summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--RELEASE_NOTES.md6
-rw-r--r--cni/87-podman-bridge.conflist3
-rwxr-xr-xcontrib/cirrus/logcollector.sh4
-rw-r--r--go.mod2
-rw-r--r--go.sum2
-rw-r--r--libpod/volume.go7
-rw-r--r--pkg/adapter/network.go1
-rw-r--r--pkg/api/handlers/libpod/volumes.go137
-rw-r--r--pkg/api/handlers/types.go13
-rw-r--r--pkg/api/server/register_volumes.go43
-rw-r--r--pkg/api/server/swagger.go17
-rw-r--r--pkg/bindings/containers/create.go2
-rw-r--r--pkg/bindings/test/volumes_test.go174
-rw-r--r--pkg/bindings/volumes/volumes.go52
-rw-r--r--pkg/network/netconflist.go1
-rw-r--r--vendor/github.com/containers/buildah/imagebuildah/stage_executor.go16
-rw-r--r--vendor/github.com/containers/buildah/run_linux.go5
-rw-r--r--vendor/github.com/containers/buildah/util/util.go31
-rw-r--r--vendor/modules.txt2
19 files changed, 467 insertions, 51 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index f2381f7e3..f813b494f 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -6,6 +6,7 @@
- The `podman ps --format=json` command now includes the ID of the image containers were created with
- The `podman create` and `podman run` commands now support the `--device-cgroup-rule` flag ([#4876](https://github.com/containers/libpod/issues/4876))
- While the HTTP API remains in alpha, many fixes and additions have landed. These are documented in a separate subsection below
+- The `podman create` and `podman run` commands now feature a `--no-healthcheck` flag to disable healthchecks for a container ([#5299](https://github.com/containers/libpod/issues/5299))
### Bugfixes
- Fixed CVE-2020-1726, a security issue where volumes manually populated before first being mounted into a container could have those contents overwritten on first being mounted into a container
@@ -28,6 +29,10 @@
- Fixed a bug where `podman commit --change` would perform incorrect validation, resulting in valid changes being rejected ([#5148](https://github.com/containers/libpod/issues/5148))
- Fixed a bug where `podman logs --tail` could take large amounts of memory when the log file for a container was large ([#5131](https://github.com/containers/libpod/issues/5131))
- Fixed a bug where Podman would sometimes incorrectly generate firewall rules on systems using `firewalld`
+- Fixed a bug where the `podman inspect` command would not display network information for containers properly if a container joined multiple CNI networks ([#4907](https://github.com/containers/libpod/issues/4907))
+- Fixed a bug where the `--uts` flag to `podman create` and `podman run` would only allow specifying containers by full ID ([#5289](https://github.com/containers/libpod/issues/5289))
+- Fixed a bug where rootless Podman could segfault when passed a large number of file descriptors
+- Fixed a bug where the `podman port` command was incorrectly interpreting additional arguments as container names, instead of port numbers
### HTTP API
- Initial support for secure connections to servers via SSH tunneling has been added
@@ -48,6 +53,7 @@
- The `CreatedTime` field to `podman images --format=json` has been renamed to `CreatedAt` as part of the fix for ([#5110](https://github.com/containers/libpod/issues/5110)). Go templates using the old name should still work
