[pkg-go] Bug#1053131: Fwd: [containers/podman] Release v4.7.0 - v4.7.0
Reinhard Tartler
siretart at gmail.com
Wed Sep 27 23:31:08 BST 2023
Package: libpod
severity: wishlist
---------- Forwarded message ---------
From: Lokesh Mandvekar <notifications at github.com>
Date: Wed, Sep 27, 2023 at 2:02 PM
Subject: [containers/podman] Release v4.7.0 - v4.7.0
To: containers/podman <podman at noreply.github.com>
Cc: Subscribed <subscribed at noreply.github.com>
v4.7.0 <https://github.com/containers/podman/releases/tag/v4.7.0>
Repository: containers/podman <https://github.com/containers/podman> · Tag:
v4.7.0 <https://github.com/containers/podman/tree/v4.7.0> · Commit: 073183f
<https://github.com/containers/podman/commit/073183fe1723d7bda826b574437891976a958c65>
· Released by: lsm5 <https://github.com/lsm5>
Security
- Now the io.containers.capabilities LABEL in an image can be an empty
string.
Features
- New command set: podman farm [create,list,remove,update] has been
created to "farm" out builds to machines running Podman for different
architectures.
- New command: podman compose as a thin wrapper around an external
compose provider such as docker-compose or podman-compose.
- FreeBSD: podman run --device is now supported.
- Linux: Add a new --module flag for Podman.
- Podmansh: Timeout is now configurable using the podmansh_timeout
option in containers.conf.
- SELinux: Add support for confined users to create containers but
restrict them from creating privileged containers.
- WSL: Registers shared socket bindings on Windows, to allow other WSL
distributions easy remote access (#15190
<https://github.com/containers/podman/issues/15190>).
- WSL: Enabling user-mode-networking on older WSL2 generations will now
detect an error with upgrade guidance.
- The podman build command now supports two new options: --layer-label
and --cw.
- The podman kube generate command now supports generation of k8s
DaemonSet kind (#18899
<https://github.com/containers/podman/issues/18899>).
- The podman kube generate and podman kube play commands now support the
k8s TerminationGracePeriodSeconds field (RH BZ#2218061
<https://bugzilla.redhat.com/show_bug.cgi?id=2218061>).
- The podman kube generate and podman kube play commands now
support securityContext.procMount:
Unmasked (#19881 <https://github.com/containers/podman/issues/19881>).
- The podman generate kube command now supports a --podman-only flag to
allow podman-only reserved annotations to be used in the generated YAML
file. These annotations cannot be used by Kubernetes.
- The podman kube generate now supports a --no-trunc flag that supports
YAML files with annotations longer than 63 characters. Warning: if an
annotation is longer than 63 chars, then the generated yaml file is not
Kubernetes compatible.
- An infra name annotation io.podman.annotations.infra.name is added in
the generated yaml when the pod create command has --infra-name set.
This annotation can also be used with kube play when wanting to
customize the infra container name (#18312
<https://github.com/containers/podman/issues/18312>).
- The syntax of --uidmap and --gidmap has been extended to lookup the
parent user namespace and to extend default mappings (#18333
<https://github.com/containers/podman/issues/18333>).
- The podman kube commands now support the List kind (#19052
<https://github.com/containers/podman/issues/19052>).
- The podman kube play command now supports environment variables in
kube.yaml (#15983 <https://github.com/containers/podman/issues/15983>).
- The podman push and podman manifest push commands now support the
--force-compression optionto prevent reusing other blobs (#18860
<https://github.com/containers/podman/issues/18660>).
- The podman manifest push command now supports --add-compression to
push with compressed variants.
- The podman manifest push command now honors the add_compression field
from containers.conf if --add-compression is not set.
- The podman run and podman create --mount commands now support the ramfs
type (#19659 <https://github.com/containers/podman/issues/19659>).
- When running under systemd (e.g., via Quadlet), Podman will extend the
start timeout in 30 second steps up to a maximum of 5 minutes when pulling
an image.
- The --add-host option now accepts the special string host-gateway
instead of an IP Address, which will be mapped to the host IP address.
- The podman generate systemd command is deprecated. Use Quadlet for
running containers and pods under systemd.
- The podman secret rm command now supports an --ignore option.
