{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":472533673,"defaultBranch":"main","name":"linux-system-roles-podman","ownerLogin":"richm","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2022-03-21T22:31:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/23066?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1718122522.0","currentOid":""},"activityList":{"items":[{"before":null,"after":"36bfa005a82f66462242d659e2b1ebb563f74a60","ref":"refs/heads/cl-20240611","pushedAt":"2024-06-11T16:15:22.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"docs(changelog): version 1.5.1 [citest skip]\n\nUpdate changelog and .README.html for version 1.5.1\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"docs(changelog): version 1.5.1 [citest skip]"}},{"before":"4536245c1f3d78d58b52d63ff3f7c1228cd991d7","after":"cbd28d55cbc28a5c64b39f1ec7eb88467972d45b","ref":"refs/heads/remove-network-fix","pushedAt":"2024-06-06T23:02:01.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"fix: grab name of network to remove from quadlet file\n\nCause: The code was using \"systemd-\" + name of quadlet for\nthe network name when removing networks.\n\nConsequence: If the quadlet had a different NetworkName, the\nremoval would fail.\n\nFix: Grab the network quadlet file and grab the NetworkName from\nthe file to use to remove the network.\n\nResult: The removal of quadlet networks will work both with and\nwithout a custom NetworkName in the quadlet file.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>\n\nThis also adds a fix for el10 and Fedora which installs the iptables-nft\npackage to allow rootless podman to manage networks using nftables.","shortMessageHtmlLink":"fix: grab name of network to remove from quadlet file"}},{"before":null,"after":"4536245c1f3d78d58b52d63ff3f7c1228cd991d7","ref":"refs/heads/remove-network-fix","pushedAt":"2024-06-06T21:23:31.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"fix: grab name of network to remove from quadlet file\n\nCause: The code was using \"systemd-\" + name of quadlet for\nthe network name when removing networks.\n\nConsequence: If the quadlet had a different NetworkName, the\nremoval would fail.\n\nFix: Grab the network quadlet file and grab the NetworkName from\nthe file to use to remove the network.\n\nResult: The removal of quadlet networks will work both with and\nwithout a custom NetworkName in the quadlet file.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>\n\nThis also adds a fix for el10 and Fedora which installs the iptables-nft\npackage to allow rootless podman to manage networks using nftables.","shortMessageHtmlLink":"fix: grab name of network to remove from quadlet file"}},{"before":null,"after":"1361c9fbcf13dd3537ac8c68fbe7e707eb734073","ref":"refs/heads/cl-20240422","pushedAt":"2024-04-22T15:15:25.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"docs(changelog): version 1.5.0 [citest skip]\n\nUpdate changelog and .README.html for version 1.5.0\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"docs(changelog): version 1.5.0 [citest skip]"}},{"before":"7961dc4f81924f55b4006c2d6ba71d1bf2565de6","after":"8dc17cba8081960e75e42de115265c9840b7d118","ref":"refs/heads/certs.d","pushedAt":"2024-04-22T15:09:16.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"catch errors during cleanup","shortMessageHtmlLink":"catch errors during cleanup"}},{"before":"ec2c52415a70b7fc42e2e8f742641151841354bc","after":"9328c0dad4a172a8014602e19309fc9762b49fb1","ref":"refs/heads/containers-auth","pushedAt":"2024-04-22T15:08:20.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support podman_credential_files\n\nFeature: The parameter podman_credential_files is used to provide containers-auth.json\nfiles which allow authentication to registries.  See README.md for more infomation.\n\nReason: Users need a way to provide credential files for authenticating to private\nregistries.  Some operations may need to pull images from registries in an\nautomated or unattended way, and cannot use `registry_username` and `registry_password`.\n\nResult: Users can provide registry credentials for automated and\nunattended operations.\n\nQE: The file tests_auth_and_security.yml has been extended to test this feature.