aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml31
-rw-r--r--Dockerfile143
-rw-r--r--Dockerfile.centos77
-rw-r--r--Dockerfile.fedora73
-rw-r--r--Dockerfile.ubuntu29
-rw-r--r--README.md2
-rw-r--r--RELEASE_NOTES.md9
-rw-r--r--cmd/podman/common/inspect.go18
-rw-r--r--cmd/podman/containers/inspect.go53
-rw-r--r--cmd/podman/generate/generate.go27
-rw-r--r--cmd/podman/generate/systemd.go57
-rw-r--r--cmd/podman/images/inspect.go92
-rw-r--r--cmd/podman/images/push.go12
-rw-r--r--cmd/podman/inspect.go42
-rw-r--r--cmd/podman/inspect/inspect.go159
-rw-r--r--cmd/podman/main.go1
-rw-r--r--contrib/cirrus/lib.sh83
-rw-r--r--contrib/cirrus/packer/fedora_packaging.sh141
-rw-r--r--contrib/cirrus/packer/fedora_setup.sh129
-rw-r--r--contrib/cirrus/packer/libpod_images.yml1
-rw-r--r--contrib/cirrus/packer/ubuntu_packaging.sh168
-rw-r--r--contrib/cirrus/packer/ubuntu_setup.sh157
-rwxr-xr-xcontrib/cirrus/setup_environment.sh10
-rw-r--r--pkg/bindings/images/images.go11
-rw-r--r--pkg/domain/entities/engine_container.go1
-rw-r--r--pkg/domain/entities/engine_image.go2
-rw-r--r--pkg/domain/entities/generate.go22
-rw-r--r--pkg/domain/entities/images.go12
-rw-r--r--pkg/domain/entities/types.go10
-rw-r--r--pkg/domain/infra/abi/generate.go174
-rw-r--r--pkg/domain/infra/abi/images.go33
-rw-r--r--pkg/domain/infra/tunnel/generate.go12
-rw-r--r--pkg/domain/infra/tunnel/images.go14
-rw-r--r--pkg/rootless/rootless_linux.c48
-rw-r--r--pkg/rootlessport/rootlessport_linux.go26
-rw-r--r--pkg/spec/spec.go9
-rw-r--r--pkg/specgen/generate/container_create.go1
-rw-r--r--pkg/specgen/namespaces.go2
-rw-r--r--test/e2e/cp_test.go14
-rw-r--r--test/e2e/generate_systemd_test.go1
-rw-r--r--test/e2e/inspect_test.go1
-rw-r--r--test/e2e/push_test.go1
-rw-r--r--test/e2e/run_env_test.go138
-rw-r--r--test/e2e/run_test.go89
-rw-r--r--test/system/150-login.bats2
-rw-r--r--test/system/250-generate-systemd.bats2
46 files changed, 1195 insertions, 944 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 0122b6b55..5898fa160 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -39,7 +39,7 @@ env:
UBUNTU_NAME: "ubuntu-19"
PRIOR_UBUNTU_NAME: "ubuntu-18"
- _BUILT_IMAGE_SUFFIX: "libpod-6301182083727360"
+ _BUILT_IMAGE_SUFFIX: "libpod-6220812239765504"
FEDORA_CACHE_IMAGE_NAME: "${FEDORA_NAME}-${_BUILT_IMAGE_SUFFIX}"
PRIOR_FEDORA_CACHE_IMAGE_NAME: "${PRIOR_FEDORA_NAME}-${_BUILT_IMAGE_SUFFIX}"
UBUNTU_CACHE_IMAGE_NAME: "${UBUNTU_NAME}-${_BUILT_IMAGE_SUFFIX}"
@@ -156,6 +156,32 @@ gating_task:
failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh'
+# Ensure these container images can build
+container_image_build_task:
+ alias: 'container_image_build'
+ depends_on:
+ - "gating"
+
+ # Only run for PRs, quay.io will automatically build after bramch-push
+ only_if: $CIRRUS_BRANCH != $DEST_BRANCH
+
+ matrix:
+ - name: "build in_podman image ${FEDORA_NAME} "
+ container:
+ dockerfile: Dockerfile
+ - name: "build in_podman image ${UBUNTU_NAME}"
+ container:
+ dockerfile: Dockerfile.ubuntu
+ - name: "build gate image $DEST_BRANCH branch"
+ container:
+ dockerfile: contrib/gate/Dockerfile
+
+ container:
+ dockerfile: Dockerfile
+
+ script: make install.remote
+
+
# This task checks to make sure that we can still build an rpm from the
# source code using contrib/rpm/podman.spec.in
rpmbuild_task:
@@ -389,6 +415,7 @@ testing_task:
- "varlink_api"
- "build_each_commit"
- "build_without_cgo"
+ - "container_image_build"
# Only test build cache-images, if that's what's requested
only_if: >-
@@ -679,6 +706,7 @@ test_build_cache_images_task:
depends_on:
- "gating"
+ - 'container_image_build'
# VMs created by packer are not cleaned up by cirrus, must allow task to complete
auto_cancellation: $CI != "true"
@@ -780,6 +808,7 @@ success_task:
- "varlink_api"
- "build_each_commit"
- "build_without_cgo"
+ - "container_image_build"
- "meta"
- "image_prune"
- "testing"
diff --git a/Dockerfile b/Dockerfile
index f85c47937..623747295 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,117 +1,26 @@
-FROM golang:1.12
-
-RUN apt-get update && apt-get install -y \
- apparmor \
- autoconf \
- automake \
- bison \
- build-essential \
- curl \
- e2fslibs-dev \
- file \
- gawk \
- gettext \
- go-md2man \
- iptables \
- pkg-config \
- libaio-dev \
- libcap-dev \
- libfuse-dev \
- libnet-dev \
- libnl-3-dev \
- libprotobuf-dev \
- libprotobuf-c-dev \
- libseccomp2 \
- libseccomp-dev \
- libtool \
- libudev-dev \
- protobuf-c-compiler \
- protobuf-compiler \
- libglib2.0-dev \
- libapparmor-dev \
- btrfs-tools \
- libdevmapper1.02.1 \
- libdevmapper-dev \
- libgpgme11-dev \
- liblzma-dev \
- netcat \
- socat \
- lsof \
- xz-utils \
- unzip \
- python3-yaml \
- --no-install-recommends \
- && apt-get clean
-
-# Install runc
-ENV RUNC_COMMIT 029124da7af7360afa781a0234d1b083550f797c
-RUN set -x \
- && export GOPATH="$(mktemp -d)" \
- && git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
- && cd "$GOPATH/src/github.com/opencontainers/runc" \
- && git fetch origin --tags \
- && git checkout --detach -q "$RUNC_COMMIT" \
- && make static BUILDTAGS="seccomp selinux" \
- && cp runc /usr/bin/runc \
- && rm -rf "$GOPATH"
-
-# Install conmon
-ENV CONMON_COMMIT 65fe0226d85b69fc9e527e376795c9791199153d
-RUN set -x \
- && export GOPATH="$(mktemp -d)" \
- && git clone https://github.com/containers/conmon.git "$GOPATH/src/github.com/containers/conmon.git" \
- && cd "$GOPATH/src/github.com/containers/conmon.git" \
- && git fetch origin --tags \
- && git checkout --detach -q "$CONMON_COMMIT" \
- && make \
- && install -D -m 755 bin/conmon /usr/libexec/podman/conmon \
- && rm -rf "$GOPATH"
-
-# Install CNI plugins
-ENV CNI_COMMIT 485be65581341430f9106a194a98f0f2412245fb
-RUN set -x \
- && export GOPATH="$(mktemp -d)" GOCACHE="$(mktemp -d)" \
- && git clone https://github.com/containernetworking/plugins.git "$GOPATH/src/github.com/containernetworking/plugins" \
- && cd "$GOPATH/src/github.com/containernetworking/plugins" \
- && git checkout --detach -q "$CNI_COMMIT" \
- && ./build_linux.sh \
- && mkdir -p /usr/libexec/cni \
- && cp bin/* /usr/libexec/cni \
- && rm -rf "$GOPATH"
-
-# Install ginkgo
-RUN set -x \
- && export GOPATH=/go \
- && go get -u github.com/onsi/ginkgo/ginkgo \
- && install -D -m 755 "$GOPATH"/bin/ginkgo /usr/bin/
-
-# Install gomega
-RUN set -x \
- && export GOPATH=/go \
- && go get github.com/onsi/gomega/...
-
-# Install latest stable criu version
-RUN set -x \
- && cd /tmp \
- && git clone https://github.com/checkpoint-restore/criu.git \
- && cd criu \
- && make \
- && install -D -m 755 criu/criu /usr/sbin/ \
- && rm -rf /tmp/criu
-
-# Install cni config
-#RUN make install.cni
-RUN mkdir -p /etc/cni/net.d/
-COPY cni/87-podman-bridge.conflist /etc/cni/net.d/87-podman-bridge.conflist
-
-# Make sure we have some policy for pulling images
-RUN mkdir -p /etc/containers && curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf
-
-COPY test/policy.json /etc/containers/policy.json
-COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
-
-ADD . /go/src/github.com/containers/libpod
-
-RUN set -x && cd /go/src/github.com/containers/libpod
-
-WORKDIR /go/src/github.com/containers/libpod
+FROM registry.fedoraproject.org/fedora:latest
+
+# This container image is utilized by the containers CI automation system
+# for building and testing libpod inside a container environment.
+# It is assumed that the source to be tested will overwrite $GOSRC (below)
+# at runtime.
+ENV GOPATH=/var/tmp/go
+ENV GOSRC=$GOPATH/src/github.com/containers/libpod
+ENV SCRIPT_BASE=./contrib/cirrus
+ENV PACKER_BASE=$SCRIPT_BASE/packer
+
+# Only add minimal tooling necessary to complete setup.
+ADD /$SCRIPT_BASE $GOSRC/$SCRIPT_BASE
+ADD /hack/install_catatonit.sh $GOSRC/hack/
+ADD /cni/*.conflist $GOSRC/cni/
+ADD /test/*.json $GOSRC/test/
+ADD /test/*.conf $GOSRC/test/
+WORKDIR $GOSRC
+
+# Re-use repositories and package setup as in VMs under CI
+RUN bash $PACKER_BASE/fedora_packaging.sh && \
+ dnf clean all && \
+ rm -rf /var/cache/dnf
+
+# Mirror steps taken under CI
+RUN bash -c 'source $GOSRC/$SCRIPT_BASE/lib.sh && install_test_configs'
diff --git a/Dockerfile.centos b/Dockerfile.centos
deleted file mode 100644
index f5a2b891c..000000000
--- a/Dockerfile.centos
+++ /dev/null
@@ -1,77 +0,0 @@
-FROM registry.centos.org/centos/centos:7
-
-RUN yum -y install btrfs-progs-devel \
- atomic-registries \
- autoconf \
- automake \
- bzip2 \
- device-mapper-devel \
- findutils \
- file \
- git \
- glibc-static \
- glib2-devel \
- gnupg \
- golang \
- golang-github-cpuguy83-go-md2man \
- gpgme-devel \
- libassuan-devel \
- libseccomp-devel \
- libselinux-devel \
- libtool \
- containers-common \
- runc \
- make \
- lsof \
- which\
- golang-github-cpuguy83-go-md2man \
- nmap-ncat \
- xz \
- iptables && yum clean all
-
-# Install CNI plugins
-ENV CNI_COMMIT 485be65581341430f9106a194a98f0f2412245fb
-RUN set -x \
- && export GOPATH="$(mktemp -d)" GOCACHE="$(mktemp -d)" \
- && git clone https://github.com/containernetworking/plugins.git "$GOPATH/src/github.com/containernetworking/plugins" \
- && cd "$GOPATH/src/github.com/containernetworking/plugins" \
- && git checkout --detach -q "$CNI_COMMIT" \
- && ./build_linux.sh \
- && mkdir -p /usr/libexec/cni \
- && cp bin/* /usr/libexec/cni \
- && rm -rf "$GOPATH"
-
-# Install ginkgo
-RUN set -x \
- && export GOPATH=/go \
- && go get -u github.com/onsi/ginkgo/ginkgo \
- && install -D -m 755 "$GOPATH"/bin/ginkgo /usr/bin/
-
-# Install gomega
-RUN set -x \
- && export GOPATH=/go \
- && go get github.com/onsi/gomega/...
