diff options
20 files changed, 146 insertions, 57 deletions
diff --git a/RELEASE_PROCESS.md b/RELEASE_PROCESS.md index d6414de73..e893d9e2e 100644 --- a/RELEASE_PROCESS.md +++ b/RELEASE_PROCESS.md @@ -166,6 +166,8 @@ spelled with complete minutiae. `git log -1 $(git tag | sort -V | tail -1)`. 1. Edit `version/version.go` and bump the `Version` value to the new release version. If there were API changes, also bump `APIVersion` value. + Make sure to also bump the version in the swagger.yaml `pkg/api/server/docs.go` + and to add a new entry in `docs/source/Reference.rst` for major and minor releases. 1. Commit this and sign the commit (`git commit -a -s -S`). The commit message should be `Bump to vX.Y.Z` (using the actual version numbers). 1. Push this single change to your github fork, and make a new PR, diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go index 15bb7aee0..b5c9b359c 100644 --- a/cmd/podman/registry/config.go +++ b/cmd/podman/registry/config.go @@ -81,11 +81,6 @@ func newPodmanConfig() { mode = entities.TunnelMode } - cfg.Network.NetworkConfigDir = cfg.Network.CNIPluginDirs[0] - if rootless.IsRootless() { - cfg.Network.NetworkConfigDir = "" - } - podmanOptions = entities.PodmanConfig{Config: cfg, EngineMode: mode} } diff --git a/docs/source/Reference.rst b/docs/source/Reference.rst index d194c55a3..dca49a559 100644 --- a/docs/source/Reference.rst +++ b/docs/source/Reference.rst @@ -3,8 +3,16 @@ Reference ========= -To see full screen version please visit: `API documentation <https://docs.podman.io/en/latest/_static/api.html>`_ +Show the API documentation for version: -.. raw:: html +* `latest (main branch) <_static/api.html>`_ - <iframe src="_static/api.html" allowfullscreen="true" height="600px" width="120%"></iframe> +* `version 4.0 <_static/api.html?version=v4.0>`_ + +* `version 3.4 <_static/api.html?version=v3.4>`_ + +* `version 3.3 <_static/api.html?version=v3.3>`_ + +* `version 3.2 <_static/api.html?version=v3.2>`_ + +* `version 3.1 <_static/api.html?version=v3.1>`_ diff --git a/docs/source/_static/api.html b/docs/source/_static/api.html index 6d467d099..0d2d2a8a1 100644 --- a/docs/source/_static/api.html +++ b/docs/source/_static/api.html @@ -18,7 +18,22 @@ </style> </head> <body> - <redoc spec-url='https://storage.googleapis.com/libpod-master-releases/swagger-latest.yaml' sort-props-alphabetically sort-operations-alphabetically></redoc> + <script> + // get version from query (default to latest) + var queryString = window.location.search; + var query = new URLSearchParams(queryString); + var version = "latest"; + if (query.has("version")) { + version = query.get("version"); + } + + var redoc = document.createElement("redoc"); + redoc.setAttribute("sort-props-alphabetically",""); + redoc.setAttribute("sort-operations-alphabetically",""); + redoc.setAttribute("spec-url","https://storage.googleapis.com/libpod-master-releases/swagger-" + version + ".yaml"); + + document.body.appendChild(redoc); + </script> <script src="https://cdn.jsdelivr.net/npm/redoc@next/bundles/redoc.standalone.js"> </script> </body> </html> @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v1.0.1 github.com/containernetworking/plugins v1.0.1 github.com/containers/buildah v1.24.1 - github.com/containers/common v0.47.3 + github.com/containers/common v0.47.4 github.com/containers/conmon v2.0.20+incompatible github.com/containers/image/v5 v5.19.1 github.com/containers/ocicrypt v1.1.2 @@ -325,8 +325,9 @@ github.com/containernetworking/plugins v1.0.1 h1:wwCfYbTCj5FC0EJgyzyjTXmqysOiJE9 github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE= github.com/containers/buildah v1.24.1 h1:PlvU0hbUsm1x4H9kPcsmqjViqDGnBpSZT3QtZ00RtgI= github.com/containers/buildah v1.24.1/go.mod h1:sE7AaoPQYwAB7dleOOKOpzOO3bA8lRUvZRiZcn/RYi0= -github.com/containers/common