easier * Add a --loglevel option to build-with-dockerfile * Create Development plan * cmd: Code improvement * allow buildah cross compile for a darwin target * Add unused function param lint check * docs: Follow man-pages(7) suggestions for SYNOPSIS * Start using github.com/seccomp/containers-golang * umount: add all option to umount all mounted containers * runConfigureNetwork(): remove an unused parameter * Update github.com/opencontainers/selinux * Fix buildah bud --layers * Force ownership of /etc/hosts and /etc/resolv.conf to 0:0 * main: if unprivileged, reexec in a user namespace * Vendor in latest imagebuilder * Reduce the complexity of the buildah.Run function * mount: output it before replacing lastError * Vendor in latest selinux-go code * Implement basic recognition of the "--isolation" option * Run(): try to resolve non-absolute paths using $PATH * Run(): don't include any default environment variables * build without seccomp * vendor in latest runtime-tools * bind/mount_unsupported.go: remove import errors * Update github.com/opencontainers/runc * Add Capabilities lists to BuilderInfo * Tweaks for commit tests * commit: recognize committing to second storage locations * Fix ARGS parsing for run commands * Add info on registries.conf to from manpage * Switch from using docker to podman for testing in .papr * buildah: set the HTTP User-Agent * ONBUILD tutorial * Add information about the configuration files to the install docs * Makefile: add uninstall * Add tilde info for push to troubleshooting * mount: support multiple inputs * Use the right formatting when adding entries to /etc/hosts * Vendor in latest go-selinux bindings * Allow --userns-uid-map/--userns-gid-map to be global options * bind: factor out UnmountMountpoints * Run(): simplify runCopyStdio() * Run(): handle POLLNVAL results * Run(): tweak terminal mode handling * Run(): rename 'copyStdio' to 'copyPipes' * Run(): don't set a Pdeathsig for the runtime * Run(): add options for adding and removing capabilities * Run(): don't use a callback when a slice will do * setupSeccomp(): refactor * Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers * Escape use of '_' in .md docs * Break out getProcIDMappings() * Break out SetupIntermediateMountNamespace() * Add Multi From Demo * Use the c/image conversion code instead of converting configs manually * Don't throw away the manifest MIME type and guess again * Consolidate loading manifest and config in initConfig * Pass a types.Image to Builder.initConfig * Require an image ID in importBuilderDataFromImage * Use c/image/manifest.GuessMIMEType instead of a custom heuristic * Do not ignore any parsing errors in initConfig * Explicitly handle "from scratch" images in Builder.initConfig * Fix parsing of OCI images * Simplify dead but dangerous-looking error handling * Don't ignore v2s1 history if docker_version is not set * Add --rm and --force-rm to buildah bud * Add --all,-a flag to buildah images * Separate stdio buffering from writing * Remove tty check from images --format * Add environment variable BUILDAH_RUNTIME * Add --layers and --no-cache to buildah bud * Touch up images man * version.md: fix DESCRIPTION * tests: add containers test * tests: add images test * images: fix usage * fix make clean error * Change 'registries' to 'container registries' in man * add commit test * Add(): learn to record hashes of what we add * Minor update to buildah config documentation for entrypoint * Bump to v1.2-dev * Add registries.conf link to a few man pages - Changelog for v1.1 (2018-06-08) * Drop capabilities if running container processes as non root * Print Warning message if cmd will not be used based on entrypoint * Update 01-intro.md * Shouldn't add insecure registries to list of search registries * Report errors on bad transports specification when pushing images * Move parsing code out of common for namespaces and into pkg/parse.go * Add disable-content-trust noop flag to bud * Change freenode chan to buildah * runCopyStdio(): don't close stdin unless we saw POLLHUP * Add registry errors for pull * runCollectOutput(): just read until the pipes are closed on us * Run(): provide redirection for stdio * rmi, rm: add test * add mount test * Add parameter judgment for commands that do not require parameters * Add context dir to bud command in baseline test * run.bats: check that we can run with symlinks in the bundle path * Give better messages to users when image can not be found * use absolute path for bundlePath * Add environment variable to buildah --format * rm: add validation to args and all option * Accept json array input for config entrypoint * Run(): process RunOptions.Mounts, and its flags * Run(): only collect error output from stdio pipes if we created some * Add OnBuild support for Dockerfiles * Quick fix on demo readme * run: fix validate flags * buildah bud should require a context directory or URL * Touchup tutorial for run changes * Validate common bud and from flags * images: Error if the specified imagename does not exist * inspect: Increase err judgments to avoid panic * add test to inspect * buildah bud picks up ENV from base image * Extend the amount of time travis_wait should wait * Add a make target for Installing CNI plugins * Add tests for namespace control flags * copy.bats: check ownerships in the container * Fix SELinux test errors when SELinux is enabled * Add example CNI configurations * Run: set supplemental group IDs * Run: use a temporary mount namespace * Use CNI to configure container networks * add/secrets/commit: Use mappings when setting permissions on added content * Add CLI options for specifying namespace and cgroup setup * Always set mappings when using user namespaces * Run(): break out creation of stdio pipe descriptors * Read UID/GID mapping information from containers and images * Additional bud CI tests * Run integration tests under travis_wait in Travis * build-using-dockerfile: add --annotation * Implement --squash for build-using-dockerfile and commit * Vendor in latest container/storage for devicemapper support * add test to inspect * Vendor github.com/onsi/ginkgo and github.com/onsi/gomega * Test with Go 1.10, too * Add console syntax highlighting to troubleshooting page * bud.bats: print "$output" before checking its contents * Manage "Run" containers more closely * Break Builder.Run()'s "run runc" bits out * util.ResolveName(): handle completion for tagged/digested image names * Handle /etc/hosts and /etc/resolv.conf properly in container * Documentation fixes * Make it easier to parse our temporary directory as an image name * Makefile: list new pkg/ subdirectoris as dependencies for buildah * containerImageSource: return more-correct errors * API cleanup: PullPolicy and TerminalPolicy should be types * Make "run --terminal" and "run -t" aliases for "run --tty" * Vendor github.com/containernetworking/cni v0.6.0 * Update github.com/containers/storage * Update github.com/projectatomic/libpod * Add support for buildah bud --label * buildah push/from can push and pull images with no reference * Vendor in latest containers/image * Update gometalinter to fix install.tools error * Update troubleshooting with new run workaround * Added a bud demo and tidied up * Attempt to download file from url, if fails assume Dockerfile * Add buildah bud CI tests for ENV variables * Re-enable rpm .spec version check and new commit test * Update buildah scratch demo to support el7 * Added Docker compatibility demo * Update to F28 and new run format in baseline test * Touchup man page short options across man pages * Added demo dir and a demo. chged distrorlease * builder-inspect: fix format option * Add cpu-shares short flag (-c) and cpu-shares CI tests * Minor fixes to formatting in rpm spec changelog * Fix rpm .spec changelog formatting * CI tests and minor fix for cache related noop flags * buildah-from: add effective value to mount propagation - Changelog for v1.0 (2018-05-06) * Declare Buildah 1.0 * Add cache-from and no-cache noops, and fix doco * Update option and documentation for --force-rm * Adding noop for --force-rm to match --rm * Add buildah bud ENTRYPOINT,CMD,RUN tests * Adding buildah bud RUN test scenarios * Extend tests for empty buildah run command * Fix formatting error in run.go * Update buildah run to make command required * Expanding buildah run cmd/entrypoint tests * Update test cases for buildah run behaviour * Remove buildah run cmd and entrypoint execution * Add Files section with registries.conf to pertinent man pages * tests/config: perfect test * tests/from: add name test * Do not print directly to stdout in Commit() * Touch up auth test commands * Force "localhost" as a default registry * Drop util.GetLocalTime() * Vendor in latest containers/image * Validate host and container paths passed to --volume * test/from: add add-host test * Add --compress, --rm, --squash flags as a noop for bud * Add FIPS mode secret to buildah run and bud * Add config --comment/--domainname/--history-comment/--hostname * 'buildah config': stop replacing Created-By whenever it's not specified * Modify man pages so they compile correctly in mandb * Add description on how to do --isolation to buildah-bud man page * Add support for --iidfile to bud and commit * Refactor buildah bud for vendoring * Fail if date or git not installed * Revert update of entrypoint behaviour to match docker * Vendor in latest imagebuilder code to fix multiple stage builds * Add /bin/sh -c to entrypoint in config * image_test: Improve the test * Fix README example of buildah config * buildah-image: add validation to 'format' * Simple changes to allow buildah to pass make validate * Clarify the use of buildah config options * containers_test: Perfect testing * buildah images and podman images are listing different sizes * buildah-containers: add tests and example to the man page * buildah-containers: add validation to 'format' * Clarify the use of buildah config options * Minor fix for lighttpd example in README * Add tls-verification to troubleshooting * Modify buildah rmi to account for changes in containers/storage * Vendor in latest containers/image and containers/storage * addcopy: add src validation * Remove tarball as an option from buildah push --help * Fix secrets patch * Update entrypoint behaviour to match docker * Display imageId after commit * config: add support for StopSignal * Fix docker login issue in travis.yml * Allow referencing stages as index and names * Add multi-stage builds tests * Add multi-stage builds support * Add accessor functions for comment and stop signal * Vendor in latest imagebuilder, to get mixed case AS support * Allow umount to have multi-containers * Update buildah push doc * buildah bud walks symlinks * Imagename is required for commit atm, update manpage - Changelog for v0.16.0 (2018-04-08) * Bump to v0.16.0 * Remove requires for ostree-lib in rpm spec file * Add support for shell * buildah.spec should require ostree-libs * Vendor in latest containers/image * bash: prefer options * Change image time to locale, add troubleshooting.md, add logo to other mds * buildah-run.md: fix error SYNOPSIS * docs: fix error example * Allow --cmd parameter to have commands as values * Touchup README to re-enable logo * Clean up README.md * Make default-mounts-file a hidden option * Document the mounts.conf file * Fix man pages to format correctly * Add various transport support to buildah from * Add unit tests to run.go * If the user overrides the storage driver, the options should be dropped * Show Config/Manifest as JSON string in inspect when format is not set * Switch which for that in README.md * Remove COPR * Fix wrong order of parameters * Vendor in latest containers/image * Remove shallowCopy(), which shouldn't be saving us time any more * shallowCopy: avoid a second read of the container's layer