feat: upgrade podman 5.2.1

Dependency upgrades: * podman 5.2.1 * crun 1.16.1 * netavark 1.12.1 * aardvark 1.12.1 * alpine 3.20 base image
mgoltzsche · Aug 14, 2024 · a4307e3 · a4307e3
1 parent 9c33ef2
commit a4307e3
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 21 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1 +1,2 @@
 /build
+.git
diff --git a/Dockerfile b/Dockerfile
@@ -1,10 +1,10 @@
 # Download gpg
-FROM alpine:3.19 AS gpg
+FROM alpine:3.20 AS gpg
 RUN apk add --no-cache gnupg
 
 
 # runc
-FROM golang:1.22-alpine3.19 AS runc
+FROM golang:1.22-alpine3.20 AS runc
 ARG RUNC_VERSION=v1.1.13
 # Download runc binary release since static build doesn't work with musl libc anymore since 1.1.8, see https://github.com/opencontainers/runc/issues/3950
 RUN set -eux; \
@@ -16,7 +16,7 @@ RUN set -eux; \
 
 
 # podman build base
-FROM golang:1.22-alpine3.19 AS podmanbuildbase
+FROM golang:1.22-alpine3.20 AS podmanbuildbase
 RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 	btrfs-progs btrfs-progs-dev libassuan-dev lvm2-dev device-mapper \
 	glib-static libc-dev gpgme-dev protobuf-dev protobuf-c-dev \
@@ -27,7 +27,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 # podman (without systemd support)
 FROM podmanbuildbase AS podman
 RUN apk add --update --no-cache tzdata curl
-ARG PODMAN_VERSION=v5.1.2
+ARG PODMAN_VERSION=v5.2.1
 ARG PODMAN_BUILDTAGS='seccomp selinux apparmor exclude_graphdriver_devicemapper containers_image_openpgp'
 ARG PODMAN_CGO=1
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
@@ -59,14 +59,14 @@ RUN set -ex; \
 	bin/conmon --help >/dev/null
 
 
-FROM rust:1.78-alpine3.19 AS rustbase
+FROM rust:1.78-alpine3.20 AS rustbase
 RUN apk add --update --no-cache git make musl-dev
 
 
 # netavark
 FROM rustbase AS netavark
 RUN apk add --update --no-cache protoc
-ARG NETAVARK_VERSION=v1.11.0
+ARG NETAVARK_VERSION=v1.12.1
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$NETAVARK_VERSION https://github.com/containers/netavark
 WORKDIR /netavark
 ENV RUSTFLAGS='-C link-arg=-s'
@@ -75,7 +75,7 @@ RUN cargo build --release
 
 # aardvark-dns
 FROM rustbase AS aardvark-dns
-ARG AARDVARKDNS_VERSION=v1.11.0
+ARG AARDVARKDNS_VERSION=v1.12.1
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$AARDVARKDNS_VERSION https://github.com/containers/aardvark-dns
 WORKDIR /aardvark-dns
 ENV RUSTFLAGS='-C link-arg=-s'
@@ -138,7 +138,7 @@ RUN set -ex; \
 # Download crun
 # (switched keyserver from sks to ubuntu since sks is offline now and gpg refuses to import keys from keys.openpgp.org because it does not provide a user ID with the key.)
 FROM gpg AS crun
-ARG CRUN_VERSION=1.15
+ARG CRUN_VERSION=1.16.1
 RUN set -ex; \
 	ARCH="`uname -m | sed 's!x86_64!amd64!; s!aarch64!arm64!'`"; \
 	wget -O /usr/local/bin/crun https://github.com/containers/crun/releases/download/$CRUN_VERSION/crun-${CRUN_VERSION}-linux-${ARCH}-disable-systemd; \
@@ -150,7 +150,7 @@ RUN set -ex; \
 
 
 # Build podman base image
-FROM alpine:3.19 AS podmanbase
+FROM alpine:3.20 AS podmanbase
 LABEL maintainer="Max Goltzsche <[email protected]>"
 RUN apk add --no-cache tzdata ca-certificates
 COPY --from=conmon /conmon/bin/conmon /usr/local/lib/podman/conmon

diff --git a/Dockerfile-remote b/Dockerfile-remote
@@ -1,5 +1,5 @@
 # podman build base
-FROM golang:1.22-alpine3.19 AS podmanbuildbase
+FROM golang:1.22-alpine3.20 AS podmanbuildbase
 RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 	btrfs-progs btrfs-progs-dev libassuan-dev lvm2-dev device-mapper \
 	glib-static libc-dev gpgme-dev protobuf-dev protobuf-c-dev \
@@ -9,7 +9,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 # podman remote
 FROM podmanbuildbase AS podman-remote
 RUN apk add --update --no-cache curl
-ARG PODMAN_VERSION=v5.1.2
+ARG PODMAN_VERSION=v5.2.1
 RUN git clone -c advice.detachedHead=false --depth=1 --branch=${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
 WORKDIR $GOPATH/src/github.com/containers/podman
 RUN set -eux; \
@@ -20,6 +20,6 @@ RUN set -eux; \
 	podman --help >/dev/null; \
 	[ "$(ldd /usr/local/bin/podman-remote | wc -l)" -eq 0 ] || (ldd /usr/local/bin/podman-remote; false)
 
-FROM alpine:3.19
+FROM alpine:3.20
 COPY --from=podman-remote /usr/local/bin /usr/local/bin
 RUN adduser -D podman-remote -h /podman -u 1000
diff --git a/test/rootless.bats b/test/rootless.bats
@@ -60,17 +60,9 @@ teardown_file() {
 		# Otherwise minimal podman fails with "Error: unable to find network with name or ID podman-default-kube-network: network not found"
 		skip "TEST_SKIP_PLAYKUBE=true"
 	fi
-	# TODO: remove workaround.
-	# The rootless-netns directory is created explicitly here as a workaround to make the test pass.
-	# See https://github.com/containers/podman/discussions/22903#discussioncomment-9675638
-	# and https://github.com/containers/common/pull/2042
 	$DOCKER run --rm --privileged -u podman:podman \
 		-v "$PODMAN_ROOT_DATA_DIR:/podman/.local/share/containers/storage" \
 		--mount="type=bind,src=`pwd`/test/pod.yaml,dst=/pod.yaml" \
 		--pull=never "${PODMAN_IMAGE}" \
-		sh -c '
-			set -ex;
-			mkdir -pm700 /tmp/storage-run-1000/containers/networks/rootless-netns/run;
-			podman play kube /pod.yaml
-		'
+		podman play kube /pod.yaml
 }