vendor: update go.podman.io/... and buildah to latest#28106
vendor: update go.podman.io/... and buildah to latest#28106mtrmac merged 4 commits intocontainers:mainfrom
Conversation
|
new build flags that need to be implemented again (--mount,--source-policy-file), I don't have time to wire them up --source-policy-file seems to need a file path in the backend so more or less not really possible to be used with podman-remote @containers/podman-maintainers @containers/buildah-maintainers |
|
I mean, wasn't this the ultimate goal of the monorepo? Ensuring that we don't need chains of pull requests implement these features, and the person who originally wrote the code needs to do everything? Maybe time to discuss what it would mean to keep going? |
|
Feel free to cherry-pick the tip of https://github.com/nalind/podman/tree/podman-28106. Broadly, this is all a choice that we made: to expose every build CLI flag and option as quickly as possible, to settle for only automating some of the work involved, to have CI flag when the rest hasn't been done. We could revisit that. |
That would be one solution yes, the way I view the monorepo today it has some outstanding problems that need to be fixed first before we should move ahead with adding more things. And even then we need to look at the pros and cons again.
Thanks
Sure it is a choice, I mean the way we code things up today is far from optimal anbd I am sure we could improve the APIs to help a bit but for remote we also will need extra manual changes here. I just wanted to trigger a discussion about this somewhat painful process we run into all the time. Especially who is responsible for adding the new flags? I think the main issue is if we would not have CI flag these things right away most devs would ignore podman flags until users complain which is bad, i.e. for each release we should have all features properly wired up in advance and not have to rush this at the last moment. Also somewhat the real concern has to start much earlier, already on the buildah PR we must consider how to expose these things. Do we really want a filepath argument in the builder code? I see your patch fixes that by creating a tempfile, that is an easy work around but IMO is far from optimal as it is unnecessary complexity. |
In general, I think that expecting someone who's making a contribution in a repository that podman depends on, to also make changes in the podman repository, as a requirement for getting their contribution to that dependency accepted, is unrealistic.
I agree. Historically I think we tend to ignore that as much and as long as possible, and then, well, grumble that new features have been added.
It's either that, or pass the file's contents as a string to buildah APIs as well, because I wouldn't want to have to deal with serializing the file's contents after it's parsed into a structure. I wouldn't object to a patch that deprecated the filename field in favor of a field that carried its contents, unless perhaps we expect such files to be excessive in size. But this is one of many such API fields. |
Mainly so we get a commit after [1] which makes the renovate auto update work again. And also buildah to get a fix for a flake [2]. [1] containers/container-libs#635 [2] containers/buildah#6688 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Pass --mount settings and the contents of the --source-policy-file argument to remote builds. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The client and server version can mismatch in which case the client may fail on something the newer server can understand or the other way around. Given the server has to parse and validate that output no matter what there does not seem to be a strong argument for doing this on the client side again. Also this means we do leak the sourcepolicy package into the remote client. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
github-actions
bot
added
the
kind/api-change
Luap99
added
bloat_approved
|
@nalind pushed your commit but I also removed the client side validation of the file as I think that will cause problems when using different client/server versions, we may end up blocking something than a newer server understands. I can squash the commit into yours if reviewers prefer that as it just reverts that one part of the previous commit. |
|
[NON-BLOCKING] Packit jobs failed. @containers/packit-build please check. Everyone else, feel free to ignore. |
That test uses process substitution for the Containerfile which fails because podman tries to use /dev/fd as context directory. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
tests are green |
|
LGTM |
4 participants
Mainly so we get a commit after [1] which makes the renovate auto update work again. And also buildah to get a fix for a flake [2].
[1] containers/container-libs#635
[2] containers/buildah#6688
Checklist
Ensure you have completed the following checklist for your pull request to be reviewed:
commits. (
git commit -s). (If needed, usegit commit -s --amend). The author email must matchthe sign-off email address. See CONTRIBUTING.md
for more information.
Fixes: #00000in commit message (if applicable)make validatepr(format/lint checks)Noneif no user-facing changes)Does this PR introduce a user-facing change?