diff options
-rw-r--r-- | .cirrus.yml | 5 | ||||
-rw-r--r-- | Makefile | 116 | ||||
-rw-r--r-- | docs/source/markdown/podman-unshare.1.md | 12 | ||||
-rw-r--r-- | go.mod | 4 | ||||
-rw-r--r-- | go.sum | 10 | ||||
-rw-r--r-- | install.md | 7 | ||||
-rw-r--r-- | libpod/container_commit.go | 2 | ||||
-rw-r--r-- | libpod/options.go | 11 | ||||
-rw-r--r-- | libpod/runtime_ctr.go | 6 | ||||
-rw-r--r-- | libpod/runtime_pod_linux.go | 2 | ||||
-rw-r--r-- | libpod/volume.go | 14 | ||||
-rw-r--r-- | libpod/volume_inspect.go | 10 | ||||
-rw-r--r-- | pkg/api/handlers/types.go | 4 | ||||
-rw-r--r-- | pkg/bindings/connection.go | 11 | ||||
-rw-r--r-- | pkg/bindings/test/common_test.go | 1 | ||||
-rw-r--r-- | pkg/bindings/test/images_test.go | 10 | ||||
-rw-r--r-- | pkg/bindings/test/test_suite_test.go | 13 |
17 files changed, 153 insertions, 85 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index e1810fab6..bb2da0812 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -85,10 +85,15 @@ gce_instance: # quick format, lint, and unit tests on the standard platform. gating_task: + # Only run this on PRs, never during post-merge testing. This is also required + # for proper setting of EPOCH_TEST_COMMIT value, required by validation tools. + only_if: $CIRRUS_BRANCH != $DEST_BRANCH + env: CIRRUS_WORKING_DIR: "/usr/src/libpod" GOPATH: "/go" GOSRC: "/go/src/github.com/containers/libpod" + EPOCH_TEST_COMMIT: "${CIRRUS_BASE_SHA}" # Runs within Cirrus's "community cluster" container: @@ -22,7 +22,6 @@ ETCDIR ?= /etc TMPFILESDIR ?= ${PREFIX}/lib/tmpfiles.d SYSTEMDDIR ?= ${PREFIX}/lib/systemd/system USERSYSTEMDDIR ?= ${PREFIX}/lib/systemd/user -BUILDFLAGS ?= BUILDTAGS ?= \ $(shell hack/apparmor_tag.sh) \ $(shell hack/btrfs_installed_tag.sh) \ @@ -45,12 +44,6 @@ ifeq ($(shell go help mod >/dev/null 2>&1 && echo true), true) GO_BUILD=GO111MODULE=on $(GO) build -mod=vendor endif -ifeq (,$(findstring systemd,$(BUILDTAGS))) -$(warning \ - Podman is being compiled without the systemd build tag.\ - Install libsystemd on Ubuntu or systemd-devel on rpm based distro for journald support) -endif - BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay ifneq (,$(findstring varlink,$(BUILDTAGS))) PODMAN_VARLINK_DEPENDENCIES = cmd/podman/varlink/iopodman.go @@ -114,14 +107,14 @@ endif GOMD2MAN ?= $(shell command -v go-md2man || echo '$(GOBIN)/go-md2man') -BOX="fedora_atomic" - CROSS_BUILD_TARGETS := \ bin/podman.cross.darwin.amd64 \ bin/podman.cross.linux.amd64 +.PHONY: all all: binaries docs +.PHONY: default default: help define PRINT_HELP_PYSCRIPT @@ -139,6 +132,7 @@ for cmd in sorted(cmds): endef export PRINT_HELP_PYSCRIPT +.PHONY: help help: @$(PYTHON) -c "$$PRINT_HELP_PYSCRIPT" < $(MAKEFILE_LIST) @@ -150,6 +144,7 @@ ifeq ("$(wildcard $(GOPKGDIR))","") endif touch $@ +.PHONY: lint lint: golangci-lint ifeq ($(PRE_COMMIT),) @echo "FATAL: pre-commit was not found, check https://pre-commit.com/ about installing it." >&2 @@ -157,27 +152,41 @@ ifeq ($(PRE_COMMIT),) endif $(PRE_COMMIT) run -a +.PHONY: golangci-lint golangci-lint: .gopathok varlink_generate .install.golangci-lint $(GOBIN)/golangci-lint run +.PHONY: gofmt gofmt: ## Verify the source code gofmt find . -name '*.go' ! -path './vendor/*' -exec gofmt -s -w {} \+ git diff --exit-code +.PHONY: test/checkseccomp/checkseccomp test/checkseccomp/checkseccomp: .gopathok $(wildcard test/checkseccomp/*.go) $(GO_BUILD) -ldflags '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ $(PROJECT)/test/checkseccomp +.PHONY: test/goecho/goechoe test/goecho/goecho: .gopathok $(wildcard test/goecho/*.go) $(GO_BUILD) -ldflags '$(LDFLAGS_PODMAN)' -o $@ $(PROJECT)/test/goecho + +.PHONY: bin/podman bin/podman: .gopathok $(SOURCES) go.mod go.sum $(PODMAN_VARLINK_DEPENDENCIES) ## Build with podman +# Make sure to warn in case we're building without the systemd buildtag. +ifeq (,$(findstring systemd,$(BUILDTAGS))) + @echo "Podman is being compiled without the systemd build tag. Install libsystemd on \ + Ubuntu or systemd-devel on rpm based distro for journald support." +endif $(GO_BUILD) $(BUILDFLAGS) -gcflags '$(GCFLAGS)' -asmflags '$(ASMFLAGS)' -ldflags '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ $(PROJECT)/cmd/podman +.PHONY: podman podman: bin/podman +.PHONY: bin/podman-remote bin/podman-remote: .gopathok $(SOURCES) go.mod go.sum $(PODMAN_VARLINK_DEPENDENCIES) ## Build with podman on remote environment $(GO_BUILD) $(BUILDFLAGS) -gcflags '$(GCFLAGS)' -asmflags '$(ASMFLAGS)' -ldflags '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS) remoteclient" -o $@ $(PROJECT)/cmd/podman +.PHONY: podman-remote podman-remote: bin/podman-remote .PHONY: podman.msi @@ -210,6 +219,7 @@ pkg/api/swagger.yaml: .gopathok release.txt .PHONY: swagger swagger: pkg/api/swagger.yaml +.PHONY: clean clean: ## Clean artifacts rm -rf \ .gopathok \ @@ -229,36 +239,47 @@ clean: ## Clean artifacts libpod/pod_easyjson.go \ docs/build +.PHONY: libpodimage libpodimage: ## Build the libpod image ${CONTAINER_RUNTIME} build -t ${LIBPOD_IMAGE} . +.PHONY: dbuild dbuild: libpodimage ${CONTAINER_RUNTIME} run --name=${LIBPOD_INSTANCE} --privileged -v ${PWD}:/go/src/${PROJECT} --rm ${LIBPOD_IMAGE} make all +.PHONY: dbuild-podman-remote dbuild-podman-remote: libpodimage ${CONTAINER_RUNTIME} run --name=${LIBPOD_INSTANCE} --privileged -v ${PWD}:/go/src/${PROJECT} --rm ${LIBPOD_IMAGE} go build -ldflags '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS) remoteclient" -o bin/podman-remote $(PROJECT)/cmd/podman +.PHONY: dbuild-podman-remote-darwin dbuild-podman-remote-darwin: libpodimage ${CONTAINER_RUNTIME} run --name=${LIBPOD_INSTANCE} --privileged -v ${PWD}:/go/src/${PROJECT} --rm ${LIBPOD_IMAGE} env GOOS=darwin go build -ldflags '$(LDFLAGS_PODMAN)' -tags "remoteclient containers_image_openpgp exclude_graphdriver_devicemapper" -o bin/podman-remote-darwin $(PROJECT)/cmd/podman +.PHONY: test test: libpodimage ## Run tests on built image ${CONTAINER_RUNTIME} run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e OCI_RUNTIME -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} make clean all localunit install.catatonit localintegration +.PHONY: integration integration: libpodimage ## Execute integration tests ${CONTAINER_RUNTIME} run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e OCI_RUNTIME -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} make clean all install.catatonit localintegration +.PHONY: integration.fedora integration.fedora: DIST=Fedora sh .papr_prepare.sh +.PHONY: integration.centos integration.centos: DIST=CentOS sh .papr_prepare.sh +.PHONY: shell shell: libpodimage ## Run the built image and attach a shell ${CONTAINER_RUNTIME} run -e STORAGE_OPTIONS="--storage-driver=vfs" -e CGROUP_MANAGER=cgroupfs -e TESTFLAGS -e OCI_RUNTIME -e TRAVIS -it --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} sh +.PHONY: testunit testunit: libpodimage ## Run unittest on the built image ${CONTAINER_RUNTIME} run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e OCI_RUNTIME -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} make localunit +.PHONY: localunit localunit: test/goecho/goecho varlink_generate ginkgo \ -r \ @@ -269,24 +290,31 @@ localunit: test/goecho/goecho varlink_generate --tags "$(BUILDTAGS)" \ --succinct +.PHONY: ginkgo ginkgo: ginkgo -v $(TESTFLAGS) -tags "$(BUILDTAGS)" $(GINKGOTIMEOUT) -cover -flakeAttempts 3 -progress -trace -noColor -nodes 3 -debug test/e2e/. +.PHONY: ginkgo-remote ginkgo-remote: ginkgo -v $(TESTFLAGS) -tags "$(BUILDTAGS) remoteclient" $(GINKGOTIMEOUT) -cover -flakeAttempts 3 -progress -trace -noColor test/e2e/. +.PHONY: endpoint endpoint: ginkgo -v $(TESTFLAGS) -tags "$(BUILDTAGS)" $(GINKGOTIMEOUT) -cover -flakeAttempts 3 -progress -trace -noColor -debug test/endpoint/. +.PHONY: localintegration localintegration: varlink_generate test-binaries ginkgo +.PHONY: remoteintegration remoteintegration: varlink_generate test-binaries ginkgo-remote +.PHONY: localsystem localsystem: # Wipe existing config, database, and cache: start with clean slate. $(RM) -rf ${HOME}/.local/share/containers ${HOME}/.config/containers if timeout -v 1 true; then PODMAN=./bin/podman bats test/system/; else echo "Skipping $@: 'timeout -v' unavailable'"; fi +.PHONY: remotesystem remotesystem: # Wipe existing config, database, and cache: start with clean slate. $(RM) -rf ${HOME}/.local/share/containers ${HOME}/.config/containers @@ -314,17 +342,18 @@ remotesystem: fi;\ exit $$rc +.PHONY: system.test-binary system.test-binary: .install.ginkgo $(GO) test -c ./test/system -vagrant-check: - BOX=$(BOX) sh ./vagrant.sh - +.PHONY: binaries binaries: varlink_generate podman podman-remote ## Build podman +.PHONY: install.catatonit install.catatonit: ./hack/install_catatonit.sh +.PHONY: test-binaries test-binaries: test/checkseccomp/checkseccomp test/goecho/goecho install.catatonit MANPAGES_MD ?