summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml9
-rw-r--r--Makefile6
-rw-r--r--RELEASE_NOTES.md3
-rw-r--r--cmd/podman/common/completion.go8
-rw-r--r--cmd/podman/common/create.go12
-rw-r--r--cmd/podman/containers/create.go5
-rw-r--r--cmd/podman/containers/ps.go4
-rw-r--r--cmd/podman/containers/run.go4
-rw-r--r--cmd/podman/images/build.go7
-rw-r--r--cmd/podman/inspect/inspect.go12
-rw-r--r--cmd/podman/machine/init.go4
-rw-r--r--cmd/podman/machine/list.go143
-rw-r--r--cmd/podman/machine/machine.go35
-rw-r--r--cmd/podman/machine/rm.go7
-rw-r--r--cmd/podman/machine/ssh.go62
-rw-r--r--cmd/podman/machine/start.go7
-rw-r--r--cmd/podman/machine/stop.go7
-rw-r--r--cmd/podman/root.go8
-rw-r--r--contrib/cirrus/lib.sh8
-rwxr-xr-xcontrib/cirrus/runner.sh44
-rw-r--r--contrib/rootless-cni-infra/Containerfile36
-rw-r--r--contrib/rootless-cni-infra/README.md25
-rwxr-xr-xcontrib/rootless-cni-infra/rootless-cni-infra181
-rw-r--r--docs/README.md (renamed from docs/Readme.md)16
-rw-r--r--docs/source/image.rst2
-rw-r--r--docs/source/machine.rst1
-rw-r--r--docs/source/markdown/links/podman-machine-ls.11
-rw-r--r--docs/source/markdown/podman-create.1.md36
-rw-r--r--docs/source/markdown/podman-machine-init.1.md9
-rw-r--r--docs/source/markdown/podman-machine-list.1.md50
-rw-r--r--docs/source/markdown/podman-machine-ssh.1.md28
-rw-r--r--docs/source/markdown/podman-machine.1.md11
-rw-r--r--docs/source/markdown/podman-manifest-add.1.md16
-rw-r--r--docs/source/markdown/podman-manifest-push.1.md36
-rw-r--r--docs/source/markdown/podman-run.1.md22
-rw-r--r--docs/source/markdown/podman.1.md2
-rw-r--r--go.mod8
-rw-r--r--go.sum16
-rwxr-xr-xhack/get_ci_vm.sh316
-rwxr-xr-xhack/swagger-check106
-rw-r--r--libpod/container_exec.go27
-rw-r--r--libpod/container_internal.go4
-rw-r--r--libpod/container_internal_linux.go16
-rw-r--r--libpod/container_validate.go6
-rw-r--r--libpod/network/create.go6
-rw-r--r--libpod/networking_linux.go934
-rw-r--r--libpod/networking_slirp4netns.go538
-rw-r--r--libpod/oci_conmon_exec_linux.go124
-rw-r--r--libpod/oci_conmon_linux.go120
-rw-r--r--libpod/options.go3
-rw-r--r--libpod/rootless_cni_linux.go372
-rw-r--r--libpod/runtime.go10
-rw-r--r--libpod/runtime_img.go4
-rw-r--r--libpod/runtime_pod_infra_linux.go2
-rw-r--r--pkg/api/handlers/compat/containers_prune.go2
-rw-r--r--pkg/api/handlers/compat/containers_top.go10
-rw-r--r--pkg/api/handlers/compat/images_build.go203
-rw-r--r--pkg/api/handlers/libpod/play.go2
-rw-r--r--pkg/api/server/docs.go12
-rw-r--r--pkg/api/server/register_archive.go8
-rw-r--r--pkg/api/server/register_auth.go2
-rw-r--r--pkg/api/server/register_containers.go96
-rw-r--r--pkg/api/server/register_events.go4
-rw-r--r--pkg/api/server/register_exec.go18
-rw-r--r--pkg/api/server/register_generate.go4
-rw-r--r--pkg/api/server/register_healthcheck.go2
-rw-r--r--pkg/api/server/register_images.go75
-rw-r--r--pkg/api/server/register_info.go4
-rw-r--r--pkg/api/server/register_manifest.go12
-rw-r--r--pkg/api/server/register_networks.go35
-rw-r--r--pkg/api/server/register_ping.go2
-rw-r--r--pkg/api/server/register_play.go2
-rw-r--r--pkg/api/server/register_pods.go28
-rw-r--r--pkg/api/server/register_secrets.go16
-rw-r--r--pkg/api/server/register_system.go17
-rw-r--r--pkg/api/server/register_version.go4
-rw-r--r--pkg/api/server/register_volumes.go22
-rw-r--r--pkg/api/tags.yaml2
-rw-r--r--pkg/bindings/connection.go32
-rw-r--r--pkg/bindings/images/build.go32
-rw-r--r--pkg/bindings/test/containers_test.go35
-rw-r--r--pkg/bindings/test/networks_test.go72
-rw-r--r--pkg/domain/filters/containers.go37
-rw-r--r--pkg/domain/infra/abi/containers.go2
-rw-r--r--pkg/domain/infra/runtime_libpod.go6
-rw-r--r--pkg/machine/config.go14
-rw-r--r--pkg/machine/ignition.go14
-rw-r--r--pkg/machine/qemu/machine.go119
-rw-r--r--pkg/netns/netns_linux.go26
-rw-r--r--pkg/rootless/rootless_linux.c58
-rw-r--r--pkg/specgen/generate/namespaces.go13
-rw-r--r--pkg/specgen/generate/pod_create.go16
-rw-r--r--test/apiv2/20-containers.at18
-rw-r--r--test/apiv2/25-containersMore.at3
-rw-r--r--test/apiv2/35-networks.at23
-rw-r--r--test/compose/mount_and_label/tests.sh3
-rwxr-xr-xtest/compose/test-compose52
-rw-r--r--test/compose/two_networks/Readme.md8
-rw-r--r--test/compose/two_networks/docker-compose.yml11
-rw-r--r--test/compose/two_networks/tests.sh7
-rw-r--r--test/e2e/build_test.go17
-rw-r--r--test/e2e/exec_test.go14
-rw-r--r--test/e2e/network_connect_disconnect_test.go25
-rw-r--r--test/e2e/run_networking_test.go22
-rw-r--r--test/system/001-basic.bats7
-rw-r--r--test/system/005-info.bats9
-rw-r--r--test/system/070-build.bats45
-rw-r--r--test/system/270-socket-activation.bats103
-rw-r--r--test/system/410-selinux.bats28
-rw-r--r--test/system/500-networking.bats7
-rw-r--r--vendor/github.com/coreos/go-systemd/v22/sdjournal/journal.go2
-rw-r--r--vendor/github.com/go-task/slim-sprig/.editorconfig14
-rw-r--r--vendor/github.com/go-task/slim-sprig/.gitattributes1
-rw-r--r--vendor/github.com/go-task/slim-sprig/.gitignore2
-rw-r--r--vendor/github.com/go-task/slim-sprig/CHANGELOG.md364
-rw-r--r--vendor/github.com/go-task/slim-sprig/LICENSE.txt19
-rw-r--r--vendor/github.com/go-task/slim-sprig/README.md73
-rw-r--r--vendor/github.com/go-task/slim-sprig/Taskfile.yml12
-rw-r--r--vendor/github.com/go-task/slim-sprig/crypto.go24
-rw-r--r--vendor/github.com/go-task/slim-sprig/date.go152
-rw-r--r--vendor/github.com/go-task/slim-sprig/defaults.go163
-rw-r--r--vendor/github.com/go-task/slim-sprig/dict.go118
-rw-r--r--vendor/github.com/go-task/slim-sprig/doc.go19
-rw-r--r--vendor/github.com/go-task/slim-sprig/functions.go317
-rw-r--r--vendor/github.com/go-task/slim-sprig/go.mod8
-rw-r--r--vendor/github.com/go-task/slim-sprig/go.sum22
-rw-r--r--vendor/github.com/go-task/slim-sprig/list.go464
-rw-r--r--vendor/github.com/go-task/slim-sprig/network.go12
-rw-r--r--vendor/github.com/go-task/slim-sprig/numeric.go228
-rw-r--r--vendor/github.com/go-task/slim-sprig/reflect.go28
-rw-r--r--vendor/github.com/go-task/slim-sprig/regex.go83
-rw-r--r--vendor/github.com/go-task/slim-sprig/strings.go189
-rw-r--r--vendor/github.com/go-task/slim-sprig/url.go66
-rw-r--r--vendor/github.com/godbus/dbus/v5/.travis.yml50
-rw-r--r--vendor/github.com/godbus/dbus/v5/README.markdown4
-rw-r--r--vendor/github.com/godbus/dbus/v5/auth.go2
-rw-r--r--vendor/github.com/godbus/dbus/v5/call.go9
-rw-r--r--vendor/github.com/godbus/dbus/v5/conn.go159
-rw-r--r--vendor/github.com/godbus/dbus/v5/dbus.go4
-rw-r--r--vendor/github.com/godbus/dbus/v5/default_handler.go22
-rw-r--r--vendor/github.com/godbus/dbus/v5/export.go61
-rw-r--r--vendor/github.com/godbus/dbus/v5/match.go27
-rw-r--r--vendor/github.com/godbus/dbus/v5/object.go65
-rw-r--r--vendor/github.com/godbus/dbus/v5/sequence.go24
-rw-r--r--vendor/github.com/godbus/dbus/v5/sequential_handler.go125
-rw-r--r--vendor/github.com/godbus/dbus/v5/sig.go2
-rw-r--r--vendor/github.com/godbus/dbus/v5/transport_unixcred_freebsd.go1
-rw-r--r--vendor/github.com/godbus/dbus/v5/variant.go6
-rw-r--r--vendor/github.com/onsi/ginkgo/CHANGELOG.md13
-rw-r--r--vendor/github.com/onsi/ginkgo/README.md12
-rw-r--r--vendor/github.com/onsi/ginkgo/config/config.go2
-rw-r--r--vendor/github.com/onsi/ginkgo/formatter/formatter.go190
-rw-r--r--vendor/github.com/onsi/ginkgo/ginkgo/bootstrap_command.go3
-rw-r--r--vendor/github.com/onsi/ginkgo/ginkgo/convert_command.go6
-rw-r--r--vendor/github.com/onsi/ginkgo/ginkgo/generate_command.go4
-rw-r--r--vendor/github.com/onsi/ginkgo/ginkgo/run_command.go21
-rw-r--r--vendor/github.com/onsi/ginkgo/ginkgo_dsl.go49
-rw-r--r--vendor/github.com/onsi/ginkgo/go.mod1
-rw-r--r--vendor/github.com/onsi/ginkgo/go.sum11
-rw-r--r--vendor/github.com/onsi/ginkgo/types/deprecation_support.go96
-rw-r--r--vendor/github.com/rootless-containers/rootlesskit/pkg/api/api.go13
-rw-r--r--vendor/github.com/rootless-containers/rootlesskit/pkg/api/openapi.yaml12
-rw-r--r--vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go5
-rw-r--r--vendor/modules.txt11
164 files changed, 6020 insertions, 2309 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index e09db2a81..b77464bae 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -30,7 +30,7 @@ env:
PRIOR_UBUNTU_NAME: "ubuntu-2004"
# Google-cloud VM Images
- IMAGE_SUFFIX: "c5961289315909632"
+ IMAGE_SUFFIX: "c5501386583441408"
FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}"
PRIOR_FEDORA_CACHE_IMAGE_NAME: "prior-fedora-${IMAGE_SUFFIX}"
UBUNTU_CACHE_IMAGE_NAME: "ubuntu-${IMAGE_SUFFIX}"
@@ -440,7 +440,7 @@ apiv2_test_task:
time_script: '$SCRIPT_BASE/logcollector.sh time'
compose_test_task:
- name: "compose test on $DISTRO_NV"
+ name: "compose test on $DISTRO_NV ($PRIV_NAME)"
alias: compose_test
only_if: *not_docs
skip: *tags
@@ -450,6 +450,11 @@ compose_test_task:
env:
<<: *stdenvars
TEST_FLAVOR: compose
+ matrix:
+ - env:
+ PRIV_NAME: root
+ - env:
+ PRIV_NAME: rootless
clone_script: *noop # Comes from cache
gopath_cache: *ro_gopath_cache
setup_script: *setup
diff --git a/Makefile b/Makefile
index 49250f2fd..705ac4ded 100644
--- a/Makefile
+++ b/Makefile
@@ -545,18 +545,22 @@ install.cni:
.PHONY: install.docker
install.docker:
+ install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(BINDIR)
install ${SELINUXOPT} -m 755 docker $(DESTDIR)$(BINDIR)/docker
install ${SELINUXOPT} -m 755 -d ${DESTDIR}${SYSTEMDDIR} ${DESTDIR}${USERSYSTEMDDIR} ${DESTDIR}${TMPFILESDIR}
install ${SELINUXOPT} -m 644 contrib/systemd/system/podman-docker.conf -t ${DESTDIR}${TMPFILESDIR}
.PHONY: install.docker-docs-nobuild
install.docker-docs-nobuild:
- install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(BINDIR) $(DESTDIR)$(MANDIR)/man1
+ install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(MANDIR)/man1
install ${SELINUXOPT} -m 644 docs/build/man/docker*.1 -t $(DESTDIR)$(MANDIR)/man1
.PHONY: install.docker-docs
install.docker-docs: docker-docs install.docker-docs-nobuild
+.PHONY: install.docker-full
+install.docker-full: install.docker install.docker-docs
+
.PHONY: install.systemd
ifneq (,$(findstring systemd,$(BUILDTAGS)))
install.systemd:
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 85daba722..5ba5e251b 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -17,6 +17,9 @@
- The `podman generate kube` command can now generate `PersistentVolumeClaim` YAML for Podman named volumes ([#5788](https://github.com/containers/podman/issues/5788)).