- The `before` filter to `podman images` has been renamed to `since` for Docker compatibility. Using `before` will still work, but documentation has been changed to use the new `since` filter
- Using the `--password` flag to `podman login` now warns that passwords are being passed in plaintext
+- Some common cases where Podman would deadlock have been fixed to warn the user that `podman system renumber` must be run to resolve the deadlock
## 1.8.0
### Features
diff --git a/cni/87-podman-bridge.conflist b/cni/87-podman-bridge.conflist
index cd01b97ce..13b09a5b5 100644
--- a/cni/87-podman-bridge.conflist
+++ b/cni/87-podman-bridge.conflist
@@ -27,6 +27,9 @@
}
},
{
+ "type": "firewall"
+ },
+ {
"type": "tuning"
}
]
diff --git a/contrib/cirrus/logcollector.sh b/contrib/cirrus/logcollector.sh
index 1769e9362..34b88e6ea 100755
--- a/contrib/cirrus/logcollector.sh
+++ b/contrib/cirrus/logcollector.sh
@@ -56,6 +56,7 @@ case $1 in
)
case $OS_RELEASE_ID in
fedora*)
+ cat /etc/fedora-release
PKG_LST_CMD='rpm -q --qf=%{N}-%{V}-%{R}-%{ARCH}\n'
PKG_NAMES+=(\
container-selinux \
@@ -64,6 +65,7 @@ case $1 in
)
;;
ubuntu*)
+ cat /etc/issue
PKG_LST_CMD='dpkg-query --show --showformat=${Package}-${Version}-${Architecture}\n'
PKG_NAMES+=(\
cri-o-runc \
@@ -71,6 +73,8 @@ case $1 in
;;
*) bad_os_id_ver ;;
esac
+ echo "Kernel: " $(uname -r)
+ echo "Cgroups: " $(stat -f -c %T /sys/fs/cgroup)
# Any not-present packages will be listed as such
$PKG_LST_CMD ${PKG_NAMES[@]} | sort -u
;;
diff --git a/go.mod b/go.mod
index 77ecde7ff..170e9b435 100644
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
github.com/checkpoint-restore/go-criu v0.0.0-20190109184317-bdb7599cd87b
github.com/containernetworking/cni v0.7.2-0.20190904153231-83439463f784
github.com/containernetworking/plugins v0.8.5
- github.com/containers/buildah v1.14.1-0.20200225113533-39bd7e0a7a73
+ github.com/containers/buildah v1.14.1-0.20200227103754-f0c3fd7c3d34
github.com/containers/common v0.4.2 // indirect
github.com/containers/conmon v2.0.10+incompatible
github.com/containers/image/v5 v5.2.1
diff --git a/go.sum b/go.sum
index 7932d781f..75dc29cfc 100644
--- a/go.sum
+++ b/go.sum
@@ -76,6 +76,8 @@ github.com/containers/buildah v1.14.1-0.20200222102502-002dffb8d2cb h1:FvrlxHKZo
github.com/containers/buildah v1.14.1-0.20200222102502-002dffb8d2cb/go.mod h1:tsos+87us4LpjyPwtgXQmDkOj5SYrpsMyRVcDTOQ5aA=
github.com/containers/buildah v1.14.1-0.20200225113533-39bd7e0a7a73 h1:TyGEOd0O6oigg1WA+bprBTgeHH8815fNgOUYhh1I2Vs=
github.com/containers/buildah v1.14.1-0.20200225113533-39bd7e0a7a73/go.mod h1:sdMVVcCTvvAj9o9dk/j6EnNJJadjxqjcI4Yy9WoWxSg=
+github.com/containers/buildah v1.14.1-0.20200227103754-f0c3fd7c3d34 h1:SaK9ADT5JdVL29Z8snwl+bqmi1usnNyis+7Hd5+jJjw=
+github.com/containers/buildah v1.14.1-0.20200227103754-f0c3fd7c3d34/go.mod h1:sdMVVcCTvvAj9o9dk/j6EnNJJadjxqjcI4Yy9WoWxSg=
github.com/containers/common v0.0.7 h1:eKYZLKfJ2d/RNDgecLDFv45cHb4imYzIcrQHx1Y029M=
github.com/containers/common v0.0.7/go.mod h1:lhWV3MLhO1+KGE2x6v9+K38MxpjXGso+edmpkFnCOqI=
github.com/containers/common v0.3.0 h1:9ysL/OfPcMls1Ac3jzFA4XZJVSD/JG7Dst3uQSwQtwA=
diff --git a/libpod/volume.go b/libpod/volume.go
index 1ffed872e..70099d6f4 100644
--- a/libpod/volume.go
+++ b/libpod/volume.go
@@ -126,3 +126,10 @@ func (v *Volume) GID() int {
func (v *Volume) CreatedTime() time.Time {
return v.config.CreatedTime
}
+
+// Config returns the volume's configuration.