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support podman_credential_files"}},{"before":"4e1718e85ed07790d9dcc72cd6842442cfe9ef16","after":"7961dc4f81924f55b4006c2d6ba71d1bf2565de6","ref":"refs/heads/certs.d","pushedAt":"2024-04-19T15:11:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"catch errors during cleanup","shortMessageHtmlLink":"catch errors during cleanup"}},{"before":"ed8b139a7f7f9eb8614a7162a7ee92090a370541","after":"4e1718e85ed07790d9dcc72cd6842442cfe9ef16","ref":"refs/heads/certs.d","pushedAt":"2024-04-19T13:33:58.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"uid 1001 conflicts on some test systems","shortMessageHtmlLink":"uid 1001 conflicts on some test systems"}},{"before":"a6fd30ebdc722ce32351baeb98e22138faae9e7e","after":"ed8b139a7f7f9eb8614a7162a7ee92090a370541","ref":"refs/heads/certs.d","pushedAt":"2024-04-18T22:57:08.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: manage TLS cert/key files for registry connections and validate certs\n\nFeature: Add two new parameters:\npodman_registry_certificates is a list of dict.  Each dict specifies the\ncerts and keys to use to connect to the specified registry using TLS and\noptionally use certificate authentication.  More information can be found\nin the manpage for containers-certs.d.\npodman_validate_certs is a boolean which allows you to require or disable\nTLS certificate checking (i.e. if you do not have a CA cert for\npodman_registry_certificates and you still want to pull images from a TLS\nenabled registry).  This corresponds to the parameter \"validate_certs\"\nof the module containers.podman.podman_image.  You can also control\ncertificate validation by using podman_registries_conf to configure\nthe \"insecure\" parameter for a registry.\n\nReason: Users need to be able to configure the TLS settings for\nconnecting to registries.\n\nResult: Users can connect to registries using TLS and control how\nthat works.\n\nQE: tests_auth_and_security.yml has been extended for this.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: manage TLS cert/key files for registry connections and validate…"}},{"before":"1abe0f735a6f8b943f70d28ae2c215001d9e9e2a","after":"a6fd30ebdc722ce32351baeb98e22138faae9e7e","ref":"refs/heads/certs.d","pushedAt":"2024-04-18T21:27:30.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: manage TLS cert/key files for registry connections and validate certs\n\nFeature: Add two new parameters:\npodman_registry_certificates is a list of dict.  Each dict specifies the\ncerts and keys to use to connect to the specified registry using TLS and\noptionally use certificate authentication.  More information can be found\nin the manpage for containers-certs.d.\npodman_validate_certs is a boolean which allows you to require or disable\nTLS certificate checking (i.e. if you do not have a CA cert for\npodman_registry_certificates and you still want to pull images from a TLS\nenabled registry).  This corresponds to the parameter \"validate_certs\"\nof the module containers.podman.podman_image.  You can also control\ncertificate validation by using podman_registries_conf to configure\nthe \"insecure\" parameter for a registry.\n\nReason: Users need to be able to configure the TLS settings for\nconnecting to registries.\n\nResult: Users can connect to registries using TLS and control how\nthat works.\n\nQE: tests_auth_and_security.yml has been extended for this.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: manage TLS cert/key files for registry connections and validate…"}},{"before":"45992ada02fb19c5c12c0242fcd6532d85caac27","after":"ec2c52415a70b7fc42e2e8f742641151841354bc","ref":"refs/heads/containers-auth","pushedAt":"2024-04-18T21:26:17.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support podman_credential_files\n\nFeature: The parameter podman_credential_files is used to provide containers-auth.json\nfiles which allow authentication to registries.  See README.md for more infomation.\n\nReason: Users need a way to provide credential files for authenticating to private\nregistries.  Some operations may need to pull images from registries in an\nautomated or unattended way, and cannot use `registry_username` and `registry_password`.\n\nResult: Users can provide registry credentials for automated and\nunattended operations.\n\nQE: The file tests_auth_and_security.yml has been extended to test this feature.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support podman_credential_files"}},{"before":"c528f09cac251507141a8097786db873917d2d02","after":"1abe0f735a6f8b943f70d28ae2c215001d9e9e2a","ref":"refs/heads/certs.d","pushedAt":"2024-04-18T21:15:08.