- The `podman generate kube` command can now generate YAML files containing multiple resources (pods or deployments) ([#9129](https://github.com/containers/podman/issues/9129)).
+### Security
+- This release resolves CVE-2021-20291, a deadlock vulnerability in the storage library caused by pulling a specially-crafted container image.
+
### Changes
- The Podman remote client's `podman build` command no longer allows the `-v` flag to be used. Volumes are not yet supported with remote Podman when the client and service are on different machines.
- The `podman kill` and `podman stop` commands now print the name given by the user for each container, instead of the full ID.
diff --git a/cmd/podman/common/completion.go b/cmd/podman/common/completion.go
index 6bed5e0c6..bc106263c 100644
--- a/cmd/podman/common/completion.go
+++ b/cmd/podman/common/completion.go
@@ -1092,11 +1092,3 @@ func AutocompleteVolumeFilters(cmd *cobra.Command, args []string, toComplete str
}
return completeKeyValues(toComplete, kv)
}
-
-// AutocompleteMachineSSH - Autocomplete machine ssh command.
-func AutocompleteMachineSSH(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
- if len(args) == 0 {
- return nil, cobra.ShellCompDirectiveNoFileComp
- }
- return nil, cobra.ShellCompDirectiveDefault
-}
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 2169cdc9f..220a30a10 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -773,11 +773,15 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
)
_ = cmd.RegisterFlagCompletionFunc(mountFlagName, AutocompleteMountFlag)
+ volumeDesciption := "Bind mount a volume into the container"
+ if registry.IsRemote() {
+ volumeDesciption = "Bind mount a volume into the container. Volume src will be on the server machine, not the client"
+ }
volumeFlagName := "volume"
createFlags.StringArrayVarP(
&cf.Volume,
volumeFlagName, "v", volumes(),
- "Bind mount a volume into the container",
+ volumeDesciption,
)
_ = cmd.RegisterFlagCompletionFunc(volumeFlagName, AutocompleteVolumeFlag)
@@ -812,4 +816,10 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
"Configure cgroup v2 (key=value)",
)
_ = cmd.RegisterFlagCompletionFunc(cgroupConfFlagName, completion.AutocompleteNone)
+
+ _ = createFlags.MarkHidden("signature-policy")
+ if registry.IsRemote() {
+ _ = createFlags.MarkHidden("env-host")
+ _ = createFlags.MarkHidden("http-proxy")
+ }
}
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index af9278ce1..2da9aaf5e 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -63,11 +63,6 @@ func createFlags(cmd *cobra.Command) {
common.DefineNetFlags(cmd)
flags.SetNormalizeFunc(utils.AliasFlags)
-
- _ = flags.MarkHidden("signature-policy")
- if registry.IsRemote() {
- _ = flags.MarkHidden("http-proxy")
- }
}
func init() {
diff --git a/cmd/podman/containers/ps.go b/cmd/podman/containers/ps.go
index 6b125fede..70bfd3574 100644
--- a/cmd/podman/containers/ps.go
+++ b/cmd/podman/containers/ps.go
@@ -232,7 +232,9 @@ func ps(cmd *cobra.Command, _ []string) error {
ns := strings.NewReplacer(".Namespaces.", ".")
format = ns.Replace(format)
- tmpl, err := template.New("listContainers").Parse(format)
+ tmpl, err := template.New("listContainers").
+ Funcs(template.FuncMap(report.DefaultFuncs)).
+ Parse(format)
if err != nil {
return err
}
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index db7180ca9..1a9fa2f0f 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -76,13 +76,11 @@ func runFlags(cmd *cobra.Command) {
detachKeysFlagName := "detach-keys"
flags.StringVar(&runOpts.DetachKeys, detachKeysFlagName, containerConfig.DetachKeys(), "Override the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-cf`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`")
_ = cmd.RegisterFlagCompletionFunc(detachKeysFlagName, common.AutocompleteDetachKeys)
-
- _ = flags.MarkHidden("signature-policy")
if registry.IsRemote() {
- _ = flags.MarkHidden("http-proxy")
_ = flags.MarkHidden("preserve-fds")
}
}
+
func init() {
registry.Commands = append(registry.Commands, registry.CliCommand{
Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go
index da7f5d862..04fdeab0a 100644
--- a/cmd/podman/images/build.go
+++ b/cmd/podman/images/build.go
@@ -11,6 +11,7 @@ import (
buildahDefine "github.com/containers/buildah/define"
buildahCLI "github.com/containers/buildah/pkg/cli"
"github.com/containers/buildah/pkg/parse"
+ "github.com/containers/common/pkg/auth"
"github.com/containers/common/pkg/completion"
"github.com/containers/common/pkg/config"
encconfig "github.com/containers/ocicrypt/config"
@@ -330,6 +331,12 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
pullPolicy = buildahDefine.PullNever
}
+ if c.Flag("authfile").Changed {
+ if err := auth.CheckAuthFile(flags.Authfile); err != nil {
+ return nil, err
+ }
+ }
+
args := make(map[string]string)
if c.Flag("build-arg").Changed {
for _, arg := range flags.BuildArg {
diff --git a/cmd/podman/inspect/inspect.go b/cmd/podman/inspect/inspect.go
index 09721a2a8..351684af1 100644
--- a/cmd/podman/inspect/inspect.go
+++ b/cmd/podman/inspect/inspect.go
@@ -1,7 +1,6 @@
package inspect
import (
- "bytes"
"context"
"encoding/json" // due to a bug in json-iterator it cannot be used here
"fmt"
@@ -246,15 +245,8 @@ func printJSON(data []interface{}) error {
}
func printTmpl(typ, row string, data []interface{}) error {
- t, err := template.New(typ + " inspect").Funcs(map[string]interface{}{
- "json": func(v interface{}) string {
- b := &bytes.Buffer{}
- e := registry.JSONLibrary().NewEncoder(b)
- e.SetEscapeHTML(false)
- _ = e.Encode(v)
- return strings.TrimSpace(b.String())
- },
- }).Parse(row)
+ // We cannot use c/common/reports here, too many levels of interface{}
+ t, err := template.New(typ + " inspect").Funcs(template.FuncMap(report.DefaultFuncs)).Parse(row)
if err != nil {
return err
}
diff --git a/cmd/podman/machine/init.go b/cmd/podman/machine/init.go
index 61261e008..02dfc80aa 100644
--- a/cmd/podman/machine/init.go
+++ b/cmd/podman/machine/init.go
@@ -15,8 +15,8 @@ import (
var (
initCmd = &cobra.Command{
Use: "init [options] [NAME]",
- Short: "initialize a vm",
- Long: "initialize a virtual machine for Podman to run on. Virtual machines are used to run Podman.",
+ Short: "Initialize a virtual machine",
+ Long: "initialize a virtual machine ",
RunE: initMachine,
Args: cobra.MaximumNArgs(1),
Example: `podman machine init myvm`,
diff --git a/cmd/podman/machine/list.go b/cmd/podman/machine/list.go
new file mode 100644
index 000000000..ce4129e87
--- /dev/null
+++ b/cmd/podman/machine/list.go
@@ -0,0 +1,143 @@
+// +build amd64,linux arm64,linux amd64,darwin arm64,darwin
+
+package machine
+
+import (
+ "os"
+ "sort"
+ "text/tabwriter"
+ "text/template"
+ "time"
+
+ "github.com/containers/common/pkg/completion"
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/report"
+ "github.com/containers/podman/v3/cmd/podman/parse"
+ "github.com/containers/podman/v3/cmd/podman/registry"
+ "github.com/containers/podman/v3/cmd/podman/validate"
+ "github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/machine"
+ "github.com/containers/podman/v3/pkg/machine/qemu"
+ "github.com/docker/go-units"
+ "github.com/pkg/errors"
+ "github.com/spf13/cobra"
+)
+
+var (
+ lsCmd = &cobra.Command{
+ Use: "list [options]",
+ Aliases: []string{"ls"},
+ Short: "List machines",
+ Long: "List managed virtual machines.",
+ RunE: list,
+ Args: validate.NoArgs,
+ Example: `podman machine list,
+ podman machine ls`,
+ ValidArgsFunction: completion.AutocompleteNone,
+ }
+ listFlag = listFlagType{}
+)
+
+type listFlagType struct {
+ format string
+ noHeading bool
+}
+
+type machineReporter struct {
+ Name string
+ Created string
+ LastUp string
+ VMType string
+}
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: lsCmd,
+ Parent: machineCmd,
+ })
+
+ flags := lsCmd.Flags()
+ formatFlagName := "format"
+ flags.StringVar(&listFlag.format, formatFlagName, "{{.Name}}\t{{.VMType}}\t{{.Created}}\t{{.LastUp}}\n", "Format volume output using Go template")
+ _ = lsCmd.RegisterFlagCompletionFunc(formatFlagName, completion.AutocompleteNone)
+}
+
+func list(cmd *cobra.Command, args []string) error {
+ var opts machine.ListOptions
+ // We only have qemu VM's for now
+ listResponse, err := qemu.List(opts)
+ if err != nil {
+ return errors.Wrap(err, "error listing vms")
+ }
+
+ // Sort by last run
+ sort.Slice(listResponse, func(i, j int) bool {
+ return listResponse[i].LastUp.After(listResponse[j].LastUp)
+ })
+ // Bring currently running machines to top
+ sort.Slice(listResponse, func(i, j int) bool {
+ return listResponse[i].Running
+ })
+ machineReporter, err := toHumanFormat(listResponse)
+ if err != nil {
+ return err
+ }
+
+ return outputTemplate(cmd, machineReporter)
+}
+
+func outputTemplate(cmd *cobra.Command, responses []*machineReporter) error {
+ headers := report.Headers(machineReporter{}, map[string]string{
+ "LastUp": "LAST UP",
+ "VmType": "VM TYPE",
+ })
+
+ row := report.NormalizeFormat(listFlag.format)
+ format := parse.EnforceRange(row)
+
+ tmpl, err := template.New("list machines").Parse(format)
+ if err != nil {
+ return err
+ }
+ w := tabwriter.NewWriter(os.Stdout, 12, 2, 2, ' ', 0)
+ defer w.Flush()
+
+ if cmd.Flags().Changed("format") && !parse.HasTable(listFlag.format) {
+ listFlag.noHeading = true
+ }
+
+ if !listFlag.noHeading {
+ if err := tmpl.Execute(w, headers); err != nil {
+ return errors.Wrapf(err, "failed to write report column headers")
+ }
+ }
+ return tmpl.Execute(w, responses)
+}
+
+func toHumanFormat(vms []*machine.ListResponse) ([]*machineReporter, error) {
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return nil, err
+ }
+
+ humanResponses := make([]*machineReporter, 0, len(vms))
+ for _, vm := range vms {
+ response := new(machineReporter)
+ if vm.Name == cfg.Engine.ActiveService {
+ response.Name = vm.Name + "*"
+ } else {
+ response.Name = vm.Name
+ }
+ if vm.Running {
+ response.LastUp = "Currently running"
+ } else {
+ response.LastUp = units.HumanDuration(time.Since(vm.LastUp)) + " ago"
+ }
+ response.Created = units.HumanDuration(time.Since(vm.CreatedAt)) + " ago"
+ response.VMType = vm.VMType
+
+ humanResponses = append(humanResponses, response)
+ }
+ return humanResponses, nil
+}
diff --git a/cmd/podman/machine/machine.go b/cmd/podman/machine/machine.go
index 9a2377d12..d8cdf5568 100644
--- a/cmd/podman/machine/machine.go
+++ b/cmd/podman/machine/machine.go
@@ -3,9 +3,13 @@
package machine
import (
+ "strings"
+
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/machine"
+ "github.com/containers/podman/v3/pkg/machine/qemu"
"github.com/spf13/cobra"
)
@@ -30,3 +34,34 @@ func init() {
Command: machineCmd,
})
}
+
+// autocompleteMachineSSH - Autocomplete machine ssh command.
