feat: use podman for embedded containers

[viceice]

Required --privileged docker command. If any third party binary is required (eg: java, python, ...)

Closes #3153

[viceice]

@rarkins Maybe i should add the default podman config to the ubuntu home, so we don't get the logging errors?

[rarkins]

@rarkins Maybe i should add the default podman config to the ubuntu home, so we don't get the logging errors?

I don't know which logging errors you mean, but it sounds good. I think if we can "ship" the slim version with instructions to run it with --privileged and then podman takes care of the rest, then it would be very good. Especially now that it's possible to run docker rootless with privileged.

[viceice]

The errors here on the screenshot i posted here: #3153 (comment)

[rarkins]

Sure, let's do whatever it takes to see if it will work

[rarkins]

Attempted to use it for updating a go.sum using OSX as host. Seeing both Error initializing configured OCI runtime crun: no valid executable found for OCI runtime crun: invalid argument and slirp4netns failed messages.

docker run --privileged --rm -v `pwd`/config.js:/usr/src/app/config.js renovate/renovate:slim renovate-tests/gomod7

DEBUG: go get command (repository=renovate-tests/gomod7, dependencies=golang.org/x/sys, branch=yeeha-golang.org-x-sys-digest)
       "cmd": "docker run --rm -v /tmp/renovate/repos/github/renovate-tests/gomod7:/tmp/renovate/repos/github/renovate-tests/gomod7 -v /tmp/renovate/cache/others/go:/tmp/renovate/cache/others/go -e GOPATH -e GOPROXY -e CGO_ENABLED=0 -w /tmp/renovate/repos/github/renovate-tests/gomod7 renovate/go bash -c \"git config --global url.\\\"https://**redacted**@github.com/\\\".insteadOf \\\"https://github.com/\\\" && go",
       "args": "get\""
 INFO: Failed to update go.sum (repository=renovate-tests/gomod7, dependencies=golang.org/x/sys, branch=yeeha-golang.org-x-sys-digest)
       "err": {
         "killed": false,
         "code": 127,
         "signal": null,
         "cmd": "docker run --rm -v /tmp/renovate/repos/github/renovate-tests/gomod7:/tmp/renovate/repos/github/renovate-tests/gomod7 -v /tmp/renovate/cache/others/go:/tmp/renovate/cache/others/go -e GOPATH -e GOPROXY -e CGO_ENABLED=0 -w /tmp/renovate/repos/github/renovate-tests/gomod7 renovate/go bash -c \"git config --global url.\\\"https://**redacted**@github.com/\\\".insteadOf \\\"https://github.com/\\\" && go get\"",
         "stdout": "",
         "stderr": "time=\"2019-08-30T04:58:33Z\" level=warning msg=\"Error initializing configured OCI runtime crun: no valid executable found for OCI runtime crun: invalid argument\"\nTrying to pull docker.io/renovate/go...\nGetting image source signatures\nCopying blob sha256:344da5c95cecd0f55238ce59b8469ee301056001ece2b769e9691b80f94f9f37\nCopying blob sha256:1d425c98234572d4221a1ac173162c4279f9fdde4726ec22ad3c399f59bb7503\nCopying blob sha256:0fe7e7cbb2e88617d969efeeb3bd3125f7d309335c736a0525233ec2dc06aee1\nCopying blob sha256:7413c47ba209e555018c4be91101d017737f24b0c9d1f65339b97a4da98acb2a\nCopying blob sha256:17f01d094300749a5f890ea83be99d9e4f044c6a6d9fc0454dafe2052c326fbe\nCopying blob sha256:8bafa142a362cb085e6133e54f74f296c2fefd097b4d5a9e98aa63f0b7bbe465\nCopying blob sha256:ebac9fa8f783e806ee86d570959ff4f938d8a1a5c4fa075b159a3f46593a9842\nCopying blob sha256:b2003bb451efcfa52318ccb1335ed94b3dc1b14d65d330c0fa6e0d5189475526\nCopying blob sha256:efe1d7f38356c50aec62307068ed8ea9da85f235bfbcdd2c2ada91b42f2058e5\nCopying config sha256:a33b51cfee7d50dded7c1f730c7bdc543bc45780cc349be15daabd778536ceb4\nWriting manifest to image destination\nStoring signatures\nError: slirp4netns failed\n",
