[CI:ALL] Bump to v5.4.0-RC3

.cirrus.yml

@@ -6,7 +6,7 @@ env:
     #### Global variables used for all tasks
     ####
     # Name of the ultimate destination branch for this CI run, PR or post-merge.
-    DEST_BRANCH: "main"
+    DEST_BRANCH: "v5.4"
     # Sane (default) value for GOPROXY and GOSUMDB.
     GOPROXY: "https://proxy.golang.org,direct"
     GOSUMDB: "sum.golang.org"

Makefile

@@ -119,6 +119,7 @@ GOFLAGS ?= -trimpath
 LDFLAGS_PODMAN ?= \
 	$(if $(GIT_COMMIT),-X $(LIBPOD)/define.gitCommit=$(GIT_COMMIT),) \
 	$(if $(BUILD_INFO),-X $(LIBPOD)/define.buildInfo=$(BUILD_INFO),) \
+	$(if $(BUILD_ORIGIN),-X $(LIBPOD)/define.buildOrigin=$(BUILD_ORIGIN),) \
 	-X $(LIBPOD)/config._installPrefix=$(PREFIX) \
 	-X $(LIBPOD)/config._etcDir=$(ETCDIR) \
 	-X $(PROJECT)/v5/pkg/systemd/quadlet._binDir=$(BINDIR) \

RELEASE_NOTES.md

@@ -7,6 +7,7 @@
 - The `--mount type=volume` option for the `podman run`, `podman create`, and `podman volume create` commands now supports a new option, `subpath=`, to make only a subset of the volume visible in the container ([#20661](https://github.com/containers/podman/issues/20661)).
 - The `--userns=keep-id` option for the `podman run`, `podman create`, and `podman pod create` commands now supports a new option, `--userns=keep-id:size=`, to configure the size of the user namespace ([#24387](https://github.com/containers/podman/issues/24837)).
 - The `podman kube play` command now supports Container Device Interface (CDI) devices ([#17833](https://github.com/containers/podman/issues/17833)).
+- The `podman machine init` command now supports a new option, `--playbook`, to run an Ansible playbook in the created VM on first boot for initial configuration.
 - Quadlet `.pod` files now support a new field, `ShmSize`, to specify the size of the pod's shared SHM ([#22915](https://github.com/containers/podman/issues/22915)).
 - The `podman run`, `podman create`, and `podman pod create` commands now support a new option, `--hosts-file`, to define the base file used for `/etc/hosts` in the container.
 - The `podman run`, `podman create`, and `podman pod create` commands now support a new option, `--no-hostname`, which disables the creation of `/etc/hostname` in the container ([#25002](https://github.com/containers/podman/issues/25002)).
@@ -23,6 +24,7 @@
 ### Changes
 - Podman now passes container hostnames to Netavark, which will use them for any DHCP requests for the container.
 - Partial pulls of `zstd:chunked` images now only happen for images that have a `RootFS.DiffID` entry in the image's OCI config JSON, and require the layer contents to match. This resolves issues with image ID ambiguity when partial pulls were enabled.
+- Packagers can now set the `BUILD_ORIGIN` environment variable when building podman from the `Makefile`. This provides information on who built the Podman binary, and is displayed in `podman version` and  `podman info`. This will help upstream bug reports, allowing maintainers to trace how and where the binary was built and installed from.
 
 ### Bugfixes
 - Fixed a bug where `podman machine` VMs on WSL could fail to start when using usermode networking could fail to start due to a port conflict ([#20327](https://github.com/containers/podman/issues/20327)).
@@ -46,13 +48,20 @@
 - Fixed a bug where the output of `podman inspect` on containers did not include the ID of the network the container was joined to, improving Docker compatibility ([#24910](https://github.com/containers/podman/issues/24910)).
 - Fixed a bug where containers created with the remote API incorrectly included a create command ([#25026](https://github.com/containers/podman/issues/25026)).
 - Fixed a bug where it was possible to specify the `libkrun` backend for VMs on Intel Macs (`libkrun` only supports Arm systems).
+- Fixed a bug where `libkrun` and `applehv` VMs from `podman machine` could be started at the same time on Macs ([#25112](https://github.com/containers/podman/issues/25112)).
+- Fixed a bug where `podman exec` commands could not detach from the exec session using the detach keys ([#24895](https://github.com/containers/podman/issues/24895)).
 