+func autocompleteMachineSSH(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+ if len(args) == 0 {
+ return getMachines(toComplete)
+ }
+ return nil, cobra.ShellCompDirectiveDefault
+}
+
+// autocompleteMachine - Autocomplete machines.
+func autocompleteMachine(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+ if len(args) == 0 {
+ return getMachines(toComplete)
+ }
+ return nil, cobra.ShellCompDirectiveNoFileComp
+}
+
+func getMachines(toComplete string) ([]string, cobra.ShellCompDirective) {
+ suggestions := []string{}
+ machines, err := qemu.List(machine.ListOptions{})
+ if err != nil {
+ cobra.CompErrorln(err.Error())
+ return nil, cobra.ShellCompDirectiveNoFileComp
+ }
+ for _, m := range machines {
+ if strings.HasPrefix(m.Name, toComplete) {
+ suggestions = append(suggestions, m.Name)
+ }
+ }
+ return suggestions, cobra.ShellCompDirectiveNoFileComp
+}
diff --git a/cmd/podman/machine/rm.go b/cmd/podman/machine/rm.go
index 002a793a3..0be2ba40c 100644
--- a/cmd/podman/machine/rm.go
+++ b/cmd/podman/machine/rm.go
@@ -8,7 +8,6 @@ import (
"os"
"strings"
- "github.com/containers/common/pkg/completion"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/machine"
@@ -18,13 +17,13 @@ import (
var (
rmCmd = &cobra.Command{
- Use: "rm [options] [NAME]",
+ Use: "rm [options] [MACHINE]",
Short: "Remove an existing machine",
- Long: "Remove an existing machine ",
+ Long: "Remove a managed virtual machine ",
RunE: rm,
Args: cobra.MaximumNArgs(1),
Example: `podman machine rm myvm`,
- ValidArgsFunction: completion.AutocompleteNone,
+ ValidArgsFunction: autocompleteMachine,
}
)
diff --git a/cmd/podman/machine/ssh.go b/cmd/podman/machine/ssh.go
index 586c4267d..504fcbe46 100644
--- a/cmd/podman/machine/ssh.go
+++ b/cmd/podman/machine/ssh.go
@@ -3,7 +3,6 @@
package machine
import (
- "github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/machine"
@@ -14,15 +13,13 @@ import (
var (
sshCmd = &cobra.Command{
- Use: "ssh [options] [NAME] [COMMAND [ARG ...]]",
- Short: "SSH into a virtual machine",
- Long: "SSH into a virtual machine ",
+ Use: "ssh [NAME] [COMMAND [ARG ...]]",
+ Short: "SSH into an existing machine",
+ Long: "SSH into a managed virtual machine ",
RunE: ssh,
- Args: cobra.MaximumNArgs(1),
Example: `podman machine ssh myvm
- podman machine ssh -e myvm echo hello`,
-
- ValidArgsFunction: common.AutocompleteMachineSSH,
+ podman machine ssh myvm echo hello`,
+ ValidArgsFunction: autocompleteMachineSSH,
}
)
@@ -31,36 +28,49 @@ var (
)
func init() {
+ sshCmd.Flags().SetInterspersed(false)
registry.Commands = append(registry.Commands, registry.CliCommand{
Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
Command: sshCmd,
Parent: machineCmd,
})
-
- flags := sshCmd.Flags()
- executeFlagName := "execute"
- flags.BoolVarP(&sshOpts.Execute, executeFlagName, "e", false, "Execute command from args")
}
func ssh(cmd *cobra.Command, args []string) error {
var (
- err error
- vm machine.VM
- vmType string
+ err error
+ validVM bool
+ vm machine.VM
+ vmType string
)
- vmName := defaultMachineName
- if len(args) > 0 && len(args[0]) > 1 {
- vmName = args[0]
- }
- sshOpts.Args = args[1:]
- // Error if no execute but args given
- if !sshOpts.Execute && len(sshOpts.Args) > 0 {
- return errors.New("too many args: to execute commands via ssh, use -e flag")
+ // Set the VM to default
+ vmName := defaultMachineName
+ // If len is greater than 0, it means we may have been
+ // provided the VM name. If so, we check. The VM name,
+ // if provided, must be in args[0].
+ if len(args) > 0 {
+ switch vmType {
+ default:
+ validVM, err = qemu.IsValidVMName(args[0])
+ if err != nil {
+ return err
+ }
+ if validVM {
+ vmName = args[0]
+ } else {
+ sshOpts.Args = append(sshOpts.Args, args[0])
+ }
+ }
}
- // Error if execute but no args given
- if sshOpts.Execute && len(sshOpts.Args) < 1 {
- return errors.New("must proivde at least one command to execute")
+ // If len is greater than 1, it means we might have been
+ // given a vmname and args or just args
+ if len(args) > 1 {
+ if validVM {
+ sshOpts.Args = args[1:]
+ } else {
+ sshOpts.Args = args
+ }
}
switch vmType {
diff --git a/cmd/podman/machine/start.go b/cmd/podman/machine/start.go
index 40800160e..d06e04f41 100644
--- a/cmd/podman/machine/start.go
+++ b/cmd/podman/machine/start.go
@@ -3,7 +3,6 @@
package machine
import (
- "github.com/containers/common/pkg/completion"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/machine"
@@ -13,13 +12,13 @@ import (
var (
startCmd = &cobra.Command{
- Use: "start [NAME]",
+ Use: "start [MACHINE]",
Short: "Start an existing machine",
- Long: "Start an existing machine ",
+ Long: "Start a managed virtual machine ",
RunE: start,
Args: cobra.MaximumNArgs(1),
Example: `podman machine start myvm`,
- ValidArgsFunction: completion.AutocompleteNone,
+ ValidArgsFunction: autocompleteMachine,
}
)
diff --git a/cmd/podman/machine/stop.go b/cmd/podman/machine/stop.go
index 7d655f0ba..4235b64f1 100644
--- a/cmd/podman/machine/stop.go
+++ b/cmd/podman/machine/stop.go
@@ -3,7 +3,6 @@
package machine
import (
- "github.com/containers/common/pkg/completion"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/machine"
@@ -13,13 +12,13 @@ import (
var (
stopCmd = &cobra.Command{
- Use: "stop [NAME]",
+ Use: "stop [MACHINE]",
Short: "Stop an existing machine",
- Long: "Stop an existing machine ",
+ Long: "Stop a managed virtual machine ",
RunE: stop,
Args: cobra.MaximumNArgs(1),
Example: `podman machine stop myvm`,
- ValidArgsFunction: completion.AutocompleteNone,
+ ValidArgsFunction: autocompleteMachine,
}
)
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index 2b77afbeb..4527c2646 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -180,6 +180,10 @@ func persistentPreRunE(cmd *cobra.Command, args []string) error {
os.Setenv("TMPDIR", "/var/tmp")
}
+ context := cmd.Root().LocalFlags().Lookup("context")
+ if context.Value.String() != "default" {
+ return errors.New("Podman does not support swarm, the only --context value allowed is \"default\"")
+ }
if !registry.IsRemote() {
if cmd.Flag("cpu-profile").Changed {
f, err := os.Create(cfg.CPUProfile)
@@ -269,6 +273,10 @@ func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
lFlags.StringVar(&opts.URI, urlFlagName, uri, "URL to access Podman service (CONTAINER_HOST)")
_ = cmd.RegisterFlagCompletionFunc(urlFlagName, completion.AutocompleteDefault)
+ // Context option added just for compatibility with DockerCLI.
+ lFlags.String("context", "default", "Name of the context to use to connect to the daemon (This flag is a NOOP and provided solely for scripting compatibility.)")