-
-# Install conmon
-ENV CONMON_COMMIT 6f3572558b97bc60dd8f8c7f0807748e6ce2c440
-RUN set -x \
- && export GOPATH="$(mktemp -d)" \
- && git clone https://github.com/containers/conmon.git "$GOPATH/src/github.com/containers/conmon.git" \
- && cd "$GOPATH/src/github.com/containers/conmon.git" \
- && git fetch origin --tags \
- && git checkout --detach -q "$CONMON_COMMIT" \
- && make \
- && install -D -m 755 bin/conmon /usr/libexec/podman/conmon \
- && rm -rf "$GOPATH"
-
-# Install cni config
-#RUN make install.cni
-RUN mkdir -p /etc/cni/net.d/
-COPY cni/87-podman-bridge.conflist /etc/cni/net.d/87-podman-bridge.conflist
-
-# Make sure we have some policy for pulling images
-RUN mkdir -p /etc/containers
-COPY test/policy.json /etc/containers/policy.json
-COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
-
-WORKDIR /go/src/github.com/containers/libpod
diff --git a/Dockerfile.fedora b/Dockerfile.fedora
deleted file mode 100644
index 45b2c3670..000000000
--- a/Dockerfile.fedora
+++ /dev/null
@@ -1,73 +0,0 @@
-FROM registry.fedoraproject.org/fedora:30
-
-RUN dnf -y install btrfs-progs-devel \
- atomic-registries \
- autoconf \
- automake \
- bzip2 \
- device-mapper-devel \
- file \
- findutils \
- git \
- glib2-devel \
- glibc-static \
- gnupg \
- golang \
- golang-github-cpuguy83-go-md2man \
- gpgme-devel \
- libassuan-devel \
- libseccomp-devel \
- libselinux-devel \
- libtool \
- containers-common \
- runc \
- make \
- lsof \
- which\
- golang-github-cpuguy83-go-md2man \
- procps-ng \
- nmap-ncat \
- xz \
- slirp4netns \
- container-selinux \
- containernetworking-plugins \
- iproute \
- iptables && dnf clean all
-
-# Install ginkgo
-RUN set -x \
- && export GOPATH=/go GOCACHE="$(mktemp -d)" \
- && go get -u github.com/onsi/ginkgo/ginkgo \
- && install -D -m 755 "$GOPATH"/bin/ginkgo /usr/bin/
-
-# Install gomega
-RUN set -x \
- && export GOPATH=/go GOCACHE="$(mktemp -d)" \
- && go get github.com/onsi/gomega/...
-
-# Install conmon
-ENV CONMON_COMMIT 6f3572558b97bc60dd8f8c7f0807748e6ce2c440
-RUN set -x \
- && export GOPATH="$(mktemp -d)" GOCACHE="$(mktemp -d)" \
- && git clone https://github.com/containers/conmon.git "$GOPATH/src/github.com/containers/conmon.git" \
- && cd "$GOPATH/src/github.com/containers/conmon.git" \
- && git fetch origin --tags \
- && git checkout --detach -q "$CONMON_COMMIT" \
- && make \
- && install -D -m 755 bin/conmon /usr/libexec/podman/conmon \
- && rm -rf "$GOPATH"
-
-# Install cni config
-#RUN make install.cni
-RUN mkdir -p /etc/cni/net.d/
-COPY cni/87-podman-bridge.conflist /etc/cni/net.d/87-podman-bridge.conflist
-
-# Make sure we have some policy for pulling images
-RUN mkdir -p /etc/containers
-COPY test/policy.json /etc/containers/policy.json
-COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
-
-# Install varlink stuff
-RUN pip3 install varlink
-
-WORKDIR /go/src/github.com/containers/libpod
diff --git a/Dockerfile.ubuntu b/Dockerfile.ubuntu
new file mode 100644
index 000000000..3a8f837b9
--- /dev/null
+++ b/Dockerfile.ubuntu
@@ -0,0 +1,29 @@
+# Must resemble $UBUNTU_BASE_IMAGE in ./contrib/cirrus/lib.sh
+FROM ubuntu:latest
+
+# This container image is intended for building and testing libpod
+# from inside a container environment. It is assumed that the source
+# to be tested will overwrite $GOSRC (below) at runtime.
+ENV GOPATH=/var/tmp/go
+ENV GOSRC=$GOPATH/src/github.com/containers/libpod
+ENV SCRIPT_BASE=./contrib/cirrus
+ENV PACKER_BASE=$SCRIPT_BASE/packer
+
+RUN export DEBIAN_FRONTEND="noninteractive" && \
+ apt-get -qq update --yes && \
+ apt-get -qq upgrade --yes && \
+ apt-get -qq install curl git && \
+ apt-get -qq autoremove --yes && \
+ rm -rf /var/cache/apt
+
+# Only add minimal tooling necessary to complete setup.
+ADD / $GOSRC
+WORKDIR $GOSRC
+
+# Re-use repositories and package setup as in VMs under CI
+RUN bash $PACKER_BASE/ubuntu_packaging.sh && \
+ apt-get -qq autoremove --yes && \
+ rm -rf /var/cache/apt
+
+# Mirror steps taken under CI
+RUN bash -c 'source $GOSRC/$SCRIPT_BASE/lib.sh && install_test_configs'
diff --git a/README.md b/README.md
index 8cc010a45..8d9447e51 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@
Libpod provides a library for applications looking to use the Container Pod concept,
popularized by Kubernetes. Libpod also contains the Pod Manager tool `(Podman)`. Podman manages pods, containers, container images, and container volumes.
-* [Latest Version: 1.9.0](https://github.com/containers/libpod/releases/latest)
+* [Latest Version: 1.9.1](https://github.com/containers/libpod/releases/latest)
* [Continuous Integration:](contrib/cirrus/README.md) [![Build Status](https://api.cirrus-ci.com/github/containers/libpod.svg)](https://cirrus-ci.com/github/containers/libpod/master)
* [GoDoc: ![GoDoc](https://godoc.org/github.com/containers/libpod/libpod?status.svg)](https://godoc.org/github.com/containers/libpod/libpod)
* Automated continuous release downloads (including remote-client):
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index aef66545f..6657529b9 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -1,5 +1,14 @@
# Release Notes
+## 1.9.1
+### Bugfixes
+- Fixed a bug where healthchecks could become nonfunctional if container log paths were manually set with `--log-path` and multiple container logs were placed in the same directory ([#5915](https://github.com/containers/libpod/issues/5915))
+- Fixed a bug where rootless Podman could, when using an older `libpod.conf`, print numerous warning messages about an invalid CGroup manager config
+- Fixed a bug where rootless Podman would sometimes fail to close the rootless user namespace when joining it ([#5873](https://github.com/containers/libpod/issues/5873))
+
+### Misc
+- Updated containers/common to v0.8.2
+
## 1.9.0
### Features
- Experimental support has been added for `podman run --userns=auto`, which automatically allocates a unique UID and GID range for the new container's user namespace
diff --git a/cmd/podman/common/inspect.go b/cmd/podman/common/inspect.go
deleted file mode 100644
index dfc6fe679..000000000
--- a/cmd/podman/common/inspect.go
+++ /dev/null
@@ -1,18 +0,0 @@
-package common
-
-import (
- "github.com/containers/libpod/pkg/domain/entities"
- "github.com/spf13/cobra"
-)
-
-// AddInspectFlagSet takes a command and adds the inspect flags and returns an InspectOptions object
-// Since this cannot live in `package main` it lives here until a better home is found
-func AddInspectFlagSet(cmd *cobra.Command) *entities.InspectOptions {
- opts := entities.InspectOptions{}
-
- flags := cmd.Flags()
- flags.BoolVarP(&opts.Size, "size", "s", false, "Display total file size")
- flags.StringVarP(&opts.Format, "format", "f", "", "Change the output format to a Go template")
-
- return &opts
-}
diff --git a/cmd/podman/containers/inspect.go b/cmd/podman/containers/inspect.go
index f9ef1ddbd..4549a4ef6 100644
--- a/cmd/podman/containers/inspect.go
+++ b/cmd/podman/containers/inspect.go
@@ -1,15 +1,8 @@
package containers
import (
- "context"
- "fmt"
- "os"
- "strings"
- "text/template"
-
- "github.com/containers/libpod/cmd/podman/common"
+ "github.com/containers/libpod/cmd/podman/inspect"
"github.com/containers/libpod/cmd/podman/registry"
-
"github.com/containers/libpod/pkg/domain/entities"
"github.com/spf13/cobra"
)
@@ -20,7 +13,7 @@ var (
Use: "inspect [flags] CONTAINER",
Short: "Display the configuration of a container",
Long: `Displays the low-level information on a container identified by name or ID.`,
- RunE: inspect,
+ RunE: inspectExec,
Example: `podman container inspect myCtr
podman container inspect -l --format '{{.Id}} {{.Config.Labels}}'`,
}
@@ -33,45 +26,9 @@ func init() {
Command: inspectCmd,
Parent: containerCmd,
})
- inspectOpts = common.AddInspectFlagSet(inspectCmd)
- flags := inspectCmd.Flags()
-
- if !registry.IsRemote() {
- flags.BoolVarP(&inspectOpts.Latest, "latest", "l", false, "Act on the latest container podman is aware of")
- }
-
-}
-
-func inspect(cmd *cobra.Command, args []string) error {
- responses, err := registry.ContainerEngine().ContainerInspect(context.Background(), args, *inspectOpts)
- if err != nil {
- return err
- }
- if inspectOpts.Format == "" {
- b, err := json.MarshalIndent(responses, "", " ")
- if err != nil {
- return err
- }
- fmt.Println(string(b))
- return nil
- }
- format := inspectOpts.Format
- if !strings.HasSuffix(format, "\n") {
- format += "\n"
- }
- tmpl, err := template.New("inspect").Parse(format)
- if err != nil {
- return err
- }
- for _, i := range responses {
- if err := tmpl.Execute(os.Stdout, i); err != nil {
- return err
- }
- }
- return nil
+ inspectOpts = inspect.AddInspectFlagSet(inspectCmd)
}
-func Inspect(cmd *cobra.Command, args []string, options *entities.InspectOptions) error {
- inspectOpts = options
- return inspect(cmd, args)
+func inspectExec(cmd *cobra.Command, args []string) error {
+ return inspect.Inspect(args, *inspectOpts)
}
diff --git a/cmd/podman/generate/generate.go b/cmd/podman/generate/generate.go
new file mode 100644
index 000000000..f04ef58a5
--- /dev/null
+++ b/cmd/podman/generate/generate.go
@@ -0,0 +1,27 @@
+package pods
+
+import (
+ "github.com/containers/libpod/cmd/podman/registry"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/containers/libpod/pkg/util"
+ "github.com/spf13/cobra"
+)
+
+var (
+ // Command: podman _generate_
+ generateCmd = &cobra.Command{
+ Use: "generate",
+ Short: "Generate structured data based on containers and pods.",
+ Long: "Generate structured data (e.g., Kubernetes yaml or systemd units) based on containers and pods.",
+ TraverseChildren: true,
+ RunE: registry.SubCommandExists,
+ }
+ containerConfig = util.DefaultContainerConfig()
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode},
+ Command: generateCmd,
+ })
+}
diff --git a/cmd/podman/generate/systemd.go b/cmd/podman/generate/systemd.go
new file mode 100644
index 000000000..55d770249
--- /dev/null
+++ b/cmd/podman/generate/systemd.go
@@ -0,0 +1,57 @@
+package pods
+
+import (
+ "fmt"
+
+ "github.com/containers/libpod/cmd/podman/registry"
+ "github.com/containers/libpod/cmd/podman/utils"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/spf13/cobra"
+)
+
+var (
+ systemdTimeout uint
+ systemdOptions = entities.GenerateSystemdOptions{}
+ systemdDescription = `Generate systemd units for a pod or container.