v0.47.3 h1:pRT7gkLrBSQe3075j5hoHYeeKpGTWBJHws+tS5xxfak= github.com/containers/common v0.47.3/go.mod h1:/VAV4ibC27Lfyb9cxXM4uTYrJFa/7s+utNB052MJdzY= +github.com/containers/common v0.47.4 h1:kS202Z/bTQIM/pwyuJ+lF8143Uli6AB9Q9OVR0xa9CM= +github.com/containers/common v0.47.4/go.mod h1:HgX0mFXyB0Tbe2REEIp9x9CxET6iSzmHfwR6S/t2LZc= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/image/v5 v5.19.1 h1:g4/+XIuh1kRoRn2MfLDhfHhkNOIO9JtqhSyo55tjpfE= diff --git a/pkg/api/handlers/libpod/networks.go b/pkg/api/handlers/libpod/networks.go index 71d46ce70..16f499d4c 100644 --- a/pkg/api/handlers/libpod/networks.go +++ b/pkg/api/handlers/libpod/networks.go @@ -17,22 +17,37 @@ import ( ) func CreateNetwork(w http.ResponseWriter, r *http.Request) { + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) + return + } + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) network := types.Network{} if err := json.NewDecoder(r.Body).Decode(&network); err != nil { - utils.Error(w, http.StatusInternalServerError, errors.Wrap(err, "decode body")) + utils.Error(w, http.StatusInternalServerError, errors.Wrap(err, "failed to decode request JSON payload")) return } ic := abi.ContainerEngine{Libpod: runtime} report, err := ic.NetworkCreate(r.Context(), network) if err != nil { - utils.InternalServerError(w, err) + if errors.Is(err, types.ErrNetworkExists) { + utils.Error(w, http.StatusConflict, err) + } else { + utils.InternalServerError(w, err) + } return } utils.WriteResponse(w, http.StatusOK, report) } + func ListNetworks(w http.ResponseWriter, r *http.Request) { + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) + return + } + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { @@ -54,6 +69,11 @@ func ListNetworks(w http.ResponseWriter, r *http.Request) { } func RemoveNetwork(w http.ResponseWriter, r *http.Request) { + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) + return + } + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { @@ -87,21 +107,18 @@ func RemoveNetwork(w http.ResponseWriter, r *http.Request) { utils.WriteResponse(w, http.StatusOK, reports) } +// InspectNetwork reports on given network's details func InspectNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) - decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) - query := struct { - }{ - // override any golang type defaults - } - if err := decoder.Decode(&query, r.URL.Query()); err != nil { - utils.Error(w, http.StatusInternalServerError, - errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) return } + + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + ic := abi.ContainerEngine{Libpod: runtime} + name := utils.GetName(r) options := entities.InspectOptions{} - ic := abi.ContainerEngine{Libpod: runtime} reports, errs, err := ic.NetworkInspect(r.Context(), []string{name}, options) // If the network cannot be found, we return a 404. if len(errs) > 0 { @@ -117,14 +134,19 @@ func InspectNetwork(w http.ResponseWriter, r *http.Request) { // Connect adds a container to a network func Connect(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) + return + } + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) var netConnect entities.NetworkConnectOptions if err := json.NewDecoder(r.Body).Decode(&netConnect); err != nil { - utils.Error(w, http.StatusInternalServerError, errors.Wrap(err, "Decode()")) + utils.Error(w, http.StatusInternalServerError, errors.Wrap(err, "failed to decode request JSON payload")) return } name := utils.GetName(r) + err := runtime.ConnectContainerToNetwork(netConnect.Container, name, netConnect.PerNetworkOptions) if err != nil { if errors.Cause(err) == define.ErrNoSuchCtr { @@ -143,10 +165,15 @@ func Connect(w http.ResponseWriter, r *http.Request) { // ExistsNetwork check if a network exists func ExistsNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) - name := utils.GetName(r) + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) + return + } + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ic := abi.ContainerEngine{Libpod: runtime} + + name := utils.GetName(r) report, err := ic.NetworkExists(r.Context(), name) if err != nil { utils.Error(w, http.StatusInternalServerError, err) @@ -161,7 +188,13 @@ func ExistsNetwork(w http.ResponseWriter, r *http.Request) { // Prune removes unused networks func Prune(w http.ResponseWriter, r *http.Request) { + if v, err := utils.SupportedVersion(r, ">=4.0.0"); err != nil { + utils.BadRequest(w, "version", v.String(), err) + return + } + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + ic := abi.ContainerEngine{Libpod: runtime} filterMap, err := util.PrepareFilters(r) if err != nil { @@ -172,7 +205,6 @@ func Prune(w http.ResponseWriter, r *http.Request) { pruneOptions := entities.NetworkPruneOptions{ Filters: *filterMap, } - ic := abi.ContainerEngine{Libpod: runtime} pruneReports, err := ic.NetworkPrune(r.Context(), pruneOptions) if err != nil { utils.Error(w, http.StatusInternalServerError, err) diff --git a/pkg/bindings/test/networks_test.go b/pkg/bindings/test/networks_test.go index ee2d6f472..137db71a3 100644 --- a/pkg/bindings/test/networks_test.go +++ b/pkg/bindings/test/networks_test.go @@ -80,7 +80,7 @@ var _ = Describe("Podman networks", func() { // Valid filter params => network should be pruned now. filters = map[string][]string{ - "until": {"5000000000"}, //June 11, 2128 + "until": {"5000000000"}, // June 11, 2128 } pruneResponse, err = network.Prune(connText, new(network.PruneOptions).WithFilters(filters)) Expect(err).To(BeNil()) @@ -105,7 +105,7 @@ var _ = Describe("Podman networks", func() { _, err = network.Create(connText, &net) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) - Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) + Expect(code).To(BeNumerically("==", http.StatusConflict)) }) It("inspect network", func() { diff --git a/test/apiv2/35-networks.at b/test/apiv2/35-networks.at index 0e2389bd5..3502b89e0 100644 --- a/test/apiv2/35-networks.at +++ b/test/apiv2/35-networks.at @@ -8,7 +8,10 @@ t GET networks/non-existing-network 404 \ t POST libpod/networks/create name='"network1"' 200 \ .name=network1 \ - .created~[0-9]\\{4\\}-[0-9]\\{2\\}-[0-9]\\{2\\}.* \ + .created~[0-9]\\{4\\}-[0-9]\\{2\\}-[0-9]\\{2\\}.* + +t POST /v3.4.0/libpod/networks/create name='"bad_version"' 400 \ + .cause='given version is not supported' # --data '{"name":"network2","subnets":[{"subnet":"10.10.254.0/24"}],"Labels":{"abc":"val"}}' t POST libpod/networks/create name='"network2"' \ diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index 56280f04e..bd728e130 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -256,11 +256,11 @@ function t() { # If given path begins with /, use it as-is; otherwise prepend /version/ local url=http://$HOST:$PORT - if expr "$path" : "/" >/dev/null; then - url="$url$path" - else - url="$url/v1.40/$path" - fi + case "$path" in + /*) url="$url$path" ;; + libpod/*) url="$url/v4.0.0/$path" ;; + *) url="$url/v1.41/$path" ;; + esac # Log every action we do echo "-------------------------------------------------------------" >>$LOG diff --git a/vendor/github.com/containers/common/libimage/copier.go b/vendor/github.com/containers/common/libimage/copier.go index 459989579..2a8f47f7f 100644 --- a/vendor/github.com/containers/common/libimage/copier.go +++ b/vendor/github.com/containers/common/libimage/copier.go @@ -7,6 +7,7 @@ import ( "strings" "time" + "github.com/containers/common/libimage/manifests" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/retry" "github.com/containers/image/v5/copy" @@ -26,8 +27,10 @@ const ( ) // LookupReferenceFunc return an image reference based on the specified one. -// This