diff options
| -rw-r--r-- | .cirrus.yml | 49 | ||||
| -rw-r--r-- | Makefile | 5 | ||||
| -rw-r--r-- | cmd/podman/common.go | 4 | ||||
| -rw-r--r-- | cmd/podman/create.go | 4 | ||||
| -rw-r--r-- | cmd/podman/generate_kube.go | 33 | ||||
| -rw-r--r-- | cmd/podman/login.go | 19 | ||||
| -rw-r--r-- | completions/bash/podman | 1 | ||||
| -rw-r--r-- | contrib/cirrus/lib.sh | 5 | ||||
| -rwxr-xr-x | contrib/cirrus/success.sh | 16 | ||||
| -rwxr-xr-x | contrib/python/podman/test/test_runner.sh | 1 | ||||
| -rw-r--r-- | docs/podman-create.1.md | 25 | ||||
| -rw-r--r-- | docs/podman-generate-kube.1.md | 56 | ||||
| -rw-r--r-- | docs/podman-login.1.md | 4 | ||||
| -rw-r--r-- | docs/podman-run.1.md | 25 |
14 files changed, 204 insertions, 43 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index 9d64bb5ab..75c9ac89e 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -22,6 +22,7 @@ env: # Save a little typing (path relative to $CIRRUS_WORKING_DIR) SCRIPT_BASE: "./contrib/cirrus" PACKER_BASE: "./contrib/cirrus/packer" + CIRRUS_CLONE_DEPTH: 200 #### #### Variables for composing new cache-images (used in PR testing) from @@ -57,7 +58,7 @@ env: # Needed to build GCE images, within a GCE VM SERVICE_ACCOUNT: ENCRYPTED[99e9a0b1c23f8dd29e83dfdf164f064cfd17afd9b895ca3b5e4c41170bd4290a8366fe2ad8e7a210b9f751711d1d002a] # User ID for cirrus to ssh into VMs - GCE_SSH_USERNAME: ENCRYPTED[a7706b9e4b8bbb47f76358df7407f4fffa2e8552531190cc0b3315180c4b50588f560c4f85731e99cb5f43a396778277] + GCE_SSH_USERNAME: cirrus-ci # Name where this repositories cloud resources are located GCP_PROJECT_ID: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f] @@ -77,6 +78,7 @@ env: CIRRUS_WORKING_DIR CIRRUS_HTTP_CACHE_HOST PACKER_BUILDS BUILT_IMAGE_SUFFIX XDG_DATA_DIRS XDG_RUNTIME_DIR XDG_SESSION_ID + # Every *_task runs in parallel in separate VMsd. The name prefix only for reference # in WebUI, and will be followed by matrix details. This task gates all others with # quick format, lint, and unit tests on the standard platform. @@ -96,11 +98,33 @@ gating_task: - '/usr/local/bin/entrypoint.sh lint' +build_each_commit_task: + + depends_on: + - "gating" + + gce_instance: + image_project: "libpod-218412" + zone: "us-central1-a" # Required by Cirrus for the time being + cpu: 2 + memory: "4Gb" + disk: 40 + matrix: + image_name: "fedora-29-libpod-0c954a67" + + timeout_in: 20m + + script: + - $SCRIPT_BASE/setup_environment.sh + - git fetch --depth $CIRRUS_CLONE_DEPTH origin $CIRRUS_BASE_BRANCH + - env GOPATH=/var/tmp/go/ make build-all-new-commits GIT_BASE_BRANCH=origin/$CIRRUS_BASE_BRANCH + # This task does the unit and integration testing for every platform testing_task: depends_on: - "gating" + - "build_each_commit" gce_instance: image_project: "libpod-218412" @@ -134,8 +158,6 @@ testing_task: integration_test_script: $SCRIPT_BASE/integration_test.sh - success_script: $SCRIPT_BASE/success.sh - # Because system tests are stored within the repository, it is sometimes # necessary to execute them within a PR to validate changes. @@ -162,7 +184,6 @@ optional_testing_task: setup_environment_script: $SCRIPT_BASE/setup_environment.sh system_test_script: $SCRIPT_BASE/system_test.sh - success_script: $SCRIPT_BASE/success.sh # Build new cache-images for future PR testing, but only after a PR merge. @@ -208,3 +229,23 @@ cache_images_task: # - clone_podman_release_branch.sh # - modify_cirrus_yaml_image_names.sh # - commit_and_create_upstream_pr.sh + + +# Post message to IRC if everything passed +success_task: + + depends_on: # ignores any dependent task conditions + - "gating" + - "testing" + - "optional_testing" + - "cache_images" + + env: + CIRRUS_WORKING_DIR: "/usr/src/libpod" + + container: + image: "quay.io/libpod/gate:latest" + cpu: 1 + memory: 1 + + success_script: $SCRIPT_BASE/success.sh @@ -5,6 +5,7 @@ HEAD ?= HEAD CHANGELOG_BASE ?= HEAD~ CHANGELOG_TARGET ?= HEAD PROJECT := github.com/containers/libpod +GIT_BASE_BRANCH ?