= $(wildcard docs/source/markdown/*.md pkg/*/docs/*.md) @@ -334,9 +363,11 @@ MANPAGES_DEST ?= $(subst markdown,man, $(subst source,build,$(MANPAGES))) $(MANPAGES): %: %.md .gopathok @sed -e 's/\((podman.*\.md)\)//' -e 's/\[\(podman.*\)\]/\1/' $< | $(GOMD2MAN) -in /dev/stdin -out $(subst source/markdown,build/man,$@) +.PHONY: docs docdir: mkdir -p docs/build/man +.PHONY: docs docs: .install.md2man docdir $(MANPAGES) ## Generate documentation install-podman-remote-%-docs: podman-remote docs $(MANPAGES) @@ -345,9 +376,11 @@ install-podman-remote-%-docs: podman-remote docs $(MANPAGES) ln -sf $(shell pwd)/docs/source/markdown/links docs/build/man/ docs/remote-docs.sh $* docs/build/remote/$* $(if $(findstring windows,$*),docs/source/markdown,docs/build/man) +.PHONY: man-page-check man-page-check: hack/man-page-checker +.PHONY: codespell codespell: codespell -S bin,vendor,.git,go.sum,changelog.txt,seccomp.json,.cirrus.yml,"*.xz,*.gz,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,copyimg,*.orig,apidoc.go" -L uint,iff,od,seeked @@ -361,7 +394,7 @@ release.txt: echo -n " $$field"; done >> "$@" echo "" >> "$@" -podman-v$(RELEASE_NUMBER).tar.gz: binaries docs release.txt +podman-release.tar.gz: binaries docs release.txt $(eval TMPDIR := $(shell mktemp -d -p '' podman_XXXX)) $(eval SUBDIR := podman-v$(RELEASE_NUMBER)) mkdir -p "$(TMPDIR)/$(SUBDIR)" @@ -371,8 +404,8 @@ podman-v$(RELEASE_NUMBER).tar.gz: binaries docs release.txt tar -czvf $@ --xattrs -C "$(TMPDIR)" "./release.txt" "./$(SUBDIR)" -rm -rf "$(TMPDIR)" -# Must call make in-line: Dependency-spec. w/ wild-card also consumes variable value. -podman-remote-v$(RELEASE_NUMBER)-%.zip: +# Must call make in-line: Dependency-spec. w/ wild-card. +podman-remote-release-%.zip: $(MAKE) podman-remote-$* install-podman-remote-$*-docs release.txt \ RELEASE_BASENAME=$(shell hack/get_release_info.sh REMOTENAME) \ RELEASE_DIST=$* RELEASE_DIST_VER="-" @@ -391,16 +424,18 @@ podman-remote-v$(RELEASE_NUMBER)-%.zip: .PHONY: podman-release podman-release: rm -f release.txt - $(MAKE) podman-v$(RELEASE_NUMBER).tar.gz + $(MAKE) podman-release.tar.gz .PHONY: podman-remote-%-release podman-remote-%-release: rm -f release.txt - $(MAKE) podman-remote-v$(RELEASE_NUMBER)-$*.zip + $(MAKE) podman-remote-release-$*.zip +.PHONY: docker-docs docker-docs: docs (cd docs; ./dckrman.sh ./build/man/*.1) +.PHONY: changelog changelog: ## Generate changelog @echo "Creating changelog from $(CHANGELOG_BASE) to $(CHANGELOG_TARGET)" $(eval TMPFILE := $(shell mktemp)) @@ -411,13 +446,16 @@ changelog: ## Generate changelog $(shell cat $(TMPFILE) >> changelog.txt) $(shell rm $(TMPFILE)) +.PHONY: install install: .gopathok install.bin install.remote install.man install.cni install.systemd ## Install binaries to system locations +.PHONY: install.remote install.remote: podman-remote install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(BINDIR) install ${SELINUXOPT} -m 755 bin/podman-remote $(DESTDIR)$(BINDIR)/podman-remote test -z "${SELINUXOPT}" || chcon --verbose --reference=$(DESTDIR)$(BINDIR)/podman bin/podman-remote +.PHONY: install.bin install.bin: podman install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(BINDIR) install ${SELINUXOPT} -m 755 bin/podman $(DESTDIR)$(BINDIR)/podman @@ -430,24 +468,30 @@ install.man: docs install ${SELINUXOPT} -m 644 $(filter %.5,$(MANPAGES_DEST)) -t $(DESTDIR)$(MANDIR)/man5 install ${SELINUXOPT} -m 644 docs/source/markdown/links/*1 -t $(DESTDIR)$(MANDIR)/man1 +.PHONY: install.config install.config: install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(SHAREDIR_CONTAINERS) install ${SELINUXOPT} -m 644 libpod.conf $(DESTDIR)$(SHAREDIR_CONTAINERS)/libpod.conf +.PHONY: install.seccomp install.seccomp: + # TODO: we should really be using the upstream one from github.com/seccomp install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(SHAREDIR_CONTAINERS) install ${SELINUXOPT} -m 644 seccomp.json $(DESTDIR)$(SHAREDIR_CONTAINERS)/seccomp.json +.PHONY: install.completions install.completions: install ${SELINUXOPT} -d -m 755 ${DESTDIR}${BASHINSTALLDIR} install ${SELINUXOPT} -m 644 completions/bash/podman ${DESTDIR}${BASHINSTALLDIR} install ${SELINUXOPT} -d -m 755 ${DESTDIR}${ZSHINSTALLDIR} install ${SELINUXOPT} -m 644 completions/zsh/_podman ${DESTDIR}${ZSHINSTALLDIR} +.PHONY: install.cni install.cni: install ${SELINUXOPT} -d -m 755 ${DESTDIR}${ETCDIR}/cni/net.d/ install ${SELINUXOPT} -m 644 cni/87-podman-bridge.conflist ${DESTDIR}${ETCDIR}/cni/net.d/87-podman-bridge.conflist +.PHONY: install.docker install.docker: docker-docs install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(BINDIR) $(DESTDIR)$(MANDIR)/man1 install ${SELINUXOPT} -m 755 docker $(DESTDIR)$(BINDIR)/docker @@ -455,6 +499,7 @@ install.docker: docker-docs install ${SELINUXOPT} -m 755 -d ${DESTDIR}${SYSTEMDDIR} ${DESTDIR}${USERSYSTEMDDIR} ${DESTDIR}${TMPFILESDIR} install ${SELINUXOPT} -m 644 contrib/systemd/system/podman-docker.conf -t ${DESTDIR}${TMPFILESDIR} +.PHONY: install.systemd install.systemd: install ${SELINUXOPT} -m 755 -d ${DESTDIR}${SYSTEMDDIR} ${DESTDIR}${USERSYSTEMDDIR} ${DESTDIR}${TMPFILESDIR} install ${SELINUXOPT} -m 644 contrib/varlink/io.podman.socket ${DESTDIR}${SYSTEMDDIR}/io.podman.socket @@ -466,6 +511,7 @@ install.systemd: sed -e 's,^WantedBy=.*,WantedBy=default.target,' < contrib/varlink/io.podman.service > ${DESTDIR}${USERSYSTEMDDIR}/io.podman.service install ${SELINUXOPT} -m 644 contrib/varlink/podman.conf ${DESTDIR}${TMPFILESDIR}/podman.conf +.PHONY: uninstall uninstall: for i in $(filter %.1,$(MANPAGES_DEST)); do \ rm -f $(DESTDIR)$(MANDIR)/man1/$$(basename $${i}); \ @@ -495,25 +541,32 @@ define go-get $(GO) get -u ${1} endef +.PHONY: .install.ginkgo .install.ginkgo: .gopathok if [ ! -x "$(GOBIN)/ginkgo" ]; then \ $(GO_BUILD) -o ${GOPATH}/bin/ginkgo ./vendor/github.com/onsi/ginkgo/ginkgo ; \ fi +.PHONY: .install.gitvalidation .install.gitvalidation: .gopathok if [ ! -x "$(GOBIN)/git-validation" ]; then \ $(call go-get,github.com/vbatts/git-validation); \ fi +.PHONY: .install.golangci-lint .install.golangci-lint: .gopathok VERSION=1.18.0 GOBIN=$(GOBIN) sh ./hack/install_golangci.sh +.PHONY: .install.md2man .install.md2man: .gopathok if [ ! -x "$(GOMD2MAN)" ]; then \ $(call go-get,github.com/cpuguy83/go-md2man); \ fi +.PHONY: varlink_generate varlink_generate: .gopathok cmd/podman/varlink/iopodman.go ## Generate varlink + +.PHONY: varlink_api_generate varlink_api_generate: .gopathok API.md .PHONY: install.libseccomp.sudo @@ -532,49 +585,35 @@ endif API.md: cmd/podman/varlink/io.podman.varlink $(GO) generate ./docs/... +.PHONY: validate.completions validate.completions: completions/bash/podman . completions/bash/podman if [ -x /bin/zsh ]; then /bin/zsh completions/zsh/_podman; fi +.PHONY: validate validate: gofmt .gitvalidation validate.completions golangci-lint man-page-check +.PHONY: build-all-new-commits build-all-new-commits: # Validate that all the commits build on top of $(GIT_BASE_BRANCH) git rebase $(GIT_BASE_BRANCH) -x make +.PHONY: build-no-cgo build-no-cgo: env BUILDTAGS="containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_disk_quota" CGO_ENABLED=0 $(MAKE) +.PHONY: vendor vendor: export GO111MODULE=on \ $(GO) mod tidy && \ $(GO) mod vendor && \ $(GO) mod verify +.PHONY: vendor-in-container vendor-in-container: podman run --privileged --rm --env HOME=/root -v `pwd`:/src -w /src docker.io/library/golang:1.13 make vendor -.PHONY: \ - binaries \ - changelog \ - clean \ - default \ - docs \ - gofmt \ - golangci-lint \ - help \ - install \ - install.libseccomp.sudo \ - lint \ - pause \ - package \ - package-install \ - shell \ - uninstall \ - validate \ - validate.completions \ - vendor - +.PHONY: package package: ## Build rpm packages ## TODO(ssbarnea): make version number predictable, it should not change ## on each execution, producing duplicates. @@ -584,6 +623,7 @@ package: ## Build rpm packages # Remember that rpms install exec to /usr/bin/podman while a `make install` # installs them to /usr/local/bin/podman which is likely before. Always use # a full path to test installed podman or you risk to call another executable. +.PHONY: package-install package-install: package ## Install rpm packages sudo ${PKG_MANAGER} -y install ${HOME}/rpmbuild/RPMS/*/*.rpm /usr/bin/podman version diff --git a/docs/source/markdown/podman-unshare.1.md b/docs/source/markdown/podman-unshare.1.md index 9052b97ab..f2eb02814 100644 --- a/docs/source/markdown/podman-unshare.1.md +++ b/docs/source/markdown/podman-unshare.1.md @@ -10,19 +10,19 @@ podman\-unshare - Run a command inside of a modified user namespace Launches a process (by default, *$SHELL*) in a new user namespace. The user namespace is configured so that the invoking user's UID and primary GID appear to be UID 0 and GID 0, respectively. Any ranges which match that user and -group in /etc/subuid and /etc/subgid are also mapped in as themselves with the +group in `/etc/subuid` and `/etc/subgid` are also mapped in as themselves with the help of the *newuidmap(1)* and *newgidmap(1)* helpers. -podman unshare is useful for troubleshooting unprivileged operations and for +**podman unshare** is useful for troubleshooting unprivileged operations and for manually clearing storage and other data related to images and containers. -It is also useful if you want to use the `podman mount` command. If an unprivileged users wants to mount and work with a container, then they need to execute -podman unshare. Executing `podman mount` fails for unprivileged users unless the user is running inside a `podman unshare` session. +It is also useful if you want to use the **podman mount** command. If an unprivileged user wants to mount and work with a container, then they need to execute +**podman unshare**. Executing **podman mount** fails for unprivileged users unless the user is running inside a **podman unshare** session. The unshare session defines two environment variables: -**CONTAINERS_GRAPHROOT** the path to the persistent containers data. -**CONTAINERS_RUNROOT** the path to the volatile containers data. +- **CONTAINERS_GRAPHROOT**: the path to the persistent container's data. +- **CONTAINERS_RUNROOT**: the path to the volatile container's data. ## EXAMPLE @@ -26,12 +26,14 @@ require ( github.com/docker/go-connections v0.4.0 github.com/docker/go-units v0.4.0 github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c // indirect + github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815 // indirect github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f // indirect github.com/elazarl/goproxy/ext v0.0.0-20190911111923-ecfe977594f1 // indirect github.com/etcd-io/bbolt v1.3.3 github.com/fatih/camelcase v1.0.0 // indirect github.com/fsnotify/fsnotify v1.4.7 github.com/ghodss/yaml v1.0.0 + github.com/go-ini/ini v1.51.1 // indirect github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e github.com/google/shlex v0.0.0-20181106134648-c34317bd91bf github.com/google/uuid v1.1.1 @@ -41,7 +43,9 @@ require ( github.com/hashicorp/go-multierror v1.0.0 github.com/hpcloud/tail v1.0.0 github.com/json-iterator/go v1.1.9 + github.com/mrtazz/checkmake v0.0.0-20191009095831-03dd76b964dd // indirect github.com/mrunalp/fileutils v0.0.0-20171103030105-7d4729fb3618 + github.com/olekukonko/tablewriter v0.0.4 // indirect github.com/onsi/ginkgo v1.11.0 github.com/onsi/gomega v1.8.1 github.com/opencontainers/go-digest v1.0.0-rc1 @@ -167,6 +167,8 @@ github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNE github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c h1:ZfSZ3P3BedhKGUhzj7BQlPSU4OvT6tfOKe3DVHzOA7s= github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815 h1:bWDMxwH3px2JBh6AyO7hdCn/PkvCZXii8TGj7sbtEbQ= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f