diff options
35 files changed, 300 insertions, 85 deletions
@@ -8,6 +8,7 @@ approvers: - TomSweeneyRedHat - vrothberg - umohnani8 + - Luap99 reviewers: - baude - edsantiago @@ -20,3 +21,4 @@ reviewers: - ashley-cui - QiWang19 - umohnani8 + - Luap99 diff --git a/cmd/podman/common/completion.go b/cmd/podman/common/completion.go index 7fed15e5e..25f4d0f79 100644 --- a/cmd/podman/common/completion.go +++ b/cmd/podman/common/completion.go @@ -22,7 +22,7 @@ var ( // ChangeCmds is the list of valid Change commands to passed to the Commit call ChangeCmds = []string{"CMD", "ENTRYPOINT", "ENV", "EXPOSE", "LABEL", "ONBUILD", "STOPSIGNAL", "USER", "VOLUME", "WORKDIR"} // LogLevels supported by podman - LogLevels = []string{"debug", "info", "warn", "error", "fatal", "panic"} + LogLevels = []string{"debug", "info", "warn", "warning", "error", "fatal", "panic"} ) type completeType int diff --git a/cmd/podman/root.go b/cmd/podman/root.go index 7840e6100..0830a62a5 100644 --- a/cmd/podman/root.go +++ b/cmd/podman/root.go @@ -71,7 +71,7 @@ var ( DisableFlagsInUseLine: true, } - logLevel = "error" + logLevel = "warn" useSyslog bool requireCleanup = true ) diff --git a/docs/source/markdown/podman-network-connect.1.md b/docs/source/markdown/podman-network-connect.1.md index 58b6e5c44..a31a415dc 100644 --- a/docs/source/markdown/podman-network-connect.1.md +++ b/docs/source/markdown/podman-network-connect.1.md @@ -10,6 +10,8 @@ podman\-network\-connect - Connect a container to a network Connects a container to a network. A container can be connected to a network by name or by ID. Once connected, the container can communicate with other containers in the same network. +This command is not available for rootless users. + ## OPTIONS #### **--alias** Add network-scoped alias for the container. If the network is using the `dnsname` CNI plugin, these aliases diff --git a/docs/source/markdown/podman-network-disconnect.1.md b/docs/source/markdown/podman-network-disconnect.1.md index 95c7018a8..8b7125282 100644 --- a/docs/source/markdown/podman-network-disconnect.1.md +++ b/docs/source/markdown/podman-network-disconnect.1.md @@ -9,6 +9,8 @@ podman\-network\-disconnect - Disconnect a container from a network ## DESCRIPTION Disconnects a container from a network. +This command is not available for rootless users. + ## OPTIONS #### **--force**, **-f** diff --git a/docs/source/markdown/podman-network-inspect.1.md b/docs/source/markdown/podman-network-inspect.1.md index 47d647b3f..56515d0c1 100644 --- a/docs/source/markdown/podman-network-inspect.1.md +++ b/docs/source/markdown/podman-network-inspect.1.md @@ -7,7 +7,7 @@ podman\-network\-inspect - Displays the raw CNI network configuration for one or **podman network inspect** [*options*] [*network* ...] ## DESCRIPTION -Display the raw (JSON format) network configuration. This command is not available for rootless users. +Display the raw (JSON format) network configuration. ## OPTIONS #### **--format**, **-f** diff --git a/docs/source/markdown/podman-network-ls.1.md b/docs/source/markdown/podman-network-ls.1.md index a964c97e8..9d2dd52a8 100644 --- a/docs/source/markdown/podman-network-ls.1.md +++ b/docs/source/markdown/podman-network-ls.1.md @@ -7,7 +7,7 @@ podman\-network\-ls - Display a summary of CNI networks **podman network ls** [*options*] ## DESCRIPTION -Displays a list of existing podman networks. This command is not available for rootless users. +Displays a list of existing podman networks. ## OPTIONS #### **--filter**, **-f** diff --git a/docs/source/markdown/podman-network.1.md b/docs/source/markdown/podman-network.1.md index d21b200d9..bc161659a 100644 --- a/docs/source/markdown/podman-network.1.md +++ b/docs/source/markdown/podman-network.1.md @@ -7,7 +7,7 @@ podman\-network - Manage Podman CNI networks **podman network** *subcommand* ## DESCRIPTION -The network command manages CNI networks for Podman. It is not supported for rootless users. +The network command manages CNI networks for Podman. ## COMMANDS @@ -17,7 +17,7 @@ require ( github.com/containers/psgo v1.5.1 github.com/containers/storage v1.24.1 github.com/coreos/go-systemd/v22 