= origin/master GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null) GIT_BRANCH_CLEAN ?= $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g") LIBPOD_IMAGE ?= libpod_dev$(if $(GIT_BRANCH_CLEAN),:$(GIT_BRANCH_CLEAN)) @@ -345,6 +346,10 @@ API.md: cmd/podman/varlink/io.podman.varlink validate: gofmt .gitvalidation +build-all-new-commits: + # Validate that all the commits build on top of $(GIT_BASE_BRANCH) + git rebase $(GIT_BASE_BRANCH) -x make + .PHONY: \ .gopathok \ binaries \ diff --git a/cmd/podman/common.go b/cmd/podman/common.go index c4016698a..8404a29b8 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -422,6 +422,10 @@ var createFlags = []cli.Flag{ Name: "read-only", Usage: "Make containers root filesystem read-only", }, + cli.StringFlag{ + Name: "restart", + Usage: "Restart is not supported. Please use a systemd unit file for restart", + }, cli.BoolFlag{ Name: "rm", Usage: "Remove container (and pod if created) after exit", diff --git a/cmd/podman/create.go b/cmd/podman/create.go index 6c6bcfb41..870eb28d6 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -412,6 +412,10 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim blkioWeight uint16 namespaces map[string]string ) + if c.IsSet("restart") { + return nil, errors.Errorf("--restart option is not supported.\nUse systemd unit files for restarting containers") + } + idmappings, err := util.ParseIDMapping(c.StringSlice("uidmap"), c.StringSlice("gidmap"), c.String("subuidname"), c.String("subgidname")) if err != nil { return nil, err diff --git a/cmd/podman/generate_kube.go b/cmd/podman/generate_kube.go index 6483ffd72..8f2f0de32 100644 --- a/cmd/podman/generate_kube.go +++ b/cmd/podman/generate_kube.go @@ -17,7 +17,7 @@ var ( containerKubeFlags = []cli.Flag{ cli.BoolFlag{ Name: "service, s", - Usage: "only generate YAML for kubernetes service object", + Usage: "generate YAML for kubernetes service object", }, } containerKubeDescription = "Generate Kubernetes Pod YAML" @@ -36,13 +36,14 @@ var ( // generateKubeYAMLCmdgenerates or replays kube func generateKubeYAMLCmd(c *cli.Context) error { var ( - podYAML *v1.Pod - container *libpod.Container - err error - output []byte - pod *libpod.Pod - mashalledBytes []byte - servicePorts []v1.ServicePort + podYAML *v1.Pod + container *libpod.Container + err error + output []byte + pod *libpod.Pod + marshalledPod []byte + marshalledService []byte + servicePorts []v1.ServicePort ) if rootless.IsRootless() { @@ -79,11 +80,13 @@ func generateKubeYAMLCmd(c *cli.Context) error { if c.Bool("service") { serviceYAML := libpod.GenerateKubeServiceFromV1Pod(podYAML, servicePorts) - mashalledBytes, err = yaml.Marshal(serviceYAML) - } else { - // Marshall the results - mashalledBytes, err = yaml.Marshal(podYAML) + marshalledService, err = yaml.Marshal(serviceYAML) + if err != nil { + return err + } } + // Marshall the results + marshalledPod, err = yaml.Marshal(podYAML) if err != nil { return err } @@ -96,7 +99,11 @@ func generateKubeYAMLCmd(c *cli.Context) error { # Created with podman-%s ` output = append(output, []byte(fmt.Sprintf(header, podmanVersion.Version))...) - output = append(output, mashalledBytes...) + output = append(output, marshalledPod...) + if c.Bool("service") { + output = append(output, []byte("---\n")...) + output = append(output, marshalledService...) + } // Output the v1.Pod with the v1.Container fmt.Println(string(output)) diff --git a/cmd/podman/login.go b/cmd/podman/login.go index cfdd8005b..4452651f8 100644 --- a/cmd/podman/login.go +++ b/cmd/podman/login.go @@ -34,6 +34,10 @@ var ( Usage: "Pathname of a directory containing TLS certificates and keys used to connect to the registry", }, cli.BoolTFlag{ + Name: "get-login", + Usage: "Return the current login user for the registry", + }, + cli.BoolTFlag{ Name: "tls-verify", Usage: "Require HTTPS and verify certificates when contacting registries (default: true)", }, @@ -65,6 +69,21 @@ func loginCmd(c *cli.Context) error { sc := common.GetSystemContext("", authfile, false) + if