+func (v *Volume) Config() (*VolumeConfig, error) {
+ config := VolumeConfig{}
+ err := JSONDeepCopy(v.config, &config)
+ return &config, err
+}
diff --git a/pkg/adapter/network.go b/pkg/adapter/network.go
index c5bd91534..b25f54a13 100644
--- a/pkg/adapter/network.go
+++ b/pkg/adapter/network.go
@@ -209,6 +209,7 @@ func (r *LocalRuntime) NetworkCreateBridge(cli *cliconfig.NetworkCreateValues) (
bridge := network.NewHostLocalBridge(bridgeDeviceName, isGateway, false, ipMasq, ipamConfig)
plugins = append(plugins, bridge)
plugins = append(plugins, network.NewPortMapPlugin())
+ plugins = append(plugins, network.NewFirewallPlugin())
// if we find the dnsname plugin, we add configuration for it
if network.HasDNSNamePlugin(runtimeConfig.CNIPluginDir) && !cli.DisableDNS {
// Note: in the future we might like to allow for dynamic domain names
diff --git a/pkg/api/handlers/libpod/volumes.go b/pkg/api/handlers/libpod/volumes.go
index 7e7e46718..9b10ee890 100644
--- a/pkg/api/handlers/libpod/volumes.go
+++ b/pkg/api/handlers/libpod/volumes.go
@@ -3,9 +3,11 @@ package libpod
import (
"encoding/json"
"net/http"
+ "strings"
"github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/api/handlers"
"github.com/containers/libpod/pkg/api/handlers/utils"
"github.com/gorilla/schema"
@@ -29,7 +31,6 @@ func CreateVolume(w http.ResponseWriter, r *http.Request) {
errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String()))
return
}
-
// decode params from body
if err := json.NewDecoder(r.Body).Decode(&input); err != nil {
utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()"))
@@ -49,14 +50,21 @@ func CreateVolume(w http.ResponseWriter, r *http.Request) {
parsedOptions, err := shared.ParseVolumeOptions(input.Opts)
if err != nil {
utils.InternalServerError(w, err)
+ return
}
volumeOptions = append(volumeOptions, parsedOptions...)
}
vol, err := runtime.NewVolume(r.Context(), volumeOptions...)
if err != nil {
utils.InternalServerError(w, err)
+ return
+ }
+ config, err := vol.Config()
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
}
- utils.WriteResponse(w, http.StatusOK, vol.Name())
+ utils.WriteResponse(w, http.StatusOK, config)
}
func InspectVolume(w http.ResponseWriter, r *http.Request) {
@@ -76,25 +84,46 @@ func InspectVolume(w http.ResponseWriter, r *http.Request) {
}
func ListVolumes(w http.ResponseWriter, r *http.Request) {
- //var (
- // runtime = r.Context().Value("runtime").(*libpod.Runtime)
- // decoder = r.Context().Value("decoder").(*schema.Decoder)
- //)
- //query := struct {
- // Filter string `json:"filter"`
- //}{
- // // override any golang type defaults
- //}
- //
- //if err := decoder.Decode(&query, r.URL.Query()); err != nil {
- // utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest,
- // errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String()))
- // return
- //}
- /*
- This is all in main in cmd and needs to be extracted from there first.
- */
+ var (
+ decoder = r.Context().Value("decoder").(*schema.Decoder)
+ err error
+ runtime = r.Context().Value("runtime").(*libpod.Runtime)
+ volumeConfigs []*libpod.VolumeConfig
+ volumeFilters []libpod.VolumeFilter
+ )
+ query := struct {
+ Filters map[string][]string `schema:"filters"`
+ }{
+ // override any golang type defaults
+ }
+
+ if err := decoder.Decode(&query, r.URL.Query()); err != nil {
+ utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest,
+ errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String()))
+ return
+ }
+ if len(query.Filters) > 0 {
+ volumeFilters, err = generateVolumeFilters(query.Filters)
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ }
+ vols, err := runtime.Volumes(volumeFilters...)
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ for _, v := range vols {
+ config, err := v.Config()
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ volumeConfigs = append(volumeConfigs, config)
+ }
+ utils.WriteResponse(w, http.StatusOK, volumeConfigs)
}
func PruneVolumes(w http.ResponseWriter, r *http.Request) {
@@ -133,9 +162,77 @@ func RemoveVolume(w http.ResponseWriter, r *http.Request) {
vol, err := runtime.LookupVolume(name)