h1:8GDPb0tCY8LQ+OJ3dbHb5sA6YZWXFORQYZx5sdsTlMs= github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= @@ -190,6 +192,8 @@ github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2H github.com/ghodss/yaml v0.0.0-20161207003320-04f313413ffd/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-ini/ini v1.51.1 h1:/QG3cj23k5V8mOl4JnNzUNhc1kr/jzMiNsNuWKcx8gM= +github.com/go-ini/ini v1.51.1/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= @@ -328,6 +332,8 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-runewidth v0.0.7 h1:Ei8KR0497xHyKJPAv59M1dkC+rOZCMBJ+t3fZ+twI54= +github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.5 h1:JhhFTIOslh5ZsPrpa3Wdg8bF0WI3b44EMblmU9wIsXc= github.com/mattn/go-shellwords v1.0.5/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= @@ -352,6 +358,8 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= +github.com/mrtazz/checkmake v0.0.0-20191009095831-03dd76b964dd h1:3k5dpxjeXlUuz8STW9BE2WsvPnaMcmlfGKAbe3J5v+0= +github.com/mrtazz/checkmake v0.0.0-20191009095831-03dd76b964dd/go.mod h1:YBPKCT1PrhoFU743gPdtJNp+LmM0QlGMWME1J+FJtQI= github.com/mrunalp/fileutils v0.0.0-20171103030105-7d4729fb3618 h1:7InQ7/zrOh6SlFjaXFubv0xX0HsuC9qJsdqm7bNQpYM= github.com/mrunalp/fileutils v0.0.0-20171103030105-7d4729fb3618/go.mod h1:x8F1gnqOkIEiO4rqoeEEEqQbo7HjGMTvyoq3gej4iT0= github.com/mtrmac/gpgme v0.0.0-20170102180018-b2432428689c h1:xa+eQWKuJ9MbB9FBL/eoNvDFvveAkz2LQoz8PzX7Q/4= @@ -359,6 +367,8 @@ github.com/mtrmac/gpgme v0.0.0-20170102180018-b2432428689c/go.mod h1:GhAqVMEWnTc github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/olekukonko/tablewriter v0.0.4 h1:vHD/YYe1Wolo78koG299f7V/VAS08c6IpCLn+Ejf/w8= +github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= diff --git a/install.md b/install.md index 561c4afe9..cd77ad139 100644 --- a/install.md +++ b/install.md @@ -124,13 +124,10 @@ The Kubic project provides packages for Ubuntu 18.04, 19.04 and 19.10. ```bash . /etc/os-release -sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/x${NAME}_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list" -wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/x${NAME}_${VERSION_ID}/Release.key -O Release.key -sudo apt-key add - < Release.key +sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list" +wget -q https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${VERSION_ID}/Release.key -O- | sudo apt-key add - sudo apt-get update -qq sudo apt-get -qq -y install podman -sudo mkdir -p /etc/containers -echo -e "[registries.search]\nregistries = ['docker.io', 'quay.io']" | sudo tee /etc/containers/registries.conf ``` There are many [packages](https://packages.ubuntu.com/search?keywords=libpod&searchon=names&suite=eoan§ion=all) diff --git a/libpod/container_commit.go b/libpod/container_commit.go index ccc23621e..fa6e95b38 100644 --- a/libpod/container_commit.go +++ b/libpod/container_commit.go @@ -137,7 +137,7 @@ func (c *Container) Commit(ctx context.Context, destImage string, options Contai if err != nil { return nil, errors.Wrapf(err, "volume %s used in container %s has been removed", v.Name, c.ID()) } - if vol.IsCtrSpecific() { + if vol.Anonymous() { importBuilder.AddVolume(v.Dest) } } diff --git a/libpod/options.go b/libpod/options.go index 593037382..923e7292c 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -1546,17 +1546,16 @@ func WithVolumeGID(gid int) VolumeCreateOption { } } -// withSetCtrSpecific sets a bool notifying libpod that a volume was created -// specifically for a container. -// These volumes will be removed when the container is removed and volumes are -// also specified for removal. -func withSetCtrSpecific() VolumeCreateOption { +// withSetAnon sets a bool notifying libpod that this volume is anonymous and +// should be removed when containers using it are removed and volumes are +// specified for removal. +func withSetAnon() VolumeCreateOption { return func(volume *Volume) error { if volume.valid { return define.ErrVolumeFinalized } - volume.config.IsCtrSpecific = true + volume.config.IsAnon = true return nil } diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index