v22.1.0 - github.com/cri-o/ocicni v0.2.1-0.20201102180012-75c612fda1a2 + github.com/cri-o/ocicni v0.2.1-0.20201125151022-df072ea5421c github.com/cyphar/filepath-securejoin v0.2.2 github.com/davecgh/go-spew v1.1.1 github.com/docker/distribution v2.7.1+incompatible @@ -73,5 +73,3 @@ require ( k8s.io/apimachinery v0.19.4 k8s.io/client-go v0.0.0-20190620085101-78d2af792bab ) - -replace github.com/cri-o/ocicni => github.com/cri-o/ocicni v0.2.1-0.20201109200316-afdc16ba66df @@ -124,8 +124,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:ma github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.9 h1:uDmaGzcdjhF4i/plgjmEsriH11Y0o7RKapEf/LDaM3w= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cri-o/ocicni v0.2.1-0.20201109200316-afdc16ba66df h1:c35uRFkER07nAkB1X21e+PI5xO21SOyI6G7tdfvz1z4= -github.com/cri-o/ocicni v0.2.1-0.20201109200316-afdc16ba66df/go.mod h1:vingr1ztOAzP2WyTgGbpMov9dFhbjNxdLtDv0+PhAvY= +github.com/cri-o/ocicni v0.2.1-0.20201125151022-df072ea5421c h1:iGaCU6d3oVT0pl8tmvyDhoA/vTDL3IX08akfsKZIy9o= +github.com/cri-o/ocicni v0.2.1-0.20201125151022-df072ea5421c/go.mod h1:vingr1ztOAzP2WyTgGbpMov9dFhbjNxdLtDv0+PhAvY= github.com/cyphar/filepath-securejoin v0.2.2 h1:jCwT2GTP+PY5nBz3c/YL5PAIbusElVrPujOBSCj8xRg= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= diff --git a/hack/podman-socat b/hack/podman-socat new file mode 100755 index 000000000..7bc571816 --- /dev/null +++ b/hack/podman-socat @@ -0,0 +1,122 @@ +#!/bin/bash -e +# Execute podman while capturing the API stream +# +# Script will run an instance of podman sand-boxed, the API stream will be captured and then formatted for readability. + +if [[ $(id -u) != 0 ]]; then + echo >&2 "$0 must be run as root." + exit 2 +fi + +if ! command -v socat >/dev/null 2>&1; then + echo 1>&2 "socat not found on PATH" +fi + +PODMAN=${PODMAN:-podman} +if ! command -v "$PODMAN" >/dev/null 2>&1; then + echo 1>&2 "$PODMAN not found on PATH" +fi + +function usage() { + echo 1>&2 $0 '[-v] [-h]' +} + +while getopts "vh" arg; do + case $arg in + v) + VERBOSE='-v' + export PODMAN_LOG_LEVEL=debug + ;; + h) + usage + exit 0 + ;; + \?) + usage + exit 2 + ;; + esac +done +shift $((OPTIND - 1)) + +function cleanup() { + set +xeuo pipefail + rm -r "$1" + kill -9 $REAP_PIDS + + sed -e 's/^> /\nClient Request> /' -e 's/^< /\nServer Response< /' -i /tmp/podman-socat.log +} + +# Create temporary directory for storage +export TMPDIR=$(mktemp -d /tmp/podman.XXXXXXXXXX) +trap "cleanup $TMPDIR" EXIT + +# Need locations to store stuff +mkdir -p "${TMPDIR}"/{podman,crio,crio-run,cni/net.d,ctnr,tunnel} + +export REGISTRIES_CONFIG_PATH=${TMPDIR}/registry.conf +cat >"$REGISTRIES_CONFIG_PATH" <<-EOT + [registries.search] + registries = ['docker.io'] + [registries.insecure] + registries = [] + [registries.block] + registries = [] +EOT + +export CNI_CONFIG_PATH=${TMPDIR}/cni/net.d +cat >"$CNI_CONFIG_PATH"/87-podman-bridge.conflist <<-EOT +{ + "cniVersion": "0.3.0", + "name": "podman", + "plugins": [{ + "type": "bridge", + "bridge": "cni0", + "isGateway": true, + "ipMasq": true, + "ipam": { + "type": "host-local", + "subnet": "10.88.0.0/16", + "routes": [{ + "dst": "0.0.0.0/0" + }] + } + }, + { + "type": "portmap", + "capabilities": { + "portMappings": true + } + } + ] +} +EOT + +PODMAN_ARGS="--storage-driver=vfs \ + --root=${TMPDIR}/crio \ + --runroot=${TMPDIR}/crio-run \ + --cni-config-dir=$CNI_CONFIG_PATH \ + --cgroup-manager=systemd \ + " +if [[ -n $VERBOSE ]]; then + PODMAN_ARGS="$PODMAN_ARGS --log-level=$PODMAN_LOG_LEVEL --syslog=true" +fi +PODMAN="$PODMAN $PODMAN_ARGS" + +PODMAN_HOST="${TMPDIR}/podman/podman-socat.sock" +SOCAT_HOST="${TMPDIR}/podman/podman.sock" + +cat <<-EOT +Podman service running at unix:$SOCAT_HOST +See /tmp/podman-socat.log for API stream capture +See /tmp/podman-service.log for service logging + +usage: sudo bin/podman-remote --url unix:$SOCAT_HOST images + +^C to exit +EOT + +$PODMAN system service --timeout=0 "unix:$PODMAN_HOST" >/tmp/podman-service.log 2>&1 & +REAP_PIDS=$! + +socat -v "UNIX-LISTEN:$SOCAT_HOST",fork,reuseaddr,unlink-early "UNIX-CONNECT:$PODMAN_HOST" >/tmp/podman-socat.log 2>&1 diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go index f78d74ef7..2ce3e8e68 100644 --- a/libpod/container_inspect.go +++ b/libpod/container_inspect.go @@ -488,7 +488,7 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named // Weight? For now, ignore anything // without Weight set. if dev.Weight == nil { - logrus.Warnf("Ignoring weight device %s as it lacks a weight", key) + logrus.Infof("Ignoring weight device %s as it lacks a weight", key) continue } if deviceNodes == nil { @@ -500,7 +500,7 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named } path, ok := deviceNodes[key] if !ok { - logrus.Warnf("Could not locate weight device %s in system devices", key) + logrus.Infof("Could not locate weight device %s in system devices", key) continue } weightDev := define.InspectBlkioWeightDevice{} @@ -522,7 +522,7 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named } path, ok := deviceNodes[key] if !ok { - logrus.Warnf("Could not locate throttle device %s in system devices", key) + logrus.Infof("Could not locate throttle device %s in system devices", key) continue } throttleDev := define.InspectBlkioThrottleDevice{} diff --git a/libpod/container_internal.go b/libpod/container_internal.go index b6a3244ea..c751d775d 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -525,7 +525,7 @@ func (c *Container) teardownStorage() error { // Potentially another tool using containers/storage already // removed it? if errors.Cause(err) == storage.ErrNotAContainer || errors.Cause(err) == storage.ErrContainerUnknown { - logrus.Warnf("Storage for container %s already removed", c.ID()) + logrus.Infof("Storage for container %s already removed", c.ID()) return nil } diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 56575c195..9a417d75e 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -352,7 +352,7 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { if !MountExists(g.Mounts(), dstPath) { g.AddMount(newMount) } else { - logrus.Warnf("User mount overriding libpod mount at %q", dstPath) + logrus.Infof("User mount overriding libpod mount at %q", dstPath) } } diff --git a/libpod/info.go b/libpod/info.go index dd7a521c1..2f64a107e 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -117,7 +117,6 @@ func (r *Runtime) hostInfo() (*define.HostInfo, error) { if rootless.IsRootless() { if path, err := exec.LookPath("slirp4netns"); err == nil { - logrus.Warnf("Failed to retrieve program version for %s: %v", path, err) version, err := programVersion(path) if err != nil { logrus.Warnf("Failed to retrieve program version for %s: %v", path, err) diff --git a/libpod/oci_conmon_exec_linux.go b/libpod/oci_conmon_exec_linux.go index 7068bf87a..f8e7020f7 100644 --- a/libpod/oci_conmon_exec_linux.go +++ b/libpod/oci_conmon_exec_linux.go @@ -231,7 +231,7 @@ func (r *ConmonOCIRuntime) ExecStopContainer(ctr *Container, sessionID string, t // Wait for the PID to stop if err := waitPidStop(pid, time.Duration(timeout)*time.Second); err != nil { - logrus.Warnf("Timed out waiting for container %s exec session %s to stop, resorting to SIGKILL", ctr.ID(), sessionID) + logrus.Infof("Timed out waiting for container %s exec session %s to stop, resorting to SIGKILL: %v", ctr.ID(), sessionID, err) } else { // No error, container is dead return nil diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index bd58610a2..307b9bc54 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -442,7 +442,7 @@ func (r *ConmonOCIRuntime) StopContainer(ctr *Container, timeout uint, all bool) } if err := waitContainerStop(ctr, time.Duration(timeout)*time.Second); err != nil { - logrus.Warnf("Timed out stopping container %s, resorting to SIGKILL", ctr.ID()) + logrus.Infof("Timed out stopping container %s, resorting to SIGKILL: %v", ctr.ID(), err) } else { // No error, the container is dead return nil @@ -1009,7 +1009,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co if ctr.config.SdNotifyMode == define.SdNotifyModeIgnore { if err := os.Unsetenv("NOTIFY_SOCKET"); err != nil { - logrus.Warnf("Error unsetting NOTIFY_SOCKET %s", err.Error()) + logrus.Warnf("Error unsetting NOTIFY_SOCKET %v", err) } } @@ -1155,14 +1155,14 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co conmonPID, err := readConmonPidFile(ctr.config.ConmonPidFile) if err != nil { - logrus.Warnf("error reading conmon pid file for container %s: %s", ctr.ID(), err.Error()) + logrus.Warnf("error reading conmon pid file for container %s: %v", ctr.ID(), err) } else if conmonPID > 0 { // conmon not having a pid file is a valid state, so don't set it if we don't have it logrus.Infof("Got Conmon PID as %d", conmonPID) ctr.state.ConmonPID = conmonPID if ctr.config.SdNotifyMode != define.SdNotifyModeIgnore { if sent, err := daemon.SdNotify(false, fmt.Sprintf("MAINPID=%d", conmonPID)); err != nil { - logrus.Errorf("Error notifying systemd of Conmon PID: %s", err.Error()) + logrus.Errorf("Error notifying systemd of Conmon PID: %v", err) } else if sent { logrus.Debugf("Notify MAINPID sent successfully") } diff --git a/libpod/runtime.go b/libpod/runtime.go index cdf66a4d0..72bd34a5e 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -387,8 +387,8 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) { // Don't fatally error. // This will allow us to ship configs including optional // runtimes that might not be installed (crun, kata). - // Only a warnf so default configs don't spec errors. - logrus.Warnf("Error initializing configured OCI runtime %s: %v", name, err) + // Only a infof so default configs don't spec errors. + logrus.Infof("Error initializing configured OCI runtime %s: %v", name, err) continue } diff --git a/libpod/runtime_cstorage.go b/libpod/runtime_cstorage.go index 61fdd42d3..6ee8a9354 100644 --- a/libpod/runtime_cstorage.go +++ b/libpod/runtime_cstorage.go @@ -103,7 +103,7 @@ func (r *Runtime) removeStorageContainer(idOrName string, force bool) error { if errors.Cause(err) == storage.ErrContainerUnknown { // Container was removed from under us. // It's gone, so don't bother erroring. - logrus.Warnf("Storage for container %s already removed", ctr.ID) + logrus.Infof("Storage for container %s already removed", ctr.ID) return nil } return errors.Wrapf(err, "error looking up container %q mounts", idOrName) @@ -114,7 +114,7 @@ func (r *Runtime) removeStorageContainer(idOrName string, force bool) error { } else if _, err := r.store.Unmount(ctr.ID, true); err != nil { if errors.Cause(err) == storage.ErrContainerUnknown { // Container again gone, no error - logrus.Warnf("Storage for container %s already removed", ctr.ID) + logrus.Infof("Storage for container %s already removed", ctr.ID) return nil } return errors.Wrapf(err, "error unmounting container %q", idOrName) @@ -123,7 +123,7 @@ func (r *Runtime) removeStorageContainer(idOrName string, force bool) error { if err := r.store.DeleteContainer(ctr.ID); err != nil { if errors.Cause(err) == storage.ErrContainerUnknown { // Container again gone, no error - logrus.Warnf("Storage for container %s already removed", ctr.ID) + logrus.Infof("Storage for container %s already removed", ctr.ID) return nil } return errors.Wrapf(err, "error removing storage for container %q", idOrName) diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 25598ce4d..1eb42660c 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -117,7 +117,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po return nil, errors.Errorf("Pods must have an infra container to share namespaces") } if pod.HasInfraContainer() && !pod.SharesNamespaces() { - logrus.Warnf("Pod has an infra container, but shares no namespaces") + logrus.Infof("Pod has an infra container, but shares no namespaces") } if err := r.state.AddPod(pod); err != nil { @@ -212,7 +212,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) // Don't try if we failed to retrieve the cgroup if err == nil { if err := conmonCgroup.Update(resLimits); err != nil { - logrus.Warnf("Error updating pod %s conmon cgroup %s PID limit: %v", p.ID(), conmonCgroupPath, err) + logrus.Warnf("Error updating pod %s conmon cgroup PID limit: %v", p.ID(), err) } } } diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index 149050209..43478c1d3 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -263,7 +263,7 @@ loop: failed = true