c.IsSet("get-login") { + user, err := config.GetUserLoggedIn(sc, server) + + if err != nil { + return errors.Wrapf(err, "unable to check for login user") + } + + if user == "" { + return errors.Errorf("not logged into %s", server) + } + + fmt.Printf("%s\n", user) + return nil + } + // username of user logged in to server (if one exists) userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server) if err != nil { diff --git a/completions/bash/podman b/completions/bash/podman index 9a8adb502..4702ae0e0 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -2217,6 +2217,7 @@ _podman_login() { --password -p --authfile + --get-login " local boolean_options=" --help diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index 51db203fd..3b567b7a7 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -123,12 +123,11 @@ stub() { ircmsg() { req_env_var " - SCRIPT_BASE $SCRIPT_BASE - GOSRC $GOSRC CIRRUS_TASK_ID $CIRRUS_TASK_ID 1 $1 " - SCRIPT="$GOSRC/$SCRIPT_BASE/podbot.py" + # Sometimes setup_environment.sh didn't run + SCRIPT="$(dirname $0)/podbot.py" NICK="podbot_$CIRRUS_TASK_ID" NICK="${NICK:0:15}" # Any longer will break things set +e diff --git a/contrib/cirrus/success.sh b/contrib/cirrus/success.sh index d1daf9043..2b0cf4655 100755 --- a/contrib/cirrus/success.sh +++ b/contrib/cirrus/success.sh @@ -1,22 +1,20 @@ #!/bin/bash set -e + source $(dirname $0)/lib.sh req_env_var " - CIRRUS_TASK_NAME $CIRRUS_TASK_NAME CIRRUS_BRANCH $CIRRUS_BRANCH - OS_RELEASE_ID $OS_RELEASE_ID - OS_RELEASE_VER $OS_RELEASE_VER - CIRRUS_REPO_CLONE_URL $CIRRUS_REPO_CLONE_URL + CIRRUS_BUILD_ID $CIRRUS_BUILD_ID " -REF_URL="$(echo $CIRRUS_REPO_CLONE_URL | sed 's/.git$//g')" +REF=$(basename $CIRRUS_BRANCH) # PR number or branch named +URL="https://cirrus-ci.com/build/$CIRRUS_BUILD_ID" + if [[ "$CIRRUS_BRANCH" =~ "pull" ]] then - REF_URL="$REF_URL/$CIRRUS_BRANCH" # pull request URL + ircmsg "Cirrus-CI testing successful for PR #$REF: $URL" else - REF_URL="$REF_URL/commits/$CIRRUS_BRANCH" # branch merge + ircmsg "Cirrus-CI testing branch $REF successful: $URL" fi - -ircmsg "Cirrus-CI $CIRRUS_TASK_NAME on $OS_RELEASE_ID-$OS_RELEASE_VER successful for $REF_URL" diff --git a/contrib/python/podman/test/test_runner.sh b/contrib/python/podman/test/test_runner.sh index bf097e2b2..651b2e74f 100755 --- a/contrib/python/podman/test/test_runner.sh +++ b/contrib/python/podman/test/test_runner.sh @@ -41,6 +41,7 @@ export TMPDIR=`mktemp -d /tmp/podman.XXXXXXXXXX` trap "cleanup $TMPDIR" EXIT function umount { + set +xeuo pipefail # xargs -r always ran once, so write any mount points to file first mount |awk "/$1/"' { print $3 }' >${TMPDIR}/mounts if [[ -s ${TMPDIR}/mounts ]]; then diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index f1409a554..97d6e77b1 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -508,6 +508,14 @@ By default a container will have its root filesystem writable allowing processes to write files anywhere. By specifying the `--read-only` flag the container will have its root filesystem mounted as read only prohibiting any writes. +**--restart=""** + +Not implemented. + +Restart should be handled via a systemd unit files. Please add your podman +commands to a unit file and allow systemd or your init system to handle the +restarting of the container processes. See example below. + **--rm**=*true*|*false* Automatically remove the container when it exits. The default is *false*. @@ -767,13 +775,28 @@ the uid and gid from the host. $ podman create --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello ``` +### Running a podman container to restart inside of a systemd unit file + + +``` +[Unit] +Description=My App +[Service] +Restart=always +ExecStart=/usr/bin/podman start -a my_app +ExecStop=/usr/bin/podman stop -t 10 my_app +KillMode=process +[Install] +WantedBy=multi-user.target +``` + ## FILES **/etc/subuid** **/etc/subgid** ## SEE ALSO -subgid(5), subuid(5), libpod.conf(5) +subgid(5), subuid(5), libpod.conf(5), systemd.unit(5) ## HISTORY