diff options
29 files changed, 267 insertions, 131 deletions
@@ -38,10 +38,10 @@ PRE_COMMIT = $(shell command -v bin/venv/bin/pre-commit ~/.local/bin/pre-commit SOURCES = $(shell find . -path './.*' -prune -o -name "*.go") -GO_BUILD=$(GO) build +GO_BUILD ?= $(GO) build # Go module support: set `-mod=vendor` to use the vendored sources ifeq ($(shell go help mod >/dev/null 2>&1 && echo true), true) - GO_BUILD=GO111MODULE=on $(GO) build -mod=vendor + GO_BUILD ?= GO111MODULE=on $(GO) build -mod=vendor endif BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay @@ -5,7 +5,7 @@ Libpod provides a library for applications looking to use the Container Pod concept, popularized by Kubernetes. Libpod also contains the Pod Manager tool `(Podman)`. Podman manages pods, containers, container images, and container volumes. -* [Latest Version: 1.9.2](https://github.com/containers/libpod/releases/latest) +* [Latest Version: 2.0.0](https://github.com/containers/libpod/releases/latest) * Latest Remote client for Windows * Latest Remote client for MacOs * Latest Static Remote client for Linux diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 65a0571d5..b398d7d48 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,55 @@ # Release Notes +## 2.0.0 +### Features +- The REST API and `podman system service` are no longer experimental, and ready for use! +- The Podman command now supports remotely connections via the REST API using the `--remote` flag. +- The Podman remote client has been entirely rewritten to use the HTTP API instead of Varlink. +- The `podman system connection` command has been added to allow configuring the endpoint that `podman-remote` and `podman --remote` will connect to. +- The `podman generate systemd` command now supports the `--new` flag when used with pods, allowing portable services for pods to be created. +- The `podman play kube` command now supports running Kubernetes Deployment YAML. +- The `podman exec` command now supports the `--detach` flag to run commands in the container in the background. +- The `-p` flag to `podman run` and `podman create` now supports forwarding ports to IPv6 addresses. +- The `podman run`, `podman create` and `podman pod create` command now support a `--replace` flag to remove and replace any existing container (or, for `pod create`, pod) with the same name +- The `--restart-policy` flag to `podman run` and `podman create` now supports the `unless-stopped` restart policy. +- The `--log-driver` flag to `podman run` and `podman create` now supports the `none` driver, which does not log the container's output. +- The `--mount` flag to `podman run` and `podman create` now accepts `readonly` option as an alias to `ro`. +- The `podman generate systemd` command now supports the `--container-prefix`, `--pod-prefix`, and `--separator` arguments to control the name of generated unit files. +- The `podman network ls` command now supports the `--filter` flag to filter results. +- The `podman auto-update` command now supports specifying an authfile to use when pulling new images on a per-container basis using the `io.containers.autoupdate.authfile` label. + +### Changes +- Varlink support, including the `podman varlink` command, is deprecated and will be removed in the next release. +- As part of the implementation of the REST API, JSON output for some commands (`podman ps`, `podman images` most notably) has changed. +- Named and anonymous volumes and `tmpfs` filesystems added to containers are no longer mounted `noexec` by default. + +### Bugfixes +- Fixed a bug where the `podman exec` command would log to journald when run in containers loggined to journald ([#6555](https://github.com/containers/libpod/issues/6555)). +- Fixed a bug where the `podman auto-update` command would not preserve the OS and architecture of the original image when pulling a replacement ([#6613](https://github.com/containers/libpod/issues/6613)). +- Fixed a bug where the `podman cp` command could create an extra `merged` directory when copying into an existing directory ([#6596](https://github.com/containers/libpod/issues/6596)). +- Fixed a bug where the `podman pod