+ The generated units can later be controlled via systemctl(1).`
+
+ systemdCmd = &cobra.Command{
+ Use: "systemd [flags] CTR|POD",
+ Short: "Generate systemd units.",
+ Long: systemdDescription,
+ RunE: systemd,
+ Args: cobra.MinimumNArgs(1),
+ Example: `podman generate systemd CTR
+ podman generate systemd --new --time 10 CTR
+ podman generate systemd --files --name POD`,
+ }
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: systemdCmd,
+ Parent: generateCmd,
+ })
+ flags := systemdCmd.Flags()
+ flags.BoolVarP(&systemdOptions.Name, "name", "n", false, "Use container/pod names instead of IDs")
+ flags.BoolVarP(&systemdOptions.Files, "files", "f", false, "Generate .service files instead of printing to stdout")
+ flags.UintVarP(&systemdTimeout, "time", "t", containerConfig.Engine.StopTimeout, "Stop timeout override")
+ flags.StringVar(&systemdOptions.RestartPolicy, "restart-policy", "on-failure", "Systemd restart-policy")
+ flags.BoolVarP(&systemdOptions.New, "new", "", false, "Create a new container instead of starting an existing one")
+ flags.SetNormalizeFunc(utils.AliasFlags)
+}
+
+func systemd(cmd *cobra.Command, args []string) error {
+ if cmd.Flags().Changed("time") {
+ systemdOptions.StopTimeout = &systemdTimeout
+ }
+
+ report, err := registry.ContainerEngine().GenerateSystemd(registry.GetContext(), args[0], systemdOptions)
+ if err != nil {
+ return err
+ }
+
+ fmt.Println(report.Output)
+ return nil
+}
diff --git a/cmd/podman/images/inspect.go b/cmd/podman/images/inspect.go
index 91c9445eb..8c727eb07 100644
--- a/cmd/podman/images/inspect.go
+++ b/cmd/podman/images/inspect.go
@@ -1,18 +1,9 @@
package images
import (
- "context"
- "fmt"
- "os"
- "strings"
- "text/tabwriter"
- "text/template"
-
- "github.com/containers/buildah/pkg/formats"
- "github.com/containers/libpod/cmd/podman/common"
+ "github.com/containers/libpod/cmd/podman/inspect"
"github.com/containers/libpod/cmd/podman/registry"
"github.com/containers/libpod/pkg/domain/entities"
- "github.com/pkg/errors"
"github.com/spf13/cobra"
)
@@ -21,8 +12,8 @@ var (
inspectCmd = &cobra.Command{
Use: "inspect [flags] IMAGE",
Short: "Display the configuration of an image",
- Long: `Displays the low-level information on an image identified by name or ID.`,
- RunE: inspect,
+ Long: `Displays the low-level information of an image identified by name or ID.`,
+ RunE: inspectExec,
Example: `podman inspect alpine
podman inspect --format "imageId: {{.Id}} size: {{.Size}}" alpine
podman inspect --format "image: {{.ImageName}} driver: {{.Driver}}" myctr`,
@@ -36,78 +27,11 @@ func init() {
Command: inspectCmd,
Parent: imageCmd,
})
- inspectOpts = common.AddInspectFlagSet(inspectCmd)
-}
-
-func inspect(cmd *cobra.Command, args []string) error {
- if inspectOpts.Size {
- return fmt.Errorf("--size can only be used for containers")
- }
- if inspectOpts.Latest {
- return fmt.Errorf("--latest can only be used for containers")
- }
- if len(args) == 0 {
- return errors.Errorf("image name must be specified: podman image inspect [options [...]] name")
- }
-
- results, err := registry.ImageEngine().Inspect(context.Background(), args, *inspectOpts)
- if err != nil {
- return err
- }
-
- if len(results.Images) > 0 {
- if inspectOpts.Format == "" {
- buf, err := json.MarshalIndent(results.Images, "", " ")
- if err != nil {
- return err
- }
- fmt.Println(string(buf))
-
- for id, e := range results.Errors {
- fmt.Fprintf(os.Stderr, "%s: %s\n", id, e.Error())
- }
- return nil
- }
- row := inspectFormat(inspectOpts.Format)
- format := "{{range . }}" + row + "{{end}}"
- tmpl, err := template.New("inspect").Parse(format)
- if err != nil {
- return err
- }
-
- w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0)
- defer func() { _ = w.Flush() }()
- err = tmpl.Execute(w, results.Images)
- if err != nil {
- return err
- }
- }
-
- var lastErr error
- for id, e := range results.Errors {
- if lastErr != nil {
- fmt.Fprintf(os.Stderr, "%s: %s\n", id, lastErr.Error())
- }
- lastErr = e
- }
- return lastErr
-}
-
-func inspectFormat(row string) string {
- r := strings.NewReplacer("{{.Id}}", formats.IDString,
- ".Src", ".Source",
- ".Dst", ".Destination",
- ".ImageID", ".Image",
- )
- row = r.Replace(row)
-
- if !strings.HasSuffix(row, "\n") {
- row += "\n"
- }
- return row
+ inspectOpts = inspect.AddInspectFlagSet(inspectCmd)
+ flags := inspectCmd.Flags()
+ _ = flags.MarkHidden("latest") // Shared with container-inspect but not wanted here.
}
-func Inspect(cmd *cobra.Command, args []string, options *entities.InspectOptions) error {
- inspectOpts = options
- return inspect(cmd, args)
+func inspectExec(cmd *cobra.Command, args []string) error {
+ return inspect.Inspect(args, *inspectOpts)
}
diff --git a/cmd/podman/images/push.go b/cmd/podman/images/push.go
index ef2ffd0d7..0b3502d61 100644
--- a/cmd/podman/images/push.go
+++ b/cmd/podman/images/push.go
@@ -98,6 +98,7 @@ func imagePush(cmd *cobra.Command, args []string) error {
switch len(args) {
case 1:
source = args[0]
+ destination = args[0]
case 2:
source = args[0]
destination = args[1]
@@ -107,22 +108,21 @@ func imagePush(cmd *cobra.Command, args []string) error {
return errors.New("push requires at least one image name, or optionally a second to specify a different destination")
}
- pushOptsAPI := pushOptions.ImagePushOptions
// TLS verification in c/image is controlled via a `types.OptionalBool`
// which allows for distinguishing among set-true, set-false, unspecified
// which is important to implement a sane way of dealing with defaults of
// boolean CLI flags.
if cmd.Flags().Changed("tls-verify") {
- pushOptsAPI.TLSVerify = types.NewOptionalBool(pushOptions.TLSVerifyCLI)
+ pushOptions.SkipTLSVerify = types.NewOptionalBool(!pushOptions.TLSVerifyCLI)
}
- if pushOptsAPI.Authfile != "" {
- if _, err := os.Stat(pushOptsAPI.Authfile); err != nil {
- return errors.Wrapf(err, "error getting authfile %s", pushOptsAPI.Authfile)
+ if pushOptions.Authfile != "" {
+ if _, err := os.Stat(pushOptions.Authfile); err != nil {
+ return errors.Wrapf(err, "error getting authfile %s", pushOptions.Authfile)
}
}
// Let's do all the remaining Yoga in the API to prevent us from scattering
// logic across (too) many parts of the code.
- return registry.ImageEngine().Push(registry.GetContext(), source, destination, pushOptsAPI)
+ return registry.ImageEngine().Push(registry.GetContext(), source, destination, pushOptions.ImagePushOptions)
}
diff --git a/cmd/podman/inspect.go b/cmd/podman/inspect.go
index 93bf58bdd..a5fdaedc2 100644
--- a/cmd/podman/inspect.go
+++ b/cmd/podman/inspect.go
@@ -1,31 +1,26 @@
package main
import (
- "fmt"
-
- "github.com/containers/libpod/cmd/podman/common"
- "github.com/containers/libpod/cmd/podman/containers"
- "github.com/containers/libpod/cmd/podman/images"
+ "github.com/containers/libpod/cmd/podman/inspect"
"github.com/containers/libpod/cmd/podman/registry"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/spf13/cobra"
)
-// Inspect is one of the outlier commands in that it operates on images/containers/...
-
var (
- inspectOpts *entities.InspectOptions
-
// Command: podman _inspect_ Object_ID
inspectCmd = &cobra.Command{
Use: "inspect [flags] {CONTAINER_ID | IMAGE_ID}",
Short: "Display the configuration of object denoted by ID",
Long: "Displays the low-level information on an object identified by name or ID",
TraverseChildren: true,
- RunE: inspect,
- Example: `podman inspect alpine
- podman inspect --format "imageId: {{.Id}} size: {{.Size}}" alpine`,
+ RunE: inspectExec,
+ Example: `podman inspect fedora
+ podman inspect --type image fedora
+ podman inspect CtrID ImgID
+ podman inspect --format "imageId: {{.Id}} size: {{.Size}}" fedora`,
}
+ inspectOpts *entities.InspectOptions
)
func init() {
@@ -33,26 +28,9 @@ func init() {
Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
Command: inspectCmd,
})
- inspectOpts = common.AddInspectFlagSet(inspectCmd)
- flags := inspectCmd.Flags()
- flags.StringVarP(&inspectOpts.Type, "type", "t", "", "Return JSON for specified type, (image or container) (default \"all\")")
- if !registry.IsRemote() {
- flags.BoolVarP(&inspectOpts.Latest, "latest", "l", false, "Act on the latest container podman is aware of (containers only)")
- }
+ inspectOpts = inspect.AddInspectFlagSet(inspectCmd)
}
-func inspect(cmd *cobra.Command, args []string) error {
- switch inspectOpts.Type {
- case "image":
- return images.Inspect(cmd, args, inspectOpts)
- case "container":
- return containers.Inspect(cmd, args, inspectOpts)
- case "":
- if err := images.Inspect(cmd, args, inspectOpts); err == nil {
- return nil
- }
- return containers.Inspect(cmd, args, inspectOpts)
- default:
- return fmt.Errorf("invalid type %q is must be 'container' or 'image'", inspectOpts.Type)
- }
+func inspectExec(cmd *cobra.Command, args []string) error {
+ return inspect.Inspect(args, *inspectOpts)
}
diff --git a/cmd/podman/inspect/inspect.go b/cmd/podman/inspect/inspect.go
new file mode 100644
index 000000000..223ce00f0
--- /dev/null
+++ b/cmd/podman/inspect/inspect.go
@@ -0,0 +1,159 @@
+package inspect
+
+import (
+ "context"
+ "fmt"
+ "strings"
+
+ "github.com/containers/buildah/pkg/formats"
+ "github.com/containers/libpod/cmd/podman/registry"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/pkg/errors"
+ "github.com/spf13/cobra"
+)
+
+const (
+ // ImageType is the image type.
+ ImageType = "image"
+ // ContainerType is the container type.
+ ContainerType = "container"
+ // AllType can be of type ImageType or ContainerType.
+ AllType = "all"
+)
+
+// AddInspectFlagSet takes a command and adds the inspect flags and returns an
+// InspectOptions object.
+func AddInspectFlagSet(cmd *cobra.Command) *entities.InspectOptions {
+ opts := entities.InspectOptions{}
+
+ flags := cmd.Flags()
+ flags.BoolVarP(&opts.Size, "size", "s", false, "Display total file size")
+ flags.StringVarP(&opts.Format, "format", "f", "json", "Format the output to a Go template or json")
+ flags.StringVarP(&opts.Type, "type", "t", AllType, fmt.Sprintf("Specify inspect-oject type (%q, %q or %q)", ImageType, ContainerType, AllType))
+ flags.BoolVarP(&opts.Latest, "latest", "l", false, "Act on the latest container Podman is aware of")
+
+ return &opts
+}
+
+// Inspect inspects the specified container/image names or IDs.
+func Inspect(namesOrIDs []string, options entities.InspectOptions) error {
+ inspector, err := newInspector(options)
+ if err != nil {
+ return err
+ }
+ return inspector.inspect(namesOrIDs)
+}
+
+// inspector allows for inspecting images and containers.
+type inspector struct {
+ containerEngine entities.ContainerEngine
+ imageEngine entities.ImageEngine
+ options entities.InspectOptions
+}
+
+// newInspector creates a new inspector based on the specified options.
+func newInspector(options entities.InspectOptions) (*inspector, error) {
+ switch options.Type {
+ case ImageType, ContainerType, AllType:
+ // Valid types.
+ default:
+ return nil, errors.Errorf("invalid type %q: must be %q, %q or %q", options.Type, ImageType, ContainerType, AllType)
+ }
+ if options.Type == ImageType {
+ if options.Latest {
+ return nil, errors.Errorf("latest is not supported for type %q", ImageType)
+ }
+ if options.Size {
+ return nil, errors.Errorf("size is not supported for type %q", ImageType)
+ }
+ }
+ return &inspector{
+ containerEngine: registry.ContainerEngine(),
+ imageEngine: registry.ImageEngine(),
+ options: options,
+ }, nil
+}
+
+// inspect inspects the specified container/image names or IDs.
+func (i *inspector) inspect(namesOrIDs []string) error {
+ // data - dumping place for inspection results.
+ var data []interface{}
+ ctx := context.Background()
+
+ if len(namesOrIDs) == 0 {
+ if !i.options.Latest {
+ return errors.New("no containers or images specified")
+ }
+ }
+
+ tmpType := i.options.Type
+ if i.options.Latest {
+ if len(namesOrIDs) > 0 {
+ return errors.New("latest and containers are not allowed")
+ }
+ tmpType = ContainerType // -l works with --type=all
+ }
+
+ // Inspect - note that AllType requires us to expensively query one-by-one.