October 2017, converted from Docker documentation to podman by Dan Walsh for podman <dwalsh@redhat.com> diff --git a/docs/podman-generate-kube.1.md b/docs/podman-generate-kube.1.md index 59c3353a5..396f69615 100644 --- a/docs/podman-generate-kube.1.md +++ b/docs/podman-generate-kube.1.md @@ -22,7 +22,7 @@ random port is assigned by Podman in the specification. # OPTIONS: **s** **--service** -Generate a service file for the resulting Pod YAML. +Generate a Kubernetes service object in addition to the Pods. ## Examples ## @@ -82,31 +82,63 @@ spec: status: {} ``` -Create Kubernetes service YAML for a container called `some-mariabdb` +Create Kubernetes Pod YAML for a pod called `demoweb` and include a service. ``` -$ sudo podman generate kube -s some-mariadb -# Generation of Kubenetes YAML is still under development! +$ sudo podman generate kube -s demoweb +# Generation of Kubernetes YAML is still under development! # # Save the output of this file and use kubectl create -f to import # it into Kubernetes. # -# Created with podman-0.11.2-dev +# Created with podman-0.12.2-dev +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: 2018-12-18T15:16:06Z + labels: + app: demoweb + name: demoweb-libpod +spec: + containers: + - command: + - python3 + - /root/code/graph.py + env: + - name: PATH + value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + - name: TERM + value: xterm + - name: HOSTNAME + - name: container + value: podman + image: quay.io/baude/demoweb:latest + name: practicalarchimedes + resources: {} + securityContext: + allowPrivilegeEscalation: true + capabilities: {} + privileged: false + readOnlyRootFilesystem: false + tty: true + workingDir: /root/code +status: {} +--- apiVersion: v1 kind: Service metadata: - creationTimestamp: 2018-12-03T19:08:24Z + creationTimestamp: 2018-12-18T15:16:06Z labels: - app: some-mariadb - name: some-mariadb-libpod + app: demoweb + name: demoweb-libpod spec: ports: - - name: "3306" - nodePort: 30929 - port: 3306 + - name: "8050" + nodePort: 31269 + port: 8050 protocol: TCP targetPort: 0 selector: - app: some-mariadb + app: demoweb type: NodePort status: loadBalancer: {} diff --git a/docs/podman-login.1.md b/docs/podman-login.1.md index 7c033d7c5..e72d1deca 100644 --- a/docs/podman-login.1.md +++ b/docs/podman-login.1.md @@ -36,6 +36,10 @@ Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE environment variable. `export REGISTRY_AUTH_FILE=path` +**--get-login** + +Return the logged-in user for the registry. Return error if no login is found. + **--cert-dir** *path* Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index 5917f6f7a..c0a466a9c 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -497,6 +497,14 @@ By default a container will have its root filesystem writable allowing processes to write files anywhere. By specifying the `--read-only` flag the container will have its root filesystem mounted as read only prohibiting any writes. +**--restart=""** + +Not implemented. + +Restart should be handled via a systemd unit files. Please add your podman +commands to a unit file and allow systemd or your init system to handle the +restarting of the container processes. See example below. + **--rm**=*true*|*false* Automatically remove the container when it exits. The default is *false*. @@ -1059,13 +1067,28 @@ the uid and gid from the host. $ podman run --uidmap 0:30000:7000 --gidmap 0:30000:7000 fedora echo hello ``` +### Running a podman container to restart inside of a systemd unit file + + +``` +[Unit] +Description=My App +[Service] +Restart=always +ExecStart=/usr/bin/podman start -a my_app +ExecStop=/usr/bin/podman stop -t 10 my_app +KillMode=process +[Install] +WantedBy=multi-user.target +``` + ## FILES **/etc/subuid** **/etc/subgid** ## SEE ALSO -subgid(5), subuid(5), libpod.conf(5) +subgid(5), subuid(5), libpod.conf(5), systemd.unit(5) ## HISTORY September 2018, updated by Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp> |