e8952967d..3ad09f27c 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -319,7 +319,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (c *Contai // The volume does not exist, so we need to create it. volOptions := []VolumeCreateOption{WithVolumeName(vol.Name), WithVolumeUID(ctr.RootUID()), WithVolumeGID(ctr.RootGID())} if isAnonymous { - volOptions = append(volOptions, withSetCtrSpecific()) + volOptions = append(volOptions, withSetAnon()) } newVol, err := r.newVolume(ctx, volOptions...) if err != nil { @@ -569,7 +569,7 @@ func (r *Runtime) removeContainer(ctx context.Context, c *Container, force bool, for _, v := range c.config.NamedVolumes { if volume, err := runtime.state.Volume(v.Name); err == nil { - if !volume.IsCtrSpecific() { + if !volume.Anonymous() { continue } if err := runtime.removeVolume(ctx, volume, false); err != nil && errors.Cause(err) != define.ErrNoSuchVolume { @@ -707,7 +707,7 @@ func (r *Runtime) evictContainer(ctx context.Context, idOrName string, removeVol for _, v := range c.config.NamedVolumes { if volume, err := r.state.Volume(v.Name); err == nil { - if !volume.IsCtrSpecific() { + if !volume.Anonymous() { continue } if err := r.removeVolume(ctx, volume, false); err != nil && err != define.ErrNoSuchVolume && err != define.ErrVolumeBeingUsed { diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 450c64d24..5b0111b85 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -261,7 +261,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) logrus.Errorf("Error retrieving volume %s: %v", volName, err) continue } - if !volume.IsCtrSpecific() { + if !volume.Anonymous() { continue } if err := r.removeVolume(ctx, volume, false); err != nil { diff --git a/libpod/volume.go b/libpod/volume.go index c4771bbb8..1ffed872e 100644 --- a/libpod/volume.go +++ b/libpod/volume.go @@ -38,9 +38,8 @@ type VolumeConfig struct { // a list of mount options. For other drivers, they are passed to the // volume driver handling the volume. Options map[string]string `json:"volumeOptions,omitempty"` - // Whether this volume was created for a specific container and will be - // removed with it. - IsCtrSpecific bool `json:"ctrSpecific"` + // Whether this volume is anonymous (will be removed on container exit) + IsAnon bool `json:"isAnon"` // UID the volume will be created as. UID int `json:"uid"` // GID the volume will be created as. @@ -106,11 +105,10 @@ func (v *Volume) Options() map[string]string { return options } -// IsCtrSpecific returns whether this volume was created specifically for a -// given container. Images with this set to true will be removed when the -// container is removed with the Volumes parameter set to true. -func (v *Volume) IsCtrSpecific() bool { - return v.config.IsCtrSpecific +// Anonymous returns whether this volume is anonymous. Anonymous volumes were +// created with a container, and will be removed when that container is removed. +func (v *Volume) Anonymous() bool { + return v.config.IsAnon } // UID returns the UID the volume will be created as. diff --git a/libpod/volume_inspect.go b/libpod/volume_inspect.go index c333b8961..136f9da5e 100644 --- a/libpod/volume_inspect.go +++ b/libpod/volume_inspect.go @@ -37,10 +37,10 @@ type InspectVolumeData struct { UID int `json:"UID,omitempty"` // GID is the GID that the volume was created with. GID int `json:"GID,omitempty"` - // ContainerSpecific indicates that the volume was created as part of a - // specific container, and will be removed when that container is - // removed. - ContainerSpecific bool `json:"ContainerSpecific,omitempty"` + // Anonymous indicates that the volume was created as an anonymous + // volume for a specific container, and will be be removed when any + // container using it is removed. + Anonymous bool `json:"Anonymous,omitempty"` } // Inspect provides detailed information about the configuration of the given @@ -67,7 +67,7 @@ func (v *Volume) Inspect() (*InspectVolumeData, error) { } data.UID = v.config.UID data.GID = v.config.GID - data.ContainerSpecific = v.config.IsCtrSpecific + data.Anonymous = v.config.IsAnon return data, nil } diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go index 33cf1e95d..9c8562744 100644 --- a/pkg/api/handlers/types.go +++ b/pkg/api/handlers/types.go @@ -360,7 +360,7 @@ func LibpodToContainer(l *libpod.Container, infoData []define.InfoData) (*Contai return &Container{docker.Container{ ID: l.ID(), - Names: []string{l.Name()}, + Names: []string{fmt.Sprintf("/%s", l.Name())}, Image: imageName, ImageID: imageId, Command: strings.Join(l.Command(), " "), @@ -431,7 +431,7 @@ func LibpodToContainerJSON(l *libpod.Container) (*docker.ContainerJSON, error) { HostsPath: inspect.HostsPath, LogPath: l.LogPath(), Node: nil, - Name: l.Name(), + Name: fmt.Sprintf("/%s", l.Name()), RestartCount: 0, Driver: inspect.Driver, Platform: "linux", diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go index 3dec6ca20..2e5fc9cb8 100644 --- a/pkg/bindings/connection.go +++ b/pkg/bindings/connection.go @@ -115,11 +115,12 @@ func (c *Connection) DoRequest(httpBody io.Reader, httpMethod, endpoint string, ) safePathValues := make([]interface{}, len(pathValues)) // Make sure path values are http url safe - for _, pv := range pathValues { - safePathValues = append(safePathValues, url.QueryEscape(pv)) + for i, pv := range pathValues { + safePathValues[i] = url.QueryEscape(pv) } + // Lets eventually use URL for this which might lead to safer + // usage safeEndpoint := fmt.Sprintf(endpoint, safePathValues...) - e := c.makeEndpoint(safeEndpoint) req, err := http.NewRequest(httpMethod, e, httpBody) if err != nil { @@ -150,8 +151,8 @@ func GetConnectionFromContext(ctx context.Context) (*Connection, error) { if c == nil { return nil, errors.New("unable to get connection from context") } - conn := c.(Connection) - return &conn, nil + conn := c.(*Connection) + return conn, nil } // FiltersToHTML converts our typical filter format of a diff --git a/pkg/bindings/test/common_test.go b/pkg/bindings/test/common_test.go index 4f2a98f2b..e3e66c89f 100644 --- a/pkg/bindings/test/common_test.go +++ b/pkg/bindings/test/common_test.go @@ -15,6 +15,7 @@ import ( const ( defaultPodmanBinaryLocation string = "/usr/bin/podman" + alpine string = "docker.io/library/alpine:latest" ) type bindingTest struct { diff --git a/pkg/bindings/test/images_test.go b/pkg/bindings/test/images_test.go index d600197bb..2906d55cd 100644 --- a/pkg/bindings/test/images_test.go +++ b/pkg/bindings/test/images_test.go @@ -34,7 +34,7 @@ var _ = Describe("Podman images", func() { //podmanTest.Setup() //podmanTest.SeedImages() bt = newBindingTest() - p := bt.runPodman([]string{"pull", "docker.io/library/alpine:latest"}) + p := bt.runPodman([]string{"pull", alpine}) p.Wait(45) s = bt.startAPIService() time.Sleep(1 * time.Second) @@ -68,13 +68,13 @@ var _ = Describe("Podman images", func() { _, err = images.GetImage(connText, data.ID[0:12], nil) Expect(err).To(BeNil()) // Inspect by ID - // Inspect by long name should work, it doesnt (yet) i think it needs to be html escaped - //_, err = images.GetImage(connText, ) + //Inspect by long name should work, it doesnt (yet) i think it needs to be html escaped + //_, err = images.GetImage(connText, alpine, nil) //Expect(err).To(BeNil()) }) It("remove image", func() { // Remove invalid image should be a 404 - _, err = images.RemoveImage(connText, "foobar5000", &false) + _, err = images.Remove(connText, "foobar5000", &false) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", 404)) @@ -82,7 +82,7 @@ var _ = Describe("Podman images", func() { _, err := images.GetImage(connText, "alpine", nil) Expect(err).To(BeNil()) - response, err := images.RemoveImage(connText, "alpine", &false) + response, err := images.Remove(connText, "alpine", &false) Expect(err).To(BeNil()) fmt.Println(response) // to be continued diff --git a/pkg/bindings/test/test_suite_test.go b/pkg/bindings/test/test_suite_test.go new file mode 100644 index 000000000..dc2b49b88 --- /dev/null +++ b/pkg/bindings/test/test_suite_test.go @@ -0,0 +1,13 @@ +package test_bindings_test + +import ( + "testing" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +func TestTest(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Test Suite") +} |