+ switch tmpType {
+ case AllType:
+ all, err := i.inspectAll(ctx, namesOrIDs)
+ if err != nil {
+ return err
+ }
+ data = all
+ case ImageType:
+ imgData, err := i.imageEngine.Inspect(ctx, namesOrIDs, i.options)
+ if err != nil {
+ return err
+ }
+ for i := range imgData {
+ data = append(data, imgData[i])
+ }
+ case ContainerType:
+ ctrData, err := i.containerEngine.ContainerInspect(ctx, namesOrIDs, i.options)
+ if err != nil {
+ return err
+ }
+ for i := range ctrData {
+ data = append(data, ctrData[i])
+ }
+ default:
+ return errors.Errorf("invalid type %q: must be %q, %q or %q", i.options.Type, ImageType, ContainerType, AllType)
+ }
+
+ var out formats.Writer
+ if i.options.Format == "json" || i.options.Format == "" { // "" for backwards compat
+ out = formats.JSONStructArray{Output: data}
+ } else {
+ out = formats.StdoutTemplateArray{Output: data, Template: inspectFormat(i.options.Format)}
+ }
+ return out.Out()
+}
+
+func (i *inspector) inspectAll(ctx context.Context, namesOrIDs []string) ([]interface{}, error) {
+ var data []interface{}
+ for _, name := range namesOrIDs {
+ imgData, err := i.imageEngine.Inspect(ctx, []string{name}, i.options)
+ if err == nil {
+ data = append(data, imgData[0])
+ continue
+ }
+ ctrData, err := i.containerEngine.ContainerInspect(ctx, []string{name}, i.options)
+ if err != nil {
+ return nil, err
+ }
+ data = append(data, ctrData[0])
+ }
+ return data, nil
+}
+
+func inspectFormat(row string) string {
+ r := strings.NewReplacer(
+ "{{.Id}}", formats.IDString,
+ ".Src", ".Source",
+ ".Dst", ".Destination",
+ ".ImageID", ".Image",
+ )
+ return r.Replace(row)
+}
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index 4cd0beee8..481214a38 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -4,6 +4,7 @@ import (
"os"
_ "github.com/containers/libpod/cmd/podman/containers"
+ _ "github.com/containers/libpod/cmd/podman/generate"
_ "github.com/containers/libpod/cmd/podman/healthcheck"
_ "github.com/containers/libpod/cmd/podman/images"
_ "github.com/containers/libpod/cmd/podman/manifest"
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 04f14eeb3..dd4f66f56 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -6,6 +6,11 @@
# Global details persist here
source /etc/environment # not always loaded under all circumstances
+# Automation environment doesn't automatically load for Ubuntu 18
+if [[ -r '/usr/share/automation/environment' ]]; then
+ source '/usr/share/automation/environment'
+fi
+
# Under some contexts these values are not set, make sure they are.
export USER="$(whoami)"
export HOME="$(getent passwd $USER | cut -d : -f 6)"
@@ -72,10 +77,15 @@ IN_PODMAN_IMAGE="quay.io/libpod/in_podman:$DEST_BRANCH"
# Image for uploading releases
UPLDREL_IMAGE="quay.io/libpod/upldrel:master"
+# This is needed under some environments/contexts
+SUDO=''
+[[ "$UID" -eq 0 ]] || \
+ SUDO='sudo -E'
+
# Avoid getting stuck waiting for user input
export DEBIAN_FRONTEND="noninteractive"
-SUDOAPTGET="ooe.sh sudo -E apt-get -qq --yes"
-SUDOAPTADD="ooe.sh sudo -E add-apt-repository --yes"
+SUDOAPTGET="$SUDO apt-get -qq --yes"
+SUDOAPTADD="$SUDO add-apt-repository --yes"
# Regex that finds enabled periodic apt configuration items
PERIODIC_APT_RE='^(APT::Periodic::.+")1"\;'
# Short-cuts for retrying/timeout calls
@@ -109,6 +119,9 @@ OS_REL_VER="${OS_RELEASE_ID}-${OS_RELEASE_VER}"
# Type of filesystem used for cgroups
CG_FS_TYPE="$(stat -f -c %T /sys/fs/cgroup)"
+# When building images, the version of automation tooling to install
+INSTALL_AUTOMATION_VERSION=1.1.3
+
# Installed into cache-images, supports overrides
# by user-data in case of breakage or for debugging.
CUSTOM_CLOUD_CONFIG_DEFAULTS="$GOSRC/$PACKER_BASE/cloud-init/$OS_RELEASE_ID/cloud.cfg.d"
@@ -354,25 +367,18 @@ setup_rootless() {
die 11 "Timeout exceeded waiting for localhost ssh capability"
}
-# Helper/wrapper script to only show stderr/stdout on non-zero exit
-install_ooe() {
- req_env_var SCRIPT_BASE
- echo "Installing script to mask stdout/stderr unless non-zero exit."
- sudo install -D -m 755 "$GOSRC/$SCRIPT_BASE/ooe.sh" /usr/local/bin/ooe.sh
-}
-
# Grab a newer version of git from software collections
# https://www.softwarecollections.org/en/
# and use it with a wrapper
install_scl_git() {
echo "Installing SoftwareCollections updated 'git' version."
- ooe.sh sudo yum -y install rh-git29
- cat << "EOF" | sudo tee /usr/bin/git
+ ooe.sh $SUDO yum -y install rh-git29
+ cat << "EOF" | $SUDO tee /usr/bin/git
#!/bin/bash
scl enable rh-git29 -- git $@
EOF
- sudo chmod 755 /usr/bin/git
+ $SUDO chmod 755 /usr/bin/git
}
install_test_configs() {
@@ -414,9 +420,9 @@ remove_packaged_podman_files() {
if [[ "$OS_RELEASE_ID" =~ "ubuntu" ]]
then
- LISTING_CMD="sudo -E dpkg-query -L podman"
+ LISTING_CMD="$SUDO dpkg-query -L podman"
else
- LISTING_CMD='sudo rpm -ql podman'
+ LISTING_CMD='$SUDO rpm -ql podman'
fi
# yum/dnf/dpkg may list system directories, only remove files
@@ -424,7 +430,7 @@ remove_packaged_podman_files() {
do
# Sub-directories may contain unrelated/valuable stuff
if [[ -d "$fullpath" ]]; then continue; fi
- ooe.sh sudo rm -vf "$fullpath"
+ ooe.sh $SUDO rm -vf "$fullpath"
done
# Be super extra sure and careful vs performant and completely safe
@@ -447,43 +453,60 @@ systemd_banish() {
$GOSRC/$PACKER_BASE/systemd_banish.sh
}
+# This can be removed when the kernel bug fix is included in Fedora
+workaround_bfq_bug() {
+ if [[ "$OS_RELEASE_ID" == "fedora" ]] && [[ $OS_RELEASE_VER -le 32 ]]; then
+ warn "Switching io scheduler to 'deadline' to avoid RHBZ 1767539"
+ warn "aka https://bugzilla.kernel.org/show_bug.cgi?id=205447"
+ echo "mq-deadline" | sudo tee /sys/block/sda/queue/scheduler > /dev/null
+ echo -n "IO Scheduler set to: "
+ $SUDO cat /sys/block/sda/queue/scheduler
+ fi
+}
+
+# Warning: DO NOT USE.
+# This is called by other functions as the very last step during the VM Image build
+# process. It's purpose is to "reset" the image, so all the first-boot operations
+# happen at test runtime (like generating new ssh host keys, resizing partitions, etc.)
_finalize() {
set +e # Don't fail at the very end
if [[ -d "$CUSTOM_CLOUD_CONFIG_DEFAULTS" ]]
then
echo "Installing custom cloud-init defaults"
- sudo cp -v "$CUSTOM_CLOUD_CONFIG_DEFAULTS"/* /etc/cloud/cloud.cfg.d/
+ $SUDO cp -v "$CUSTOM_CLOUD_CONFIG_DEFAULTS"/* /etc/cloud/cloud.cfg.d/
else
echo "Could not find any files in $CUSTOM_CLOUD_CONFIG_DEFAULTS"
fi
echo "Re-initializing so next boot does 'first-boot' setup again."
cd /
- sudo rm -rf /var/lib/cloud/instanc*
- sudo rm -rf /root/.ssh/*
- sudo rm -rf /etc/ssh/*key*
- sudo rm -rf /etc/ssh/moduli
- sudo rm -rf /home/*
- sudo rm -rf /tmp/*
- sudo rm -rf /tmp/.??*
- sudo sync
- sudo fstrim -av
+ $SUDO rm -rf /var/lib/cloud/instanc*
+ $SUDO rm -rf /root/.ssh/*
+ $SUDO rm -rf /etc/ssh/*key*
+ $SUDO rm -rf /etc/ssh/moduli
+ $SUDO rm -rf /home/*
+ $SUDO rm -rf /tmp/*
+ $SUDO rm -rf /tmp/.??*
+ $SUDO sync
+ $SUDO fstrim -av
}
+# Called during VM Image setup, not intended for general use.
rh_finalize() {
set +e # Don't fail at the very end
echo "Resetting to fresh-state for usage as cloud-image."
PKG=$(type -P dnf || type -P yum || echo "")
- sudo $PKG clean all
- sudo rm -rf /var/cache/{yum,dnf}
- sudo rm -f /etc/udev/rules.d/*-persistent-*.rules
- sudo touch /.unconfigured # force firstboot to run
+ $SUDO $PKG clean all
+ $SUDO rm -rf /var/cache/{yum,dnf}
+ $SUDO rm -f /etc/udev/rules.d/*-persistent-*.rules
+ $SUDO touch /.unconfigured # force firstboot to run
_finalize
}
+# Called during VM Image setup, not intended for general use.
ubuntu_finalize() {
set +e # Don't fail at the very end
echo "Resetting to fresh-state for usage as cloud-image."
$LILTO $SUDOAPTGET autoremove
- sudo rm -rf /var/cache/apt
+ $SUDO rm -rf /var/cache/apt
_finalize
}
diff --git a/contrib/cirrus/packer/fedora_packaging.sh b/contrib/cirrus/packer/fedora_packaging.sh
new file mode 100644
index 000000000..e80d48bc8
--- /dev/null
+++ b/contrib/cirrus/packer/fedora_packaging.sh
@@ -0,0 +1,141 @@
+#!/bin/bash
+
+# This script is called from fedora_setup.sh and various Dockerfiles.
+# It's not intended to be used outside of those contexts. It assumes the lib.sh
+# library has already been sourced, and that all "ground-up" package-related activity
+# needs to be done, including repository setup and initial update.
+
+set -e
+
+echo "Updating/Installing repos and packages for $OS_REL_VER"
+
+source $GOSRC/$SCRIPT_BASE/lib.sh
+
+# Pre-req. to install automation tooing
+$LILTO $SUDO dnf install -y git
+
+# Install common automation tooling (i.e. ooe.sh)
+curl --silent --show-error --location \
+ --url "https://raw.githubusercontent.com/containers/automation/master/bin/install_automation.sh" | \
+ $SUDO env INSTALL_PREFIX=/usr/share /bin/bash -s - "$INSTALL_AUTOMATION_VERSION"
+# Reload installed environment right now (happens automatically in a new process)
+source /usr/share/automation/environment
+
+# Set this to 1 to NOT enable updates-testing repository
+DISABLE_UPDATES_TESTING=${DISABLE_UPDATES_TESTING:0}
+
+# Do not enable update-stesting on the previous Fedora release
+if ((DISABLE_UPDATES_TESTING!=0)); then
+ warn "Enabling updates-testing repository for image based on $FEDORA_BASE_IMAGE"
+ $LILTO $SUDO ooe.sh dnf install -y 'dnf-command(config-manager)'
+ $LILTO $SUDO ooe.sh dnf config-manager --set-enabled updates-testing
+else
+ warn "NOT enabling updates-testing repository for image based on $PRIOR_FEDORA_BASE_IMAGE"
+fi
+
+$BIGTO ooe.sh $SUDO dnf update -y
+
+REMOVE_PACKAGES=()
+INSTALL_PACKAGES=(\
+ autoconf
+ automake
+ bash-completion
+ bats
+ bridge-utils
+ btrfs-progs-devel
+ buildah
+ bzip2
+ conmon
+ container-selinux
+ containernetworking-plugins
+ containers-common
+ criu
+ device-mapper-devel
+ dnsmasq
+ emacs-nox
+ file
+ findutils
+ fuse3
+ fuse3-devel
+ gcc
+ git
+ glib2-devel
+ glibc-static
+ gnupg
+ go-md2man
+ golang
+ gpgme-devel
+ iproute
+ iptables
+ jq
+ libassuan-devel
+ libcap-devel
+ libmsi1
+ libnet
+ libnet-devel
+ libnl3-devel
+ libseccomp
+ libseccomp-devel
+ libselinux-devel
+ libtool
+ libvarlink-util
+ lsof
+ make
+ msitools
+ nmap-ncat
+ ostree-devel