stats` command would crash on pods run with `--network=host` ([#5652](https://github.com/containers/libpod/issues/5652)). +- Fixed a bug where containers logs written to journald did not include the name of the container. +- Fixed a bug where the `podman network inspect` and `podman network rm` commands did not properly handle non-default CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)). +- Fixed a bug where Podman did not properly remove containers when using the Kata containers OCI runtime. +- Fixed a bug where `podman inspect` would sometimes incorrectly report the network mode of containers started with `--net=none`. +- Podman is now better able to deal with cases where `conmon` is killed before the container it is monitoring. + +### Misc +- The default Podman CNI configuration now sets `HairpinMode` to allow communication between containers by connecting to a forwarded port on the host. +- Updated Buildah to v1.15.0 +- Updated containers/storage to v1.20.2 +- Updated containers/image to v5.5.1 +- Updated containers/common to v0.14.0 + +## 1.9.3 +### Bugfixes +- Fixed a bug where, on FIPS enabled hosts, FIPS mode secrets were not properly mounted into containers +- Fixed a bug where builds run over Varlink would hang ([#6237](https://github.com/containers/libpod/issues/6237)) + +### Misc +- Named volumes and tmpfs filesystems will no longer default to mounting `noexec` for improved compatibility with Docker +- Updated Buildah to v1.14.9 + ## 1.9.2 ### Bugfixes - Fixed a bug where `podman save` would fail when the target image was specified by digest ([#5234](https://github.com/containers/libpod/issues/5234)) diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 6269ec781..45ce00c86 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -156,10 +156,6 @@ func replaceContainer(name string) error { } func createInit(c *cobra.Command) error { - if c.Flag("privileged").Changed && c.Flag("security-opt").Changed { - logrus.Warn("setting security options with --privileged has no effect") - } - if c.Flag("shm-size").Changed { cliVals.ShmSize = c.Flag("shm-size").Value.String() } diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go index 2efc795cd..23bfcab79 100644 --- a/cmd/podman/images/build.go +++ b/cmd/podman/images/build.go @@ -9,6 +9,7 @@ import ( "github.com/containers/buildah/imagebuildah" buildahCLI "github.com/containers/buildah/pkg/cli" "github.com/containers/buildah/pkg/parse" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/cmd/podman/registry" "github.com/containers/libpod/cmd/podman/utils" "github.com/containers/libpod/pkg/domain/entities" @@ -396,16 +397,10 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil runtimeFlags = append(runtimeFlags, "--"+arg) } - // FIXME: the code below needs to be enabled (and adjusted) once the - // global/root flags are supported. - - // conf, err := runtime.GetConfig() - // if err != nil { - // return err - // } - // if conf != nil && conf.Engine.CgroupManager == config.SystemdCgroupsManager { - // runtimeFlags = append(runtimeFlags, "--systemd-cgroup") - // } + containerConfig := registry.PodmanConfig() + if containerConfig.Engine.CgroupManager == config.SystemdCgroupsManager { + runtimeFlags = append(runtimeFlags, "--systemd-cgroup") + } opts := imagebuildah.BuildOptions{ AddCapabilities: flags.CapAdd, @@ -418,12 +413,13 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil CNIPluginPath: flags.CNIPlugInPath, CommonBuildOpts: &buildah.CommonBuildOptions{ AddHost: flags.AddHost, - CgroupParent: flags.CgroupParent, CPUPeriod: flags.CPUPeriod, CPUQuota: flags.CPUQuota, - CPUShares: flags.CPUShares, CPUSetCPUs: flags.CPUSetCPUs, CPUSetMems: flags.CPUSetMems, + CPUShares: flags.CPUShares, + CgroupParent: flags.CgroupParent, + HTTPProxy: flags.HTTPProxy, Memory: memoryLimit, MemorySwap: memorySwap, ShmSize: flags.ShmSize, diff --git a/cmd/podman/images/list.go b/cmd/podman/images/list.go index 236ae15b4..b7a8b8911 100644 --- a/cmd/podman/images/list.go +++ b/cmd/podman/images/list.go @@ -98,57 +98,79 @@ func images(cmd *cobra.Command, args []string) error { return err } + imgs := sortImages(summaries) switch { case listFlag.quiet: - return writeID(summaries) + return writeID(imgs) case cmd.Flag("format").Changed && listFlag.format == "json": - return writeJSON(summaries) + return writeJSON(imgs) default: - return writeTemplate(summaries) + return writeTemplate(imgs) } } -func writeID(imageS []*entities.ImageSummary) error { - var ids = map[string]struct{}{} - for _, e := range imageS { - i := "sha256:" + e.ID - if !listFlag.noTrunc { - i = fmt.Sprintf("%12.12s", e.ID) +func writeID(imgs []imageReporter) error { + lookup := make(map[string]struct{}, len(imgs)) + ids := make([]string, 0) + + for _, e := range imgs { + if _, found := lookup[e.ID()]; !found { + lookup[e.ID()] = struct{}{} + ids = append(ids, e.ID()) } - ids[i] = struct{}{} } - for k := range ids { - fmt.Fprint(os.Stdout, k+"\n") + for _, k := range ids { + fmt.Println(k) } return nil } -func writeJSON(imageS []*entities.ImageSummary) error { +func writeJSON(images []imageReporter) error { type image struct { entities.ImageSummary Created string CreatedAt string } - imgs := make([]image, 0, len(imageS)) - for _, e := range imageS { + imgs := make([]image, 0, len(images)) + for _, e := range images { var h image - h.ImageSummary = *e - h.Created = units.HumanDuration(time.Since(e.Created)) + " ago" - h.CreatedAt = e.Created.Format(time.RFC3339Nano) + h.ImageSummary = e.ImageSummary + h.Created = units.HumanDuration(time.Since(e.ImageSummary.Created)) + " ago" + h.CreatedAt = e.ImageSummary.Created.Format(time.RFC3339Nano) h.RepoTags = nil imgs = append(imgs, h) } - enc := json.NewEncoder(os.Stdout) - return enc.Encode(imgs) + prettyJSON, err := json.MarshalIndent(imgs, "", " ") + if err != nil { + return err + } + fmt.Println(string(prettyJSON)) + return nil } -func writeTemplate(imageS []*entities.ImageSummary) error { +func writeTemplate(imgs []imageReporter) error { var ( hdr, row string ) + if len(listFlag.format) < 1 { + hdr, row = imageListFormat(listFlag) + } else { + row = listFlag.format + if !strings.HasSuffix(row, "\n") { + row += "\n" + } + } + format := hdr + "{{range . }}" + row + "{{end}}" + tmpl := template.Must(template.New("list").Parse(format)) + w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0) + defer w.Flush() + return tmpl.Execute(w, imgs) +} + +func sortImages(imageS []*entities.ImageSummary) []imageReporter { imgs := make([]imageReporter, 0, len(imageS)) for _, e := range imageS { var h imageReporter @@ -167,24 +189,11 @@ func writeTemplate(imageS []*entities.ImageSummary) error { } sort.Slice(imgs, sortFunc(listFlag.sort, imgs)) - - if len(listFlag.format) < 1 { - hdr, row = imageListFormat(listFlag) - } else { - row = listFlag.format - if !strings.HasSuffix(row, "\n") { - row += "\n" - } - } - format := hdr + "{{range . }}" + row + "{{end}}" - tmpl := template.Must(template.New("list").Parse(format)) - w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0) - defer w.Flush() - return tmpl.Execute(w, imgs) + return imgs } func tokenRepoTag(tag string) (string, string) { - tokens := strings.SplitN(tag, ":", 2) + tokens := strings.Split(tag, ":") switch len(tokens) { case 0: return tag, "" @@ -192,6 +201,8 @@ func tokenRepoTag(tag string) (string, string) { return tokens[0], "" case 2: return tokens[0], tokens[1] + case 3: + return tokens[0] + ":" + tokens[1], tokens[2] default: return "<N/A>", "" } diff --git a/contrib/spec/podman.spec.in b/contrib/spec/podman.spec.in index 260de7b20..9e61b9561 100644 --- a/contrib/spec/podman.spec.in +++ b/contrib/spec/podman.spec.in @@ -42,7 +42,7 @@ Epoch: 99 %else Epoch: 0 %endif -Version: 2.0.0 +Version: 2.1.0 Release: #COMMITDATE#.git%{shortcommit0}%{?dist} Summary: Manage Pods, Containers and Container Images License: ASL 2.0 diff --git a/docs/source/markdown/podman-generate-systemd.1.md b/docs/source/markdown/podman-generate-systemd.1.md index 2facd754c..466c7e2bf 100644 --- a/docs/source/markdown/podman-generate-systemd.1.md +++ b/docs/source/markdown/podman-generate-systemd.1.md @@ -97,7 +97,7 @@ After=network-online.target [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=on-failure -ExecStartPre=/usr/bin/rm -f %t/%n-pid %t/%n-cid +ExecStartPre=/bin/rm -f %t/%n-pid %t/%n-cid ExecStart=/usr/local/bin/podman run --conmon-pidfile %t/%n-pid --cidfile %t/%n-cid --cgroups=no-conmon -d -dit alpine ExecStop=/usr/local/bin/podman stop --ignore --cidfile %t/%n-cid -t 10 ExecStopPost=/usr/local/bin/podman rm --ignore -f --cidfile %t/%n-cid @@ -163,10 +163,10 @@ $ podman generate systemd --files --name systemd-pod # Copy all the generated files. $ sudo cp pod-systemd-pod.service container-great_payne.service /usr/lib/systemd/system -$ systemctl enable pod-systemd-po.service -Created symlink /etc/systemd/system/multi-user.target.wants/pod-systemd-po.service → /usr/lib/systemd/system/pod-systemd-po.service. -Created symlink /etc/systemd/system/default.target.wants/pod-systemd-po.service → /usr/lib/systemd/system/pod-systemd-po.service. -$ systemctl is-enabled pod-systemd-po.service +$ systemctl enable pod-systemd-pod.service +Created symlink /etc/systemd/system/multi-user.target.wants/pod-systemd-pod.service → /usr/lib/systemd/system/pod-systemd-pod.service. +Created symlink /etc/systemd/system/default.target.wants/pod-systemd-pod.service → /usr/lib/systemd/system/pod-systemd-pod.service. +$ systemctl is-enabled pod-systemd-pod.service enabled ``` To run the user services placed in `$HOME/.config/systemd/user/` on first login of that user, enable the service with --user flag. @@ -1,6 +1,6 @@ module github.com/containers/libpod -go 1.12 +go 1.13 require ( github.com/BurntSushi/toml v0.3.1 diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 12c1abf1c..5ee6726e0 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1410,13 +1410,14 @@ func (c *Container) getHosts() string { hosts += fmt.Sprintf("%s %s\n", fields[1], fields[0]) } } + if c.config.NetMode.IsSlirp4netns() { // When using slirp4netns, the interface gets a static IP - hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s\n", "10.0.2.100", c.Hostname()) + hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s %s\n", "10.0.2.100", c.Hostname(), c.Config().Name) } if len(c.state.NetworkStatus) > 0 && len(c.state.NetworkStatus[0].IPs) > 0 { ipAddress := strings.Split(c.state.NetworkStatus[0].IPs[0].Address.String(), "/")[0] - hosts += fmt.Sprintf("%s\t%s\n", ipAddress, c.Hostname()) + hosts += fmt.Sprintf("%s\t%s %s\n", ipAddress, c.Hostname(), c.Config().Name) } return hosts } diff --git a/libpod/container_log.go b/libpod/container_log.go index 071882bc2..67380397a 100644 --- a/libpod/container_log.go +++ b/libpod/container_log.go @@ -1,10 +1,13 @@ package libpod import ( + "fmt" "os" + "time" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/logs" + "github.com/hpcloud/tail/watch" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -81,5 +84,31 @@ func (c *Container) readFromLogFile(options *logs.LogOptions, logChannel chan *l } options.WaitGroup.Done() }() + // Check if container is still running or paused + if options.Follow { + go func() { + for { + state, err := c.State() + time.Sleep(watch.POLL_DURATION) + if err != nil { + tailError := t.StopAtEOF() + if tailError != nil && fmt.Sprintf("%v", tailError) != "tail: stop at eof" { + logrus.Error(tailError) + } + if errors.Cause(err) != define.ErrNoSuchCtr { + logrus.Error(err) + } + break + } + if state != define.ContainerStateRunning && state != define.ContainerStatePaused { + tailError := t.StopAtEOF() + if tailError != nil && fmt.Sprintf("%v", tailError) != "tail: stop at eof" { + logrus.Error(tailError) + } + break + } + } + }() + } return nil } diff --git a/libpod/events/events.go b/libpod/events/events.go index 0d8c6b7d6..0253b1ee5 100644 --- a/libpod/events/events.go +++ b/libpod/events/events.go @@ -202,5 +202,5 @@ func (e EventLogFile) getTail(options ReadOptions) (*tail.Tail, error) { if len(options.Until) > 0 { stream = false } - return tail.TailFile(e.options.LogFilePath, tail.Config{ReOpen: reopen, Follow: stream, Location: &seek, Logger: tail.DiscardingLogger}) + return tail.TailFile(e.options.LogFilePath, tail.Config{ReOpen: reopen, Follow: stream, Location: &seek, Logger: tail.DiscardingLogger, Poll: true}) } diff --git a/libpod/image/search.go b/libpod/image/search.go index