+ _ = lFlags.MarkHidden("context")
+
identityFlagName := "identity"
lFlags.StringVar(&opts.Identity, identityFlagName, ident, "path to SSH identity file, (CONTAINER_SSHKEY)")
_ = cmd.RegisterFlagCompletionFunc(identityFlagName, completion.AutocompleteDefault)
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 451a267b3..2cd28e34a 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -13,8 +13,12 @@ set -a
_waserrexit=0
if [[ "$SHELLOPTS" =~ errexit ]]; then _waserrexit=1; fi
set +e # Assumed in F33 for setting global vars
-source /etc/profile
-source /etc/environment
+if [[ -r "/etc/automation_environment" ]]; then
+ source /etc/automation_environment
+else # prior to automation library v2.0, this was necessary
+ source /etc/profile
+ source /etc/environment
+fi
if [[ -r "/etc/ci_environment" ]]; then source /etc/ci_environment; fi
USER="$(whoami)"
HOME="$(getent passwd $USER | cut -d : -f 6)"
diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh
index 507d22e13..8d3a6b987 100755
--- a/contrib/cirrus/runner.sh
+++ b/contrib/cirrus/runner.sh
@@ -269,13 +269,18 @@ function _run_release() {
}
logformatter() {
- # Use similar format as human-friendly task name from .cirrus.yml
- # shellcheck disable=SC2154
- output_name="$TEST_FLAVOR-$PODBIN_NAME-$DISTRO_NV-$PRIV_NAME-$TEST_ENVIRON"
- # Requires stdin and stderr combined!
- cat - \
- |& awk --file "${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/timestamp.awk" \
- |& "${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/logformatter" "$output_name"
+ if [[ "$CI" == "true" ]]; then
+ # Use similar format as human-friendly task name from .cirrus.yml
+ # shellcheck disable=SC2154
+ output_name="$TEST_FLAVOR-$PODBIN_NAME-$DISTRO_NV-$PRIV_NAME-$TEST_ENVIRON"
+ # Requires stdin and stderr combined!
+ cat - \
+ |& awk --file "${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/timestamp.awk" \
+ |& "${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/logformatter" "$output_name"
+ else
+ # Assume script is run by a human, they want output immediatly
+ cat -
+ fi
}
# Handle local|remote integration|system testing in a uniform way
@@ -288,18 +293,6 @@ dotest() {
exec_container # does not return
fi;
- # shellcheck disable=SC2154
- if [[ "$PRIV_NAME" == "rootless" ]] && [[ "$UID" -eq 0 ]]; then
- req_env_vars ROOTLESS_USER
- msg "Re-executing runner through ssh as user '$ROOTLESS_USER'"
- msg "************************************************************"
- set -x
- exec ssh $ROOTLESS_USER@localhost \
- -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
- -o CheckHostIP=no $GOSRC/$SCRIPT_BASE/runner.sh
- # does not return
- fi
-
# containers/automation sets this to 0 for its dbg() function
# but the e2e integration tests are also sensitive to it.
unset DEBUG
@@ -340,6 +333,19 @@ msg "************************************************************"
((${SETUP_ENVIRONMENT:-0})) || \
die "Expecting setup_environment.sh to have completed successfully"
+# shellcheck disable=SC2154
+if [[ "$PRIV_NAME" == "rootless" ]] && [[ "$UID" -eq 0 ]]; then
+ req_env_vars ROOTLESS_USER
+ msg "Re-executing runner through ssh as user '$ROOTLESS_USER'"
+ msg "************************************************************"
+ set -x
+ exec ssh $ROOTLESS_USER@localhost \
+ -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
+ -o CheckHostIP=no $GOSRC/$SCRIPT_BASE/runner.sh
+ # Does not return!
+fi
+# else: not running rootless, do nothing special
+
cd "${GOSRC}/"
handler="_run_${TEST_FLAVOR}"
diff --git a/contrib/rootless-cni-infra/Containerfile b/contrib/rootless-cni-infra/Containerfile
deleted file mode 100644
index 4324f39d2..000000000
--- a/contrib/rootless-cni-infra/Containerfile
+++ /dev/null
@@ -1,36 +0,0 @@
-ARG GOLANG_VERSION=1.15
-ARG ALPINE_VERSION=3.12
-ARG CNI_VERSION=v0.8.0
-ARG CNI_PLUGINS_VERSION=v0.8.7
-ARG DNSNAME_VERSION=v1.1.1
-
-FROM golang:${GOLANG_VERSION}-alpine${ALPINE_VERSION} AS golang-base
-RUN apk add --no-cache git
-
-FROM golang-base AS cnitool
-RUN git clone https://github.com/containernetworking/cni /go/src/github.com/containernetworking/cni
-WORKDIR /go/src/github.com/containernetworking/cni
-ARG CNI_VERSION
-RUN git checkout ${CNI_VERSION}
-RUN go build -o /cnitool ./cnitool
-
-FROM golang-base AS dnsname
-RUN git clone https://github.com/containers/dnsname /go/src/github.com/containers/dnsname
-WORKDIR /go/src/github.com/containers/dnsname
-ARG DNSNAME_VERSION
-RUN git checkout ${DNSNAME_VERSION}
-RUN go build -o /dnsname ./plugins/meta/dnsname
-
-FROM alpine:${ALPINE_VERSION}
-RUN apk add --no-cache curl dnsmasq iptables ip6tables iproute2
-ARG TARGETARCH
-ARG CNI_PLUGINS_VERSION
-RUN mkdir -p /opt/cni/bin && \
- curl -fsSL https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGINS_VERSION}/cni-plugins-linux-${TARGETARCH}-${CNI_PLUGINS_VERSION}.tgz | tar xz -C /opt/cni/bin
-COPY --from=cnitool /cnitool /usr/local/bin
-COPY --from=dnsname /dnsname /opt/cni/bin
-COPY rootless-cni-infra /usr/local/bin
-ENV CNI_PATH=/opt/cni/bin
-CMD ["sleep", "infinity"]
-
-ENV ROOTLESS_CNI_INFRA_VERSION=5
diff --git a/contrib/rootless-cni-infra/README.md b/contrib/rootless-cni-infra/README.md
deleted file mode 100644
index c43b4cf49..000000000
--- a/contrib/rootless-cni-infra/README.md
+++ /dev/null
@@ -1,25 +0,0 @@
-# rootless-cni-infra
-
-Infra container for CNI-in-slirp4netns.
-
-## How it works
-
-When a CNI network is specified for `podman run` in rootless mode, Podman launches the `rootless-cni-infra` container to execute CNI plugins inside slirp4netns.
-
-The infra container is created per user, by executing an equivalent of:
-`podman run -d --name rootless-cni-infra --pid=host --privileged -v $HOME/.config/cni/net.d:/etc/cni/net.d rootless-cni-infra`.
-The infra container is automatically deleted when no CNI network is in use.
-
-Podman then allocates a CNI netns in the infra container, by executing an equivalent of:
-`podman exec rootless-cni-infra rootless-cni-infra alloc $CONTAINER_ID $NETWORK_NAME $POD_NAME`.
-
-The allocated netns is deallocated when the container is being removed, by executing an equivalent of:
-`podman exec rootless-cni-infra rootless-cni-infra dealloc $CONTAINER_ID $NETWORK_NAME`.
-
-The container images live on `quay.io/libpod/rootless-cni-infra`. The tags have the format `$version-$architecture`. Please make sure to increase the version number in the Containerfile (i.e., `ROOTLESS_CNI_INFRA_VERSION`) when applying changes to this directory. After committing the changes, upload the image(s) with the corresponding tag.
-
-## Directory layout
-
-* `/run/rootless-cni-infra/${CONTAINER_ID}/pid`: PID of the `sleep infinity` process that corresponds to the allocated netns
-* `/run/rootless-cni-infra/${CONTAINER_ID}/attached/${NETWORK_NAME}`: CNI result
-* `/run/rootless-cni-infra/${CONTAINER_ID}/attached-args/${NETWORK_NAME}`: CNI args
diff --git a/contrib/rootless-cni-infra/rootless-cni-infra b/contrib/rootless-cni-infra/rootless-cni-infra
deleted file mode 100755
index cceb8d817..000000000
--- a/contrib/rootless-cni-infra/rootless-cni-infra
+++ /dev/null
@@ -1,181 +0,0 @@
-#!/bin/sh
-set -eu
-
-ARG0="$0"
-BASE="/run/rootless-cni-infra"
-
-wait_unshare_net() {
- pid="$1"
- # NOTE: busybox shell doesn't support the `for ((i=0; i < $MAX; i++)); do foo; done` statement
- i=0
- while :; do
- if [ "$(readlink /proc/self/ns/net)" != "$(readlink /proc/${pid}/ns/net)" ]; then
- break
- fi
- sleep 0.1
- if [ $i -ge 10 ]; then
- echo >&2 "/proc/${pid}/ns/net cannot be unshared"
- exit 1
- fi
- i=$((i + 1))
- done
-}
-
-# CLI subcommand: "alloc $CONTAINER_ID $NETWORK_NAME $POD_NAME $IP $MAC $CAP_ARGS"
-cmd_entrypoint_alloc() {
- if [ "$#" -ne 6 ]; then
- echo >&2 "Usage: $ARG0 alloc CONTAINER_ID NETWORK_NAME POD_NAME IP MAC CAP_ARGS"
- exit 1
- fi
-
- ID="$1"
- NET="$2"
- K8S_POD_NAME="$3"
- IP="$4"
- MAC="$5"
- CAP_ARGS="$6"
-
- dir="${BASE}/${ID}"
- mkdir -p "${dir}/attached" "${dir}/attached-args"
-
- pid=""
- if [ -f "${dir}/pid" ]; then
- pid=$(cat "${dir}/pid")
- else
- unshare -n sleep infinity &
- pid="$!"
