Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/containers/podman/v4 from 4.6.2 to 4.7.0 #1616

Merged
merged 1 commit into from
Oct 3, 2023
Merged

Bump github.com/containers/podman/v4 from 4.6.2 to 4.7.0 #1616

merged 1 commit into from
Oct 3, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 2, 2023

Bumps github.com/containers/podman/v4 from 4.6.2 to 4.7.0.

Release notes

Sourced from github.com/containers/podman/v4's releases.

v4.7.0

Security

  • Now the io.containers.capabilities LABEL in an image can be an empty string.

Features

  • New command set: podman farm [create,list,remove,update] has been created to "farm" out builds to machines running Podman for different architectures.
  • New command: podman compose as a thin wrapper around an external compose provider such as docker-compose or podman-compose.
  • FreeBSD: podman run --device is now supported.
  • Linux: Add a new --module flag for Podman.
  • Podmansh: Timeout is now configurable using the podmansh_timeout option in containers.conf.
  • SELinux: Add support for confined users to create containers but restrict them from creating privileged containers.
  • WSL: Registers shared socket bindings on Windows, to allow other WSL distributions easy remote access (#15190).
  • WSL: Enabling user-mode-networking on older WSL2 generations will now detect an error with upgrade guidance.
  • The podman build command now supports two new options: --layer-label and --cw.
  • The podman kube generate command now supports generation of k8s DaemonSet kind (#18899).
  • The podman kube generate and podman kube play commands now support the k8s TerminationGracePeriodSeconds field (RH BZ#2218061).
  • The podman kube generate and podman kube play commands now support securityContext.procMount: Unmasked (#19881).
  • The podman generate kube command now supports a --podman-only flag to allow podman-only reserved annotations to be used in the generated YAML file. These annotations cannot be used by Kubernetes.
  • The podman kube generate now supports a --no-trunc flag that supports YAML files with annotations longer than 63 characters. Warning: if an annotation is longer than 63 chars, then the generated yaml file is not Kubernetes compatible.
  • An infra name annotation io.podman.annotations.infra.name is added in the generated yaml when the pod create command has --infra-name set. This annotation can also be used with kube play when wanting to customize the infra container name (#18312).
  • The syntax of --uidmap and --gidmap has been extended to lookup the parent user namespace and to extend default mappings (#18333).
  • The podman kube commands now support the List kind (#19052).
  • The podman kube play command now supports environment variables in kube.yaml (#15983).
  • The podman push and podman manifest push commands now support the --force-compression optionto prevent reusing other blobs (#18860).
  • The podman manifest push command now supports --add-compression to push with compressed variants.
  • The podman manifest push command now honors the add_compression field from containers.conf if --add-compression is not set.
  • The podman run and podman create --mount commands now support the ramfs type (#19659).
  • When running under systemd (e.g., via Quadlet), Podman will extend the start timeout in 30 second steps up to a maximum of 5 minutes when pulling an image.
  • The --add-host option now accepts the special string host-gateway instead of an IP Address, which will be mapped to the host IP address.
  • The podman generate systemd command is deprecated. Use Quadlet for running containers and pods under systemd.
  • The podman secret rm command now supports an --ignore option.
  • The --env-file option now supports multiline variables (#18724).
  • The --read-only-tmpfs flag now affects /dev and /dev/shm as well as /run, /tmp, /var/tmp (#12937).
  • The Podman --mount option now supports bind mounts passed as globs.
  • The --mount option can now be specified in containers.conf using the mounts field.
  • The podman stats now has an --all option to get all containers stats (#19252).
  • There is now a new --sdnotify=healthy policy where Podman sends the READY message once the container turns healthy (#6160).
  • Temporary files created when dealing with images in /var/tmp will automatically be cleaned up on reboot.
  • There is now a new filter option since for podman volume ls and podman volume prune (#19228).
  • The podman inspect command now has tab-completion support (#18672).
  • The podman kube play command now has support for the use of reserved annotations in the generated YAML.
  • The progress bar is now displayed when decompressing a Podman machine image (#19240).
  • The podman secret inspect command supports a new option --showsecret which will output the actual secret.
  • The podman secret create now supports a --replace option, which allows you to modify secrets without replacing containers.
  • The podman login command can now read the secret for a registry from its secret database created with podman secret create (#18667).
  • The remote Podman client’s podman play kube command now works with the --userns option (#17392).

Changes

  • The /tmp and /var/tmp inside of a podman kube play will no longer be noexec.
  • The limit of inotify instances has been bumped from 128 to 524288 for podman machine (#19848).

... (truncated)

Changelog

Sourced from github.com/containers/podman/v4's changelog.

4.7.0

Security

  • Now the io.containers.capabilities LABEL in an image can be an empty string.