f8d45d576..72dba668f 100644 --- a/libpod/image/search.go +++ b/libpod/image/search.go @@ -64,13 +64,16 @@ type SearchFilter struct { // SearchImages searches images based on term and the specified SearchOptions // in all registries. func SearchImages(term string, options SearchOptions) ([]SearchResult, error) { - // Check if search term has a registry in it - registry, err := sysreg.GetRegistry(term) - if err != nil { - return nil, errors.Wrapf(err, "error getting registry from %q", term) - } - if registry != "" { - term = term[len(registry)+1:] + registry := "" + + // Try to extract a registry from the specified search term. We + // consider everything before the first slash to be the registry. Note + // that we cannot use the reference parser from the containers/image + // library as the search term may container arbitrary input such as + // wildcards. See bugzilla.redhat.com/show_bug.cgi?id=1846629. + if spl := strings.SplitN(term, "/", 2); len(spl) > 1 { + registry = spl[0] + term = spl[1] } registries, err := getRegistries(registry) diff --git a/pkg/bindings/containers/attach.go b/pkg/bindings/containers/attach.go index 44c7f4002..22ab2d72d 100644 --- a/pkg/bindings/containers/attach.go +++ b/pkg/bindings/containers/attach.go @@ -178,25 +178,28 @@ func Attach(ctx context.Context, nameOrID string, detachKeys *string, logs, stre } switch { - case fd == 0 && isSet.stdout: - _, err := stdout.Write(frame[0:l]) - if err != nil { - return err + case fd == 0: + if isSet.stdout { + if _, err := stdout.Write(frame[0:l]); err != nil { + return err + } } - case fd == 1 && isSet.stdout: - _, err := stdout.Write(frame[0:l]) - if err != nil { - return err + case fd == 1: + if isSet.stdout { + if _, err := stdout.Write(frame[0:l]); err != nil { + return err + } } - case fd == 2 && isSet.stderr: - _, err := stderr.Write(frame[0:l]) - if err != nil { - return err + case fd == 2: + if isSet.stderr { + if _, err := stderr.Write(frame[0:l]); err != nil { + return err + } } case fd == 3: return fmt.Errorf("error from service from stream: %s", frame) default: - return fmt.Errorf("unrecognized channel in header: %d, 0-3 supported", fd) + return fmt.Errorf("unrecognized channel '%d' in header, 0-3 supported", fd) } } } @@ -453,27 +456,30 @@ func ExecStartAndAttach(ctx context.Context, sessionID string, streams *define.A } switch { - case fd == 0 && streams.AttachOutput: - _, err := streams.OutputStream.Write(frame[0:l]) - if err != nil { - return err + case fd == 0: + if streams.AttachOutput { + if _, err := streams.OutputStream.Write(frame[0:l]); err != nil { + return err + } } - case fd == 1 && streams.AttachInput: - // Write STDIN to STDOUT (echoing characters - // typed by another attach session) - _, err := streams.OutputStream.Write(frame[0:l]) - if err != nil { - return err + case fd == 1: + if streams.AttachInput { + // Write STDIN to STDOUT (echoing characters + // typed by another attach session) + if _, err := streams.OutputStream.Write(frame[0:l]); err != nil { + return err + } } - case fd == 2 && streams.AttachError: - _, err := streams.ErrorStream.Write(frame[0:l]) - if err != nil { - return err + case fd == 2: + if streams.AttachError { + if _, err := streams.ErrorStream.Write(frame[0:l]); err != nil { + return err + } } case fd == 3: return fmt.Errorf("error from service from stream: %s", frame) default: - return fmt.Errorf("unrecognized channel in header: %d, 0-3 supported", fd) + return fmt.Errorf("unrecognized channel '%d' in header, 0-3 supported", fd) } } } diff --git a/pkg/registries/registries.go b/pkg/registries/registries.go index ba7de7cf9..4827b7012 100644 --- a/pkg/registries/registries.go +++ b/pkg/registries/registries.go @@ -3,12 +3,10 @@ package registries import ( "os" "path/filepath" - "strings" "github.com/containers/image/v5/pkg/sysregistriesv2" "github.com/containers/image/v5/types" "github.com/containers/libpod/pkg/rootless" - "github.com/docker/distribution/reference" "github.com/pkg/errors" ) @@ -77,17 +75,3 @@ func GetInsecureRegistries() ([]string, error) { } return insecureRegistries, nil } - -// GetRegistry returns the registry name from a string if specified -func GetRegistry(image string) (string, error) { - // It is possible to only have the registry name in the format "myregistry/" - // if so, just trim the "/" from the end and return the registry name - if strings.HasSuffix(image, "/") { - return strings.TrimSuffix(image, "/"), nil - } - imgRef, err := reference.Parse(image) - if err != nil { - return "", err - } - return reference.Domain(imgRef.