- wait_unshare_net "${pid}"
- echo "${pid}" >"${dir}/pid"
- nsenter -t "${pid}" -n ip link set lo up
- fi
- CNI_ARGS="IgnoreUnknown=1;K8S_POD_NAME=${K8S_POD_NAME}"
- if [ "$IP" ]; then
- CNI_ARGS="$CNI_ARGS;IP=${IP}"
- fi
- if [ "$MAC" ]; then
- CNI_ARGS="$CNI_ARGS;MAC=${MAC}"
- fi
- if [ "$CAP_ARGS" ]; then
- CAP_ARGS="$CAP_ARGS"
- fi
- nwcount=$(find "${dir}/attached" -type f | wc -l)
- CNI_IFNAME="eth${nwcount}"
- export CNI_ARGS CNI_IFNAME CAP_ARGS
- cnitool add "${NET}" "/proc/${pid}/ns/net" >"${dir}/attached/${NET}"
- echo "${CNI_ARGS}" >"${dir}/attached-args/${NET}"
-
- # return the result
- ns="/proc/${pid}/ns/net"
- echo "{\"ns\":\"${ns}\"}"
-}
-
-# CLI subcommand: "dealloc $CONTAINER_ID $NETWORK_NAME"
-cmd_entrypoint_dealloc() {
- if [ "$#" -ne 2 ]; then
- echo >&2 "Usage: $ARG0 dealloc CONTAINER_ID NETWORK_NAME"
- exit 1
- fi
-
- ID=$1
- NET=$2
-
- dir="${BASE}/${ID}"
- if [ ! -f "${dir}/pid" ]; then
- exit 0
- fi
- pid=$(cat "${dir}/pid")
- if [ -f "${dir}/attached-args/${NET}" ]; then
- CNI_ARGS=$(cat "${dir}/attached-args/${NET}")
- export CNI_ARGS
- fi
- cnitool del "${NET}" "/proc/${pid}/ns/net"
- rm -f "${dir}/attached/${NET}" "${dir}/attached-args/${NET}"
-
- nwcount=$(find "${dir}/attached" -type f | wc -l)
- if [ "${nwcount}" = 0 ]; then
- kill -9 "${pid}"
- rm -rf "${dir}"
- fi
-
- # return empty json
- echo "{}"
-}
-
-# CLI subcommand: "is-idle"
-cmd_entrypoint_is_idle() {
- if [ ! -d ${BASE} ]; then
- echo '{"idle": true}'
- elif [ -z "$(ls -1 ${BASE})" ]; then
- echo '{"idle": true}'
- else
- echo '{"idle": false}'
- fi
-}
-
-# CLI subcommand: "print-cni-result $CONTAINER_ID $NETWORK_NAME"
-cmd_entrypoint_print_cni_result() {
- if [ "$#" -ne 2 ]; then
- echo >&2 "Usage: $ARG0 print-cni-result CONTAINER_ID NETWORK_NAME"
- exit 1
- fi
-
- ID=$1
- NET=$2
-
- # the result shall be CNI JSON
- cat "${BASE}/${ID}/attached/${NET}"
-}
-
-# CLI subcommand: "print-netns-path $CONTAINER_ID"
-cmd_entrypoint_print_netns_path() {
- if [ "$#" -ne 1 ]; then
- echo >&2 "Usage: $ARG0 print-netns-path CONTAINER_ID"
- exit 1
- fi
-
- ID=$1
-
- pid=$(cat "${BASE}/${ID}/pid")
- path="/proc/${pid}/ns/net"
-
- # return the result
- echo "{\"path\":\"${path}\"}"
-}
-
-# CLI subcommand: "help"
-cmd_entrypoint_help() {
- echo "Usage: ${ARG0} COMMAND"
- echo
- echo "Rootless CNI Infra container"
- echo
- echo "Commands:"
- echo " alloc Allocate a netns"
- echo " dealloc Deallocate a netns"
- echo " is-idle Print whether the infra container is idle"
- echo " print-cni-result Print CNI result"
- echo " print-netns-path Print netns path"
- echo " help Print help"
- echo " version Print version"
-}
-
-# CLI subcommand: "version"
-cmd_entrypoint_version() {
- echo "{\"version\": \"${ROOTLESS_CNI_INFRA_VERSION}\"}"
-}
-
-# parse args
-command="${1:-}"
-if [ -z "$command" ]; then
- echo >&2 "No command was specified. Run \`${ARG0} help\` to see the usage."
- exit 1
-fi
-
-command_func=$(echo "cmd_entrypoint_${command}" | sed -e "s/-/_/g")
-if ! command -v "${command_func}" >/dev/null 2>&1; then
- echo >&2 "Unknown command: ${command}. Run \`${ARG0} help\` to see the usage."
- exit 1
-fi
-
-# start the command func
-shift
-"${command_func}" "$@"
diff --git a/docs/Readme.md b/docs/README.md
index e0918cd54..83f5c79a3 100644
--- a/docs/Readme.md
+++ b/docs/README.md
@@ -52,3 +52,19 @@ likely caused by broken metadata needed to protect clients from cross-site-scrip
style attacks. Please [notify a maintainer](https://github.com/containers/podman#communications)
so they may investigate how/why the `swagger.yaml` file's CORS-metadata is
incorrect, or the file isn't accessible for some other reason.
+
+## Local Testing
+
+Assuming that you have the [dependencies](https://podman.io/getting-started/installation#build-and-run-dependencies)
+installed, then also install (showing Fedora in the example):
+
+```
+# dnf install python3-sphinx python3-recommonmark
+# pip install sphinx-markdown-tables
+```
+After that completes, cd to the `docs` directory in your Podman sandbox and then do `make html`.
+
+You can then preview the html files in `docs/build/html` with:
+```
+python -m http.server 8000 --directory build/html
+```
diff --git a/docs/source/image.rst b/docs/source/image.rst
index 2b0ef3d43..0552df929 100644
--- a/docs/source/image.rst
+++ b/docs/source/image.rst
@@ -40,6 +40,6 @@ Image
:doc:`trust <markdown/podman-image-trust.1>` Manage container image trust policy
-:doc:`unmount <markdown/podman-unmount.1>` Unmount an image's root filesystem
+:doc:`unmount <markdown/podman-image-unmount.1>` Unmount an image's root filesystem
:doc:`untag <markdown/podman-untag.1>` Removes one or more names from a locally-stored image
diff --git a/docs/source/machine.rst b/docs/source/machine.rst
index be9ef1e95..16c042173 100644
--- a/docs/source/machine.rst
+++ b/docs/source/machine.rst
@@ -3,6 +3,7 @@ Machine
:doc:`init <markdown/podman-machine-init.1>` Initialize a new virtual machine
+:doc:`list <markdown/podman-machine-list.1>` List virtual machines
:doc:`rm <markdown/podman-machine-rm.1>` Remove a virtual machine
:doc:`ssh <markdown/podman-machine-ssh.1>` SSH into a virtual machine
:doc:`start <markdown/podman-machine-start.1>` Start a virtual machine
diff --git a/docs/source/markdown/links/podman-machine-ls.1 b/docs/source/markdown/links/podman-machine-ls.1
new file mode 100644
index 000000000..f6acb7f74
--- /dev/null
+++ b/docs/source/markdown/links/podman-machine-ls.1
@@ -0,0 +1 @@
+.so man1/podman-machine-list.1
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md
index 9e7fa4bfd..fcd5f3e3f 100644
--- a/docs/source/markdown/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
@@ -995,25 +995,21 @@ The following examples are all valid:
Without this argument the command will be run as root in the container.
-#### **\-\-userns**=*auto*[:OPTIONS]
-#### **\-\-userns**=*host*
-#### **\-\-userns**=*keep-id*
-#### **\-\-userns**=container:container
-#### **\-\-userns**=private
-#### **\-\-userns**=*ns:my_namespace*
-
-Set the user namespace mode for the container. It defaults to the **PODMAN_USERNS** environment variable. An empty value means user namespaces are disabled.
-
-
-- `auto`: automatically create a namespace. It is possible to specify other options to `auto`. The supported options are
- **size=SIZE** to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will guess a size for the user namespace.
- **uidmapping=HOST_UID:CONTAINER_UID:SIZE** to force a UID mapping to be present in the user namespace.
- **gidmapping=HOST_UID:CONTAINER_UID:SIZE** to force a GID mapping to be present in the user namespace.
-- `container`: join the user namespace of the specified container.
-- `host`: run in the user namespace of the caller. This is the default if no user namespace options are set. The processes running in the container will have the same privileges on the host as any other process launched by the calling user.
-- `keep-id`: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user.
-- `ns`: run the container in the given existing user namespace.
-- `private`: create a new namespace for the container (default)
+#### **\-\-userns**=*mode*
+
+Set the user namespace mode for the container. It defaults to the **PODMAN_USERNS** environment variable. An empty value ("") means user namespaces are disabled unless an explicit mapping is set with the **\-\-uidmap** and **\-\-gidmap** options.
+
+Valid _mode_ values are:
+
+- **auto[:**_OPTIONS,..._**]**: automatically create a namespace. It is possible to specify these options to `auto`:
+ - **gidmapping=**_HOST_GID:CONTAINER_GID:SIZE_: to force a GID mapping to be present in the user namespace.
+ - **size=**_SIZE_: to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will estimate a size for the user namespace.
+ - **uidmapping=**_HOST_UID:CONTAINER_UID:SIZE_: to force a UID mapping to be present in the user namespace.
+- **container:**_id_: join the user namespace of the specified container.
+- **host**: run in the user namespace of the caller. The processes running in the container will have the same privileges on the host as any other process launched by the calling user (default).
+- **keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user.
+- **ns:**_namespace_: run the container in the given existing user namespace.
+- **private**: create a new namespace for the container.
This option is incompatible with **\-\-gidmap**, **\-\-uidmap**, **\-\-subuidname** and **\-\-subgidname**.
@@ -1035,7 +1031,7 @@ Create a bind mount. If you specify, ` -v /HOST-DIR:/CONTAINER-DIR`, Podman
bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the Podman
container. Similarly, `-v SOURCE-VOLUME:/CONTAINER-DIR` will mount the volume
in the host to the container. If no such named volume exists, Podman will
-create one. The `OPTIONS` are a comma delimited list and can be: <sup>[[1]](#Footnote1)</sup>
+create one. The `OPTIONS` are a comma delimited list and can be: <sup>[[1]](#Footnote1)</sup> (Note when using the remote client, the volumes will be mounted from the remote server, not necessarly the client machine.)
The _options_ is a comma delimited list and can be:
diff --git a/docs/source/markdown/podman-machine-init.1.md b/docs/source/markdown/podman-machine-init.1.md
index e2ed1eb10..946f959bf 100644
--- a/docs/source/markdown/podman-machine-init.1.md
+++ b/docs/source/markdown/podman-machine-init.1.md
@@ -15,6 +15,8 @@ containers do not run on any other OS because containers' core functionality are
tied to the Linux kernel.
**podman machine init** initializes a new Linux virtual machine where containers are run.
+SSH keys are automatically generated to access the VM, and system connections to the root account
+and a user account inside the VM are added.
## OPTIONS
@@ -28,7 +30,12 @@ Size of the disk for the guest VM in GB.
#### **\-\-ignition-path**
-Fully qualified path of the ignition file
+Fully qualified path of the ignition file.
+
+If an ignition file is provided, the file
+will be copied into the user's CONF_DIR and renamed. Additionally, no SSH keys will
+be generated nor will a system connection be made. It is assumed that the user will
+do these things manually or handle otherwise.
#### **\-\-image-path**
diff --git a/docs/source/markdown/podman-machine-list.1.md b/docs/source/markdown/podman-machine-list.1.md
new file mode 100644
index 000000000..bd5608258
--- /dev/null
+++ b/docs/source/markdown/podman-machine-list.1.md
@@ -0,0 +1,50 @@
+% podman-machine-ls(1)
+
+## NAME
+podman\-machine\-list - List virtual machines
+
+## SYNOPSIS
+**podman machine list** [*options*]
+
+**podman machine ls** [*options*]
+
+## DESCRIPTION
+
+List Podman managed virtual machines.
+
+Podman on macOS requires a virtual machine. This is because containers are Linux -
+containers do not run on any other OS because containers' core functionality is
+tied to the Linux kernel.
+
+## OPTIONS
+
+#### **\-\-format**=*format*
+
+Format list output using a Go template.
+
+Valid placeholders for the Go template are listed below:
+
+| **Placeholder** | **Description** |
+| --------------- | ------------------------------- |
+| .Name | VM name |
+| .Created | Time since VM creation |
+| .LastUp | Time since the VM was last run |
+| .VMType | VM type |
+
+#### **\-\-help**
+
+Print usage statement.
+
+## EXAMPLES
+
+```
+$ podman machine list
+
+$ podman machine ls --format {{.Name}}\t{{.VMType}}\t{{.Created}}\t{{.LastUp}}\n
+```
+
+## SEE ALSO
+podman-machine(1)
+
+## HISTORY
+March 2021, Originally compiled by Ashley Cui <acui@redhat.com>
diff --git a/docs/source/markdown/podman-machine-ssh.1.md b/docs/source/markdown/podman-machine-ssh.1.md
index fa78f876a..30cbaf4bd 100644
--- a/docs/source/markdown/podman-machine-ssh.1.md
+++ b/docs/source/markdown/podman-machine-ssh.1.md
@@ -4,36 +4,44 @@
podman\-machine\-ssh - SSH into a virtual machine
## SYNOPSIS
-**podman machine ssh** [*options*] [*name*] [*command* [*arg* ...]]