- The --env-file option now supports multiline variables (#18724
<https://github.com/containers/podman/issues/18724>).
- The --read-only-tmpfs flag now affects /dev and /dev/shm as well as
/run, /tmp, /var/tmp (#12937
<https://github.com/containers/podman/issues/12937>).
- The Podman --mount option now supports bind mounts passed as globs.
- The --mount option can now be specified in containers.conf using the
mounts field.
- The podman stats now has an --all option to get all containers stats (
#19252 <https://github.com/containers/podman/issues/19252>).
- There is now a new --sdnotify=healthy policy where Podman sends the
READY message once the container turns healthy (#6160
<https://github.com/containers/podman/issues/6160>).
- Temporary files created when dealing with images in /var/tmp will
automatically be cleaned up on reboot.
- There is now a new filter option since for podman volume ls and podman
volume prune (#19228 <https://github.com/containers/podman/issues/19228>
).
- The podman inspect command now has tab-completion support (#18672
<https://github.com/containers/podman/issues/18672>).
- The podman kube play command now has support for the use of reserved
annotations in the generated YAML.
- The progress bar is now displayed when decompressing a Podman machine
image (#19240 <https://github.com/containers/podman/issues/19240>).
- The podman secret inspect command supports a new option --showsecret
which will output the actual secret.
- The podman secret create now supports a --replace option, which allows
you to modify secrets without replacing containers.
- The podman login command can now read the secret for a registry from
its secret database created with podman secret create (#18667
<https://github.com/containers/podman/issues/18667>).
- The remote Podman client’s podman play kube command now works with the
--userns option (#17392 <https://github.com/containers/podman/pull/17392>
).
Changes
- The /tmp and /var/tmp inside of a podman kube play will no longer be
noexec.
- The limit of inotify instances has been bumped from 128 to 524288 for
podman machine (#19848
<https://github.com/containers/podman/issues/19848>).
- The podman kube play has been improved to only pull a newer image for
the "latest" tag (#19801
<https://github.com/containers/podman/issues/19801>).
- Pulling from an oci transport will use the optional name for naming
the image.
- The podman info command will always display the existence of the
Podman socket.
- The echo server example in socket_activation.md has been rewritten to
use quadlet instead of podman generate systemd.
- Kubernetes support table documentation correctly show volumes support.
- The podman auto-update manpage and documentation has been updated and
now includes references to Quadlet.
Quadlet
- Quadlet now supports setting Ulimit values.
- Quadlet now supports setting the PidsLimit option in a container.
- Quadlet unit files allow DNS field in Network group and DNS,
DNSSearch, and DNSOption field in Container group (#19884
<https://github.com/containers/podman/issues/19884>).
- Quadlet now supports ShmSize option in unit files.
- Quadlet now recursively calls in user directories for unit files.
- Quadlet now allows the user to set the service working directory
relative to the YAML or Unit files (17177
<https://github.com/containers/podman/discussions/17177>).
- Quadlet now allows setting user-defined names for Volume and Network
units via the VolumeName and NetworkName directives, respectively.
- Kube quadlets can now support autoupdate.
Bugfixes
- Fixed an issue where containers were being restarted after a podman
kill.
- Fixed a bug where events could report incorrect healthcheck results (
#19237 <https://github.com/containers/podman/issues/19237>).
- Fixed a bug where running a container in a pod didn't fail if volumes
or mounts were specified in the containers.conf file.
- Fixed a bug where pod cgroup limits were not being honored after a
reboot (#19175 <https://github.com/containers/podman/issues/19175>).
- Fixed a bug where podman rm -af could fail to remove containers under
some circumstances (#18874
<https://github.com/containers/podman/issues/18874>).
- Fixed a bug in rootless to clamp oom_score_adj to current value if it
is too low (#19829 <https://github.com/containers/podman/issues/19829>).
- Fixed a bug where --hostuser was being parsed in base 8 instead of
base 10 (#19800 <https://github.com/containers/podman/issues/19800>).
- Fixed a bug where kube down would error when an object did not exist (
#19711 <https://github.com/containers/podman/issues/19711>).
- Fixed a bug where containers created via DOCKER API without specifying
StopTimeout had StopTimeout defaulting to 0 seconds (#19139
<https://github.com/containers/podman/issues/19139>).
