aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml49
-rw-r--r--Makefile5
-rw-r--r--cmd/podman/common.go4
-rw-r--r--cmd/podman/create.go4
-rw-r--r--cmd/podman/generate_kube.go33
-rw-r--r--cmd/podman/login.go19
-rw-r--r--completions/bash/podman1
-rw-r--r--contrib/cirrus/lib.sh5
-rwxr-xr-xcontrib/cirrus/success.sh16
-rwxr-xr-xcontrib/python/podman/test/test_runner.sh1
-rw-r--r--docs/podman-create.1.md25
-rw-r--r--docs/podman-generate-kube.1.md56
-rw-r--r--docs/podman-login.1.md4
-rw-r--r--docs/podman-run.1.md25
14 files changed, 204 insertions, 43 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 9d64bb5ab..75c9ac89e 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -22,6 +22,7 @@ env:
# Save a little typing (path relative to $CIRRUS_WORKING_DIR)
SCRIPT_BASE: "./contrib/cirrus"
PACKER_BASE: "./contrib/cirrus/packer"
+ CIRRUS_CLONE_DEPTH: 200
####
#### Variables for composing new cache-images (used in PR testing) from
@@ -57,7 +58,7 @@ env:
# Needed to build GCE images, within a GCE VM
SERVICE_ACCOUNT: ENCRYPTED[99e9a0b1c23f8dd29e83dfdf164f064cfd17afd9b895ca3b5e4c41170bd4290a8366fe2ad8e7a210b9f751711d1d002a]
# User ID for cirrus to ssh into VMs
- GCE_SSH_USERNAME: ENCRYPTED[a7706b9e4b8bbb47f76358df7407f4fffa2e8552531190cc0b3315180c4b50588f560c4f85731e99cb5f43a396778277]
+ GCE_SSH_USERNAME: cirrus-ci
# Name where this repositories cloud resources are located
GCP_PROJECT_ID: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f]
@@ -77,6 +78,7 @@ env:
CIRRUS_WORKING_DIR CIRRUS_HTTP_CACHE_HOST PACKER_BUILDS BUILT_IMAGE_SUFFIX
XDG_DATA_DIRS XDG_RUNTIME_DIR XDG_SESSION_ID
+
# Every *_task runs in parallel in separate VMsd. The name prefix only for reference
# in WebUI, and will be followed by matrix details. This task gates all others with
# quick format, lint, and unit tests on the standard platform.
@@ -96,11 +98,33 @@ gating_task:
- '/usr/local/bin/entrypoint.sh lint'
+build_each_commit_task:
+
+ depends_on:
+ - "gating"
+
+ gce_instance:
+ image_project: "libpod-218412"
+ zone: "us-central1-a" # Required by Cirrus for the time being
+ cpu: 2
+ memory: "4Gb"
+ disk: 40
+ matrix:
+ image_name: "fedora-29-libpod-0c954a67"
+
+ timeout_in: 20m
+
+ script:
+ - $SCRIPT_BASE/setup_environment.sh
+ - git fetch --depth $CIRRUS_CLONE_DEPTH origin $CIRRUS_BASE_BRANCH
+ - env GOPATH=/var/tmp/go/ make build-all-new-commits GIT_BASE_BRANCH=origin/$CIRRUS_BASE_BRANCH
+
# This task does the unit and integration testing for every platform
testing_task:
depends_on:
- "gating"
+ - "build_each_commit"
gce_instance:
image_project: "libpod-218412"
@@ -134,8 +158,6 @@ testing_task:
integration_test_script: $SCRIPT_BASE/integration_test.sh
- success_script: $SCRIPT_BASE/success.sh
-
# Because system tests are stored within the repository, it is sometimes
# necessary to execute them within a PR to validate changes.
@@ -162,7 +184,6 @@ optional_testing_task:
setup_environment_script: $SCRIPT_BASE/setup_environment.sh
system_test_script: $SCRIPT_BASE/system_test.sh
- success_script: $SCRIPT_BASE/success.sh
# Build new cache-images for future PR testing, but only after a PR merge.
@@ -208,3 +229,23 @@ cache_images_task:
# - clone_podman_release_branch.sh
# - modify_cirrus_yaml_image_names.sh
# - commit_and_create_upstream_pr.sh
+
+
+# Post message to IRC if everything passed
+success_task:
+
+ depends_on: # ignores any dependent task conditions
+ - "gating"
+ - "testing"
+ - "optional_testing"
+ - "cache_images"
+
+ env:
+ CIRRUS_WORKING_DIR: "/usr/src/libpod"
+
+ container:
+ image: "quay.io/libpod/gate:latest"
+ cpu: 1
+ memory: 1
+
+ success_script: $SCRIPT_BASE/success.sh
diff --git a/Makefile b/Makefile
index 250226cf0..1f24e32ea 100644
--- a/Makefile
+++ b/Makefile
@@ -5,6 +5,7 @@ HEAD ?= HEAD
CHANGELOG_BASE ?= HEAD~
CHANGELOG_TARGET ?= HEAD
PROJECT := github.com/containers/libpod
+GIT_BASE_BRANCH ?= origin/master
GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)
GIT_BRANCH_CLEAN ?= $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g")
LIBPOD_IMAGE ?= libpod_dev$(if $(GIT_BRANCH_CLEAN),:$(GIT_BRANCH_CLEAN))
@@ -345,6 +346,10 @@ API.md: cmd/podman/varlink/io.podman.varlink
validate: gofmt .gitvalidation
+build-all-new-commits:
+ # Validate that all the commits build on top of $(GIT_BASE_BRANCH)
+ git rebase $(GIT_BASE_BRANCH) -x make
+
.PHONY: \
.gopathok \
binaries \
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index c4016698a..8404a29b8 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -422,6 +422,10 @@ var createFlags = []cli.Flag{
Name: "read-only",
Usage: "Make containers root filesystem read-only",
},
+ cli.StringFlag{
+ Name: "restart",
+ Usage: "Restart is not supported. Please use a systemd unit file for restart",
+ },
cli.BoolFlag{
Name: "rm",
Usage: "Remove container (and pod if created) after exit",
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index 6c6bcfb41..870eb28d6 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -412,6 +412,10 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim
blkioWeight uint16
namespaces map[string]string
)
+ if c.IsSet("restart") {
+ return nil, errors.Errorf("--restart option is not supported.\nUse systemd unit files for restarting containers")
+ }
+
idmappings, err := util.ParseIDMapping(c.StringSlice("uidmap"), c.StringSlice("gidmap"), c.String("subuidname"), c.String("subgidname"))
if err != nil {
return nil, err
diff --git a/cmd/podman/generate_kube.go b/cmd/podman/generate_kube.go
index 6483ffd72..8f2f0de32 100644
--- a/cmd/podman/generate_kube.go
+++ b/cmd/podman/generate_kube.go
@@ -17,7 +17,7 @@ var (
containerKubeFlags = []cli.Flag{
cli.BoolFlag{
Name: "service, s",
- Usage: "only generate YAML for kubernetes service object",
+ Usage: "generate YAML for kubernetes service object",
},
}
containerKubeDescription = "Generate Kubernetes Pod YAML"
@@ -36,13 +36,14 @@ var (
// generateKubeYAMLCmdgenerates or replays kube
func generateKubeYAMLCmd(c *cli.Context) error {
var (
- podYAML *v1.Pod
- container *libpod.Container
- err error
- output []byte
- pod *libpod.Pod
- mashalledBytes []byte
- servicePorts []v1.ServicePort
+ podYAML *v1.Pod
+ container *libpod.Container
+ err error
+ output []byte
+ pod *libpod.Pod
+ marshalledPod []byte
+ marshalledService []byte
+ servicePorts []v1.ServicePort
)
if rootless.IsRootless() {
@@ -79,11 +80,13 @@ func generateKubeYAMLCmd(c *cli.Context) error {
if c.Bool("service") {
serviceYAML := libpod.GenerateKubeServiceFromV1Pod(podYAML, servicePorts)
- mashalledBytes, err = yaml.Marshal(serviceYAML)
- } else {
- // Marshall the results
- mashalledBytes, err = yaml.Marshal(podYAML)
+ marshalledService, err = yaml.Marshal(serviceYAML)
+ if err != nil {
+ return err
+ }
}
+ // Marshall the results
+ marshalledPod, err = yaml.Marshal(podYAML)
if err != nil {
return err
}
@@ -96,7 +99,11 @@ func generateKubeYAMLCmd(c *cli.Context) error {
# Created with podman-%s
`
output = append(output, []byte(fmt.Sprintf(header, podmanVersion.Version))...)
- output = append(output, mashalledBytes...)
+ output = append(output, marshalledPod...)
+ if c.Bool("service") {
+ output = append(output, []byte("---\n")...)
+ output = append(output, marshalledService...)