+**podman machine ssh** [*name*] [*command* [*arg* ...]]
## DESCRIPTION
-SSH into a Podman-managed virtual machine.
+SSH into a Podman-managed virtual machine and optionally execute a command
+on the virtual machine. Unless using the default virtual machine, the
+first argument must be the virtual machine name. The optional command to
+execute can then follow. If no command is provided, an interactive session
+with the virtual machine is established.
-Podman on MacOS requires a virtual machine. This is because containers are Linux -
-containers do not run on any other OS because containers' core functionality are
-tied to the Linux kernel.
## OPTIONS
-#### **\-\-execute**, **-e**
-
-Execute the given command on the VM
-
#### **\-\-help**
Print usage statement.
## EXAMPLES
+To get an interactive session with the default virtual machine:
+
+```
+$ podman machine ssh
+```
+
To get an interactive session with a VM called `myvm`:
```
$ podman machine ssh myvm
```
+To run a command on the default virtual machine:
+```
+$ podman machine ssh rpm -q podman
+```
+
To run a command on a VM called `myvm`:
```
-$ podman machine ssh -e myvm -- rpm -q podman
+$ podman machine ssh myvm rpm -q podman
```
## SEE ALSO
diff --git a/docs/source/markdown/podman-machine.1.md b/docs/source/markdown/podman-machine.1.md
index a5d3b78df..693f42fe3 100644
--- a/docs/source/markdown/podman-machine.1.md
+++ b/docs/source/markdown/podman-machine.1.md
@@ -14,13 +14,14 @@ podman\-machine - Manage Podman's virtual machine
| Command | Man Page | Description |
| ------- | ------------------------------------------------------- | --------------------------------- |
| init | [podman-machine-init(1)](podman-machine-init.1.md) | Initialize a new virtual machine |
-| rm | [podman-machine-rm(1)](podman-machine-rm.1.md)| Remove a virtual machine |
-| ssh | [podman-machine-ssh(1)](podman-machine-ssh.1.md) | SSH into a virtual machine |
-| start | [podman-machine-start(1)](podman-machine-start.1.md) | Start a virtual machine |
-| stop | [podman-machine-stop(1)](podman-machine-stop.1.md) | Stop a virtual machine |
+| list | [podman-machine-list(1)](podman-machine-list.1.md) | List virtual machines |
+| rm | [podman-machine-rm(1)](podman-machine-rm.1.md) | Remove a virtual machine |
+| ssh | [podman-machine-ssh(1)](podman-machine-ssh.1.md) | SSH into a virtual machine |
+| start | [podman-machine-start(1)](podman-machine-start.1.md) | Start a virtual machine |
+| stop | [podman-machine-stop(1)](podman-machine-stop.1.md) | Stop a virtual machine |
## SEE ALSO
-podman(1)
+podman(1), podman-machine-init(1), podman-machine-list(1), podman-machine-rm(1), podman-machine-ssh(1), podman-machine-start(1), podman-machine-stop(1)
## HISTORY
March 2021, Originally compiled by Ashley Cui <acui@redhat.com>
diff --git a/docs/source/markdown/podman-manifest-add.1.md b/docs/source/markdown/podman-manifest-add.1.md
index c3c1ea1cf..2727843da 100644
--- a/docs/source/markdown/podman-manifest-add.1.md
+++ b/docs/source/markdown/podman-manifest-add.1.md
@@ -4,7 +4,7 @@
podman\-manifest\-add - Add an image to a manifest list or image index
## SYNOPSIS
-**podman manifest add** [*options*] *listnameorindexname* *imagename*
+**podman manifest add** [*options*] *listnameorindexname* [*transport*]:*imagename*
## DESCRIPTION
@@ -79,6 +79,20 @@ Specify the variant which the list or index records for the image. This option
is typically used to distinguish between multiple entries which share the same
architecture value, but which expect different versions of its instruction set.
+## Transport
+
+ Multiple transports are supported:
+
+ **docker://**_docker-reference_ _(default)_
+ An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set using `(podman login)`. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using `(docker login)`.
+
+ $ podman manifest add mylist:v1.11 docker://quay.io/username/myimage
+
+ **containers-storage:**_oci-reference_
+ An image in _oci-reference_ format stored in the local container storage. _oci-reference_ must contain a tag.
+
+ $ podman manifest add mylist:v1.11 containers-storage:quay.io/username/myimage
+
## EXAMPLE
```
diff --git a/docs/source/markdown/podman-manifest-push.1.md b/docs/source/markdown/podman-manifest-push.1.md
index 4e7118dad..5236dd7c3 100644
--- a/docs/source/markdown/podman-manifest-push.1.md
+++ b/docs/source/markdown/podman-manifest-push.1.md
@@ -4,7 +4,7 @@
podman\-manifest\-push - Push a manifest list or image index to a registry
## SYNOPSIS
-**podman manifest push** [*options*] *listnameorindexname* *transport:details*
+**podman manifest push** [*options*] *listnameorindexname* [*destination*]
## DESCRIPTION
Pushes a manifest list or image index to a registry.
@@ -66,6 +66,40 @@ Sign the pushed images using the GPG key that matches the specified fingerprint.
Require HTTPS and verify certificates when talking to container registries. (defaults to true)
+## DESTINATION
+
+ The DESTINATION is a location to store container images
+ The Image "DESTINATION" uses a "transport":"details" format.
+ If a transport is not given, podman push will attempt to push
+ to a registry.
+
+ Multiple transports are supported:
+
+ **dir:**_path_
+ An existing local directory _path_ storing the manifest, layer tarballs and signatures as individual files. This is a non-standardized format, primarily useful for debugging or noninvasive container inspection.
+
+ $ podman manfiest push mylist:v1.11 dir:/tmp/mylist
+
+ **docker://**_docker-reference_
+ An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set using `(podman login)`. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using `(docker login)`.
+
+ $ podman manfiest push mylist:v1.11 docker://registry.example.org/mylist:v1.11
+
+ **docker-archive:**_path_[**:**_docker-reference_]
+ An image is stored in the `docker save` formatted file. _docker-reference_ is only used when creating such a file, and it must not contain a digest.
+
+ $ podman manfiest push mylist:v1.11 docker-archive:/tmp/mylist
+
+ **docker-daemon:**_docker-reference_
+ An image in _docker-reference_ format stored in the docker daemon internal storage. _docker-reference_ must contain a tag.
+
+ $ podman manfiest push mylist:v1.11 docker-daemon:registry.example.org/mylist:v1.11
+
+ **oci-archive:**_path_**:**_tag_
+ An image _tag_ in a directory compliant with "Open Container Image Layout Specification" at _path_.
+
+ $ podman manifest push mylist:v1.11 oci-archive:/tmp/mylist
+
## EXAMPLE
```
diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index 4019a738e..3fad9bf64 100644
--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@@ -744,7 +744,7 @@ If a container is run within a pod, and the pod has an infra-container, the infr
#### **\-\-preserve-fds**=*N*
Pass down to the process N additional file descriptors (in addition to 0, 1, 2).
-The total FDs will be 3+N.
+The total FDs will be 3+N. (This option is not available with the remote Podman client)
#### **\-\-privileged**=**true**|**false**
@@ -1076,19 +1076,21 @@ Without this argument, the command will run as the user specified in the contain
When a user namespace is not in use, the UID and GID used within the container and on the host will match. When user namespaces are in use, however, the UID and GID in the container may correspond to another UID and GID on the host. In rootless containers, for example, a user namespace is always used, and root in the container will by default correspond to the UID and GID of the user invoking Podman.
-#### **\-\-userns**=**auto**|**host**|**keep-id**|**container:**_id_|**ns:**_namespace_
+#### **\-\-userns**=*mode*
-Set the user namespace mode for the container. It defaults to the **PODMAN_USERNS** environment variable. An empty value ("") means user namespaces are disabled unless an explicit mapping is set with they `--uidmapping` and `--gidmapping` options.
+Set the user namespace mode for the container. It defaults to the **PODMAN_USERNS** environment variable. An empty value ("") means user namespaces are disabled unless an explicit mapping is set with the **\-\-uidmap** and **\-\-gidmap** options.
-- **auto**: automatically create a namespace. It is possible to specify other options to `auto`. The supported options are
- **size=SIZE** to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will guess a size for the user namespace.
- **uidmapping=HOST_UID:CONTAINER_UID:SIZE** to force a UID mapping to be present in the user namespace.
- **gidmapping=HOST_UID:CONTAINER_UID:SIZE** to force a GID mapping to be present in the user namespace.
+Valid _mode_ values are:
+
+- **auto[:**_OPTIONS,..._**]**: automatically create a namespace. It is possible to specify these options to `auto`:
+ - **gidmapping=**_HOST_GID:CONTAINER_GID:SIZE_: to force a GID mapping to be present in the user namespace.
+ - **size=**_SIZE_: to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will estimate a size for the user namespace.
+ - **uidmapping=**_HOST_UID:CONTAINER_UID:SIZE_: to force a UID mapping to be present in the user namespace.
+- **container:**_id_: join the user namespace of the specified container.
- **host**: run in the user namespace of the caller. The processes running in the container will have the same privileges on the host as any other process launched by the calling user (default).
- **keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user.
-- **ns**: run the container in the given existing user namespace.
+- **ns:**_namespace_: run the container in the given existing user namespace.
- **private**: create a new namespace for the container.
-- **container**: join the user namespace of the specified container.
This option is incompatible with **\-\-gidmap**, **\-\-uidmap**, **\-\-subuidname** and **\-\-subgidname**.
@@ -1110,7 +1112,7 @@ Create a bind mount. If you specify _/HOST-DIR_:_/CONTAINER-DIR_, Podman
bind mounts _host-dir_ in the host to _CONTAINER-DIR_ in the Podman
container. Similarly, _SOURCE-VOLUME_:_/CONTAINER-DIR_ will mount the volume
in the host to the container. If no such named volume exists, Podman will
-create one.
+create one. (Note when using the remote client, the volumes will be mounted from the remote server, not necessarly the client machine.)
The _options_ is a comma delimited list and can be: <sup>[[1]](#Footnote1)</sup>
diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md
index 7a6a51c39..5755b45ac 100644
--- a/docs/source/markdown/podman.1.md
+++ b/docs/source/markdown/podman.1.md
@@ -148,7 +148,7 @@ specify additional options via the `--storage-opt` flag.
#### **\-\-storage-opt**=*value*
-Storage driver option, Default storage driver options are configured in /etc/containers/storage.conf (`$HOME/.config/containers/storage.conf` in rootless mode). The `STORAGE_OPTS` environment variable overrides the default. The --storage-opt specified options overrides all.
+Storage driver option, Default storage driver options are configured in /etc/containers/storage.conf (`$HOME/.config/containers/storage.conf` in rootless mode). The `STORAGE_OPTS` environment variable overrides the default. The --storage-opt specified options overrides all. If you specify --storage-opt="", no storage options will be used.