         "message": "Command failed: docker run --rm -v /tmp/renovate/repos/github/renovate-tests/gomod7:/tmp/renovate/repos/github/renovate-tests/gomod7 -v /tmp/renovate/cache/others/go:/tmp/renovate/cache/others/go -e GOPATH -e GOPROXY -e CGO_ENABLED=0 -w /tmp/renovate/repos/github/renovate-tests/gomod7 renovate/go bash -c \"git config --global url.\\\"https://**redacted**@github.com/\\\".insteadOf \\\"https://github.com/\\\" && go get\"\ntime=\"2019-08-30T04:58:33Z\" level=warning msg=\"Error initializing configured OCI runtime crun: no valid executable found for OCI runtime crun: invalid argument\"\nTrying to pull docker.io/renovate/go...\nGetting image source signatures\nCopying blob sha256:344da5c95cecd0f55238ce59b8469ee301056001ece2b769e9691b80f94f9f37\nCopying blob sha256:1d425c98234572d4221a1ac173162c4279f9fdde4726ec22ad3c399f59bb7503\nCopying blob sha256:0fe7e7cbb2e88617d969efeeb3bd3125f7d309335c736a0525233ec2dc06aee1\nCopying blob sha256:7413c47ba209e555018c4be91101d017737f24b0c9d1f65339b97a4da98acb2a\nCopying blob sha256:17f01d094300749a5f890ea83be99d9e4f044c6a6d9fc0454dafe2052c326fbe\nCopying blob sha256:8bafa142a362cb085e6133e54f74f296c2fefd097b4d5a9e98aa63f0b7bbe465\nCopying blob sha256:ebac9fa8f783e806ee86d570959ff4f938d8a1a5c4fa075b159a3f46593a9842\nCopying blob sha256:b2003bb451efcfa52318ccb1335ed94b3dc1b14d65d330c0fa6e0d5189475526\nCopying blob sha256:efe1d7f38356c50aec62307068ed8ea9da85f235bfbcdd2c2ada91b42f2058e5\nCopying config sha256:a33b51cfee7d50dded7c1f730c7bdc543bc45780cc349be15daabd778536ceb4\nWriting manifest to image destination\nStoring signatures\nError: slirp4netns failed\n",
         "stack": "Error: Command failed: docker run --rm -v /tmp/renovate/repos/github/renovate-tests/gomod7:/tmp/renovate/repos/github/renovate-tests/gomod7 -v /tmp/renovate/cache/others/go:/tmp/renovate/cache/others/go -e GOPATH -e GOPROXY -e CGO_ENABLED=0 -w /tmp/renovate/repos/github/renovate-tests/gomod7 renovate/go bash -c \"git config --global url.\\\"https://**redacted**@github.com/\\\".insteadOf \\\"https://github.com/\\\" && go get\"\ntime=\"2019-08-30T04:58:33Z\" level=warning msg=\"Error initializing configured OCI runtime crun: no valid executable found for OCI runtime crun: invalid argument\"\nTrying to pull docker.io/renovate/go...\nGetting image source signatures\nCopying blob sha256:344da5c95cecd0f55238ce59b8469ee301056001ece2b769e9691b80f94f9f37\nCopying blob sha256:1d425c98234572d4221a1ac173162c4279f9fdde4726ec22ad3c399f59bb7503\nCopying blob sha256:0fe7e7cbb2e88617d969efeeb3bd3125f7d309335c736a0525233ec2dc06aee1\nCopying blob sha256:7413c47ba209e555018c4be91101d017737f24b0c9d1f65339b97a4da98acb2a\nCopying blob sha256:17f01d094300749a5f890ea83be99d9e4f044c6a6d9fc0454dafe2052c326fbe\nCopying blob sha256:8bafa142a362cb085e6133e54f74f296c2fefd097b4d5a9e98aa63f0b7bbe465\nCopying blob sha256:ebac9fa8f783e806ee86d570959ff4f938d8a1a5c4fa075b159a3f46593a9842\nCopying blob sha256:b2003bb451efcfa52318ccb1335ed94b3dc1b14d65d330c0fa6e0d5189475526\nCopying blob sha256:efe1d7f38356c50aec62307068ed8ea9da85f235bfbcdd2c2ada91b42f2058e5\nCopying config sha256:a33b51cfee7d50dded7c1f730c7bdc543bc45780cc349be15daabd778536ceb4\nWriting manifest to image destination\nStoring signatures\nError: slirp4netns failed\n\n    at ChildProcess.exithandler (child_process.js:294:12)\n    at ChildProcess.emit (events.js:189:13)\n    at maybeClose (internal/child_process.js:970:16)\n    at Process.ChildProcess._handle.onexit (internal/child_process.js:259:5)"
       }

[viceice]

Looks like that is a kernel version issue.

OK

• ubuntu 16.04 docker 3.0.6: 4.15.0-1055-azure

Error

• docker-for-mac 2.0.0.3: 4.9.125-linuxkit
• docker-for-win 2.1.0.1: 4.9.184-linuxkit

Bug: containers/podman#3790

[viceice]

closing it for now, until a better solution found