+ }
// Output the v1.Pod with the v1.Container
fmt.Println(string(output))
diff --git a/cmd/podman/login.go b/cmd/podman/login.go
index cfdd8005b..4452651f8 100644
--- a/cmd/podman/login.go
+++ b/cmd/podman/login.go
@@ -34,6 +34,10 @@ var (
Usage: "Pathname of a directory containing TLS certificates and keys used to connect to the registry",
},
cli.BoolTFlag{
+ Name: "get-login",
+ Usage: "Return the current login user for the registry",
+ },
+ cli.BoolTFlag{
Name: "tls-verify",
Usage: "Require HTTPS and verify certificates when contacting registries (default: true)",
},
@@ -65,6 +69,21 @@ func loginCmd(c *cli.Context) error {
sc := common.GetSystemContext("", authfile, false)
+ if c.IsSet("get-login") {
+ user, err := config.GetUserLoggedIn(sc, server)
+
+ if err != nil {
+ return errors.Wrapf(err, "unable to check for login user")
+ }
+
+ if user == "" {
+ return errors.Errorf("not logged into %s", server)
+ }
+
+ fmt.Printf("%s\n", user)
+ return nil
+ }
+
// username of user logged in to server (if one exists)
userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server)
if err != nil {
diff --git a/completions/bash/podman b/completions/bash/podman
index 9a8adb502..4702ae0e0 100644
--- a/completions/bash/podman
+++ b/completions/bash/podman
@@ -2217,6 +2217,7 @@ _podman_login() {
--password
-p
--authfile
+ --get-login
"
local boolean_options="
--help
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 51db203fd..3b567b7a7 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -123,12 +123,11 @@ stub() {
ircmsg() {
req_env_var "
- SCRIPT_BASE $SCRIPT_BASE
- GOSRC $GOSRC
CIRRUS_TASK_ID $CIRRUS_TASK_ID
1 $1
"
- SCRIPT="$GOSRC/$SCRIPT_BASE/podbot.py"
+ # Sometimes setup_environment.sh didn't run
+ SCRIPT="$(dirname $0)/podbot.py"
NICK="podbot_$CIRRUS_TASK_ID"
NICK="${NICK:0:15}" # Any longer will break things
set +e
diff --git a/contrib/cirrus/success.sh b/contrib/cirrus/success.sh
index d1daf9043..2b0cf4655 100755
--- a/contrib/cirrus/success.sh
+++ b/contrib/cirrus/success.sh
@@ -1,22 +1,20 @@
#!/bin/bash
set -e
+
source $(dirname $0)/lib.sh
req_env_var "
- CIRRUS_TASK_NAME $CIRRUS_TASK_NAME
CIRRUS_BRANCH $CIRRUS_BRANCH
- OS_RELEASE_ID $OS_RELEASE_ID
- OS_RELEASE_VER $OS_RELEASE_VER
- CIRRUS_REPO_CLONE_URL $CIRRUS_REPO_CLONE_URL
+ CIRRUS_BUILD_ID $CIRRUS_BUILD_ID
"
-REF_URL="$(echo $CIRRUS_REPO_CLONE_URL | sed 's/.git$//g')"
+REF=$(basename $CIRRUS_BRANCH) # PR number or branch named
+URL="https://cirrus-ci.com/build/$CIRRUS_BUILD_ID"
+
if [[ "$CIRRUS_BRANCH" =~ "pull" ]]
then
- REF_URL="$REF_URL/$CIRRUS_BRANCH" # pull request URL
+ ircmsg "Cirrus-CI testing successful for PR #$REF: $URL"
else
- REF_URL="$REF_URL/commits/$CIRRUS_BRANCH" # branch merge
+ ircmsg "Cirrus-CI testing branch $REF successful: $URL"
fi
-
-ircmsg "Cirrus-CI $CIRRUS_TASK_NAME on $OS_RELEASE_ID-$OS_RELEASE_VER successful for $REF_URL"
diff --git a/contrib/python/podman/test/test_runner.sh b/contrib/python/podman/test/test_runner.sh
index bf097e2b2..651b2e74f 100755
--- a/contrib/python/podman/test/test_runner.sh
+++ b/contrib/python/podman/test/test_runner.sh
@@ -41,6 +41,7 @@ export TMPDIR=`mktemp -d /tmp/podman.XXXXXXXXXX`
trap "cleanup $TMPDIR" EXIT
function umount {
+ set +xeuo pipefail
# xargs -r always ran once, so write any mount points to file first
mount |awk "/$1/"' { print $3 }' >${TMPDIR}/mounts
if [[ -s ${TMPDIR}/mounts ]]; then
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index f1409a554..97d6e77b1 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -508,6 +508,14 @@ By default a container will have its root filesystem writable allowing processes
to write files anywhere. By specifying the `--read-only` flag the container will have
its root filesystem mounted as read only prohibiting any writes.
+**--restart=""**
+
+Not implemented.
+
+Restart should be handled via a systemd unit files. Please add your podman
+commands to a unit file and allow systemd or your init system to handle the
+restarting of the container processes. See example below.
+
**--rm**=*true*|*false*
Automatically remove the container when it exits. The default is *false*.
@@ -767,13 +775,28 @@ the uid and gid from the host.