if err != nil {
utils.VolumeNotFound(w, name, err)
+ return
}
if err := runtime.RemoveVolume(r.Context(), vol, query.Force); err != nil {
+ if errors.Cause(err) == define.ErrVolumeBeingUsed {
+ utils.Error(w, "volumes being used", http.StatusConflict, err)
+ return
+ }
utils.InternalServerError(w, err)
+ return
}
utils.WriteResponse(w, http.StatusNoContent, "")
}
+
+func generateVolumeFilters(filters map[string][]string) ([]libpod.VolumeFilter, error) {
+ var vf []libpod.VolumeFilter
+ for filter, v := range filters {
+ for _, val := range v {
+ switch filter {
+ case "name":
+ nameVal := val
+ vf = append(vf, func(v *libpod.Volume) bool {
+ return nameVal == v.Name()
+ })
+ case "driver":
+ driverVal := val
+ vf = append(vf, func(v *libpod.Volume) bool {
+ return v.Driver() == driverVal
+ })
+ case "scope":
+ scopeVal := val
+ vf = append(vf, func(v *libpod.Volume) bool {
+ return v.Scope() == scopeVal
+ })
+ case "label":
+ filterArray := strings.SplitN(val, "=", 2)
+ filterKey := filterArray[0]
+ var filterVal string
+ if len(filterArray) > 1 {
+ filterVal = filterArray[1]
+ } else {
+ filterVal = ""
+ }
+ vf = append(vf, func(v *libpod.Volume) bool {
+ for labelKey, labelValue := range v.Labels() {
+ if labelKey == filterKey && ("" == filterVal || labelValue == filterVal) {
+ return true
+ }
+ }
+ return false
+ })
+ case "opt":
+ filterArray := strings.SplitN(val, "=", 2)
+ filterKey := filterArray[0]
+ var filterVal string
+ if len(filterArray) > 1 {
+ filterVal = filterArray[1]
+ } else {
+ filterVal = ""
+ }
+ vf = append(vf, func(v *libpod.Volume) bool {
+ for labelKey, labelValue := range v.Options() {
+ if labelKey == filterKey && ("" == filterVal || labelValue == filterVal) {
+ return true
+ }
+ }
+ return false
+ })
+ default:
+ return nil, errors.Errorf("%q is in an invalid volume filter", filter)
+ }
+ }
+ }
+ return vf, nil
+}
diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go
index c72b0f817..2930a9567 100644
--- a/pkg/api/handlers/types.go
+++ b/pkg/api/handlers/types.go
@@ -128,11 +128,16 @@ type CreateContainerConfig struct {
NetworkingConfig dockerNetwork.NetworkingConfig
}
+// swagger:model VolumeCreate
type VolumeCreateConfig struct {
- Name string `json:"name"`
- Driver string `schema:"driver"`
- Label map[string]string `schema:"label"`
- Opts map[string]string `schema:"opts"`
+ // New volume's name. Can be left blank
+ Name string `schema:"name"`
+ // Volume driver to use
+ Driver string `schema:"driver"`
+ // User-defined key/value metadata.
+ Label map[string]string `schema:"label"`
+ // Mapping of driver options and values.
+ Opts map[string]string `schema:"opts"`
}
type IDResponse struct {
diff --git a/pkg/api/server/register_volumes.go b/pkg/api/server/register_volumes.go
index efe56a3ad..d1317904b 100644
--- a/pkg/api/server/register_volumes.go
+++ b/pkg/api/server/register_volumes.go
@@ -11,15 +11,42 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// swagger:operation POST /libpod/volumes/create volumes createVolume
// ---
// summary: Create a volume
+ // parameters:
+ // - in: body
+ // name: create
+ // description: attributes for creating a container
+ // schema:
+ // $ref: "#/definitions/VolumeCreate"
+ // produces:
+ // - application/json
+ // responses:
+ // '201':
+ // $ref: "#/responses/VolumeCreateResponse"
+ // '500':
+ // "$ref": "#/responses/InternalError"
+ r.Handle(VersionedPath("/libpod/volumes/create"), s.APIHandler(libpod.CreateVolume)).Methods(http.MethodPost)
+ // swagger:operation POST /libpod/volumes/json volumes listVolumes
+ // ---
+ // summary: List volumes
+ // description: Returns a list of networks
// produces:
// - application/json
+ // parameters:
+ // - in: query
+ // name: filters
+ // type: string
+ // description: |
+ // JSON encoded value of the filters (a map[string][]string) to process on the networks list. Available filters:
+ // - driver=<volume-driver-name> Matches volumes based on their driver.
+ // - label=<key> or label=<key>:<value> Matches volumes based on the presence of a label alone or a label and a value.
+ // - name=<volume-name> Matches all of volume name.