 ### API
 - The Compat and Libpod Build APIs for Images now support a new query parameter, `nohosts`, which (when set to true) does not create `/etc/hosts` in the image when building.
+- Fixed a bug where the Compat Create API for Containers did not honor CDI devices, preventing (among other things) the use of GPUs with `docker compose` ([#19338](https://github.com/containers/podman/issues/19338)).
 
 ### Misc
 - The Docker alias script has been fixed to better handle variable substitution.
 - Fixed a bug where `podman-restart.service` functioned incorrectly when no containers were present.
+- Updated Buildah to v1.39.0
+- Updated the containers/common library to v0.62.0
+- Updated the containers/storage library to v1.57.1
+- Updated the containers/image library to v5.34.0
 
 ## 5.3.2
 ### Security

cmd/podman/artifact/add.go

@@ -3,15 +3,17 @@ package artifact
 import (
 	"fmt"
 
+	"github.com/containers/common/pkg/completion"
 	"github.com/containers/podman/v5/cmd/podman/common"
 	"github.com/containers/podman/v5/cmd/podman/registry"
 	"github.com/containers/podman/v5/pkg/domain/entities"
+	"github.com/containers/podman/v5/pkg/domain/utils"
 	"github.com/spf13/cobra"
 )
 
 var (
 	addCmd = &cobra.Command{
-		Use:               "add ARTIFACT PATH [...PATH]",
+		Use:               "add [options] ARTIFACT PATH [...PATH]",
 		Short:             "Add an OCI artifact to the local store",
 		Long:              "Add an OCI artifact to the local store from the local filesystem",
 		RunE:              add,
@@ -22,15 +24,41 @@ var (
 	}
 )
 
+type artifactAddOptions struct {
+	ArtifactType string
+	Annotations  []string
+}
+
+var (
+	addOpts artifactAddOptions
+)
+
 func init() {
 	registry.Commands = append(registry.Commands, registry.CliCommand{
 		Command: addCmd,
 		Parent:  artifactCmd,
 	})
+	flags := addCmd.Flags()
+
+	annotationFlagName := "annotation"
+	flags.StringArrayVar(&addOpts.Annotations, annotationFlagName, nil, "set an `annotation` for the specified artifact")
+	_ = addCmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone)
+
+	addTypeFlagName := "type"
+	flags.StringVar(&addOpts.ArtifactType, addTypeFlagName, "", "Use type to describe an artifact")
+	_ = addCmd.RegisterFlagCompletionFunc(addTypeFlagName, completion.AutocompleteNone)
 }
 
 func add(cmd *cobra.Command, args []string) error {
-	report, err := registry.ImageEngine().ArtifactAdd(registry.Context(), args[0], args[1:], entities.ArtifactAddoptions{})
+	opts := new(entities.ArtifactAddOptions)
+
+	annots, err := utils.ParseAnnotations(addOpts.Annotations)
+	if err != nil {
+		return err
+	}
+	opts.Annotations = annots
+	opts.ArtifactType = addOpts.ArtifactType
+	report, err := registry.ImageEngine().ArtifactAdd(registry.Context(), args[0], args[1:], opts)
 	if err != nil {
 		return err
 	}

cmd/podman/artifact/list.go

@@ -31,7 +31,9 @@ var (
 )
 
 type listFlagType struct {
-	format string
+	format    string
+	noHeading bool
+	noTrunc   bool
 }
 
 type artifactListOutput struct {
@@ -54,6 +56,8 @@ func init() {
 	formatFlagName := "format"
 	flags.StringVar(&listFlag.format, formatFlagName, defaultArtifactListOutputFormat, "Format volume output using JSON or a Go template")
 	_ = listCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteFormat(&artifactListOutput{}))
+	flags.BoolVarP(&listFlag.noHeading, "noheading", "n", false, "Do not print column headings")
+	flags.BoolVar(&listFlag.noTrunc, "no-trunc", false, "Do not truncate output")
 }
 
 func list(cmd *cobra.Command, _ []string) error {
@@ -95,10 +99,15 @@ func outputTemplate(cmd *cobra.Command, lrs []*entities.ArtifactListReport) erro
 		if err != nil {
 			return err
 		}
-		// TODO when we default to shorter ids, i would foresee a switch
-		// like images that will show the full ids.
+
+		artifactHash := artifactDigest.Encoded()[0:12]
+		// If the user does not want truncated hashes
+		if listFlag.noTrunc {
+			artifactHash = artifactDigest.Encoded()
+		}
+
 		artifacts = append(artifacts, artifactListOutput{
-			Digest:     artifactDigest.Encoded(),
+			Digest:     artifactHash,
 			Repository: named.Name(),
 			Size:       units.HumanSize(float64(lr.Artifact.TotalSizeBytes())),
 			Tag:        tag,
@@ -125,7 +134,7 @@ func outputTemplate(cmd *cobra.Command, lrs []*entities.ArtifactListReport) erro
 		return err
 	}
 