+ pandoc
+ podman
+ procps-ng
+ protobuf
+ protobuf-c
+ protobuf-c-devel
+ protobuf-devel
+ python
+ python3-dateutil
+ python3-psutil
+ python3-pytoml
+ rsync
+ selinux-policy-devel
+ skopeo
+ skopeo-containers
+ slirp4netns
+ unzip
+ vim
+ wget
+ which
+ xz
+ zip
+)
+
+case "$OS_RELEASE_VER" in
+ 30)
+ INSTALL_PACKAGES+=(\
+ atomic-registries
+ golang-github-cpuguy83-go-md2man
+ python2-future
+ runc
+ )
+ REMOVE_PACKAGES+=(crun)
+ ;;
+ 31)
+ INSTALL_PACKAGES+=(crun)
+ REMOVE_PACKAGES+=(runc)
+ ;;
+ 32)
+ INSTALL_PACKAGES+=(crun)
+ REMOVE_PACKAGES+=(runc)
+ ;;
+ *)
+ bad_os_id_ver ;;
+esac
+
+echo "Installing general build/test dependencies for Fedora '$OS_RELEASE_VER'"
+$BIGTO ooe.sh $SUDO dnf install -y ${INSTALL_PACKAGES[@]}
+
+[[ ${#REMOVE_PACKAGES[@]} -eq 0 ]] || \
+ $LILTO ooe.sh $SUDO dnf erase -y ${REMOVE_PACKAGES[@]}
+
+export GOPATH="$(mktemp -d)"
+trap "$SUDO rm -rf $GOPATH" EXIT
+ooe.sh $SUDO $GOSRC/hack/install_catatonit.sh
diff --git a/contrib/cirrus/packer/fedora_setup.sh b/contrib/cirrus/packer/fedora_setup.sh
index fcef7360b..3830b3bc4 100644
--- a/contrib/cirrus/packer/fedora_setup.sh
+++ b/contrib/cirrus/packer/fedora_setup.sh
@@ -6,139 +6,26 @@
set -e
# Load in library (copied by packer, before this script was run)
-source /tmp/libpod/$SCRIPT_BASE/lib.sh
+source $GOSRC/$SCRIPT_BASE/lib.sh
-req_env_var SCRIPT_BASE PACKER_BUILDER_NAME GOSRC FEDORA_BASE_IMAGE OS_RELEASE_ID OS_RELEASE_VER
+req_env_var SCRIPT_BASE PACKER_BASE INSTALL_AUTOMATION_VERSION PACKER_BUILDER_NAME GOSRC FEDORA_BASE_IMAGE OS_RELEASE_ID OS_RELEASE_VER
-install_ooe
-
-if [[ $OS_RELEASE_VER -le 31 ]]; then
- warn "Switching io scheduler to 'deadline' to avoid RHBZ 1767539"
- warn "aka https://bugzilla.kernel.org/show_bug.cgi?id=205447"
- echo "mq-deadline" | sudo tee /sys/block/sda/queue/scheduler > /dev/null
- sudo cat /sys/block/sda/queue/scheduler
-fi
-
-export GOPATH="$(mktemp -d)"
-trap "sudo rm -rf $GOPATH" EXIT
-
-$BIGTO ooe.sh sudo dnf update -y
+workaround_bfq_bug
# Do not enable update-stesting on the previous Fedora release
if [[ "$FEDORA_BASE_IMAGE" =~ "${OS_RELEASE_ID}-cloud-base-${OS_RELEASE_VER}" ]]; then
- warn "Enabling updates-testing repository for image based on $FEDORA_BASE_IMAGE"
- $LILTO ooe.sh sudo dnf install -y 'dnf-command(config-manager)'
- $LILTO ooe.sh sudo dnf config-manager --set-enabled updates-testing
+ DISABLE_UPDATES_TESTING=0
else
- warn "NOT enabling updates-testing repository for image based on $PRIOR_FEDORA_BASE_IMAGE"
+ DISABLE_UPDATES_TESTING=1
fi
-REMOVE_PACKAGES=()
-INSTALL_PACKAGES=(\
- autoconf
- automake
- bash-completion
- bats
- bridge-utils
- btrfs-progs-devel
- buildah
- bzip2
- conmon
- container-selinux
- containernetworking-plugins
- containers-common
- criu
- device-mapper-devel
- dnsmasq
- emacs-nox
- file
- findutils
- fuse3
- fuse3-devel
- gcc
- git
- glib2-devel
- glibc-static
- gnupg
- go-md2man
- golang
- gpgme-devel
- iproute
- iptables
- jq
- libassuan-devel
- libcap-devel
- libmsi1
- libnet
- libnet-devel
- libnl3-devel
- libseccomp
- libseccomp-devel
- libselinux-devel
- libtool
- libvarlink-util
- lsof
- make
- msitools
- nmap-ncat
- ostree-devel
- pandoc
- podman
- procps-ng
- protobuf
- protobuf-c
- protobuf-c-devel
- protobuf-devel
- python
- python3-dateutil
- python3-psutil
- python3-pytoml
- rsync
- selinux-policy-devel
- skopeo
- skopeo-containers
- slirp4netns
- unzip
- vim
- wget
- which
- xz
- zip
-)
-
-case "$OS_RELEASE_VER" in
- 30)
- INSTALL_PACKAGES+=(\
- atomic-registries
- golang-github-cpuguy83-go-md2man
- python2-future
- runc
- )
- REMOVE_PACKAGES+=(crun)
- ;;
- 31)
- INSTALL_PACKAGES+=(crun)
- REMOVE_PACKAGES+=(runc)
- ;;
- 32)
- INSTALL_PACKAGES+=(crun)
- REMOVE_PACKAGES+=(runc)
- ;;
- *)
- bad_os_id_ver ;;
-esac
-
-echo "Installing general build/test dependencies for Fedora '$OS_RELEASE_VER'"
-$BIGTO ooe.sh sudo dnf install -y ${INSTALL_PACKAGES[@]}
-
-[[ "${#REMOVE_PACKAGES[@]}" -eq "0" ]] || \
- $LILTO ooe.sh sudo dnf erase -y ${REMOVE_PACKAGES[@]}
+bash $PACKER_BASE/fedora_packaging.sh
+# Load installed environment right now (happens automatically in a new process)
+source /usr/share/automation/environment
echo "Enabling cgroup management from containers"
ooe.sh sudo setsebool container_manage_cgroup true
-ooe.sh sudo /tmp/libpod/hack/install_catatonit.sh
-
# Ensure there are no disruptive periodic services enabled by default in image
systemd_banish
diff --git a/contrib/cirrus/packer/libpod_images.yml b/contrib/cirrus/packer/libpod_images.yml
index c23439201..e33ad775e 100644
--- a/contrib/cirrus/packer/libpod_images.yml
+++ b/contrib/cirrus/packer/libpod_images.yml
@@ -71,6 +71,7 @@ provisioners:
environment_vars:
- 'PACKER_BUILDER_NAME={{build_name}}'
- 'GOSRC=/tmp/libpod'
+ - 'PACKER_BASE={{user `PACKER_BASE`}}'
- 'SCRIPT_BASE={{user `SCRIPT_BASE`}}'
post-processors:
diff --git a/contrib/cirrus/packer/ubuntu_packaging.sh b/contrib/cirrus/packer/ubuntu_packaging.sh
new file mode 100644
index 000000000..b57bc95e9
--- /dev/null
+++ b/contrib/cirrus/packer/ubuntu_packaging.sh
@@ -0,0 +1,168 @@
+#!/bin/bash
+
+# This script is called from ubuntu_setup.sh and various Dockerfiles.
+# It's not intended to be used outside of those contexts. It assumes the lib.sh
+# library has already been sourced, and that all "ground-up" package-related activity
+# needs to be done, including repository setup and initial update.
+
+set -e
+
+echo "Updating/Installing repos and packages for $OS_REL_VER"
+
+source $GOSRC/$SCRIPT_BASE/lib.sh
+
+echo "Updating/configuring package repositories."
+$BIGTO $SUDOAPTGET update
+
+echo "Installing deps to add third-party repositories and automation tooling"
+$LILTO $SUDOAPTGET install software-properties-common git curl
+
+# Install common automation tooling (i.e. ooe.sh)
+curl --silent --show-error --location \
+ --url "https://raw.githubusercontent.com/containers/automation/master/bin/install_automation.sh" | \
+ $SUDO env INSTALL_PREFIX=/usr/share /bin/bash -s - "$INSTALL_AUTOMATION_VERSION"
+# Reload installed environment right now (happens automatically in a new process)
+source /usr/share/automation/environment
+
+$LILTO ooe.sh $SUDOAPTADD ppa:criu/ppa
+
+# Install newer version of golang
+if [[ "$OS_RELEASE_VER" -eq "18" ]]
+then
+ $LILTO ooe.sh $SUDOAPTADD ppa:longsleep/golang-backports
+fi
+
+echo "Configuring/Instaling deps from Open build server"
+VERSION_ID=$(source /etc/os-release; echo $VERSION_ID)
+echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_$VERSION_ID/ /" \
+ | ooe.sh $SUDO tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
+ooe.sh curl -L -o /tmp/Release.key "https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${VERSION_ID}/Release.key"
+ooe.sh $SUDO apt-key add - < /tmp/Release.key
+
+INSTALL_PACKAGES=(\
+ apparmor
+ aufs-tools
+ autoconf
+ automake
+ bash-completion
+ bison
+ build-essential
+ buildah
+ bzip2
+ conmon
+ containernetworking-plugins
+ containers-common
+ coreutils
+ cri-o-runc
+ criu
+ curl
+ dnsmasq
+ e2fslibs-dev
+ emacs-nox
+ file
+ gawk
+ gcc
+ gettext
+ git
+ go-md2man
+ golang
+ iproute2
+ iptables
+ jq
+ libaio-dev
+ libapparmor-dev
+ libcap-dev
+ libdevmapper-dev
+ libdevmapper1.02.1
+ libfuse-dev
+ libfuse2
+ libglib2.0-dev
+ libgpgme11-dev
+ liblzma-dev
+ libnet1
+ libnet1-dev
+ libnl-3-dev
+ libprotobuf-c-dev
+ libprotobuf-dev
+ libseccomp-dev
+ libseccomp2
+ libselinux-dev
+ libsystemd-dev
+ libtool
+ libudev-dev
+ libvarlink
+ lsof
+ make
+ netcat
+ openssl
+ pkg-config
+ podman
+ protobuf-c-compiler
+ protobuf-compiler
+ python-future
+ python-minimal
+ python-protobuf
+ python3-dateutil
+ python3-pip
+ python3-psutil
+ python3-pytoml
+ python3-setuptools
+ rsync
+ runc
+ scons
+ skopeo
+ slirp4netns
+ socat
+ sudo
+ unzip
+ vim
+ wget
+ xz-utils
+ yum-utils
+ zip
+ zlib1g-dev
+)
+
+if [[ $OS_RELEASE_VER -ge 19 ]]
+then
+ INSTALL_PACKAGES+=(\
+ bats
+ btrfs-progs
+ fuse3
+ libbtrfs-dev
+ libfuse3-dev
+ )
+else
+ echo "Downloading version of bats with fix for a \$IFS related bug in 'run' command"
+ cd /tmp
+ BATS_URL='http://launchpadlibrarian.net/438140887/bats_1.1.0+git104-g1c83a1b-1_all.deb'
+ curl -L -O "$BATS_URL"
+ cd -
+ INSTALL_PACKAGES+=(\
+ /tmp/$(basename $BATS_URL)
+ btrfs-tools
+ )
+fi
+
+# Do this at the last possible moment to avoid dpkg lock conflicts
+echo "Upgrading all packages"
+$BIGTO ooe.sh $SUDOAPTGET upgrade
+
+echo "Installing general testing and system dependencies"
+# Necessary to update cache of newly added repos
+$LILTO ooe.sh $SUDOAPTGET update
+$BIGTO ooe.sh $SUDOAPTGET install ${INSTALL_PACKAGES[@]}
+
+export GOPATH="$(mktemp -d)"
+trap "$SUDO rm -rf $GOPATH" EXIT
+echo "Installing cataonit and libseccomp.sudo"
+cd $GOSRC
+ooe.sh $SUDO hack/install_catatonit.sh
+ooe.sh $SUDO make install.libseccomp.sudo
+
+CRIO_RUNC_PATH="/usr/lib/cri-o-runc/sbin/runc"
+if $SUDO dpkg -L cri-o-runc | grep -m 1 -q "$CRIO_RUNC_PATH"
+then
+ echo "Linking $CRIO_RUNC_PATH to /usr/bin/runc for ease of testing."
+ $SUDO ln -f "$CRIO_RUNC_PATH" "/usr/bin/runc"
+fi
diff --git a/contrib/cirrus/packer/ubuntu_setup.sh b/contrib/cirrus/packer/ubuntu_setup.sh
index 4b6e99358..2febbd265 100644
--- a/contrib/cirrus/packer/ubuntu_setup.sh
+++ b/contrib/cirrus/packer/ubuntu_setup.sh
@@ -8,164 +8,21 @@ set -e
# Load in library (copied by packer, before this script was run)
source $GOSRC/$SCRIPT_BASE/lib.sh
-req_env_var SCRIPT_BASE
+req_env_var SCRIPT_BASE PACKER_BASE INSTALL_AUTOMATION_VERSION PACKER_BUILDER_NAME GOSRC UBUNTU_BASE_IMAGE OS_RELEASE_ID OS_RELEASE_VER
-install_ooe
-
-export GOPATH="$(mktemp -d)"
-trap "sudo rm -rf $GOPATH" EXIT
+# Ensure there are no disruptive periodic services enabled by default in image
+systemd_banish
# Stop disruption upon boot ASAP after booting
echo "Disabling all packaging activity on boot"
-# Don't let sed process sed's temporary files
-_FILEPATHS=$(sudo ls -1 /etc/apt/apt.conf.d)
-for filename in $_FILEPATHS; do \
+for filename in $(sudo ls -1 /etc/apt/apt.conf.d); do \
echo "Checking/Patching $filename"
sudo sed -i -r -e "s/$PERIODIC_APT_RE/"'\10"\;/' "/etc/apt/apt.conf.d/$filename"; done
-echo "Updating/configuring package repositories."