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: manage TLS cert/key files for registry connections and validate certs\n\nFeature: Add two new parameters:\npodman_registry_certificates is a list of dict.  Each dict specifies the\ncerts and keys to use to connect to the specified registry using TLS and\noptionally use certificate authentication.  More information can be found\nin the manpage for containers-certs.d.\npodman_validate_certs is a boolean which allows you to require or disable\nTLS certificate checking (i.e. if you do not have a CA cert for\npodman_registry_certificates and you still want to pull images from a TLS\nenabled registry).  This corresponds to the parameter \"validate_certs\"\nof the module containers.podman.podman_image.  You can also control\ncertificate validation by using podman_registries_conf to configure\nthe \"insecure\" parameter for a registry.\n\nReason: Users need to be able to configure the TLS settings for\nconnecting to registries.\n\nResult: Users can connect to registries using TLS and control how\nthat works.\n\nQE: tests_auth_and_security.yml has been extended for this.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: manage TLS cert/key files for registry connections and validate…"}},{"before":"7e73ce2879b1806d0334796d4f4aa4c9e2ff8b65","after":"45992ada02fb19c5c12c0242fcd6532d85caac27","ref":"refs/heads/containers-auth","pushedAt":"2024-04-18T21:14:26.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support podman_credential_files\n\nFeature: The parameter podman_credential_files is used to provide containers-auth.json\nfiles which allow authentication to registries.  See README.md for more infomation.\n\nReason: Users need a way to provide credential files for authenticating to private\nregistries.  Some operations may need to pull images from registries in an\nautomated or unattended way, and cannot use `registry_username` and `registry_password`.\n\nResult: Users can provide registry credentials for automated and\nunattended operations.\n\nQE: The file tests_auth_and_security.yml has been extended to test this feature.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support podman_credential_files"}},{"before":null,"after":"c528f09cac251507141a8097786db873917d2d02","ref":"refs/heads/certs.d","pushedAt":"2024-04-18T14:58:47.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: manage TLS cert/key files for registry connections and validate certs\n\nFeature: Add two new parameters:\npodman_registry_certificates is a list of dict.  Each dict specifies the\ncerts and keys to use to connect to the specified registry using TLS and\noptionally use certificate authentication.  More information can be found\nin the manpage for containers-certs.d.\npodman_validate_certs is a boolean which allows you to require or disable\nTLS certificate checking (i.e. if you do not have a CA cert for\npodman_registry_certificates and you still want to pull images from a TLS\nenabled registry).  This corresponds to the parameter \"validate_certs\"\nof the module containers.podman.podman_image.  You can also control\ncertificate validation by using podman_registries_conf to configure\nthe \"insecure\" parameter for a registry.\n\nReason: Users need to be able to configure the TLS settings for\nconnecting to registries.\n\nResult: Users can connect to registries using TLS and control how\nthat works.\n\nQE: tests_auth_and_security.yml has been extended for this.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: manage TLS cert/key files for registry connections and validate…"}},{"before":"8bd15c35de48002bcc9e3756db15db503a26df84","after":null,"ref":"refs/heads/use-none-not-null","pushedAt":"2024-04-18T14:46:39.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"}},{"before":null,"after":"8bd15c35de48002bcc9e3756db15db503a26df84","ref":"refs/heads/use-none-not-null","pushedAt":"2024-04-18T14:40:20.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"chore: use none in jinja code, not null\n\nMust use `none` in Jinja code, not `null`, which is used in YAML.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"chore: use none in jinja code, not null"}},{"before":"e1f1727938f88375f805762e452e08495d144e9c","after":"448edbc7858d2ec4ec82a8a128bd225ecc92252b","ref":"refs/heads/registry-password","pushedAt":"2024-04-17T22:32:28.