$ podman create --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello
```
+### Running a podman container to restart inside of a systemd unit file
+
+
+```
+[Unit]
+Description=My App
+[Service]
+Restart=always
+ExecStart=/usr/bin/podman start -a my_app
+ExecStop=/usr/bin/podman stop -t 10 my_app
+KillMode=process
+[Install]
+WantedBy=multi-user.target
+```
+
## FILES
**/etc/subuid**
**/etc/subgid**
## SEE ALSO
-subgid(5), subuid(5), libpod.conf(5)
+subgid(5), subuid(5), libpod.conf(5), systemd.unit(5)
## HISTORY
October 2017, converted from Docker documentation to podman by Dan Walsh for podman <dwalsh@redhat.com>
diff --git a/docs/podman-generate-kube.1.md b/docs/podman-generate-kube.1.md
index 59c3353a5..396f69615 100644
--- a/docs/podman-generate-kube.1.md
+++ b/docs/podman-generate-kube.1.md
@@ -22,7 +22,7 @@ random port is assigned by Podman in the specification.
# OPTIONS:
**s** **--service**
-Generate a service file for the resulting Pod YAML.
+Generate a Kubernetes service object in addition to the Pods.
## Examples ##
@@ -82,31 +82,63 @@ spec:
status: {}
```
-Create Kubernetes service YAML for a container called `some-mariabdb`
+Create Kubernetes Pod YAML for a pod called `demoweb` and include a service.
```
-$ sudo podman generate kube -s some-mariadb
-# Generation of Kubenetes YAML is still under development!
+$ sudo podman generate kube -s demoweb
+# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
-# Created with podman-0.11.2-dev
+# Created with podman-0.12.2-dev
+apiVersion: v1
+kind: Pod
+metadata:
+ creationTimestamp: 2018-12-18T15:16:06Z
+ labels:
+ app: demoweb
+ name: demoweb-libpod
+spec:
+ containers:
+ - command:
+ - python3
+ - /root/code/graph.py
+ env:
+ - name: PATH
+ value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ - name: TERM
+ value: xterm
+ - name: HOSTNAME
+ - name: container
+ value: podman
+ image: quay.io/baude/demoweb:latest
+ name: practicalarchimedes
+ resources: {}
+ securityContext:
+ allowPrivilegeEscalation: true
+ capabilities: {}
+ privileged: false
+ readOnlyRootFilesystem: false
+ tty: true
+ workingDir: /root/code
+status: {}
+---
apiVersion: v1
kind: Service
metadata:
- creationTimestamp: 2018-12-03T19:08:24Z
+ creationTimestamp: 2018-12-18T15:16:06Z
labels:
- app: some-mariadb
- name: some-mariadb-libpod
+ app: demoweb
+ name: demoweb-libpod
spec:
ports:
- - name: "3306"
- nodePort: 30929
- port: 3306
+ - name: "8050"
+ nodePort: 31269
+ port: 8050
protocol: TCP
targetPort: 0
selector:
- app: some-mariadb
+ app: demoweb
type: NodePort
status:
loadBalancer: {}
diff --git a/docs/podman-login.1.md b/docs/podman-login.1.md
index 7c033d7c5..e72d1deca 100644
--- a/docs/podman-login.1.md
+++ b/docs/podman-login.1.md
@@ -36,6 +36,10 @@ Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
+**--get-login**
+
+Return the logged-in user for the registry. Return error if no login is found.
+
**--cert-dir** *path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index 5917f6f7a..c0a466a9c 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -497,6 +497,14 @@ By default a container will have its root filesystem writable allowing processes
to write files anywhere. By specifying the `--read-only` flag the container will have
its root filesystem mounted as read only prohibiting any writes.
+**--restart=""**
+
+Not implemented.
+
+Restart should be handled via a systemd unit files. Please add your podman
+commands to a unit file and allow systemd or your init system to handle the
+restarting of the container processes. See example below.
+
**--rm**=*true*|*false*
Automatically remove the container when it exits. The default is *false*.
@@ -1059,13 +1067,28 @@ the uid and gid from the host.
$ podman run --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello
```
+### Running a podman container to restart inside of a systemd unit file
+
+
+```
+[Unit]
+Description=My App
+[Service]
+Restart=always
+ExecStart=/usr/bin/podman start -a my_app
+ExecStop=/usr/bin/podman stop -t 10 my_app
+KillMode=process
+[Install]
+WantedBy=multi-user.target
+```
+
## FILES
**/etc/subuid**
**/etc/subgid**
## SEE ALSO
-subgid(5), subuid(5), libpod.conf(5)
+subgid(5), subuid(5), libpod.conf(5), systemd.unit(5)
## HISTORY
September 2018, updated by Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>