-$BIGTO $SUDOAPTGET update
-
-echo "Upgrading all packages"
-$BIGTO $SUDOAPTGET upgrade
-
-echo "Adding third-party repositories and PPAs"
-$LILTO $SUDOAPTGET install software-properties-common
-$LILTO $SUDOAPTADD ppa:criu/ppa
-if [[ "$OS_RELEASE_VER" -eq "18" ]]
-then
- $LILTO $SUDOAPTADD ppa:longsleep/golang-backports
-fi
-
-echo "Configuring/Instaling deps from Open build server"
-VERSION_ID=$(source /etc/os-release; echo $VERSION_ID)
-echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_$VERSION_ID/ /" \
- | ooe.sh sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
-ooe.sh curl -L -o /tmp/Release.key "https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${VERSION_ID}/Release.key"
-ooe.sh sudo apt-key add - < /tmp/Release.key
-
-INSTALL_PACKAGES=(\
- apparmor
- aufs-tools
- autoconf
- automake
- bash-completion
- bison
- build-essential
- buildah
- bzip2
- conmon
- containernetworking-plugins
- containers-common
- coreutils
- cri-o-runc
- criu
- curl
- dnsmasq
- e2fslibs-dev
- emacs-nox
- file
- gawk
- gcc
- gettext
- git
- go-md2man
- golang
- iproute2
- iptables
- jq
- libaio-dev
- libapparmor-dev
- libcap-dev
- libdevmapper-dev
- libdevmapper1.02.1
- libfuse-dev
- libfuse2
- libglib2.0-dev
- libgpgme11-dev
- liblzma-dev
- libnet1
- libnet1-dev
- libnl-3-dev
- libprotobuf-c-dev
- libprotobuf-dev
- libseccomp-dev
- libseccomp2
- libselinux-dev
- libsystemd-dev
- libtool
- libudev-dev
- libvarlink
- lsof
- make
- netcat
- openssl
- pkg-config
- podman
- protobuf-c-compiler
- protobuf-compiler
- python-future
- python-minimal
- python-protobuf
- python3-dateutil
- python3-pip
- python3-psutil
- python3-pytoml
- python3-setuptools
- rsync
- runc
- scons
- skopeo
- slirp4netns
- socat
- unzip
- vim
- wget
- xz-utils
- yum-utils
- zip
- zlib1g-dev
-)
-
-if [[ "$OS_RELEASE_VER" -ge "19" ]]
-then
- INSTALL_PACKAGES+=(\
- bats
- btrfs-progs
- fuse3
- libbtrfs-dev
- libfuse3-dev
- )
-else
- echo "Downloading version of bats with fix for a \$IFS related bug in 'run' command"
- cd /tmp
- BATS_URL='http://launchpadlibrarian.net/438140887/bats_1.1.0+git104-g1c83a1b-1_all.deb'
- curl -L -O "$BATS_URL"
- cd -
- INSTALL_PACKAGES+=(\
- /tmp/$(basename $BATS_URL)
- btrfs-tools
- )
-fi
-
-echo "Installing general testing and system dependencies"
-# Necessary to update cache of newly added repos
-$LILTO $SUDOAPTGET update
-$BIGTO $SUDOAPTGET install ${INSTALL_PACKAGES[@]}
-
-echo "Installing cataonit and libseccomp.sudo"
-ooe.sh sudo /tmp/libpod/hack/install_catatonit.sh
-ooe.sh sudo make -C /tmp/libpod install.libseccomp.sudo
-
-# Ensure there are no disruptive periodic services enabled by default in image
-systemd_banish
+bash $PACKER_BASE/ubuntu_packaging.sh
-CRIO_RUNC_PATH="/usr/lib/cri-o-runc/sbin/runc"
-if sudo dpkg -L cri-o-runc | grep -m 1 -q "$CRIO_RUNC_PATH"
-then
- echo "Linking $CRIO_RUNC_PATH to /usr/bin/runc for ease of testing."
- sudo ln -f "$CRIO_RUNC_PATH" "/usr/bin/runc"
-fi
+# Load installed environment right now (happens automatically in a new process)
+source /usr/share/automation/environment
echo "Making Ubuntu kernel to enable cgroup swap accounting as it is not the default."
SEDCMD='s/^GRUB_CMDLINE_LINUX="(.*)"/GRUB_CMDLINE_LINUX="\1 cgroup_enable=memory swapaccount=1"/g'
diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index 57c9ec52a..6bec9625e 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -43,16 +43,8 @@ case "${OS_RELEASE_ID}" in
fedora)
# All SELinux distros need this for systemd-in-a-container
setsebool container_manage_cgroup true
- if [[ "$ADD_SECOND_PARTITION" == "true" ]]; then
- bash "$SCRIPT_BASE/add_second_partition.sh"
- fi
- if [[ $OS_RELEASE_VER -le 31 ]]; then
- warn "Switching io scheduler to 'deadline' to avoid RHBZ 1767539"
- warn "aka https://bugzilla.kernel.org/show_bug.cgi?id=205447"
- echo "mq-deadline" > /sys/block/sda/queue/scheduler
- cat /sys/block/sda/queue/scheduler
- fi
+ workaround_bfq_bug
if [[ "$ADD_SECOND_PARTITION" == "true" ]]; then
bash "$SCRIPT_BASE/add_second_partition.sh"
diff --git a/pkg/bindings/images/images.go b/pkg/bindings/images/images.go
index 06f01c7a0..63fe2556b 100644
--- a/pkg/bindings/images/images.go
+++ b/pkg/bindings/images/images.go
@@ -57,7 +57,7 @@ func List(ctx context.Context, all *bool, filters map[string][]string) ([]*entit
// Get performs an image inspect. To have the on-disk size of the image calculated, you can
// use the optional size parameter.
-func GetImage(ctx context.Context, nameOrID string, size *bool) (*entities.ImageData, error) {
+func GetImage(ctx context.Context, nameOrID string, size *bool) (*entities.ImageInspectReport, error) {
conn, err := bindings.GetClient(ctx)
if err != nil {
return nil, err
@@ -66,7 +66,7 @@ func GetImage(ctx context.Context, nameOrID string, size *bool) (*entities.Image
if size != nil {
params.Set("size", strconv.FormatBool(*size))
}
- inspectedData := entities.ImageData{}
+ inspectedData := entities.ImageInspectReport{}
response, err := conn.DoRequest(nil, http.MethodGet, "/images/%s/json", params, nameOrID)
if err != nil {
return &inspectedData, err
@@ -310,9 +310,10 @@ func Push(ctx context.Context, source string, destination string, options entiti
params := url.Values{}
params.Set("credentials", options.Credentials)
params.Set("destination", destination)
- if options.TLSVerify != types.OptionalBoolUndefined {
- val := bool(options.TLSVerify == types.OptionalBoolTrue)
- params.Set("tlsVerify", strconv.FormatBool(val))
+ if options.SkipTLSVerify != types.OptionalBoolUndefined {
+ // Note: we have to verify if skipped is false.
+ verifyTLS := bool(options.SkipTLSVerify == types.OptionalBoolFalse)
+ params.Set("tlsVerify", strconv.FormatBool(verifyTLS))
}
path := fmt.Sprintf("/images/%s/push", source)
diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go
index 502279bcf..eebf4c033 100644
--- a/pkg/domain/entities/engine_container.go
+++ b/pkg/domain/entities/engine_container.go
@@ -41,6 +41,7 @@ type ContainerEngine interface {
ContainerUnpause(ctx context.Context, namesOrIds []string, options PauseUnPauseOptions) ([]*PauseUnpauseReport, error)
ContainerWait(ctx context.Context, namesOrIds []string, options WaitOptions) ([]WaitReport, error)
Events(ctx context.Context, opts EventsOptions) error
+ GenerateSystemd(ctx context.Context, nameOrID string, opts GenerateSystemdOptions) (*GenerateSystemdReport, error)
HealthCheckRun(ctx context.Context, nameOrId string, options HealthCheckOptions) (*define.HealthCheckResults, error)
Info(ctx context.Context) (*define.Info, error)
PodCreate(ctx context.Context, opts PodCreateOptions) (*PodCreateReport, error)
diff --git a/pkg/domain/entities/engine_image.go b/pkg/domain/entities/engine_image.go
index b118a4104..46a96ca20 100644
--- a/pkg/domain/entities/engine_image.go
+++ b/pkg/domain/entities/engine_image.go
@@ -13,7 +13,7 @@ type ImageEngine interface {
Exists(ctx context.Context, nameOrId string) (*BoolReport, error)
History(ctx context.Context, nameOrId string, opts ImageHistoryOptions) (*ImageHistoryReport, error)
Import(ctx context.Context, opts ImageImportOptions) (*ImageImportReport, error)
- Inspect(ctx context.Context, names []string, opts InspectOptions) (*ImageInspectReport, error)
+ Inspect(ctx context.Context, namesOrIDs []string, opts InspectOptions) ([]*ImageInspectReport, error)
List(ctx context.Context, opts ImageListOptions) ([]*ImageSummary, error)
Load(ctx context.Context, opts ImageLoadOptions) (*ImageLoadReport, error)
Prune(ctx context.Context, opts ImagePruneOptions) (*ImagePruneReport, error)
diff --git a/pkg/domain/entities/generate.go b/pkg/domain/entities/generate.go
new file mode 100644
index 000000000..6d65b52f8
--- /dev/null
+++ b/pkg/domain/entities/generate.go
@@ -0,0 +1,22 @@
+package entities
+
+// GenerateSystemdOptions control the generation of systemd unit files.
+type GenerateSystemdOptions struct {
+ // Files - generate files instead of printing to stdout.
+ Files bool
+ // Name - use container/pod name instead of its ID.
+ Name bool
+ // New - create a new container instead of starting a new one.
+ New bool
+ // RestartPolicy - systemd restart policy.
+ RestartPolicy string
+ // StopTimeout - time when stopping the container.
+ StopTimeout *uint
+}
+
+// GenerateSystemdReport
+type GenerateSystemdReport struct {
+ // Output of the generate process. Either the generated files or their
+ // entire content.
+ Output string
+}
diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go
index 460965b34..442b2cf3c 100644
--- a/pkg/domain/entities/images.go
+++ b/pkg/domain/entities/images.go
@@ -183,8 +183,8 @@ type ImagePushOptions struct {
// SignBy adds a signature at the destination using the specified key.
// Ignored for remote calls.
SignBy string
- // TLSVerify to enable/disable HTTPS and certificate verification.
- TLSVerify types.OptionalBool
+ // SkipTLSVerify to skip HTTPS and certificate verification.
+ SkipTLSVerify types.OptionalBool
}
// ImageSearchOptions are the arguments for searching images.
@@ -238,13 +238,9 @@ type ImagePruneReport struct {
type ImageTagOptions struct{}
type ImageUntagOptions struct{}
-type ImageData struct {
- *inspect.ImageData
-}
-
+// ImageInspectReport is the data when inspecting an image.
type ImageInspectReport struct {
- Images []*ImageData
- Errors map[string]error
+ *inspect.ImageData
}
type ImageLoadOptions struct {
diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go
index d742cc53d..9fbe04c9a 100644
--- a/pkg/domain/entities/types.go
+++ b/pkg/domain/entities/types.go
@@ -47,10 +47,14 @@ type NetOptions struct {
// All CLI inspect commands and inspect sub-commands use the same options
type InspectOptions struct {
+ // Format - change the output to JSON or a Go template.
Format string `json:",omitempty"`
- Latest bool `json:",omitempty"`
- Size bool `json:",omitempty"`
- Type string `json:",omitempty"`
+ // Latest - inspect the latest container Podman is aware of.
+ Latest bool `json:",omitempty"`
+ // Size (containers only) - display total file size.
+ Size bool `json:",omitempty"`
+ // Type -- return JSON for specified type.
+ Type string `json:",omitempty"`
}
// All API and CLI diff commands and diff sub-commands use the same options
diff --git a/pkg/domain/infra/abi/generate.go b/pkg/domain/infra/abi/generate.go
new file mode 100644
index 000000000..f69ba560e
--- /dev/null
+++ b/pkg/domain/infra/abi/generate.go
@@ -0,0 +1,174 @@
+package abi
+
+import (
+ "context"
+ "fmt"
+ "strings"
+
+ "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/containers/libpod/pkg/systemd/generate"
+ "github.com/pkg/errors"
+)
+
+func (ic *ContainerEngine) GenerateSystemd(ctx context.Context, nameOrID string, options entities.GenerateSystemdOptions) (*entities.GenerateSystemdReport, error) {
+ opts := generate.Options{
+ Files: options.Files,
+ New: options.New,
+ }
+
+ // First assume it's a container.
+ if info, found, err := ic.generateSystemdgenContainerInfo(nameOrID, nil, options); found && err != nil {
+ return nil, err
+ } else if found && err == nil {
+ output, err := generate.CreateContainerSystemdUnit(info, opts)
+ if err != nil {
+ return nil, err
+ }
+ return &entities.GenerateSystemdReport{Output: output}, nil
+ }
+
+ // --new does not support pods.
+ if options.New {
+ return nil, errors.Errorf("error generating systemd unit files: cannot generate generic files for a pod")
+ }
+
+ // We're either having a pod or garbage.
+ pod, err := ic.Libpod.LookupPod(nameOrID)
+ if err != nil {
+ return nil, err
+ }
+
+ // Error out if the pod has no infra container, which we require to be the
+ // main service.
+ if !pod.HasInfraContainer() {
+ return nil, fmt.Errorf("error generating systemd unit files: Pod %q has no infra container", pod.Name())
+ }
+
+ // Generate a systemdgen.ContainerInfo for the infra container. This
+ // ContainerInfo acts as the main service of the pod.
+ infraID, err := pod.InfraContainerID()
+ if err != nil {
+ return nil, nil
+ }
+ podInfo, _, err := ic.generateSystemdgenContainerInfo(infraID, pod, options)
+ if err != nil {
+ return nil, err
+ }
+
+ // Compute the container-dependency graph for the Pod.
+ containers, err := pod.AllContainers()
+ if err != nil {
+ return nil, err
+ }
+ if len(containers) == 0 {
+ return nil, fmt.Errorf("error generating systemd unit files: Pod %q has no containers", pod.Name())
+ }
+ graph, err := libpod.BuildContainerGraph(containers)
+ if err != nil {
+ return nil, err
+ }
+
+ // Traverse the dependency graph and create systemdgen.ContainerInfo's for
+ // each container.
