Merge pull request #57 from k9withabone/podlet-v0.2.4

Podlet v0.2.4
containers · Jan 30, 2024 · c1a057f · c1a057f
2 parents 31e9223 + 0942a5d
commit c1a057f
Show file tree

Hide file tree

Showing 15 changed files with 340 additions and 186 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -59,15 +59,18 @@ jobs:
         with:
           submodules: recursive
       - name: Install cargo-dist
-        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.5.0/cargo-dist-installer.sh | sh"
+        # we specify bash to get pipefail; it guards against the `curl` command
+        # failing. otherwise `sh` won't catch that `curl` returned non-0
+        shell: bash
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.8.1/cargo-dist-installer.sh | sh"
       # sure would be cool if github gave us proper conditionals...
       # so here's a doubly-nested ternary-via-truthiness to try to provide the best possible
       # functionality based on whether this is a pull_request, and whether it's from a fork.
       # (PRs run on the *source* but secrets are usually on the *target* -- that's *good*
       # but also really annoying to build CI around when it needs secrets to work right.)
       - id: plan
         run: |
-          cargo dist ${{ !github.event.pull_request && format('host --steps=create --tag={0}', github.ref_name) || (github.event.pull_request.head.repo.fork && 'plan' || 'host --steps=check') }} --output-format=json > dist-manifest.json
+          cargo dist ${{ (!github.event.pull_request && format('host --steps=create --tag={0}', github.ref_name)) || 'plan' }} --output-format=json > dist-manifest.json
           echo "cargo dist ran successfully"
           cat dist-manifest.json
           echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT"
@@ -81,7 +84,8 @@ jobs:
   build-local-artifacts:
     name: build-local-artifacts (${{ join(matrix.targets, ', ') }})
     # Let the initial task tell us to not run (currently very blunt)
-    needs: plan
+    needs:
+      - plan
     if: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix.include != null && (needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload') }}
     strategy:
       fail-fast: false
@@ -150,13 +154,13 @@ jobs:
     runs-on: "ubuntu-20.04"
     env:
       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      BUILD_MANIFEST_NAME: target/distrib/dist-manifest.json
+      BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json
     steps:
       - uses: actions/checkout@v4
         with:
           submodules: recursive
       - name: Install cargo-dist
-        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.5.0/cargo-dist-installer.sh | sh"
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.8.1/cargo-dist-installer.sh | sh"
       # Get all the local artifacts for the global tasks to use (for e.g. checksums)
       - name: Fetch local artifacts
         uses: actions/download-artifact@v3
@@ -200,7 +204,7 @@ jobs:
         with:
           submodules: recursive
       - name: Install cargo-dist
-        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.5.0/cargo-dist-installer.sh | sh"
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.8.1/cargo-dist-installer.sh | sh"
       # Fetch artifacts from scratch-storage
       - name: Fetch artifacts
         uses: actions/download-artifact@v3

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,58 @@
 # Changelog
 
+## [0.2.4] - 2024-01-30
+
+### Features
+
+- Set compatibility with `--podman-version` ([#45](https://github.com/k9withabone/podlet/issues/45))
+- Add support for quadlet options introduced in podman v4.8.0 ([#30](https://github.com/k9withabone/podlet/issues/30))
+    - Container
+        - `GIDMap=`
+        - `ReadOnlyTmpfs=`
+        - `SubGIDMap=`
+        - `SubUIDMap=`
+        - `UIDMap=`
+        - Remove `VolatileTmp=`
+    - Volume
+        - `Driver=`
+        - `Image=`
+    - Image
+        - Brand new!
+        - Generate `.image` quadlet files with:
+            - `podlet podman image pull`
+            - `podlet generate image`
+    - All quadlet file types
+        - `ContainersConfModule=`
+        - `GlobalArgs=`
+- Convert relative host paths to absolute paths with `--absolute-host-paths` ([#52](https://github.com/k9withabone/podlet/issues/52))
+    - Does not affect paths in the `PodmanArgs=` quadlet option or Kubernetes YAML files.
+    - As part of the work to implement this, the following quadlet options are now fully parsed and validated:
+        - `AddDevice=`
+        - `Mount=`
+        - `Rootfs=`
+        - `Volume=`
+        - `DecryptionKey=`
+
+### Security
+
+- Remove ASCII control characters (except whitespace) from container commands
+
+### Documentation
+
+- *(readme)* Map user into podlet container ([#50](https://github.com/k9withabone/podlet/pull/50), thanks [@rugk](https://github.com/rugk)!)
+- *(readme)* Update demo, features, and usage
+
+### Refactor
+
+- *(container)* Parse security opts with `str::strip_prefix`
+- Remove arg serializer's map functionality
+
+### Miscellaneous Tasks
+
+- Add podman v4.9.0 to podman versions
+- Update dependencies
+- *(ci)* Update cargo-dist
+
 ## [0.2.3] - 2023-12-31
 
 ### Features