can be used to pass custom blob caches to the copy operation. -type LookupReferenceFunc func(ref types.ImageReference) (types.ImageReference, error) +// The returned reference can return custom ImageSource or ImageDestination +// objects which intercept or filter blobs, manifests, and signatures as +// they are read and written. +type LookupReferenceFunc = manifests.LookupReferenceFunc // CopyOptions allow for customizing image-copy operations. type CopyOptions struct { diff --git a/vendor/github.com/containers/common/libimage/manifests/manifests.go b/vendor/github.com/containers/common/libimage/manifests/manifests.go index 45223cc2f..ccff908c9 100644 --- a/vendor/github.com/containers/common/libimage/manifests/manifests.go +++ b/vendor/github.com/containers/common/libimage/manifests/manifests.go @@ -27,6 +27,12 @@ import ( const instancesData = "instances.json" +// LookupReferenceFunc return an image reference based on the specified one. +// The returned reference can return custom ImageSource or ImageDestination +// objects which intercept or filter blobs, manifests, and signatures as +// they are read and written. +type LookupReferenceFunc func(ref types.ImageReference) (types.ImageReference, error) + // ErrListImageUnknown is returned when we attempt to create an image reference // for a List that has not yet been saved to an image. var ErrListImageUnknown = stderrors.New("unable to determine which image holds the manifest list") @@ -57,6 +63,7 @@ type PushOptions struct { SignBy string // fingerprint of GPG key to use to sign images RemoveSignatures bool // true to discard signatures in images ManifestType string // the format to use when saving the list - possible options are oci, v2s1, and v2s2 + SourceFilter LookupReferenceFunc // filter the list source } // Create creates a new list containing information about the specified image, @@ -221,6 +228,11 @@ func (l *list) Push(ctx context.Context, dest types.ImageReference, options Push if err != nil { return nil, "", err } + if options.SourceFilter != nil { + if src, err = options.SourceFilter(src); err != nil { + return nil, "", err + } + } copyOptions := &cp.Options{ ImageListSelection: options.ImageListSelection, Instances: options.Instances, diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go index dedb40ad3..5574b2b1c 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go @@ -222,14 +222,33 @@ func (n *cniNetwork) createCNIConfigListFromNetwork(network *types.Network, writ err error ) if len(network.Subnets) > 0 { + defIpv4Route := false + defIpv6Route := false for _, subnet := range network.Subnets { - route, err := newIPAMDefaultRoute(util.IsIPv6(subnet.Subnet.IP)) - if err != nil { - return nil, "", err - } - routes = append(routes, route) ipam := newIPAMLocalHostRange(subnet.Subnet, subnet.LeaseRange, subnet.Gateway) ipamRanges = append(ipamRanges, []ipamLocalHostRangeConf{*ipam}) + + // only add default route for not internal networks + if !network.Internal { + ipv6 := util.IsIPv6(subnet.Subnet.IP) + if !ipv6 && defIpv4Route { + continue + } + if ipv6 && defIpv6Route { + continue + } + + if ipv6 { + defIpv6Route = true + } else { + defIpv4Route = true + } + route, err := newIPAMDefaultRoute(ipv6) + if err != nil { + return nil, "", err + } + routes = append(routes, route) + } } ipamConf = newIPAMHostLocalConf(routes, ipamRanges) } else { diff --git a/vendor/github.com/containers/common/libnetwork/cni/config.go b/vendor/github.com/containers/common/libnetwork/cni/config.go index b0aa19d94..b1f89400c 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/config.go +++ b/vendor/github.com/containers/common/libnetwork/cni/config.go @@ -82,7 +82,7 @@ func (n *cniNetwork) networkCreate(newNetwork *types.Network, defaultNet bool) ( return nil, errors.Wrapf(types.ErrInvalidArg, "unsupported driver %s", newNetwork.Driver) } - err = internalutil.ValidateSubnets(newNetwork, usedNetworks) + err = internalutil.ValidateSubnets(newNetwork, !newNetwork.Internal, usedNetworks) if err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/validate.go b/vendor/github.com/containers/common/libnetwork/internal/util/validate.go index bfc5e2247..ac3934f8d 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/validate.