-	if rpt.RenderHeaders {
+	if rpt.RenderHeaders && !listFlag.noHeading {
 		if err := rpt.Execute(headers); err != nil {
 			return fmt.Errorf("failed to write report column headers: %w", err)
 		}

cmd/podman/client.go

@@ -3,9 +3,10 @@ package main
 import "github.com/containers/podman/v5/libpod/define"
 
 type clientInfo struct {
-	OSArch   string `json:"OS"`
-	Provider string `json:"provider"`
-	Version  string `json:"version"`
+	OSArch      string `json:"OS"`
+	Provider    string `json:"provider"`
+	Version     string `json:"version"`
+	BuildOrigin string `json:"buildOrigin,omitempty" yaml:",omitempty"`
 }
 
 func getClientInfo() (*clientInfo, error) {
@@ -18,8 +19,9 @@ func getClientInfo() (*clientInfo, error) {
 		return nil, err
 	}
 	return &clientInfo{
-		OSArch:   vinfo.OsArch,
-		Provider: p,
-		Version:  vinfo.Version,
+		OSArch:      vinfo.OsArch,
+		Provider:    p,
+		Version:     vinfo.Version,
+		BuildOrigin: vinfo.BuildOrigin,
 	}, nil
 }

cmd/podman/common/completion.go

@@ -3,6 +3,7 @@ package common
 import (
 	"bufio"
 	"fmt"
+	"io/fs"
 	"os"
 	"path"
 	"path/filepath"
@@ -1646,8 +1647,8 @@ func AutocompleteContainersConfModules(cmd *cobra.Command, args []string, toComp
 	for _, d := range dirs {
 		cleanedD := filepath.Clean(d)
 		moduleD := cleanedD + string(os.PathSeparator)
-		_ = filepath.Walk(d,
-			func(path string, f os.FileInfo, err error) error {
+		_ = filepath.WalkDir(d,
+			func(path string, d fs.DirEntry, err error) error {
 				if err != nil {
 					return err
 				}
@@ -1657,7 +1658,7 @@ func AutocompleteContainersConfModules(cmd *cobra.Command, args []string, toComp
 					return nil
 				}
 
-				if filepath.Clean(path) == cleanedD || f.IsDir() {
+				if filepath.Clean(path) == cleanedD || d.IsDir() {
 					return nil
 				}
 

cmd/podman/machine/init.go

@@ -62,6 +62,10 @@ func init() {
 	)
 	_ = initCmd.RegisterFlagCompletionFunc(cpusFlagName, completion.AutocompleteNone)
 
+	runPlaybookFlagName := "playbook"
+	flags.StringVar(&initOpts.PlaybookPath, runPlaybookFlagName, "", "Run an Ansible playbook after first boot")
+	_ = initCmd.RegisterFlagCompletionFunc(runPlaybookFlagName, completion.AutocompleteDefault)
+
 	diskSizeFlagName := "disk-size"
 	flags.Uint64Var(
 		&initOpts.DiskSize,

cmd/podman/system/info.go

@@ -45,6 +45,11 @@ var (
 	debug    bool
 )
 
+type infoReport struct {
+	define.Info
+	Client *define.Version `json:",omitempty" yaml:",omitempty"`
+}
+
 func init() {
 	registry.Commands = append(registry.Commands, registry.CliCommand{
 		Command: infoCommand,
@@ -74,12 +79,21 @@ func info(cmd *cobra.Command, args []string) error {
 	if err != nil {
 		return err
 	}
+	remote := registry.IsRemote()
+	info.Host.ServiceIsRemote = remote
 