+ // - opt=<driver-option> Matches a storage driver options
// responses:
// '200':
- // description: tbd
+ // "$ref": "#/responses/VolumeList"
// '500':
// "$ref": "#/responses/InternalError"
- r.Handle("/libpod/volumes/create", s.APIHandler(libpod.CreateVolume)).Methods(http.MethodPost)
- r.Handle("/libpod/volumes/json", s.APIHandler(libpod.ListVolumes)).Methods(http.MethodGet)
+ r.Handle(VersionedPath("/libpod/volumes/json"), s.APIHandler(libpod.ListVolumes)).Methods(http.MethodGet)
// swagger:operation POST /libpod/volumes/prune volumes pruneVolumes
// ---
// summary: Prune volumes
@@ -30,7 +57,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// description: no error
// '500':
// "$ref": "#/responses/InternalError"
- r.Handle("/libpod/volumes/prune", s.APIHandler(libpod.PruneVolumes)).Methods(http.MethodPost)
+ r.Handle(VersionedPath("/libpod/volumes/prune"), s.APIHandler(libpod.PruneVolumes)).Methods(http.MethodPost)
// swagger:operation GET /libpod/volumes/{name}/json volumes inspectVolume
// ---
// summary: Inspect volume
@@ -49,7 +76,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// "$ref": "#/responses/NoSuchVolume"
// '500':
// "$ref": "#/responses/InternalError"
- r.Handle("/libpod/volumes/{name}/json", s.APIHandler(libpod.InspectVolume)).Methods(http.MethodGet)
+ r.Handle(VersionedPath("/libpod/volumes/{name}/json"), s.APIHandler(libpod.InspectVolume)).Methods(http.MethodGet)
// swagger:operation DELETE /libpod/volumes/{name} volumes removeVolume
// ---
// summary: Remove volume
@@ -68,12 +95,12 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// responses:
// 204:
// description: no error
- // 400:
- // $ref: "#/responses/BadParamError"
// 404:
// $ref: "#/responses/NoSuchVolume"
+ // 409:
+ // description: Volume is in use and cannot be removed
// 500:
// $ref: "#/responses/InternalError"
- r.Handle("/libpod/volumes/{name}", s.APIHandler(libpod.RemoveVolume)).Methods(http.MethodDelete)
+ r.Handle(VersionedPath("/libpod/volumes/{name}"), s.APIHandler(libpod.RemoveVolume)).Methods(http.MethodDelete)
return nil
}
diff --git a/pkg/api/server/swagger.go b/pkg/api/server/swagger.go
index fc409d816..011196e5a 100644
--- a/pkg/api/server/swagger.go
+++ b/pkg/api/server/swagger.go
@@ -1,6 +1,7 @@
package server
import (
+ "github.com/containers/libpod/libpod"
"github.com/containers/libpod/pkg/api/handlers"
"github.com/containers/libpod/pkg/api/handlers/utils"
)
@@ -139,3 +140,19 @@ type ok struct {
ok string
}
}
+
+// Volume create response
+// swagger:response VolumeCreateResponse
+type swagVolumeCreateResponse struct {
+ // in:body
+ Body struct {
+ libpod.VolumeConfig
+ }
+}
+
+// Volume list
+// swagger:response VolumeList
+type swagVolumeListResponse struct {
+ // in:body
+ Body []libpod.Volume
+}
diff --git a/pkg/bindings/containers/create.go b/pkg/bindings/containers/create.go
index 2943cb522..43a3ef02d 100644
--- a/pkg/bindings/containers/create.go
+++ b/pkg/bindings/containers/create.go
@@ -19,7 +19,7 @@ func CreateWithSpec(ctx context.Context, s specgen.SpecGenerator) (utils.Contain
}
specgenString, err := jsoniter.MarshalToString(s)
if err != nil {
- return ccr, nil
+ return ccr, err
}
stringReader := strings.NewReader(specgenString)
response, err := conn.DoRequest(stringReader, http.MethodPost, "/containers/create", nil)
diff --git a/pkg/bindings/test/volumes_test.go b/pkg/bindings/test/volumes_test.go
new file mode 100644
index 000000000..c8940d46e
--- /dev/null
+++ b/pkg/bindings/test/volumes_test.go
@@ -0,0 +1,174 @@
+package test_bindings
+
+import (
+ "context"
+ "fmt"
+ "github.com/containers/libpod/pkg/api/handlers"
+ "github.com/containers/libpod/pkg/bindings/containers"
+ "github.com/containers/libpod/pkg/bindings/volumes"
+ "net/http"
+ "time"
+
+ "github.com/containers/libpod/pkg/bindings"