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support registry_username and registry_password\n\nFeature: Add support for specifying registry password globally or on\na per-spec basis.\n\nReason: Some registries require authentication for access.\n\nResult: Users can use the podman role to manage containers with\nimages in registries which require authentication.\n\nQE: There is a new test tests_auth_and_security.yml\nThe password is \"podman_password\".  The logs should *not* contain\nthis string.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support registry_username and registry_password"}},{"before":"e6e9594d11b999b39db001552db54dc38863fd41","after":null,"ref":"refs/heads/kube-cleanup-idempotent","pushedAt":"2024-04-17T21:14:37.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"}},{"before":null,"after":"e6e9594d11b999b39db001552db54dc38863fd41","ref":"refs/heads/kube-cleanup-idempotent","pushedAt":"2024-04-17T17:39:04.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"fix: make kube cleanup idempotent\n\nCause: The task that calls podman_play was not checking if the kube yaml\nfile existed when cleaning up.\n\nConsequence: The task would give an error that the pod could not be\nremoved.\n\nFix: Do not attempt to remove the pod if the kube yaml file does not\nexist.\n\nResult: Calling the podman role repeatedly to remove a kube spec\nwill not fail and will not report changes for subsequent removals.\n\nQE: tests_basic.yml has been changed to check for this case\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"fix: make kube cleanup idempotent"}},{"before":"29165ea5c65dc729539cd604589abf19406bd85b","after":null,"ref":"refs/heads/fix-no_log-false","pushedAt":"2024-04-17T16:17:30.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"}},{"before":null,"after":"29165ea5c65dc729539cd604589abf19406bd85b","ref":"refs/heads/fix-no_log-false","pushedAt":"2024-04-17T16:15:02.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"chore: change no_log false to true; fix comment\n\nForgot to change a `no_log: false` back to `no_log: true` when debugging.\nFix an error in a comment\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"chore: change no_log false to true; fix comment"}},{"before":null,"after":"7e73ce2879b1806d0334796d4f4aa4c9e2ff8b65","ref":"refs/heads/containers-auth","pushedAt":"2024-04-13T00:48:20.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support podman_credential_files\n\nFeature: The parameter podman_credential_files is used to provide containers-auth.json\nfiles which allow authentication to registries.  See README.md for more infomation.\n\nReason: Users need a way to provide credential files for authenticating to private\nregistries.  Some operations may need to pull images from registries in an\nautomated or unattended way, and cannot use `registry_username` and `registry_password`.\n\nResult: Users can provide registry credentials for automated and\nunattended operations.\n\nQE: The file tests_auth_and_security.yml has been extended to test this feature.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support podman_credential_files"}},{"before":"fd50795fddf2599b74d590b819629c7ec03ea7b9","after":"e1f1727938f88375f805762e452e08495d144e9c","ref":"refs/heads/registry-password","pushedAt":"2024-04-12T14:57:18.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support registry_username and registry_password\n\nFeature: Add support for specifying registry password globally or on\na per-spec basis.\n\nReason: Some registries require authentication for access.\n\nResult: Users can use the podman role to manage containers with\nimages in registries which require authentication.\n\nQE: There is a new test tests_auth_and_security.yml\nThe password is \"podman_password\".  The logs should *not* contain\nthis string.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support registry_username and registry_password"}},{"before":"c17f262b9f6317b854e4be538e6b0196104d3443","after":null,"ref":"refs/heads/use-root-for-create-host-directories","pushedAt":"2024-04-12T14:56:06.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"}},{"before":"cbf423263b15e7d080c43a5af8f39f9053e83c46","after":"fd50795fddf2599b74d590b819629c7ec03ea7b9","ref":"refs/heads/registry-password","pushedAt":"2024-04-12T14:11:15.