+ containerInfos := []*generate.ContainerInfo{podInfo}
+ for ctr, dependencies := range graph.DependencyMap() {
+ // Skip the infra container as we already generated it.
+ if ctr.ID() == infraID {
+ continue
+ }
+ ctrInfo, _, err := ic.generateSystemdgenContainerInfo(ctr.ID(), nil, options)
+ if err != nil {
+ return nil, err
+ }
+ // Now add the container's dependencies and at the container as a
+ // required service of the infra container.
+ for _, dep := range dependencies {
+ if dep.ID() == infraID {
+ ctrInfo.BoundToServices = append(ctrInfo.BoundToServices, podInfo.ServiceName)
+ } else {
+ _, serviceName := generateServiceName(dep, nil, options)
+ ctrInfo.BoundToServices = append(ctrInfo.BoundToServices, serviceName)
+ }
+ }
+ podInfo.RequiredServices = append(podInfo.RequiredServices, ctrInfo.ServiceName)
+ containerInfos = append(containerInfos, ctrInfo)
+ }
+
+ // Now generate the systemd service for all containers.
+ builder := strings.Builder{}
+ for i, info := range containerInfos {
+ if i > 0 {
+ builder.WriteByte('\n')
+ }
+ out, err := generate.CreateContainerSystemdUnit(info, opts)
+ if err != nil {
+ return nil, err
+ }
+ builder.WriteString(out)
+ }
+
+ return &entities.GenerateSystemdReport{Output: builder.String()}, nil
+}
+
+// generateSystemdgenContainerInfo is a helper to generate a
+// systemdgen.ContainerInfo for `GenerateSystemd`.
+func (ic *ContainerEngine) generateSystemdgenContainerInfo(nameOrID string, pod *libpod.Pod, options entities.GenerateSystemdOptions) (*generate.ContainerInfo, bool, error) {
+ ctr, err := ic.Libpod.LookupContainer(nameOrID)
+ if err != nil {
+ return nil, false, err
+ }
+
+ timeout := ctr.StopTimeout()
+ if options.StopTimeout != nil {
+ timeout = *options.StopTimeout
+ }
+
+ config := ctr.Config()
+ conmonPidFile := config.ConmonPidFile
+ if conmonPidFile == "" {
+ return nil, true, errors.Errorf("conmon PID file path is empty, try to recreate the container with --conmon-pidfile flag")
+ }
+
+ createCommand := []string{}
+ if config.CreateCommand != nil {
+ createCommand = config.CreateCommand
+ } else if options.New {
+ return nil, true, errors.Errorf("cannot use --new on container %q: no create command found", nameOrID)
+ }
+
+ name, serviceName := generateServiceName(ctr, pod, options)
+ info := &generate.ContainerInfo{
+ ServiceName: serviceName,
+ ContainerName: name,
+ RestartPolicy: options.RestartPolicy,
+ PIDFile: conmonPidFile,
+ StopTimeout: timeout,
+ GenerateTimestamp: true,
+ CreateCommand: createCommand,
+ }
+
+ return info, true, nil
+}
+
+// generateServiceName generates the container name and the service name for systemd service.
+func generateServiceName(ctr *libpod.Container, pod *libpod.Pod, options entities.GenerateSystemdOptions) (string, string) {
+ var kind, name, ctrName string
+ if pod == nil {
+ kind = "container"
+ name = ctr.ID()
+ if options.Name {
+ name = ctr.Name()
+ }
+ ctrName = name
+ } else {
+ kind = "pod"
+ name = pod.ID()
+ ctrName = ctr.ID()
+ if options.Name {
+ name = pod.Name()
+ ctrName = ctr.Name()
+ }
+ }
+ return ctrName, fmt.Sprintf("%s-%s", kind, name)
+}
diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go
index 7ac111745..d1245a45c 100644
--- a/pkg/domain/infra/abi/images.go
+++ b/pkg/domain/infra/abi/images.go
@@ -170,29 +170,24 @@ func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, options entiti
return &entities.ImagePullReport{Images: foundIDs}, nil
}
-func (ir *ImageEngine) Inspect(ctx context.Context, names []string, opts entities.InspectOptions) (*entities.ImageInspectReport, error) {
- report := entities.ImageInspectReport{
- Errors: make(map[string]error),
- }
-
- for _, id := range names {
- img, err := ir.Libpod.ImageRuntime().NewFromLocal(id)
+func (ir *ImageEngine) Inspect(ctx context.Context, namesOrIDs []string, opts entities.InspectOptions) ([]*entities.ImageInspectReport, error) {
+ reports := []*entities.ImageInspectReport{}
+ for _, i := range namesOrIDs {
+ img, err := ir.Libpod.ImageRuntime().NewFromLocal(i)
if err != nil {
- report.Errors[id] = err
- continue
+ return nil, err
}
-
- results, err := img.Inspect(ctx)
+ result, err := img.Inspect(ctx)
if err != nil {
- report.Errors[id] = err
- continue
+ return nil, err
}
-
- cookedResults := entities.ImageData{}
- _ = domainUtils.DeepCopy(&cookedResults, results)
- report.Images = append(report.Images, &cookedResults)
+ report := entities.ImageInspectReport{}
+ if err := domainUtils.DeepCopy(&report, result); err != nil {
+ return nil, err
+ }
+ reports = append(reports, &report)
}
- return &report, nil
+ return reports, nil
}
func (ir *ImageEngine) Push(ctx context.Context, source string, destination string, options entities.ImagePushOptions) error {
@@ -226,7 +221,7 @@ func (ir *ImageEngine) Push(ctx context.Context, source string, destination stri
dockerRegistryOptions := image.DockerRegistryOptions{
DockerRegistryCreds: registryCreds,
DockerCertPath: options.CertDir,
- DockerInsecureSkipTLSVerify: options.TLSVerify,
+ DockerInsecureSkipTLSVerify: options.SkipTLSVerify,
}
signOptions := image.SigningOptions{
diff --git a/pkg/domain/infra/tunnel/generate.go b/pkg/domain/infra/tunnel/generate.go
new file mode 100644
index 000000000..3cd483053
--- /dev/null
+++ b/pkg/domain/infra/tunnel/generate.go
@@ -0,0 +1,12 @@
+package tunnel
+
+import (
+ "context"
+
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/pkg/errors"
+)
+
+func (ic *ContainerEngine) GenerateSystemd(ctx context.Context, nameOrID string, options entities.GenerateSystemdOptions) (*entities.GenerateSystemdReport, error) {
+ return nil, errors.New("not implemented for tunnel")
+}
diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go
index 66e4e6e3f..dcc5fc3e7 100644
--- a/pkg/domain/infra/tunnel/images.go
+++ b/pkg/domain/infra/tunnel/images.go
@@ -143,16 +143,16 @@ func (ir *ImageEngine) Untag(ctx context.Context, nameOrId string, tags []string
return nil
}
-func (ir *ImageEngine) Inspect(_ context.Context, names []string, opts entities.InspectOptions) (*entities.ImageInspectReport, error) {
- report := entities.ImageInspectReport{}
- for _, id := range names {
- r, err := images.GetImage(ir.ClientCxt, id, &opts.Size)
+func (ir *ImageEngine) Inspect(ctx context.Context, namesOrIDs []string, opts entities.InspectOptions) ([]*entities.ImageInspectReport, error) {
+ reports := []*entities.ImageInspectReport{}
+ for _, i := range namesOrIDs {
+ r, err := images.GetImage(ir.ClientCxt, i, &opts.Size)
if err != nil {
- report.Errors[id] = err
+ return nil, err
}
- report.Images = append(report.Images, r)
+ reports = append(reports, r)
}
- return &report, nil
+ return reports, nil
}
func (ir *ImageEngine) Load(ctx context.Context, opts entities.ImageLoadOptions) (*entities.ImageLoadReport, error) {
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
index 72d461cdc..716db81dc 100644
--- a/pkg/rootless/rootless_linux.c
+++ b/pkg/rootless/rootless_linux.c
@@ -535,32 +535,30 @@ create_pause_process (const char *pause_pid_file_path, char **argv)
}
}
-static void
-join_namespace_or_die (int pid_to_join, const char *ns_file)
+static int
+open_namespace (int pid_to_join, const char *ns_file)
{
char ns_path[PATH_MAX];
int ret;
- int fd;
ret = snprintf (ns_path, PATH_MAX, "/proc/%d/ns/%s", pid_to_join, ns_file);
if (ret == PATH_MAX)
{
fprintf (stderr, "internal error: namespace path too long\n");
- _exit (EXIT_FAILURE);
+ return -1;
}
- fd = open (ns_path, O_CLOEXEC | O_RDONLY);
- if (fd < 0)
- {
- fprintf (stderr, "cannot open: %s\n", ns_path);
- _exit (EXIT_FAILURE);
- }
- if (setns (fd, 0) < 0)
+ return open (ns_path, O_CLOEXEC | O_RDONLY);
+}
+
+static void
+join_namespace_or_die (const char *name, int ns_fd)
+{
+ if (setns (ns_fd, 0) < 0)
{
- fprintf (stderr, "cannot set namespace to %s: %s\n", ns_path, strerror (errno));
+ fprintf (stderr, "cannot set %s namespace\n", name);
_exit (EXIT_FAILURE);
}
- close (fd);
}
int
@@ -570,6 +568,8 @@ reexec_userns_join (int pid_to_join, char *pause_pid_file_path)
char gid[16];
char **argv;
int pid;
+ int mnt_ns = -1;
+ int user_ns = -1;
char *cwd = getcwd (NULL, 0);
sigset_t sigset, oldsigset;
@@ -589,14 +589,28 @@ reexec_userns_join (int pid_to_join, char *pause_pid_file_path)
_exit (EXIT_FAILURE);
}
+ user_ns = open_namespace (pid_to_join, "user");
+ if (user_ns < 0)
+ return user_ns;
+ mnt_ns = open_namespace (pid_to_join, "mnt");
+ if (mnt_ns < 0)
+ {
+ close (user_ns);
+ return mnt_ns;
+ }
+
pid = fork ();
if (pid < 0)
fprintf (stderr, "cannot fork: %s\n", strerror (errno));
if (pid)
{
- /* We passed down these fds, close them. */
int f;
+
+ /* We passed down these fds, close them. */
+ close (user_ns);
+ close (mnt_ns);
+
for (f = 3; f < open_files_max_fd; f++)
if (open_files_set == NULL || FD_ISSET (f % FD_SETSIZE, &(open_files_set[f / FD_SETSIZE])))
close (f);
@@ -634,8 +648,10 @@ reexec_userns_join (int pid_to_join, char *pause_pid_file_path)
_exit (EXIT_FAILURE);
}
- join_namespace_or_die (pid_to_join, "user");
- join_namespace_or_die (pid_to_join, "mnt");
+ join_namespace_or_die ("user", user_ns);
+ join_namespace_or_die ("mnt", mnt_ns);
+ close (user_ns);
+ close (mnt_ns);
if (syscall_setresgid (0, 0, 0) < 0)
{
diff --git a/pkg/rootlessport/rootlessport_linux.go b/pkg/rootlessport/rootlessport_linux.go
index 1c1ed39df..c686d80fc 100644
--- a/pkg/rootlessport/rootlessport_linux.go
+++ b/pkg/rootlessport/rootlessport_linux.go
@@ -102,25 +102,27 @@ func parent() error {
return err
}
- sigC := make(chan os.Signal, 1)
- signal.Notify(sigC, unix.SIGPIPE)
- defer func() {
- // dummy signal to terminate the goroutine
- sigC <- unix.SIGKILL
- }()
+ exitC := make(chan os.Signal, 1)
+ defer close(exitC)
+
go func() {
+ sigC := make(chan os.Signal, 1)
+ signal.Notify(sigC, unix.SIGPIPE)
defer func() {
signal.Stop(sigC)
close(sigC)
}()
- s := <-sigC
- if s == unix.SIGPIPE {
- if f, err := os.OpenFile("/dev/null", os.O_WRONLY, 0755); err == nil {
- unix.Dup2(int(f.Fd()), 1) // nolint:errcheck
- unix.Dup2(int(f.Fd()), 2) // nolint:errcheck
- f.Close()
+ select {
+ case s := <-sigC:
+ if s == unix.SIGPIPE {
+ if f, err := os.OpenFile("/dev/null", os.O_WRONLY, 0755); err == nil {
+ unix.Dup2(int(f.Fd()), 1) // nolint:errcheck
+ unix.Dup2(int(f.Fd()), 2) // nolint:errcheck
+ f.Close()
+ }
}
+ case <-exitC:
}
}()
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index 7ee2df890..a62344640 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -326,10 +326,6 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
}
defaultEnv = env.Join(env.DefaultEnvVariables, defaultEnv)
}
- config.Env = env.Join(defaultEnv, config.Env)
- for name, val := range config.Env {
- g.AddProcessEnv(name, val)
- }
if err := addRlimits(config, &g); err != nil {
return nil, err
@@ -360,6 +356,11 @@ func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime, userM
if err := config.Cgroup.ConfigureGenerator(&g); err != nil {
return nil, err
}
+
+ config.Env = env.Join(defaultEnv, config.Env)
+ for name, val := range config.Env {
+ g.AddProcessEnv(name, val)
+ }
configSpec := g.Config
// If the container image specifies an label with a
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index bb84f0618..01ddcf9c8 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -76,6 +76,7 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
}
options := []libpod.CtrCreateOption{}
+ options = append(options, libpod.WithCreateCommand())
var newImage *image.Image
if s.Rootfs != "" {
diff --git a/pkg/specgen/namespaces.go b/pkg/specgen/namespaces.go
index f0161a793..396563267 100644
--- a/pkg/specgen/namespaces.go
+++ b/pkg/specgen/namespaces.go
@@ -216,6 +216,8 @@ func ParseNetworkNamespace(ns string) (Namespace, []string, error) {
toReturn := Namespace{}
var cniNetworks []string
switch {
+ case ns == "slirp4netns":
+ toReturn.NSMode = Slirp