- Fixed a bug in podman exec to set umask to match the container it's
execing into (#19713 <https://github.com/containers/podman/issues/19713>
).
- Fixed a bug where podman kube play failed to set a container's Umask
to the default 0022.
- Fixed a bug to automatically reassign Podman's machine ssh port on
Windows when it conflicts with in-use system ports (#19554
<https://github.com/containers/podman/issues/19554>).
- Fixed a bug where locales weren't passed to conmon correctly,
resulting in a crash if some characters were specified over CLI (
containers/common/#272 <https://github.com/containers/conmon/issues/272>
).
- Fixed a bug where podman top would sometimes not print the full output
(#19504 <https://github.com/containers/podman/issues/19504>).
- Fixed a bug were podman logs --tail could return incorrect lines when
the k8s-file logger is used (#19545
<https://github.com/containers/podman/issues/19545>).
- Fixed a bug where podman stop did not ignore cidfile not existing when
user specified --ignore flag (#19546
<https://github.com/containers/podman/issues/19546>).
- Fixed a bug where a container with an image volume and an inherited
mount from the --volumes-from option that used the same path could not
be created (#19529 <https://github.com/containers/podman/issues/19529>).
- Fixed a bug where podman cp via STDIN did not delete temporary files (
#19496 <https://github.com/containers/podman/issues/19496>).
- Fixed a bug where Compatibility API did not accept timeout=-1 for
stopping containers (#17542
<https://github.com/containers/podman/issues/17542>).
- Fixed a bug where podman run --rmi did not remove the container (#15640
<https://github.com/containers/podman/issues/15640>).
- Fixed a bug to recover from inconsistent podman-machine states with
QEMU (#16054 <https://github.com/containers/podman/issues/16054>).
- Fixed a bug where CID Files on remote clients are not removed when
container is removed (#19420
<https://github.com/containers/podman/issues/19420>).
- Fixed a bug in podman inspect to show a .NetworkSettings.SandboxKey
path for containers created with --net=none (#16716
<https://github.com/containers/podman/issues/16716>).
- Fixed a concurrency bug in podman machine start using the QEMU
provider (#18662 <https://github.com/containers/podman/issues/18662>).
- Fixed a bug in podman run and podman create where the command fails if
the user specifies a non-existent authfile path (#18938
<https://github.com/containers/podman/issues/18938>).
- Fixed a bug where some distributions added extra quotes around the
distribution name removed from podman info output (#19340
<https://github.com/containers/podman/issues/19340>).
- Fixed a crash validating --device argument for create and run (#19335
<https://github.com/containers/podman/issues/19335>).
- Fixed a bug where .HostConfig.PublishAllPorts always evaluates to false
when inspecting a container created with --publish-all.
- Fixed a bug in podman image trust command to allow using the local
policy.json file (#19073
<https://github.com/containers/podman/issues/19073>).
- Fixed a bug where the cgroup file system was not correctly mounted
when running without a network namespace in rootless mode (#20073
<https://github.com/containers/podman/issues/20073>).
- Fixed a bug where the --syslog flag was not passed to the cleanup
process.
API
- Fixed a bug with parsing of the pull query parameter for the compat
/build endpoint (#17778
<https://github.com/containers/podman/issues/17778>).
Misc
- Updated Buildah to v1.32.0.
—
This release has 8 assets:
- podman-remote-release-darwin_amd64.zip
- podman-remote-release-darwin_arm64.zip
- podman-remote-release-windows_amd64.zip
- podman-remote-static-linux_amd64.tar.gz
- podman-remote-static-linux_arm64.tar.gz
- shasums
- Source code (zip)
- Source code (tar.gz)
Visit the release page
<https://github.com/containers/podman/releases/tag/v4.7.0> to download them.
—
You are receiving this because you are watching this repository.
View it on GitHub <https://github.com/containers/podman/releases/tag/v4.7.0>
or unsubscribe
<https://github.com/containers/podman/unsubscribe_via_email/AAOKTJHN2RWJZPZUNPCLEALX4RS3HANCNFSM4BUBNXIQ>
from all notifications for this repository.
--
regards,
Reinhard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-go-maintainers/attachments/20230927/0fa1c186/attachment-0001.htm>
More information about the Pkg-go-maintainers
mailing list