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+ "github.com/onsi/gomega/gexec"
+)
+
+var _ = Describe("Podman volumes", func() {
+ var (
+ //tempdir string
+ //err error
+ //podmanTest *PodmanTestIntegration
+ bt *bindingTest
+ s *gexec.Session
+ connText context.Context
+ err error
+ trueFlag = true
+ )
+
+ BeforeEach(func() {
+ //tempdir, err = CreateTempDirInTempDir()
+ //if err != nil {
+ // os.Exit(1)
+ //}
+ //podmanTest = PodmanTestCreate(tempdir)
+ //podmanTest.Setup()
+ //podmanTest.SeedImages()
+ bt = newBindingTest()
+ bt.RestoreImagesFromCache()
+ s = bt.startAPIService()
+ time.Sleep(1 * time.Second)
+ connText, err = bindings.NewConnection(context.Background(), bt.sock)
+ Expect(err).To(BeNil())
+ })
+
+ AfterEach(func() {
+ //podmanTest.Cleanup()
+ //f := CurrentGinkgoTestDescription()
+ //processTestResult(f)
+ s.Kill()
+ bt.cleanup()
+ })
+
+ It("create volume", func() {
+ // create a volume with blank config should work
+ _, err := volumes.Create(connText, handlers.VolumeCreateConfig{})
+ Expect(err).To(BeNil())
+
+ vcc := handlers.VolumeCreateConfig{
+ Name: "foobar",
+ Label: nil,
+ Opts: nil,
+ }
+ vol, err := volumes.Create(connText, vcc)
+ Expect(err).To(BeNil())
+ Expect(vol.Name).To(Equal("foobar"))
+
+ // create volume with same name should 500
+ _, err = volumes.Create(connText, vcc)
+ Expect(err).ToNot(BeNil())
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusInternalServerError))
+ })
+
+ It("inspect volume", func() {
+ vol, err := volumes.Create(connText, handlers.VolumeCreateConfig{})
+ Expect(err).To(BeNil())
+ data, err := volumes.Inspect(connText, vol.Name)
+ Expect(err).To(BeNil())
+ Expect(data.Name).To(Equal(vol.Name))
+ })
+
+ It("remove volume", func() {
+ // removing a bogus volume should result in 404
+ err := volumes.Remove(connText, "foobar", nil)
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusNotFound))
+
+ // Removing an unused volume should work
+ vol, err := volumes.Create(connText, handlers.VolumeCreateConfig{})
+ Expect(err).To(BeNil())
+ err = volumes.Remove(connText, vol.Name, nil)
+ Expect(err).To(BeNil())
+
+ // Removing a volume that is being used without force should be 409
+ vol, err = volumes.Create(connText, handlers.VolumeCreateConfig{})
+ Expect(err).To(BeNil())
+ session := bt.runPodman([]string{"run", "-dt", "-v", fmt.Sprintf("%s:/foobar", vol.Name), "--name", "vtest", alpine.name, "top"})
+ session.Wait(45)
+ err = volumes.Remove(connText, vol.Name, nil)
+ Expect(err).ToNot(BeNil())
+ code, _ = bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusConflict))
+
+ // Removing with a volume in use with force should work with a stopped container
+ zero := 0
+ err = containers.Stop(connText, "vtest", &zero)
+ Expect(err).To(BeNil())
+ err = volumes.Remove(connText, vol.Name, &trueFlag)
+ Expect(err).To(BeNil())
+ })
+
+ It("list volumes", func() {
+ // no volumes should be ok
+ vols, err := volumes.List(connText, nil)
+ Expect(err).To(BeNil())
+ Expect(len(vols)).To(BeZero())
+
+ // create a bunch of named volumes and make verify with list
+ volNames := []string{"homer", "bart", "lisa", "maggie", "marge"}
+ for i := 0; i < 5; i++ {
+ _, err = volumes.Create(connText, handlers.VolumeCreateConfig{Name: volNames[i]})
+ Expect(err).To(BeNil())
+ }
+ vols, err = volumes.List(connText, nil)
+ Expect(err).To(BeNil())
+ Expect(len(vols)).To(BeNumerically("==", 5))
+ for _, v := range vols {
+ Expect(StringInSlice(v.Name, volNames)).To(BeTrue())
+ }
+
+ // list with bad filter should be 500
+ filters := make(map[string][]string)
+ filters["foobar"] = []string{"1234"}
+ _, err = volumes.List(connText, filters)
+ Expect(err).ToNot(BeNil())
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusInternalServerError))
+
+ filters = make(map[string][]string)
+ filters["name"] = []string{"homer"}
+ vols, err = volumes.List(connText, filters)