m.Error = string(e) if err := enc.Encode(m); err != nil { - logrus.Warnf("Failed to json encode error %q", err.Error()) + logrus.Warnf("Failed to json encode error %v", err) } flush() case <-runCtx.Done(): @@ -271,7 +271,7 @@ loop: if !utils.IsLibpodRequest(r) { m.Stream = fmt.Sprintf("Successfully built %12.12s\n", imageID) if err := enc.Encode(m); err != nil { - logrus.Warnf("Failed to json encode error %q", err.Error()) + logrus.Warnf("Failed to json encode error %v", err) } flush() } diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go index 12593a68c..0f3da53e8 100644 --- a/pkg/api/handlers/compat/images_push.go +++ b/pkg/api/handlers/compat/images_push.go @@ -81,5 +81,4 @@ func PushImage(w http.ResponseWriter, r *http.Request) { } utils.WriteResponse(w, http.StatusOK, "") - } diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go index 40cf16807..25e7640b6 100644 --- a/pkg/api/handlers/types.go +++ b/pkg/api/handlers/types.go @@ -145,13 +145,14 @@ type PodCreateConfig struct { Share string `json:"share"` } +// HistoryResponse provides details on image layers type HistoryResponse struct { - ID string `json:"Id"` - Created int64 `json:"Created"` - CreatedBy string `json:"CreatedBy"` - Tags []string `json:"Tags"` - Size int64 `json:"Size"` - Comment string `json:"Comment"` + ID string `json:"Id"` + Created int64 + CreatedBy string + Tags []string + Size int64 + Comment string } type ImageLayer struct{} @@ -213,6 +214,7 @@ func ImageToImageSummary(l *libpodImage.Image) (*entities.ImageSummary, error) { ID: l.ID(), ParentId: l.Parent, RepoTags: repoTags, + RepoDigests: digests, Created: l.Created().Unix(), Size: int64(*size), SharedSize: 0, @@ -223,7 +225,6 @@ func ImageToImageSummary(l *libpodImage.Image) (*entities.ImageSummary, error) { Dangling: l.Dangling(), Names: l.Names(), Digest: string(l.Digest()), - Digests: digests, ConfigDigest: string(l.ConfigDigest), History: l.NamesHistory(), } @@ -329,7 +330,6 @@ func ImageDataToImageInspect(ctx context.Context, l *libpodImage.Image) (*ImageI dockerImageInspect.Parent = d.Parent.String() } return &ImageInspect{dockerImageInspect}, nil - } // portsToPortSet converts libpods exposed ports to dockers structs diff --git a/pkg/bindings/containers/attach.go b/pkg/bindings/containers/attach.go index 7b321af93..91b155fc4 100644 --- a/pkg/bindings/containers/attach.go +++ b/pkg/bindings/containers/attach.go @@ -332,7 +332,7 @@ func attachHandleResize(ctx, winCtx context.Context, winChange chan os.Signal, i case <-winChange: h, w, err := terminal.GetSize(int(file.Fd())) if err != nil { - logrus.Warnf("failed to obtain TTY size: " + err.Error()) + logrus.Warnf("failed to obtain TTY size: %v", err) } var resizeErr error @@ -342,7 +342,7 @@ func attachHandleResize(ctx, winCtx context.Context, winChange chan os.Signal, i resizeErr = ResizeContainerTTY(ctx, id, &h, &w) } if resizeErr != nil { - logrus.Warnf("failed to resize TTY: " + resizeErr.Error()) + logrus.Warnf("failed to resize TTY: %v", err) } } } diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index ab545d882..81f12bff7 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -51,22 +51,22 @@ func (i *Image) Id() string { // nolint } type ImageSummary struct { - ID string `json:"Id"` - ParentId string // nolint - RepoTags []string `json:",omitempty"` + ID string `json:"Id"` + ParentId string // nolint + RepoTags []string + RepoDigests []string Created int64 - Size int64 `json:",omitempty"` - SharedSize int `json:",omitempty"` - VirtualSize int64 `json:",omitempty"` - Labels map[string]string `json:",omitempty"` - Containers int `json:",omitempty"` - ReadOnly bool `json:",omitempty"` - Dangling bool `json:",omitempty"` + Size int64 + SharedSize int + VirtualSize int64 + Labels map[string]string + Containers int + ReadOnly bool `json:",omitempty"` + Dangling bool `json:",omitempty"` // Podman extensions Names []string `json:",omitempty"` Digest string `json:",omitempty"` - Digests []string `json:",omitempty"` ConfigDigest string `json:",omitempty"` History []string `json:",omitempty"` } diff --git a/pkg/domain/infra/abi/images_list.go b/pkg/domain/infra/abi/images_list.go