Features

  • New command set: podman farm [create,list,remove,update] has been created to "farm" out builds to machines running Podman for different architectures.
  • New command: podman compose as a thin wrapper around an external compose provider such as docker-compose or podman-compose.
  • FreeBSD: podman run --device is now supported.
  • Linux: Add a new --module flag for Podman.
  • Podmansh: Timeout is now configurable using the podmansh_timeout option in containers.conf.
  • SELinux: Add support for confined users to create containers but restrict them from creating privileged containers.
  • WSL: Registers shared socket bindings on Windows, to allow other WSL distributions easy remote access (#15190).
  • WSL: Enabling user-mode-networking on older WSL2 generations will now detect an error with upgrade guidance.
  • The podman build command now supports two new options: --layer-label and --cw.
  • The podman kube generate command now supports generation of k8s DaemonSet kind (#18899).
  • The podman kube generate and podman kube play commands now support the k8s TerminationGracePeriodSeconds field (RH BZ#2218061).
  • The podman kube generate and podman kube play commands now support securityContext.procMount: Unmasked (#19881).
  • The podman generate kube command now supports a --podman-only flag to allow podman-only reserved annotations to be used in the generated YAML file. These annotations cannot be used by Kubernetes.
  • The podman kube generate now supports a --no-trunc flag that supports YAML files with annotations longer than 63 characters. Warning: if an annotation is longer than 63 chars, then the generated yaml file is not Kubernetes compatible.
  • An infra name annotation io.podman.annotations.infra.name is added in the generated yaml when the pod create command has --infra-name set. This annotation can also be used with kube play when wanting to customize the infra container name (#18312).
  • The syntax of --uidmap and --gidmap has been extended to lookup the parent user namespace and to extend default mappings (#18333).
  • The podman kube commands now support the List kind (#19052).
  • The podman kube play command now supports environment variables in kube.yaml (#15983).
  • The podman push and podman manifest push commands now support the --force-compression optionto prevent reusing other blobs (#18860).
  • The podman manifest push command now supports --add-compression to push with compressed variants.
  • The podman manifest push command now honors the add_compression field from containers.conf if --add-compression is not set.
  • The podman run and podman create --mount commands now support the ramfs type (#19659).
  • When running under systemd (e.g., via Quadlet), Podman will extend the start timeout in 30 second steps up to a maximum of 5 minutes when pulling an image.
  • The --add-host option now accepts the special string host-gateway instead of an IP Address, which will be mapped to the host IP address.
  • The podman generate systemd command is deprecated. Use Quadlet for running containers and pods under systemd.
  • The podman secret rm command now supports an --ignore option.
  • The --env-file option now supports multiline variables (#18724).
  • The --read-only-tmpfs flag now affects /dev and /dev/shm as well as /run, /tmp, /var/tmp (#12937).
  • The Podman --mount option now supports bind mounts passed as globs.
  • The --mount option can now be specified in containers.conf using the mounts field.
  • The podman stats now has an --all option to get all containers stats (#19252).
  • There is now a new --sdnotify=healthy policy where Podman sends the READY message once the container turns healthy (#6160).
  • Temporary files created when dealing with images in /var/tmp will automatically be cleaned up on reboot.
  • There is now a new filter option since for podman volume ls and podman volume prune (#19228).
  • The podman inspect command now has tab-completion support (#18672)(containers/podman#18672)).
  • The podman kube play command now has support for the use of reserved annotations in the generated YAML.
  • The progress bar is now displayed when decompressing a Podman machine image (#19240).
  • The podman secret inspect command supports a new option --showsecret which will output the actual secret.
  • The podman secret create now supports a --replace option, which allows you to modify secrets without replacing containers.
  • The podman login command can now read the secret for a registry from its secret database created with podman secret create (#18667](containers/podman#18667)).
  • The remote Podman client’s podman play kube command now works with the --userns option (#17392).

Changes

  • The /tmp and /var/tmp inside of a podman kube play will no longer be noexec.
  • The limit of inotify instances has been bumped from 128 to 524288 for podman machine (#19848).

... (truncated)

Commits
  • 073183f Bump to v4.7.0
  • 44f727f [CI:DOCS] v4.7.0 RELEASE_NOTES update
  • 37169cd Merge pull request #20131 from openshift-cherrypick-robot/cherry-pick-20039-t...
  • 2d32314 rpm: remove gvproxy subpackage
  • ccd3649 Merge pull request #20096 from openshift-cherrypick-robot/cherry-pick-20086-t...
  • 79e0d2a Merge pull request #20106 from openshift-cherrypick-robot/cherry-pick-20061-t...
  • a2697c0 packit: tag @​containers/packit-build team on copr build failures
  • 1868c7c Merge pull request #20095 from openshift-cherrypick-robot/cherry-pick-20062-t...
  • 54ce0ca specgen, rootless: fix mount of cgroup without a netns
  • d2f9af7 pass --syslog to the cleanup process
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/containers/podman/v4 from 4.6.2 to 4.7.0
a92916c 
Bumps [github.com/containers/podman/v4](https://github.com/containers/podman) from 4.6.2 to 4.7.0.
- [Release notes](https://github.com/containers/podman/releases)
- [Changelog](https://github.com/containers/podman/blob/v4.7.0/RELEASE_NOTES.md)
- [Commits](containers/podman@v4.6.2...v4.7.0)

---
updated-dependencies:
- dependency-name: github.com/containers/podman/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 2, 2023
@hellt hellt merged commit 9d0b06c into main Oct 3, 2023
17 checks passed
@hellt hellt deleted the dependabot/go_modules/github.com/containers/podman/v4-4.7.0 branch October 3, 2023 08:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@hellt