-	info.Host.ServiceIsRemote = registry.IsRemote()
+	infoReport := infoReport{
+		Info: *info,
+	}
+
+	if remote {
+		clientVers, _ := define.GetVersion()
+		infoReport.Client = &clientVers
+	}
 
 	switch {
 	case report.IsJSON(inFormat):
-		b, err := json.MarshalIndent(info, "", "  ")
+		b, err := json.MarshalIndent(infoReport, "", "  ")
 		if err != nil {
 			return err
 		}
@@ -94,9 +108,9 @@ func info(cmd *cobra.Command, args []string) error {
 		if err != nil {
 			return err
 		}
-		return rpt.Execute(info)
+		return rpt.Execute(infoReport)
 	default:
-		b, err := yaml.Marshal(info)
+		b, err := yaml.Marshal(infoReport)
 		if err != nil {
 			return err
 		}

cmd/podman/system/version.go

@@ -97,6 +97,7 @@ API Version:\t{{.APIVersion}}
 Go Version:\t{{.GoVersion}}
 {{if .GitCommit -}}Git Commit:\t{{.GitCommit}}\n{{end -}}
 Built:\t{{.BuiltTime}}
+{{if .BuildOrigin -}}Build Origin:\t{{.BuildOrigin}}\n{{end -}}
 OS/Arch:\t{{.OsArch}}
 {{- end}}
 
@@ -108,6 +109,7 @@ API Version:\t{{.APIVersion}}
 Go Version:\t{{.GoVersion}}
 {{if .GitCommit -}}Git Commit:\t{{.GitCommit}}\n{{end -}}
 Built:\t{{.BuiltTime}}
+{{if .BuildOrigin -}}Build Origin:\t{{.BuildOrigin}}\n{{end -}}
 OS/Arch:\t{{.OsArch}}
 {{- end}}{{- end}}
 `

contrib/pkginstaller/package.sh

@@ -9,6 +9,7 @@ PRODUCTSIGN_IDENTITY=${PRODUCTSIGN_IDENTITY:-mock}
 NO_CODESIGN=${NO_CODESIGN:-0}
 HELPER_BINARIES_DIR="/opt/podman/bin"
 MACHINE_POLICY_JSON_DIR="/opt/podman/config"
+BUILD_ORIGIN="pkginstaller"
 
 tmpBin="contrib/pkginstaller/tmp-bin"
 
@@ -47,7 +48,7 @@ function build_podman() {
 }
 
 function build_podman_arch(){
-    make -B GOARCH="$1" podman-remote HELPER_BINARIES_DIR="${HELPER_BINARIES_DIR}"
+    make -B GOARCH="$1" podman-remote HELPER_BINARIES_DIR="${HELPER_BINARIES_DIR}" BUILD_ORIGIN="${BUILD_ORIGIN}"
     make -B GOARCH="$1" podman-mac-helper
     mkdir -p "${tmpBin}"
     cp bin/darwin/podman "${tmpBin}/podman-$1"

docs/source/markdown/.gitignore

@@ -1,3 +1,5 @@
+podman-artifact-add.1.md
+podman-artifact-ls.1.md
 podman-artifact-pull.1.md
 podman-artifact-push.1.md
 podman-attach.1.md

docs/source/markdown/options/annotation.manifest.md

@@ -1,5 +1,5 @@
 ####> This option file is used in:
-####>   podman manifest add, manifest annotate
+####>   podman artifact add, manifest add, manifest annotate
 ####> If file is edited, make sure the changes
 ####> are applicable to all of those.
 #### **--annotation**=*annotation=value*

docs/source/markdown/options/no-trunc.md

@@ -0,0 +1,7 @@
+####> This option file is used in:
+####>   podman artifact ls, images
+####> If file is edited, make sure the changes
+####> are applicable to all of those.
+#### **--no-trunc**
+
+Do not truncate the output (default *false*).

docs/source/markdown/options/noheading.md

@@ -1,5 +1,5 @@
 ####> This option file is used in:
-####>   podman image trust, images, machine list, network ls, pod ps, secret ls, volume ls
+####>   podman artifact ls, image trust, images, machine list, network ls, pod ps, secret ls, volume ls
 ####> If file is edited, make sure the changes
 ####> are applicable to all of those.
 #### **--noheading**, **-n**

docs/source/markdown/podman-artifact-add.1.md → docs/source/markdown/podman-artifact-add.1.md.in

@@ -19,10 +19,15 @@ added.
 
 ## OPTIONS
 
+@@option annotation.manifest
+
 #### **--help**
 
 Print usage statement.
 
+#### **--type**
+
+Set a type for the artifact being added.
 
 ## EXAMPLES
 
@@ -39,6 +44,10 @@ $ podman artifact add quay.io/myartifact/myml:latest /tmp/foobar1.ml /tmp/foobar
 1487acae11b5a30948c50762882036b41ac91a7b9514be8012d98015c95ddb78
 ```
 
+Set an annotation for an artifact
+```
+$ podman artifact add --annotation date=2025-01-30 quay.io/myartifact/myml:latest /tmp/foobar1.ml
+```
 
 
 ## SEE ALSO