index 281b04294..20ae0d0f6 100644 --- a/pkg/domain/infra/abi/images_list.go +++ b/pkg/domain/infra/abi/images_list.go @@ -35,7 +35,7 @@ func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions) Created: img.Created().Unix(), Dangling: img.Dangling(), Digest: string(img.Digest()), - Digests: digests, + RepoDigests: digests, History: img.NamesHistory(), Names: img.Names(), ParentId: img.Parent, diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go index ddc73ca61..036c7b7a1 100644 --- a/pkg/specgen/generate/namespaces.go +++ b/pkg/specgen/generate/namespaces.go @@ -233,6 +233,8 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod. val = fmt.Sprintf("slirp4netns:%s", s.NetNS.Value) } toReturn = append(toReturn, libpod.WithNetNS(portMappings, postConfigureNetNS, val, nil)) + case specgen.Private: + fallthrough case specgen.Bridge: portMappings, err := createPortMappings(ctx, s, img) if err != nil { diff --git a/pkg/specgen/namespaces.go b/pkg/specgen/namespaces.go index d15745fa0..9d78a0210 100644 --- a/pkg/specgen/namespaces.go +++ b/pkg/specgen/namespaces.go @@ -258,24 +258,22 @@ func ParseNetworkNamespace(ns string) (Namespace, []string, error) { var cniNetworks []string // Net defaults to Slirp on rootless switch { - case ns == "slirp4netns", strings.HasPrefix(ns, "slirp4netns:"): + case ns == string(Slirp), strings.HasPrefix(ns, string(Slirp)+":"): toReturn.NSMode = Slirp - case ns == "pod": + case ns == string(FromPod): toReturn.NSMode = FromPod - case ns == "": + case ns == "" || ns == string(Default) || ns == string(Private): if rootless.IsRootless() { toReturn.NSMode = Slirp } else { toReturn.NSMode = Bridge } - case ns == "bridge": + case ns == string(Bridge): toReturn.NSMode = Bridge - case ns == "none": + case ns == string(NoNetwork): toReturn.NSMode = NoNetwork - case ns == "host": + case ns == string(Host): toReturn.NSMode = Host - case ns == "private": - toReturn.NSMode = Private case strings.HasPrefix(ns, "ns:"): split := strings.SplitN(ns, ":", 2) if len(split) != 2 { @@ -283,7 +281,7 @@ func ParseNetworkNamespace(ns string) (Namespace, []string, error) { } toReturn.NSMode = Path toReturn.Value = split[1] - case strings.HasPrefix(ns, "container:"): + case strings.HasPrefix(ns, string(FromContainer)+":"): split := strings.SplitN(ns, ":", 2) if len(split) != 2 { return toReturn, nil, errors.Errorf("must provide name or ID or a container when specifying container:") diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go index c0acba37d..234a60380 100644 --- a/pkg/systemd/generate/pods.go +++ b/pkg/systemd/generate/pods.go @@ -224,7 +224,7 @@ func executePodTemplate(info *podInfo, options entities.GenerateSystemdOptions) executable, err := os.Executable() if err != nil { executable = "/usr/bin/podman" - logrus.Warnf("Could not obtain podman executable location, using default %s", executable) + logrus.Warnf("Could not obtain podman executable location, using default %s: %v", executable, err) } info.Executable = executable } diff --git a/pkg/util/utils.go b/pkg/util/utils.go index f6a084c00..e0f631eb4 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -530,6 +530,11 @@ func ParseInputTime(inputTime string) (time.Time, error) { } } + unix_timestamp, err := strconv.ParseInt(inputTime, 10, 64) + if err == nil { + return time.Unix(unix_timestamp, 0), nil + } + // input might be a duration duration, err := time.ParseDuration(inputTime) if err != nil { diff --git a/test/apiv2/rest_api/test_rest_v2_0_0.py b/test/apiv2/rest_api/test_rest_v2_0_0.py index 52348d4f4..dc92a2966 100644 --- a/test/apiv2/rest_api/test_rest_v2_0_0.py +++ b/test/apiv2/rest_api/test_rest_v2_0_0.py @@ -179,15 +179,19 @@ class TestApi(unittest.TestCase): "NetworkDisabled": False, # FIXME adding these 2 lines cause: (This is sampled from docker-py) # "network already exists","message":"container - # 01306e499df5441560d70071a54342611e422a94de20865add50a9565fd79fb9 is already connected to CNI network \"TestDefaultNetwork\": network already exists" + # 01306e499df5441560d70071a54342611e422a94de20865add50a9565fd79fb9 is already connected to CNI + # network \"TestDefaultNetwork\": network already exists" # "HostConfig": {"NetworkMode": "TestDefaultNetwork"}, # "NetworkingConfig": {"EndpointsConfig": {"TestDefaultNetwork": None}}, # FIXME These two lines cause: - # CNI network \"TestNetwork\" not found","message":"error configuring network namespace for container 369ddfa7d3211ebf1fbd5ddbff91bd33fa948858cea2985c133d6b6507546dff: CNI network \"TestNetwork\" not found" + # CNI network \"TestNetwork\" not found","message":"error configuring network namespace for container + # 369ddfa7d3211ebf1fbd5ddbff91bd33fa948858cea2985c133d6b6507546dff: CNI network \"TestNetwork\" not + # found" # "HostConfig": {"NetworkMode": "TestNetwork"}, # "NetworkingConfig": {"EndpointsConfig": {"TestNetwork": None}}, # FIXME no networking defined cause: (note this error is from the container inspect below) - # "internal libpod error","message":"network inspection mismatch: asked to join 2 CNI network(s) [TestDefaultNetwork podman], but have information on 1 network(s): internal libpod error" + # "internal libpod error","message":"network inspection mismatch: asked to join 2 CNI network(s) [ + # TestDefaultNetwork podman], but have information on 1 network(s): internal libpod error" }, ) self.assertEqual(create.status_code, 201, create.text) @@ -255,23 +259,68 @@ class TestApi(unittest.TestCase): def test_commit(self): r = requests.post(_url(ctnr("/commit?container={}"))) self.assertEqual(r.status_code, 200, r.text) - validateObjectFields(r.text) - def test_images(self): - r = requests.get(_url("/images/json")) + obj = json.loads(r.content) + self.assertIsInstance(obj, dict) + self.assertIn("Id", obj) + + def test_images_compat(self): + r = requests.get(PODMAN_URL + "/v1.40/images/json") self.assertEqual(r.status_code, 200, r.text) - validateObjectFields(r.content) - def test_inspect_image(self): - r = requests.get(_url("/images/alpine/json")) + # See https://docs.docker.com/engine/api/v1.40/#operation/ImageList + required_keys = ( + "Id", + "ParentId", + "RepoTags", + "RepoDigests", + "Created", + "Size", + "SharedSize", + "VirtualSize", + "Labels", + "Containers", + ) + objs = json.loads(r.content) + self.assertIn(type(objs), (list,)) + for o in objs: + self.assertIsInstance(o, dict) + for k in required_keys: + self.assertIn(k, o) + + def test_inspect_image_compat(self): + r = requests.get(PODMAN_URL + "/v1.40/images/alpine/json") self.assertEqual(r.status_code, 200, r.text) - obj = validateObjectFields(r.content) + + # See https://docs.docker.com/engine/api/v1.40/#operation/ImageInspect + required_keys = ( + "Id", + "Parent", + "Comment", + "Created", + "Container", + "DockerVersion", + "Author", + "Architecture", + "Os", + "Size", + "VirtualSize", + "GraphDriver", + "RootFS", + "Metadata", + ) + + obj = json.loads(r.content) + self.assertIn(type(obj), (dict,)) + for k in required_keys: + self.assertIn(k, obj) _ = parse(obj["Created"]) - def test_delete_image(self): - r = requests.delete(_url("/images/alpine?force=true")) + def test_delete_image_compat(self): + r = requests.delete(PODMAN_URL + "/v1.40/images/alpine?force=true") self.assertEqual(r.status_code, 200, r.text) - json.loads(r.text) + obj = json.loads(r.content) + self.assertIn(type(obj), (list,)) def test_pull(self): r = requests.post(_url("/images/pull?reference=alpine"), timeout=15) @@ -295,12 +344,13 @@ class TestApi(unittest.TestCase): self.assertTrue(keys["images"], "Expected to find images stanza") self.assertTrue(keys["stream"], "Expected to find stream progress stanza's") - def test_search(self): + def test_search_compat(self): # Had issues with this test hanging when repositories not happy def do_search(): - r = requests.get(_url("/images/search?term=alpine"), timeout=5) + r = requests.get(PODMAN_URL + "/v1.40/images/search?term=alpine", timeout=5) self.assertEqual(r.status_code, 200, r.text) - json.loads(r.text) + objs = json.loads(r.text) + self.assertIn(type(objs), (list,)) search = Process(target=do_search) search.start() @@ -320,6 +370,20 @@ class TestApi(unittest.TestCase): r = requests.get(_url("/_ping")) self.assertEqual(r.status_code, 200, r.text) + def