#### **\-\-syslog**=*true|false*
diff --git a/go.mod b/go.mod
index fe2624ea8..52d632b46 100644
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,7 @@ require (
github.com/containers/ocicrypt v1.1.0
github.com/containers/psgo v1.5.2
github.com/containers/storage v1.28.1
- github.com/coreos/go-systemd/v22 v22.3.0
+ github.com/coreos/go-systemd/v22 v22.3.1
github.com/coreos/stream-metadata-go v0.0.0-20210225230131-70edb9eb47b3
github.com/cri-o/ocicni v0.2.1-0.20210301205850-541cf7c703cf
github.com/cyphar/filepath-securejoin v0.2.2
@@ -30,7 +30,7 @@ require (
github.com/docker/go-units v0.4.0
github.com/fsnotify/fsnotify v1.4.9
github.com/ghodss/yaml v1.0.0
- github.com/godbus/dbus/v5 v5.0.3
+ github.com/godbus/dbus/v5 v5.0.4
github.com/google/shlex v0.0.0-20181106134648-c34317bd91bf
github.com/google/uuid v1.2.0
github.com/gorilla/mux v1.8.0
@@ -43,7 +43,7 @@ require (
github.com/moby/term v0.0.0-20201216013528-df9cb8a40635
github.com/mrunalp/fileutils v0.5.0
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
- github.com/onsi/ginkgo v1.15.2
+ github.com/onsi/ginkgo v1.16.0
github.com/onsi/gomega v1.11.0
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6
@@ -53,7 +53,7 @@ require (
github.com/opencontainers/selinux v1.8.0
github.com/pkg/errors v0.9.1
github.com/pmezard/go-difflib v1.0.0
- github.com/rootless-containers/rootlesskit v0.14.0
+ github.com/rootless-containers/rootlesskit v0.14.1
github.com/sirupsen/logrus v1.8.1
github.com/spf13/cobra v1.1.3
github.com/spf13/pflag v1.0.5
diff --git a/go.sum b/go.sum
index d8992be0c..1176a7f33 100644
--- a/go.sum
+++ b/go.sum
@@ -210,8 +210,8 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
-github.com/coreos/go-systemd/v22 v22.3.0 h1:C8u/Ljj8G8O6rqWJh2J8cDyeEFBMWvXlvJ/ccMyzcqw=
-github.com/coreos/go-systemd/v22 v22.3.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
+github.com/coreos/go-systemd/v22 v22.3.1 h1:7OO2CXWMYNDdaAzP51t4lCCZWwpQHmvPbm9sxWjm3So=
+github.com/coreos/go-systemd/v22 v22.3.1/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
github.com/coreos/stream-metadata-go v0.0.0-20210225230131-70edb9eb47b3 h1:0JspqV66RwYqYfvi8lCUoL5zUZMh9uN4hx/J5+NRXIE=
@@ -313,12 +313,15 @@ github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8
github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw=
github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw=
github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e h1:BWhy2j3IXJhjCbC68FptL43tDKIq8FladmaTs3Xs7Z8=
github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
-github.com/godbus/dbus/v5 v5.0.3 h1:ZqHaoEF7TBzh4jzPmqVhE/5A1z9of6orkAe5uHoAeME=
github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/godbus/dbus/v5 v5.0.4 h1:9349emZab16e7zQvpmsbtjc18ykshndd8y2PG3sgJbA=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
github.com/gofrs/flock v0.8.0/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU=
github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU=
github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c=
@@ -582,8 +585,9 @@ github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+
github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
github.com/onsi/ginkgo v1.15.0/go.mod h1:hF8qUzuuC8DJGygJH3726JnCZX4MYbRB8yFfISqnKUg=
-github.com/onsi/ginkgo v1.15.2 h1:l77YT15o814C2qVL47NOyjV/6RbaP7kKdrvZnxQ3Org=
github.com/onsi/ginkgo v1.15.2/go.mod h1:Dd6YFfwBW84ETqqtL0CPyPXillHgY6XhQH3uuCCTr/o=
+github.com/onsi/ginkgo v1.16.0 h1:NBrNLB37exjJLxXtFOktx6CISBdS1aF8+7MwKlTV8U4=
+github.com/onsi/ginkgo v1.16.0/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E=
github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
@@ -684,8 +688,8 @@ github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
-github.com/rootless-containers/rootlesskit v0.14.0 h1:4zfZqDv7JzsVuMkj4ZMB9cs9mQQnyl1gWBsrpOYcmtk=
-github.com/rootless-containers/rootlesskit v0.14.0/go.mod h1:nV3TpRISvwhZQSwo0nmQQnxjCxXr3mvrMi0oASLvzcg=
+github.com/rootless-containers/rootlesskit v0.14.1 h1:lvyG8XLYOiHPoSjWekgqY4MkNZJ+218KBOLfw9kB3Hk=
+github.com/rootless-containers/rootlesskit v0.14.1/go.mod h1:nV3TpRISvwhZQSwo0nmQQnxjCxXr3mvrMi0oASLvzcg=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
diff --git a/hack/get_ci_vm.sh b/hack/get_ci_vm.sh
index 4f6c42a06..1a4804857 100755
--- a/hack/get_ci_vm.sh
+++ b/hack/get_ci_vm.sh
@@ -3,270 +3,68 @@
#
# For help and usage information, simply execute the script w/o any arguments.
#
-# This script is intended to be run by podman developers who need to debug
-# problems specifically related to Cirrus-CI automated testing. However,
-# because it's only loosely coupled to the `.cirrus.yml` configuration, it must
-# orchestrate VMs in GCP directly. This means users need to have
-# pre-authorization (access) to manipulate google-cloud resources. Additionally,
-# there are no guarantees it will remain in-sync with other automation-related
-# scripts. Therefore it may not always function for everybody in every
-# future scenario without updates/modifications/tweaks.
-#
-# When successful, you will end up connected to a GCP VM with with a clone of
-# the upstream podman repository 'master' branch, using a remote named 'origin'.
-# If you want to customize this behavior, you will want to use a "hook" script.
-# Please use this example carefully, since git setups vary by person, you
-# will probably need to make local edits.
-#
-# https://gist.github.com/cevich/626a0790c0b476d5cd2a5a76fbdae0a1
+# This script is intended to be run by Red Hat podman developers who need
+# to debug problems specifically related to Cirrus-CI automated testing.
+# It requires that you have been granted prior access to create VMs in
+# google-cloud. For non-Red Hat contributors, VMs are available as-needed,
+# with supervision upon request.
set -e
-RED="\e[1;31m"
-YEL="\e[1;32m"
-NOR="\e[0m"
-USAGE_WARNING="
-${YEL}WARNING: This will not work without podman,${NOR}
- ${YEL}and prior authorization to use the libpod GCP project.${NOR}
-"
-# These values come from .cirrus.yml gce_instance clause
-ZONE="${ZONE:-us-central1-a}"
-CPUS="2"
-MEMORY="4Gb"
-DISK="200"
-PROJECT="libpod-218412"
-GOSRC="/var/tmp/go/src/github.com/containers/podman"
-GIT_REPO="https://github.com/containers/podman.git"
-
-# Container image with necessary runtime elements
-GCLOUD_IMAGE="${GCLOUD_IMAGE:-docker.io/google/cloud-sdk:alpine}"
-GCLOUD_CFGDIR=".config/gcloud"
-
-SCRIPT_FILENAME=$(basename ${BASH_SOURCE[0]})
-HOOK_FILENAME="hook_${SCRIPT_FILENAME}"
+SCRIPT_FILEPATH=$(realpath "${BASH_SOURCE[0]}")
+SCRIPT_DIRPATH=$(dirname "$SCRIPT_FILEPATH")
+REPO_DIRPATH=$(realpath "$SCRIPT_DIRPATH/../")
-# Shared tmp directory between container and us
-TMPDIR=$(mktemp -d --tmpdir ${SCRIPT_FILENAME}_tmpdir_XXXXXX)
-
-show_usage() {
- echo -e "\n${RED}ERROR: $1${NOR}"
- echo -e "${YEL}Usage: $SCRIPT_FILENAME <image_name>${NOR}"
- echo ""
- if [[ -r ".cirrus.yml" ]]
- then
- echo -e "${YEL}Some possible image_name values (from .cirrus.yml):${NOR}"
- image_hints
- echo ""
- echo -e "${YEL}Optional:${NOR} If a $HOME/$GCLOUD_CFGDIR/$HOOK_FILENAME executable exists during"
- echo "VM creation, it will be executed remotely after cloning"
- echo "$GIT_REPO. The"
- echo "current local working branch name and commit ID, will be provided as"
- echo "it's arguments."
+# Help detect if we were called by get_ci_vm container
+GET_CI_VM="${GET_CI_VM:-0}"
+in_get_ci_vm() {
+ if ((GET_CI_VM==0)); then
+ echo "Error: $1 is not intended for use in this context"
+ exit 2
fi
- exit 1
-}
-
-LIBPODROOT=$(realpath "$(dirname ${BASH_SOURCE[0]})/../")
-# else: Assume $PWD is the root of the libpod repository
-[[ "$LIBPODROOT" != "/" ]] || \
- show_usage "Must execute script from within clone of containers/podman repo."
-
-[[ "$UID" -ne 0 ]] || \
- show_usage "Must execute script as a regular (non-root) user."
-
-[[ "${LIBPODROOT#$HOME}" != "$LIBPODROOT" ]] || \
- show_usage "Clone of containers/podman must be a subdirectory of \$HOME ($HOME)"
-
-# Disable SELinux labeling to allow read-only mounting of repository files
-PGCLOUD="podman run -it --rm --security-opt label=disable -v $TMPDIR:$TMPDIR -v $HOME/.config/gcloud:/root/.config/gcloud -v $HOME/.config/gcloud/ssh:/root/.ssh -v $LIBPODROOT:$LIBPODROOT:ro $GCLOUD_IMAGE gcloud --configuration=libpod --project=$PROJECT"
-SCP_CMD="$PGCLOUD compute scp"
-
-showrun() {
- echo '+ '$(printf " %q" "$@") > /dev/stderr
- echo ""
- "$@"
-}
-
-cleanup() {
- RET=$?
- set +e
- wait
-
- # set GCLOUD_DEBUG to leave tmpdir behind for postmortem
- # shellcheck disable=SC2154
- test -z "$GCLOUD_DEBUG" && rm -rf $TMPDIR
-
- # Not always called from an exit handler, but should always exit when called
- exit $RET
-}
-trap cleanup EXIT
-
-delvm() {
- echo -e "\n"
- echo -e "\n${YEL}Offering to Delete $VMNAME${NOR}"
- echo -e "${RED}(Deletion might take a minute or two)${NOR}"
- echo -e "${YEL}Note: It's safe to answer N, then re-run script again later.${NOR}"
- showrun $CLEANUP_CMD # prompts for Yes/No
- cleanup
-}
-
-get_env_vars() {
- # Deal with both YAML and embedded shell-like substitutions in values
- # if substitution fails, fall back to printing naked env. var as-is.