(reference.Named)), nil -} diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go index 3de136f12..01f5b1206 100644 --- a/pkg/rootless/rootless_linux.go +++ b/pkg/rootless/rootless_linux.go @@ -166,7 +166,8 @@ func GetConfiguredMappings() ([]idtools.IDMap, []idtools.IDMap, error) { } mappings, err := idtools.NewIDMappings(username, username) if err != nil { - logrus.Errorf("cannot find mappings for user %s: %v", username, err) + logrus.Errorf( + "cannot find UID/GID for user %s: %v - check rootless mode in man pages.", username, err) } else { uids = mappings.UIDs() gids = mappings.GIDs() diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go index 45179343b..33bacecaf 100644 --- a/pkg/specgen/container_validate.go +++ b/pkg/specgen/container_validate.go @@ -61,10 +61,6 @@ func (s *SpecGenerator) Validate() error { // // ContainerSecurityConfig // - // groups and privileged are exclusive - if len(s.Groups) > 0 && s.Privileged { - return exclusiveOptions("Groups", "privileged") - } // capadd and privileged are exclusive if len(s.CapAdd) > 0 && s.Privileged { return exclusiveOptions("CapAdd", "privileged") diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index c8fe49ec9..46ff8c716 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -212,6 +212,7 @@ type ContainerSecurityConfig struct { // - Adds all devices on the system to the container. // - Adds all capabilities to the container. // - Disables Seccomp, SELinux, and Apparmor confinement. + // (Though SELinux can be manually re-enabled). // TODO: this conflicts with things. // TODO: this does more. Privileged bool `json:"privileged,omitempty"` diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go index 16ff0b821..bf6cb81b8 100644 --- a/pkg/systemd/generate/containers.go +++ b/pkg/systemd/generate/containers.go @@ -244,7 +244,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst } startCommand = append(startCommand, info.CreateCommand[index:]...) - info.ExecStartPre = "/usr/bin/rm -f {{.PIDFile}} {{.ContainerIDFile}}" + info.ExecStartPre = "/bin/rm -f {{.PIDFile}} {{.ContainerIDFile}}" info.ExecStart = strings.Join(startCommand, " ") info.ExecStop = "{{.Executable}} stop --ignore --cidfile {{.ContainerIDFile}} {{if (ge .StopTimeout 0)}}-t {{.StopTimeout}}{{end}}" info.ExecStopPost = "{{.Executable}} rm --ignore -f --cidfile {{.ContainerIDFile}}" diff --git a/pkg/systemd/generate/containers_test.go b/pkg/systemd/generate/containers_test.go index 5f35c31f5..80f0996a1 100644 --- a/pkg/systemd/generate/containers_test.go +++ b/pkg/systemd/generate/containers_test.go @@ -118,7 +118,7 @@ After=network-online.target [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=always -ExecStartPre=/usr/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id +ExecStartPre=/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id ExecStart=/usr/bin/podman run --conmon-pidfile %t/jadda-jadda.pid --cidfile %t/jadda-jadda.ctr-id --cgroups=no-conmon -d --replace --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN ExecStop=/usr/bin/podman stop --ignore --cidfile %t/jadda-jadda.ctr-id -t 42 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/jadda-jadda.ctr-id @@ -141,7 +141,7 @@ After=network-online.target [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=always -ExecStartPre=/usr/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id +ExecStartPre=/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id ExecStart=/usr/bin/podman run --conmon-pidfile %t/jadda-jadda.pid --cidfile %t/jadda-jadda.ctr-id --cgroups=no-conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN ExecStop=/usr/bin/podman stop --ignore --cidfile %t/jadda-jadda.ctr-id -t 42 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/jadda-jadda.ctr-id @@ -164,7 +164,7 @@ After=network-online.target [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=always -ExecStartPre=/usr/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id +ExecStartPre=/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id ExecStart=/usr/bin/podman run --conmon-pidfile %t/jadda-jadda.pid --cidfile %t/jadda-jadda.ctr-id --cgroups=no-conmon --pod-id-file /tmp/pod-foobar.pod-id-file --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN ExecStop=/usr/bin/podman stop --ignore --cidfile %t/jadda-jadda.ctr-id -t 42 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/jadda-jadda.ctr-id @@ -187,7 +187,7 @@ After=network-online.target [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=always -ExecStartPre=/usr/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id +ExecStartPre=/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id ExecStart=/usr/bin/podman run --conmon-pidfile %t/jadda-jadda.pid --cidfile %t/jadda-jadda.ctr-id --cgroups=no-conmon --replace --detach --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN ExecStop=/usr/bin/podman stop --ignore --cidfile %t/jadda-jadda.ctr-id -t 42 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/jadda-jadda.ctr-id @@ -210,7 +210,7 @@ After=network-online.target [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=always -ExecStartPre=/usr/bin/rm -f %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.pid %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.ctr-id +ExecStartPre=/bin/rm -f %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.pid %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.ctr-id ExecStart=/usr/bin/podman run --conmon-pidfile %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.pid --cidfile %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.ctr-id --cgroups=no-conmon -d awesome-image:latest ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.ctr-id -t 10 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401.ctr-id diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go index 1bd0c7bce..cb4078fac 100644 --- a/pkg/systemd/generate/pods.go +++ b/pkg/systemd/generate/pods.go @@ -293,7 +293,7 @@ func executePodTemplate(info *podInfo, options entities.GenerateSystemdOptions) startCommand = append(startCommand, podCreateArgs...) - info.ExecStartPre1 = "/usr/bin/rm -f {{.PIDFile}} {{.PodIDFile}}" + info.ExecStartPre1 = "/bin/rm -f {{.PIDFile}} {{.PodIDFile}}" info.ExecStartPre2 = strings.Join(startCommand, " ") info.ExecStart = "{{.Executable}} pod start --pod-id-file {{.PodIDFile}}" info.ExecStop = "{{.Executable}} pod stop --ignore --pod-id-file {{.PodIDFile}} {{if (ge .StopTimeout 0)}}-t {{.StopTimeout}}{{end}}" diff --git a/pkg/systemd/generate/pods_test.go b/pkg/systemd/generate/pods_test.go index e12222317..874d7204e 100644 --- a/pkg/systemd/generate/pods_test.go +++ b/pkg/systemd/generate/pods_test.go @@ -74,7 +74,7 @@ Before=container-1.service container-2.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=on-failure -ExecStartPre=/usr/bin/rm -f %t/pod-123abc.pid %t/pod-123abc.pod-id +ExecStartPre=/bin/rm -f %t/pod-123abc.pid %t/pod-123abc.pod-id ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-123abc.pid --pod-id-file %t/pod-123abc.pod-id --name foo --replace ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-123abc.pod-id ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-123abc.pod-id -t 10 diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go index 9e41fd231..0cf5283ad 100644 --- a/test/e2e/build_test.go +++ b/test/e2e/build_test.go @@ -195,4 +195,21 @@ var _ = Describe("Podman build", func() { Expect(session.ExitCode()).To(Equal(0)) }) + It("podman build --http_proxy flag", func() { + SkipIfRemote() + os.Setenv("http_proxy", "1.2.3.4") + podmanTest.RestoreAllArtifacts() + dockerfile := `FROM docker.io/library/alpine:latest +RUN printenv http_proxy` + + dockerfilePath := filepath.Join(podmanTest.TempDir, "Dockerfile") + err := ioutil.WriteFile(dockerfilePath, []byte(dockerfile), 0755) + Expect(err).To(BeNil()) + session := podmanTest.PodmanNoCache([]string{"build", "--file", dockerfilePath, podmanTest.TempDir}) + session.Wait(120) + Expect(session.ExitCode()).To(Equal(0)) + ok, _ := session.GrepString("1.2.3.4") + Expect(ok).To(BeTrue()) + os.Unsetenv("http_proxy") + }) }) diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index 497e8f71e..f43a4f865 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -362,7 +362,7 @@ var _ = Describe("Podman generate systemd", func() { found, _ = session.GrepString("pod create --infra-conmon-pidfile %t/pod-foo.pid --pod-id-file %t/pod-foo.pod-id --name foo") Expect(found).To(BeTrue()) - found, _ = session.GrepString("ExecStartPre=/usr/bin/rm -f %t/pod-foo.pid %t/pod-foo.pod-id") + found, _ = session.GrepString("ExecStartPre=/bin/rm -f %t/pod-foo.pid %t/pod-foo.pod-id") Expect(found).To(BeTrue()) found, _ = session.GrepString("pod stop --ignore --pod-id-file %t/pod-foo.pod-id -t 10") diff --git a/test/e2e/images_test.go b/test/e2e/images_test.go index 0ee7260c2..b6391cebf 100644 --- a/test/e2e/images_test.go +++ b/test/e2e/images_test.go @@ -296,6 +296,15 @@ WORKDIR /test sortValueTest("id", 125, "badvalue") }) + It("test for issue #6670", func() { + expected := podmanTest.Podman([]string{"images", "--sort", "created", "--format", "{{.ID}}", "-q"}) + expected.WaitWithDefaultTimeout() + + actual := podmanTest.Podman([]string{"images", "--sort", "created", "-q"}) + actual.WaitWithDefaultTimeout() + Expect(expected.Out).Should(Equal(actual.Out)) + }) + It("podman images --all flag", func() { podmanTest.RestoreAllArtifacts() dockerfile := `FROM docker.io/library/alpine:latest diff --git a/test/e2e/logs_test.go b/test/e2e/logs_test.go index a4a59acb2..cf69cbd3e 100644 --- a/test/e2e/logs_test.go +++ b/test/e2e/logs_test.go @@ -311,4 +311,16 @@ var _ = Describe("Podman logs", func() { logs.WaitWithDefaultTimeout() Expect(logs).To(Not(Exit(0))) }) + + It("follow output stopped container", func() { + containerName := "logs-f" + + logc := podmanTest.Podman([]string{"run", "--name", containerName, "-d", ALPINE, "true"}) + logc.WaitWithDefaultTimeout() + Expect(logc).To(Exit(0)) + + results := podmanTest.Podman([]string{"logs", "-f", containerName}) + results.WaitWithDefaultTimeout() + Expect(results).To(Exit(0)) + }) }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 7e79a8668..90179964d 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -101,6 +101,18 @@ var _ = Describe("Podman run", func() { Expect(match).Should(BeTrue()) }) + It("podman create pod with name in /etc/hosts", func() { + name := "test_container" + hostname := "test_hostname" + session := podmanTest.Podman([]string{"run", "-ti", "--rm", "--name", name, "--hostname", hostname, ALPINE, "cat", "/etc/hosts"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString(name) + Expect(match).Should(BeTrue()) + match, _ = session.GrepString(hostname) + Expect(match).Should(BeTrue()) + }) + It("podman run a container based on remote image", func() { session := podmanTest.Podman([]string{"run", "-dt", BB_GLIBC, "ls"}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 9ba0241fe..4e37f7d7a 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -400,4 +400,16 @@ registries = ['{{.Host}}:{{.Port}}']` search.WaitWithDefaultTimeout() Expect(search.ExitCode()).To(Not(Equal(0))) }) + + It("podman search with wildcards", func() { + search := podmanTest.Podman([]string{"search", "--limit", "30", "registry.redhat.io/*"}) + search.WaitWithDefaultTimeout() + Expect(search.ExitCode()).To(Equal(0)) + Expect(len(search.OutputToStringArray())).To(Equal(31)) + + search = podmanTest.Podman([]string{"search", "registry.redhat.io/*openshift*"}) + search.WaitWithDefaultTimeout() + Expect(search.ExitCode()).To(Equal(0)) + Expect(len(search.OutputToStringArray()) > 1).To(BeTrue()) + }) }) diff --git a/version/version.go b/version/version.go index 4c7202e77..2e1335d2d 100644 --- a/version/version.go +++ b/version/version.go @@ -4,7 +4,7 @@ package version // NOTE: remember to bump the version at the top // of the top-level README.md file when this is // bumped. -const Version = "2.0.0-dev" +const Version = "2.1.0-dev" // APIVersion is the version for the remote // client API. It is used to determine compatibility |