+ Expect(err).To(BeNil())
+ Expect(len(vols)).To(BeNumerically("==", 1))
+ Expect(vols[0].Name).To(Equal("homer"))
+ })
+
+ // TODO we need to add filtering to tests
+ It("prune unused volume", func() {
+ // Pruning when no volumes present should be ok
+ _, err := volumes.Prune(connText)
+ Expect(err).To(BeNil())
+
+ // Removing an unused volume should work
+ _, err = volumes.Create(connText, handlers.VolumeCreateConfig{})
+ Expect(err).To(BeNil())
+ vols, err := volumes.Prune(connText)
+ Expect(err).To(BeNil())
+ Expect(len(vols)).To(BeNumerically("==", 1))
+
+ _, err = volumes.Create(connText, handlers.VolumeCreateConfig{Name: "homer"})
+ Expect(err).To(BeNil())
+ _, err = volumes.Create(connText, handlers.VolumeCreateConfig{})
+ Expect(err).To(BeNil())
+ session := bt.runPodman([]string{"run", "-dt", "-v", fmt.Sprintf("%s:/homer", "homer"), "--name", "vtest", alpine.name, "top"})
+ session.Wait(45)
+ vols, err = volumes.Prune(connText)
+ Expect(err).To(BeNil())
+ Expect(len(vols)).To(BeNumerically("==", 1))
+ _, err = volumes.Inspect(connText, "homer")
+ Expect(err).To(BeNil())
+ })
+
+})
diff --git a/pkg/bindings/volumes/volumes.go b/pkg/bindings/volumes/volumes.go
index 7f6a9cc9b..0bc818605 100644
--- a/pkg/bindings/volumes/volumes.go
+++ b/pkg/bindings/volumes/volumes.go
@@ -5,27 +5,33 @@ import (
"net/http"
"net/url"
"strconv"
+ "strings"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/pkg/api/handlers"
"github.com/containers/libpod/pkg/bindings"
+ jsoniter "github.com/json-iterator/go"
)
// Create creates a volume given its configuration.
-func Create(ctx context.Context, config handlers.VolumeCreateConfig) (string, error) {
- // TODO This is incomplete. The config needs to be sent via the body
+func Create(ctx context.Context, config handlers.VolumeCreateConfig) (*libpod.VolumeConfig, error) {
var (
- volumeID string
+ v libpod.VolumeConfig
)
conn, err := bindings.GetClient(ctx)
if err != nil {
- return "", err
+ return nil, err
+ }
+ createString, err := jsoniter.MarshalToString(config)
+ if err != nil {
+ return nil, err
}
- response, err := conn.DoRequest(nil, http.MethodPost, "/volumes/create", nil)
+ stringReader := strings.NewReader(createString)
+ response, err := conn.DoRequest(stringReader, http.MethodPost, "/volumes/create", nil)
if err != nil {
- return volumeID, err
+ return nil, err
}
- return volumeID, response.Process(&volumeID)
+ return &v, response.Process(&v)
}
// Inspect returns low-level information about a volume.
@@ -37,18 +43,36 @@ func Inspect(ctx context.Context, nameOrID string) (*libpod.InspectVolumeData, e
if err != nil {
return nil, err
}
- response, err := conn.DoRequest(nil, http.MethodPost, "/volumes/%s/json", nil, nameOrID)
+ response, err := conn.DoRequest(nil, http.MethodGet, "/volumes/%s/json", nil, nameOrID)
if err != nil {
return &inspect, err
}
return &inspect, response.Process(&inspect)
}
-func List() error {
- // TODO
- // The API side of things for this one does a lot in main and therefore
- // is not implemented yet.
- return bindings.ErrNotImplemented // nolint:typecheck
+// List returns the configurations for existing volumes in the form of a slice. Optionally, filters
+// can be used to refine the list of volumes.
+func List(ctx context.Context, filters map[string][]string) ([]*libpod.VolumeConfig, error) {
+ var (
+ vols []*libpod.VolumeConfig
+ )
+ conn, err := bindings.GetClient(ctx)
+ if err != nil {
+ return nil, err
+ }
+ params := url.Values{}
+ if len(filters) > 0 {
+ strFilters, err := bindings.FiltersToString(filters)
+ if err != nil {
+ return nil, err
+ }
+ params.Set("filters", strFilters)
+ }
+ response, err := conn.DoRequest(nil, http.MethodGet, "/volumes/json", params)
+ if err != nil {
+ return vols, err
+ }
+ return vols, response.Process(&vols)
}
// Prune removes unused volumes from the local filesystem.