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/validate.go @@ -65,11 +65,11 @@ func ValidateSubnet(s *types.Subnet, addGateway bool, usedNetworks []*net.IPNet) } // ValidateSubnets will validate the subnets for this network. -// It also sets the gateway if the gateway is empty and it sets +// It also sets the gateway if the gateway is empty and addGateway is set to true // IPv6Enabled to true if at least one subnet is ipv6. -func ValidateSubnets(network *types.Network, usedNetworks []*net.IPNet) error { +func ValidateSubnets(network *types.Network, addGateway bool, usedNetworks []*net.IPNet) error { for i := range network.Subnets { - err := ValidateSubnet(&network.Subnets[i], !network.Internal, usedNetworks) + err := ValidateSubnet(&network.Subnets[i], addGateway, usedNetworks) if err != nil { return err } diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index 7de59f807..16b4e5c53 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -115,16 +115,13 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo return nil, errors.Wrapf(types.ErrInvalidArg, "unsupported driver %s", newNetwork.Driver) } - err = internalutil.ValidateSubnets(newNetwork, usedNetworks) + // add gatway when not internal or dns enabled + addGateway := !newNetwork.Internal || newNetwork.DNSEnabled + err = internalutil.ValidateSubnets(newNetwork, addGateway, usedNetworks) if err != nil { return nil, err } - // FIXME: If we have a working solution for internal networks with dns this check should be removed. - if newNetwork.DNSEnabled && newNetwork.Internal { - return nil, errors.New("cannot set internal and dns enabled") - } - newNetwork.Created = time.Now() if !defaultNet { diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index 7122acf98..efea36fec 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -231,7 +231,9 @@ func parseNetwork(network *types.Network) error { return errors.Errorf("invalid network ID %q", network.ID) } - return util.ValidateSubnets(network, nil) + // add gatway when not internal or dns enabled + addGateway := !network.Internal || network.DNSEnabled + return util.ValidateSubnets(network, addGateway, nil) } func (n *netavarkNetwork) createDefaultNetwork() (*types.Network, error) { diff --git a/vendor/github.com/containers/common/pkg/auth/auth.go b/vendor/github.com/containers/common/pkg/auth/auth.go index ff52b028e..af3c8f803 100644 --- a/vendor/github.com/containers/common/pkg/auth/auth.go +++ b/vendor/github.com/containers/common/pkg/auth/auth.go @@ -248,7 +248,7 @@ func getUserAndPass(opts *LoginOptions, password, userFromAuthFile string) (user } if password == "" { fmt.Fprint(opts.Stdout, "Password: ") - pass, err := terminal.ReadPassword(0) + pass, err := terminal.ReadPassword(int(os.Stdin.Fd())) if err != nil { return "", "", errors.Wrap(err, "reading password") } diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 5ab8cd7f2..eac64b077 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.47.3" +const Version = "0.47.4" diff --git a/vendor/modules.txt b/vendor/modules.txt index 909c2707e..9260511f5 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -109,7 +109,7 @@ github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/util -# github.com/containers/common v0.47.3 +# github.com/containers/common v0.47.4 ## explicit github.com/containers/common/libimage github.com/containers/common/libimage/manifests |