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support registry_username and registry_password\n\nFeature: Add support for specifying registry password globally or on\na per-spec basis.\n\nReason: Some registries require authentication for access.\n\nResult: Users can use the podman role to manage containers with\nimages in registries which require authentication.\n\nQE: There is a new test tests_auth_and_security.yml\nThe password is \"podman_password\".  The logs should *not* contain\nthis string.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support registry_username and registry_password"}},{"before":null,"after":"cbf423263b15e7d080c43a5af8f39f9053e83c46","ref":"refs/heads/registry-password","pushedAt":"2024-04-12T00:08:08.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"feat: support registry_username and registry_password\n\nFeature: Add support for specifying registry password globally or on\na per-spec basis.\n\nReason: Some registries require authentication for access.\n\nResult: Users can use the podman role to manage containers with\nimages in registries which require authentication.\n\nQE: There is a new test tests_auth_and_security.yml\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"feat: support registry_username and registry_password"}},{"before":"16fa24473034ae312d775fc348642ccb4ea28a18","after":"c17f262b9f6317b854e4be538e6b0196104d3443","ref":"refs/heads/use-root-for-create-host-directories","pushedAt":"2024-04-10T23:10:16.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"fix: do not use become for changing hostdir ownership, and expose subuid/subgid info\n\nWhen creating host directories, do not use `become`, because if\nit needs to change ownership, that must be done by `root`, not\nas the rootless podman user.\n\nIn order to test this, I have changed the role to export the subuid and subgid\ninformation for the rootless users as two dictionaries:\n`podman_subuid_info` and `podman_subgid_info`.  See `README.md` for\nusage.\n\nNOTE that depending on the namespace used by your containers, you might not\nbe able to use the subuid and subgid information, which comes from `getsubids`\nif available, or directly from the files `/etc/subuid` and `/etc/subgid` on\nthe host.\n\nQE: The test tests_basic.yml has been extended for this.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"fix: do not use become for changing hostdir ownership, and expose sub…"}},{"before":"27f6b4e1a77614508a57ea8081308f5e38b4cd94","after":null,"ref":"refs/heads/test-do-not-check-root-for-linger","pushedAt":"2024-04-10T23:09:40.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"}},{"before":null,"after":"27f6b4e1a77614508a57ea8081308f5e38b4cd94","ref":"refs/heads/test-do-not-check-root-for-linger","pushedAt":"2024-04-10T22:06:59.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"test: do not check for root linger\n\nDo not check if there is a linger file for root.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"test: do not check for root linger"}},{"before":"b32e4af927b647caed49623f9dbb839991fc01d9","after":"16fa24473034ae312d775fc348642ccb4ea28a18","ref":"refs/heads/use-root-for-create-host-directories","pushedAt":"2024-04-10T19:33:27.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"richm","name":"Richard Megginson","path":"/richm","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/23066?s=80&v=4"},"commit":{"message":"fix: do not use become for changing hostdir ownership, and expose subuid/subgid info\n\nWhen creating host directories, do not use `become`, because if\nit needs to change ownership, that must be done by `root`, not\nas the rootless podman user.\n\nIn order to test this, I have changed the role to export the subuid and subgid\ninformation for the rootless users as two dictionaries:\n`podman_subuid_info` and `podman_subgid_info`.  See `README.md` for\nusage.\n\nNOTE that depending on the namespace used by your containers, you might not\nbe able to use the subuid and subgid information, which comes from `getsubids`\nif available, or directly from the files `/etc/subuid` and `/etc/subgid` on\nthe host.\n\nQE: The test tests_basic.yml has been extended for this.\n\nSigned-off-by: Rich Megginson <rmeggins@redhat.com>","shortMessageHtmlLink":"fix: do not use become for changing hostdir ownership, and expose sub…"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEYm-fdwA","startCursor":null,"endCursor":null}},"title":"Activity · richm/linux-system-roles-podman"}