case ns == "pod":
toReturn.NSMode = FromPod
case ns == "bridge":
diff --git a/test/e2e/cp_test.go b/test/e2e/cp_test.go
index 2ff6fe65e..f95f8646c 100644
--- a/test/e2e/cp_test.go
+++ b/test/e2e/cp_test.go
@@ -22,7 +22,6 @@ var _ = Describe("Podman cp", func() {
)
BeforeEach(func() {
- Skip(v2fail)
tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
@@ -96,7 +95,7 @@ var _ = Describe("Podman cp", func() {
})
It("podman cp dir to dir", func() {
- testDirPath := filepath.Join(podmanTest.RunRoot, "TestDir")
+ testDirPath := filepath.Join(podmanTest.RunRoot, "TestDir1")
session := podmanTest.Podman([]string{"create", ALPINE, "ls", "/foodir"})
session.WaitWithDefaultTimeout()
@@ -105,6 +104,7 @@ var _ = Describe("Podman cp", func() {
err := os.Mkdir(testDirPath, 0755)
Expect(err).To(BeNil())
+ defer os.RemoveAll(testDirPath)
session = podmanTest.Podman([]string{"cp", testDirPath, name + ":/foodir"})
session.WaitWithDefaultTimeout()
@@ -138,8 +138,6 @@ var _ = Describe("Podman cp", func() {
res, err := cmd.Output()
Expect(err).To(BeNil())
Expect(len(res)).To(Equal(0))
-
- os.RemoveAll(testDirPath)
})
It("podman cp stdin/stdout", func() {
@@ -148,9 +146,10 @@ var _ = Describe("Podman cp", func() {
Expect(session.ExitCode()).To(Equal(0))
name := session.OutputToString()
- testDirPath := filepath.Join(podmanTest.RunRoot, "TestDir")
+ testDirPath := filepath.Join(podmanTest.RunRoot, "TestDir2")
err := os.Mkdir(testDirPath, 0755)
Expect(err).To(BeNil())
+ defer os.RemoveAll(testDirPath)
cmd := exec.Command("tar", "-zcvf", "file.tar.gz", testDirPath)
_, err = cmd.Output()
Expect(err).To(BeNil())
@@ -169,7 +168,6 @@ var _ = Describe("Podman cp", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
- os.RemoveAll(testDirPath)
os.Remove("file.tar.gz")
})
@@ -185,9 +183,10 @@ var _ = Describe("Podman cp", func() {
path, err := os.Getwd()
Expect(err).To(BeNil())
- testDirPath := filepath.Join(path, "TestDir")
+ testDirPath := filepath.Join(path, "TestDir3")
err = os.Mkdir(testDirPath, 0777)
Expect(err).To(BeNil())
+ defer os.RemoveAll(testDirPath)
cmd := exec.Command("tar", "-cvf", "file.tar", testDirPath)
_, err = cmd.Output()
Expect(err).To(BeNil())
@@ -202,7 +201,6 @@ var _ = Describe("Podman cp", func() {
Expect(session.OutputToString()).To(ContainSubstring("file.tar"))
os.Remove("file.tar")
- os.RemoveAll(testDirPath)
})
It("podman cp symlink", func() {
diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go
index 2901e7ac6..abfca4db9 100644
--- a/test/e2e/generate_systemd_test.go
+++ b/test/e2e/generate_systemd_test.go
@@ -18,7 +18,6 @@ var _ = Describe("Podman generate systemd", func() {
)
BeforeEach(func() {
- Skip(v2fail)
tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go
index 5ec1b51bb..ebac087ac 100644
--- a/test/e2e/inspect_test.go
+++ b/test/e2e/inspect_test.go
@@ -17,7 +17,6 @@ var _ = Describe("Podman inspect", func() {
)
BeforeEach(func() {
- Skip(v2fail)
tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
diff --git a/test/e2e/push_test.go b/test/e2e/push_test.go
index 0991da867..0747257be 100644
--- a/test/e2e/push_test.go
+++ b/test/e2e/push_test.go
@@ -22,7 +22,6 @@ var _ = Describe("Podman push", func() {
)
BeforeEach(func() {
- Skip(v2fail)
tempdir, err = CreateTempDirInTempDir()
if err != nil {
os.Exit(1)
diff --git a/test/e2e/run_env_test.go b/test/e2e/run_env_test.go
new file mode 100644
index 000000000..867913a08
--- /dev/null
+++ b/test/e2e/run_env_test.go
@@ -0,0 +1,138 @@
+// +build !remoteclient
+
+package integration
+
+import (
+ "os"
+
+ . "github.com/containers/libpod/test/utils"
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+)
+
+var _ = Describe("Podman run", func() {
+ var (
+ tempdir string
+ err error
+ podmanTest *PodmanTestIntegration
+ )
+
+ BeforeEach(func() {
+ tempdir, err = CreateTempDirInTempDir()
+ if err != nil {
+ os.Exit(1)
+ }
+ podmanTest = PodmanTestCreate(tempdir)
+ podmanTest.Setup()
+ podmanTest.SeedImages()
+ })
+
+ AfterEach(func() {
+ podmanTest.Cleanup()
+ f := CurrentGinkgoTestDescription()
+ processTestResult(f)
+
+ })
+
+ It("podman run environment test", func() {
+ session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "HOME"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("/root")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--user", "2", ALPINE, "printenv", "HOME"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("/sbin")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--env", "HOME=/foo", ALPINE, "printenv", "HOME"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("/foo")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO=BAR,BAZ", ALPINE, "printenv", "FOO"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("BAR,BAZ")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--env", "PATH=/bin", ALPINE, "printenv", "PATH"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("/bin")
+ Expect(match).Should(BeTrue())
+
+ os.Setenv("FOO", "BAR")
+ session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO", ALPINE, "printenv", "FOO"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("BAR")
+ Expect(match).Should(BeTrue())
+ os.Unsetenv("FOO")
+
+ session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO", ALPINE, "printenv", "FOO"})
+ session.WaitWithDefaultTimeout()
+ Expect(len(session.OutputToString())).To(Equal(0))
+ Expect(session.ExitCode()).To(Equal(1))
+
+ session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ // This currently does not work
+ // Re-enable when hostname is an env variable
+ session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "sh", "-c", "printenv"})
+ session.Wait(10)
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("HOSTNAME")
+ Expect(match).Should(BeTrue())
+ })
+
+ It("podman run --host-env environment test", func() {
+ env := append(os.Environ(), "FOO=BAR")
+ session := podmanTest.PodmanAsUser([]string{"run", "--rm", "--env-host", ALPINE, "/bin/printenv", "FOO"}, 0, 0, "", env)
+
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("BAR")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.PodmanAsUser([]string{"run", "--rm", "--env", "FOO=BAR1", "--env-host", ALPINE, "/bin/printenv", "FOO"}, 0, 0, "", env)
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("BAR1")
+ Expect(match).Should(BeTrue())
+ os.Unsetenv("FOO")
+ })
+
+ It("podman run --http-proxy test", func() {
+ os.Setenv("http_proxy", "1.2.3.4")
+ session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "http_proxy"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ := session.GrepString("1.2.3.4")
+ Expect(match).Should(BeTrue())
+
+ session = podmanTest.Podman([]string{"run", "--http-proxy=false", ALPINE, "printenv", "http_proxy"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(1))
+ Expect(session.OutputToString()).To(Equal(""))
+
+ session = podmanTest.Podman([]string{"run", "--env", "http_proxy=5.6.7.8", ALPINE, "printenv", "http_proxy"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("5.6.7.8")
+ Expect(match).Should(BeTrue())
+ os.Unsetenv("http_proxy")
+
+ session = podmanTest.Podman([]string{"run", "--http-proxy=false", "--env", "http_proxy=5.6.7.8", ALPINE, "printenv", "http_proxy"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ match, _ = session.GrepString("5.6.7.8")
+ Expect(match).Should(BeTrue())
+ os.Unsetenv("http_proxy")
+ })
+})
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 7d4039819..d94c6c169 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -193,80 +193,6 @@ var _ = Describe("Podman run", func() {
Expect(session.ExitCode()).To(Equal(0))
})
- It("podman run environment test", func() {
- session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "HOME"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("/root")
- Expect(match).Should(BeTrue())
-
- session = podmanTest.Podman([]string{"run", "--rm", "--user", "2", ALPINE, "printenv", "HOME"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("/sbin")
- Expect(match).Should(BeTrue())
-
- session = podmanTest.Podman([]string{"run", "--rm", "--env", "HOME=/foo", ALPINE, "printenv", "HOME"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("/foo")
- Expect(match).Should(BeTrue())
-
- session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO=BAR,BAZ", ALPINE, "printenv", "FOO"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("BAR,BAZ")
- Expect(match).Should(BeTrue())
-
- session = podmanTest.Podman([]string{"run", "--rm", "--env", "PATH=/bin", ALPINE, "printenv", "PATH"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("/bin")
- Expect(match).Should(BeTrue())
-
- os.Setenv("FOO", "BAR")
- session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO", ALPINE, "printenv", "FOO"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("BAR")
- Expect(match).Should(BeTrue())
- os.Unsetenv("FOO")
-
- session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO", ALPINE, "printenv", "FOO"})
- session.WaitWithDefaultTimeout()
- Expect(len(session.OutputToString())).To(Equal(0))
- Expect(session.ExitCode()).To(Equal(1))
-
- session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
-
- // This currently does not work
- // Re-enable when hostname is an env variable
- session = podmanTest.Podman([]string{"run", "--rm", ALPINE, "sh", "-c", "printenv"})
- session.Wait(10)
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("HOSTNAME")
- Expect(match).Should(BeTrue())
- })
-
- It("podman run --host-env environment test", func() {
- env := append(os.Environ(), "FOO=BAR")
- session := podmanTest.PodmanAsUser([]string{"run", "--rm", "--env-host", ALPINE, "/bin/printenv", "FOO"}, 0, 0, "", env)
-
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("BAR")
- Expect(match).Should(BeTrue())
-
- session = podmanTest.PodmanAsUser([]string{"run", "--rm", "--env", "FOO=BAR1", "--env-host", ALPINE, "/bin/printenv", "FOO"}, 0, 0, "", env)
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ = session.GrepString("BAR1")
- Expect(match).Should(BeTrue())
- os.Unsetenv("FOO")
- })
-
It("podman run limits test", func() {
SkipIfRootless()
session := podmanTest.Podman([]string{"run", "--rm", "--ulimit", "rtprio=99", "--cap-add=sys_nice", fedoraMinimal, "cat", "/proc/self/sched"})
@@ -875,21 +801,6 @@ USER mail`
Expect(session).To(ExitWithError())
})
- It("podman run --http-proxy test", func() {
- os.Setenv("http_proxy", "1.2.3.4")
- session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "http_proxy"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(0))
- match, _ := session.GrepString("1.2.3.4")
- Expect(match).Should(BeTrue())
-
- session = podmanTest.Podman([]string{"run", "--http-proxy=false", ALPINE, "printenv", "http_proxy"})
- session.WaitWithDefaultTimeout()
- Expect(session.ExitCode()).To(Equal(1))
- Expect(session.OutputToString()).To(Equal(""))
- os.Unsetenv("http_proxy")
- })
-
It("podman run with restart-policy always restarts containers", func() {
testDir := filepath.Join(podmanTest.RunRoot, "restart-test")
diff --git a/test/system/150-login.bats b/test/system/150-login.bats
index 3edb11c2f..a6f9aab85 100644
--- a/test/system/150-login.bats
+++ b/test/system/150-login.bats
@@ -166,8 +166,6 @@ function setup() {
# Some push tests
@test "podman push fail" {
- skip "Not working for v2 yet"
-
# Create an invalid authfile
authfile=${PODMAN_LOGIN_WORKDIR}/auth-$(random_string 10).json
rm -f $authfile
diff --git a/test/system/250-generate-systemd.bats b/test/system/250-generate-systemd.bats
index 80199af5f..6155d6ace 100644
--- a/test/system/250-generate-systemd.bats
+++ b/test/system/250-generate-systemd.bats
@@ -10,6 +10,8 @@ SERVICE_NAME="podman_test_$(random_string)"
UNIT_DIR="$HOME/.config/systemd/user"
UNIT_FILE="$UNIT_DIR/$SERVICE_NAME.service"
+# FIXME: the must run as root (because of CI). It's also broken...
+
function setup() {
skip_if_not_systemd
skip_if_remote