test_history_compat(self): + r = requests.get(PODMAN_URL + "/v1.40/images/alpine/history") + self.assertEqual(r.status_code, 200, r.text) + + # See https://docs.docker.com/engine/api/v1.40/#operation/ImageHistory + required_keys = ("Id", "Created", "CreatedBy", "Tags", "Size", "Comment") + + objs = json.loads(r.content) + self.assertIn(type(objs), (list,)) + for o in objs: + self.assertIsInstance(o, dict) + for k in required_keys: + self.assertIn(k, o) + if __name__ == "__main__": unittest.main() diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 3e80e953e..3fb00a28b 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -49,9 +49,28 @@ var _ = Describe("Podman run networking", func() { Expect(session.ExitCode()).To(Equal(0)) }) + It("podman run network connection with default", func() { + session := podmanTest.Podman([]string{"run", "--network", "default", ALPINE, "wget", "www.podman.io"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + + It("podman run network connection with none", func() { + session := podmanTest.Podman([]string{"run", "--network", "none", ALPINE, "wget", "www.podman.io"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(1)) + Expect(session.ErrorToString()).To(ContainSubstring("wget: bad address 'www.podman.io'")) + }) + + It("podman run network connection with private", func() { + session := podmanTest.Podman([]string{"run", "--network", "private", ALPINE, "wget", "www.podman.io"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman run network connection with loopback", func() { - session := podmanTest.Podman([]string{"run", "-dt", "--network", "host", ALPINE, "wget", "www.podman.io"}) - session.Wait(90) + session := podmanTest.Podman([]string{"run", "--network", "host", ALPINE, "wget", "www.podman.io"}) + session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) }) diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index a3d6a5800..a081a7ce1 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -21,6 +21,9 @@ load helpers run_podman logs $cid is "$output" "$rand_string" "output from podman-logs after container is run" + # test --since with Unix timestamps + run_podman logs --since 1000 $cid + run_podman rm $cid } diff --git a/vendor/github.com/cri-o/ocicni/pkg/ocicni/ocicni.go b/vendor/github.com/cri-o/ocicni/pkg/ocicni/ocicni.go index ee09adc8d..7a9f97d1c 100644 --- a/vendor/github.com/cri-o/ocicni/pkg/ocicni/ocicni.go +++ b/vendor/github.com/cri-o/ocicni/pkg/ocicni/ocicni.go @@ -149,7 +149,7 @@ func (plugin *cniNetworkPlugin) monitorConfDir(start *sync.WaitGroup) { for { select { case event := <-plugin.watcher.Events: - logrus.Warningf("CNI monitoring event %v", event) + logrus.Infof("CNI monitoring event %v", event) var defaultDeleted bool createWrite := (event.Op&fsnotify.Create == fsnotify.Create || @@ -295,7 +295,7 @@ func loadNetworks(confDir string, cni *libcni.CNIConfig) (map[string]*cniNetwork } } if len(confList.Plugins) == 0 { - logrus.Warningf("CNI config list %s has no networks, skipping", confFile) + logrus.Infof("CNI config list %s has no networks, skipping", confFile) continue } @@ -350,7 +350,7 @@ func (plugin *cniNetworkPlugin) syncNetworkConfig() error { plugin.defaultNetName.name = defaultNetName logrus.Infof("Update default CNI network name to %s", defaultNetName) } else { - logrus.Warnf("Default CNI network name %s is unchangeable", plugin.defaultNetName.name) + logrus.Debugf("Default CNI network name %s is unchangeable", plugin.defaultNetName.name) } plugin.networks = networks diff --git a/vendor/modules.txt b/vendor/modules.txt index 9de30e604..19a87d31d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -220,7 +220,7 @@ github.com/coreos/go-systemd/v22/dbus github.com/coreos/go-systemd/v22/internal/dlopen github.com/coreos/go-systemd/v22/journal github.com/coreos/go-systemd/v22/sdjournal -# github.com/cri-o/ocicni v0.2.1-0.20201102180012-75c612fda1a2 => github.com/cri-o/ocicni v0.2.1-0.20201109200316-afdc16ba66df +# github.com/cri-o/ocicni v0.2.1-0.20201125151022-df072ea5421c github.com/cri-o/ocicni/pkg/ocicni # github.com/cyphar/filepath-securejoin v0.2.2 github.com/cyphar/filepath-securejoin |