@@ -78,7 +102,7 @@ func Remove(ctx context.Context, nameOrID string, force *bool) error {
if force != nil {
params.Set("force", strconv.FormatBool(*force))
}
- response, err := conn.DoRequest(nil, http.MethodPost, "/volumes/%s/prune", params, nameOrID)
+ response, err := conn.DoRequest(nil, http.MethodDelete, "/volumes/%s", params, nameOrID)
if err != nil {
return err
}
diff --git a/pkg/network/netconflist.go b/pkg/network/netconflist.go
index a8217097a..34ff00024 100644
--- a/pkg/network/netconflist.go
+++ b/pkg/network/netconflist.go
@@ -110,7 +110,6 @@ func NewPortMapPlugin() PortMapConfig {
func NewFirewallPlugin() FirewallConfig {
return FirewallConfig{
PluginType: "firewall",
- Backend: "iptables",
}
}
diff --git a/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go b/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go
index 7b6abbe37..6216dac97 100644
--- a/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go
+++ b/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/buildah"
buildahdocker "github.com/containers/buildah/docker"
+ "github.com/containers/buildah/pkg/chrootuser"
"github.com/containers/buildah/util"
cp "github.com/containers/image/v5/copy"
"github.com/containers/image/v5/docker/reference"
@@ -1248,9 +1249,22 @@ func (s *StageExecutor) EnsureContainerPath(path string) error {
if err != nil {
return errors.Wrapf(err, "error ensuring container path %q", path)
}
- _, err = os.Lstat(targetPath)
+
+ _, err = os.Stat(targetPath)
if err != nil && os.IsNotExist(err) {
err = os.MkdirAll(targetPath, 0755)
+ if err != nil {
+ return errors.Wrapf(err, "error creating directory path %q", targetPath)
+ }
+ // get the uid and gid so that we can set the correct permissions on the
+ // working directory
+ uid, gid, _, err := chrootuser.GetUser(s.mountPoint, s.builder.User())
+ if err != nil {
+ return errors.Wrapf(err, "error getting uid and gid for user %q", s.builder.User())
+ }
+ if err = os.Chown(targetPath, int(uid), int(gid)); err != nil {
+ return errors.Wrapf(err, "error setting ownership on %q", targetPath)
+ }
}
if err != nil {
return errors.Wrapf(err, "error ensuring container path %q", path)
diff --git a/vendor/github.com/containers/buildah/run_linux.go b/vendor/github.com/containers/buildah/run_linux.go
index 3695462bb..d2c0abf9b 100644
--- a/vendor/github.com/containers/buildah/run_linux.go
+++ b/vendor/github.com/containers/buildah/run_linux.go
@@ -678,6 +678,11 @@ func runUsingRuntime(isolation Isolation, options RunOptions, configureNetwork b
runtime := options.Runtime
if runtime == "" {
runtime = util.Runtime()
+
+ localRuntime := util.FindLocalRuntime(runtime)
+ if localRuntime != "" {
+ runtime = localRuntime
+ }
}
// Default to just passing down our stdio.
diff --git a/vendor/github.com/containers/buildah/util/util.go b/vendor/github.com/containers/buildah/util/util.go
index ac5a0f30c..05d661b58 100644
--- a/vendor/github.com/containers/buildah/util/util.go
+++ b/vendor/github.com/containers/buildah/util/util.go
@@ -10,6 +10,7 @@ import (
"sync"
"syscall"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/docker/reference"
"github.com/containers/image/v5/pkg/sysregistriesv2"
"github.com/containers/image/v5/signature"
@@ -432,3 +433,33 @@ var (
isUnified bool
isUnifiedErr error
)
+
+// fileExistsAndNotADir - Check to see if a file exists
+// and that it is not a directory.
+func fileExistsAndNotADir(path string) bool {
+ file, err := os.Stat(path)
+
+ if file == nil || err != nil || os.IsNotExist(err) {
+ return false
+ }
+ return !file.IsDir()
+}
+
+// FindLocalRuntime find the local runtime of the
+// system searching through the config file for
+// possible locations.
+func FindLocalRuntime(runtime string) string {
+ var localRuntime string
+ conf, err := config.Default()
+ if err != nil {
+ logrus.Debugf("Error loading container config when searching for local runtime.")
+ return localRuntime
+ }
+ for _, val := range conf.Libpod.OCIRuntimes[runtime] {
+ if fileExistsAndNotADir(val) {
+ localRuntime = val
+ break
+ }
+ }
+ return localRuntime
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 79d5cbb51..564717381 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -62,7 +62,7 @@ github.com/containernetworking/plugins/pkg/ns
github.com/containernetworking/plugins/pkg/utils/hwaddr
github.com/containernetworking/plugins/plugins/ipam/host-local/backend
github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator
-# github.com/containers/buildah v1.14.1-0.20200225113533-39bd7e0a7a73
+# github.com/containers/buildah v1.14.1-0.20200227103754-f0c3fd7c3d34
github.com/containers/buildah
github.com/containers/buildah/bind
github.com/containers/buildah/chroot