- python3 -c '
-import sys,yaml,re
-env=yaml.load(open(".cirrus.yml"), Loader=yaml.SafeLoader)["env"]
-dollar_env_var=re.compile(r"\$(\w+)")
-dollarcurly_env_var=re.compile(r"\$\{(\w+)\}")
-class ReIterKey(dict):
- def __missing__(self, key):
- # Cirrus-CI provides some runtime-only env. vars. Avoid
- # breaking this hack-script if/when any are present in YAML
- return "${0}".format(key)
-rep=r"{\1}" # Convert env vars markup to -> str.format_map(re_iter_key) markup
-out=ReIterKey()
-for k,v in env.items():
- if "ENCRYPTED" not in str(v) and bool(v):
- out[k]=dollar_env_var.sub(rep, dollarcurly_env_var.sub(rep, str(v)))
-for k,v in out.items():
- sys.stdout.write("{0}=\"{1}\"\n".format(k, str(v).format_map(out)))
- '
-}
-
-image_hints() {
- get_env_vars | fgrep '_CACHE_IMAGE_NAME' | awk -F "=" '{print $2}'
}
-unset VM_IMAGE_NAME
-unset VMNAME
-unset CREATE_CMD
-unset SSH_CMD
-unset CLEANUP_CMD
-declare -xa ENVS
-parse_args(){
- local arg
- echo -e "$USAGE_WARNING"
-
- if [[ "$USER" =~ "root" ]]
- then
- show_usage "This script must be run as a regular user."
- fi
-
- [[ "$#" -eq 1 ]] || \
- show_usage "Must specify a VM Image name to use, and the test flavor."
-
- VM_IMAGE_NAME="$1"
-
- # Word-splitting is desirable in this case.
- # Values are used literally (with '=') as args to future `env` command.
- # get_env_vars() will take care of properly quoting it's output.
- # shellcheck disable=SC2207,SC2191
- ENVS=(
- $(get_env_vars)
- VM_IMAGE_NAME="$VM_IMAGE_NAME"
- UPSTREAM_REMOTE="upstream"
- )
-
- VMNAME="${VMNAME:-${USER}-${VM_IMAGE_NAME}}"
-
- CREATE_CMD="$PGCLOUD compute instances create --zone=$ZONE --image=${VM_IMAGE_NAME} --custom-cpu=$CPUS --custom-memory=$MEMORY --boot-disk-size=$DISK --labels=in-use-by=$USER $VMNAME"
-
- SSH_CMD="$PGCLOUD compute ssh root@$VMNAME"
-
- CLEANUP_CMD="$PGCLOUD compute instances delete --zone $ZONE --delete-disks=all $VMNAME"
-}
-
-# Returns true if user has run an 'init' and has a valid token for
-# the specific project-id and named-configuration arguments in $PGCLOUD.
-function has_valid_credentials() {
- if $PGCLOUD info |& grep -Eq 'Account:.*None'; then
- return 1
- fi
-
- # It's possible for 'gcloud info' to list expired credentials,
- # e.g. 'ERROR: ... invalid grant: Bad Request'
- if $PGCLOUD auth print-access-token |& grep -q 'ERROR'; then
- return 1
- fi
-
- return 0
-}
-
-##### main
-
-[[ "${LIBPODROOT%%${LIBPODROOT##$HOME}}" == "$HOME" ]] || \
- show_usage "Repo clone must be sub-dir of $HOME"
-
-cd "$LIBPODROOT"
-
-parse_args "$@"
-mkdir -p $TMPDIR/.ssh
-mkdir -p {$HOME,$TMPDIR}/.config/gcloud/ssh
-chmod 700 {$HOME,$TMPDIR}/.config/gcloud/ssh $TMPDIR/.ssh
-
-echo -e "\n${YEL}Pulling gcloud image...${NOR}"
-podman pull $GCLOUD_IMAGE
-
-if ! has_valid_credentials
-then
- echo -e "\n${YEL}WARNING: Can't find gcloud configuration for libpod, running init.${NOR}"
- echo -e " ${RED}Please choose \"#1: Re-initialize\" and \"login\" if asked.${NOR}"
- showrun $PGCLOUD init --project=$PROJECT --console-only --skip-diagnostics
-
- # Verify it worked (account name == someone@example.com)
- $PGCLOUD info > $TMPDIR/gcloud-info-after-init
- if egrep -q "Account:.*None" $TMPDIR/gcloud-info-after-init
- then
- echo -e "${RED}ERROR: Could not initialize libpod configuration in gcloud.${NOR}"
- exit 5
- fi
-
- # If this is the only config, make it the default to avoid
- # persistent warnings from gcloud about there being no default.
- [[ -r "$HOME/.config/gcloud/configurations/config_default" ]] || \
- ln "$HOME/.config/gcloud/configurations/config_libpod" \
- "$HOME/.config/gcloud/configurations/config_default"
+# get_ci_vm APIv1 container entrypoint calls into this script
+# to obtain required repo. specific configuration options.
+if [[ "$1" == "--config" ]]; then
+ in_get_ci_vm "$1"
+ cat <<EOF
+DESTDIR="/var/tmp/go/src/github.com/containers/podman"
+UPSTREAM_REPO="https://github.com/containers/podman.git"
+CI_ENVFILE="/etc/ci_environment"
+GCLOUD_PROJECT="libpod-218412"
+GCLOUD_IMGPROJECT="libpod-218412"
+GCLOUD_CFG="libpod"
+GCLOUD_ZONE="${GCLOUD_ZONE:-us-central1-a}"
+GCLOUD_CPUS="2"
+GCLOUD_MEMORY="4Gb"
+GCLOUD_DISK="200"
+EOF
+elif [[ "$1" == "--setup" ]]; then
+ in_get_ci_vm "$1"
+ # get_ci_vm container entrypoint calls us with this option on the
+ # Cirrus-CI environment instance, to perform repo.-specific setup.
+ cd $REPO_DIRPATH
+ echo "+ Loading ./contrib/cirrus/lib.sh" > /dev/stderr
+ source ./contrib/cirrus/lib.sh
+ echo "+ Mimicking .cirrus.yml clone_script and build_task" > /dev/stderr
+ make install.tools
+ make vendor
+ make podman
+ make podman-remote
+ echo "+ Running environment setup" > /dev/stderr
+ ./contrib/cirrus/setup_environment.sh
+else
+ # Create and access VM for specified Cirrus-CI task
+ mkdir -p $HOME/.config/gcloud/ssh
+ podman run -it --rm \
+ --tz=local \
+ -e NAME="$USER" \
+ -e SRCDIR=/src \
+ -e GCLOUD_ZONE="$GCLOUD_ZONE" \
+ -e DEBUG="${DEBUG:-0}" \
+ -v $REPO_DIRPATH:/src:O \
+ -v $HOME/.config/gcloud:/root/.config/gcloud:z \
+ -v $HOME/.config/gcloud/ssh:/root/.ssh:z \
+ quay.io/libpod/get_ci_vm:latest "$@"
fi
-
-trap delvm EXIT # Allow deleting VM if CTRL-C during create
-echo -e "\n${YEL}Trying to creating a VM named $VMNAME${NOR}\n${YEL}in GCE region/zone $ZONE${NOR}"
-echo -e "For faster terminal access, export ZONE='<something-closer>'"
-echo -e 'Zone-list at: https://cloud.google.com/compute/docs/regions-zones/\n'
-if showrun $CREATE_CMD; then # Freshly created VM needs initial setup
-
- echo -e "\n${YEL}Waiting up to 30s for ssh port to open${NOR}"
- ATTEMPTS=10
- trap "exit 1" INT
- while ((ATTEMPTS)) && ! $SSH_CMD --command "true"; do
- let "ATTEMPTS--"
- echo -e "${RED}Nope, not yet.${NOR}"
- sleep 3s
- done
- trap - INT
- if ! ((ATTEMPTS)); then
- echo -e "\n${RED}Failed${NOR}"
- exit 7
- fi
- echo -e "${YEL}Got it. Cloning upstream repository as a starting point.${NOR}"
-
- showrun $SSH_CMD -- "mkdir -p $GOSRC"
- showrun $SSH_CMD -- "git clone --progress $GIT_REPO $GOSRC"
-
- if [[ -x "$HOME/$GCLOUD_CFGDIR/$HOOK_FILENAME" ]]; then
- echo -e "\n${YEL}Copying hook to VM and executing (ignoring errors).${NOR}"
- $PGCLOUD compute scp "/root/$GCLOUD_CFGDIR/$HOOK_FILENAME" root@$VMNAME:.
- if ! showrun $SSH_CMD -- "cd $GOSRC && bash /root/$HOOK_FILENAME $(git branch --show-current) $(git rev-parse HEAD)"; then
- echo "-e ${RED}Hook exited: $?${NOR}"
- fi
- fi
-fi
-
-echo -e "\n${YEL}Generating connection script for $VMNAME.${NOR}"
-echo -e "Note: Script can be re-used in another terminal if needed."
-echo -e "${RED}(option to delete VM presented upon exiting).${NOR}"
-# TODO: This is fairly fragile, specifically the quoting for the remote command.
-echo '#!/bin/bash' > $TMPDIR/ssh
-echo "$SSH_CMD -- -t 'cd $GOSRC && exec env ${ENVS[*]} bash -il'" >> $TMPDIR/ssh
-chmod +x $TMPDIR/ssh
-
-showrun $TMPDIR/ssh
diff --git a/hack/swagger-check b/hack/swagger-check
index d20318305..646cbcb84 100755
--- a/hack/swagger-check
+++ b/hack/swagger-check
@@ -59,11 +59,6 @@ says 'libpod'.
OPTIONS:
- --pedantic Compare operation names (the last part of swagger comment).
- There are far too many of these inconsistencies to allow us
- to enable this by default, but it still might be a useful
- check in some circumstances.
-
-v, --verbose show verbose progress indicators
-n, --dry-run make no actual changes
@@ -75,7 +70,6 @@ END_USAGE
}
# Command-line options. Note that this operates directly on @ARGV !
-our $pedantic;
our $debug = 0;
our $force = 0;
our $verbose = 0;
@@ -83,8 +77,6 @@ our $NOT = ''; # print "blahing the blah$NOT\n" if $debug
sub handle_opts {
use Getopt::Long;
GetOptions(
- 'pedantic' => \$pedantic,
-
'debug!' => \$debug,
'dry-run|n!' => sub { $NOT = ' [NOT]' },
'force' => \$force,
@@ -225,26 +217,14 @@ sub handle_handle {
my $tag = ($endpoint =~ /(libpod)/ ? $1 : 'compat');
#
- # Determine the OPERATION. *** NOTE: This is mostly useless! ***
- # In an ideal world the swagger comment would match actual function call;
- # in reality there are over thirty mismatches. Use --pedantic to see.
+ # Determine the OPERATION. Done in a helper function because there
+ # are a lot of complicated special cases.
#
- my $operation = '';
- if ($line =~ /(generic|handlers|compat)\.(\w+)/) {
- $operation = lcfirst $2;
- if ($endpoint =~ m!/libpod/! && $operation !~ /^libpod/) {
- $operation = 'libpod' . ucfirst $operation;
- }
- }
- elsif ($line =~ /(libpod)\.(\w+)/) {
- $operation = "$1$2";
- }
+ my $operation = operation_name($method, $endpoint);
# Special case: the following endpoints all get a custom tag
if ($endpoint =~ m!/(pods|manifests)/!) {
$tag = $1;
- $operation =~ s/^libpod//;
- $operation = lcfirst $operation;
}
# Special case: anything related to 'events' gets a system tag
@@ -252,11 +232,6 @@ sub handle_handle {
$tag = 'system';
}
- # Special case: /changes is libpod even though it says compat
- if ($endpoint =~ m!/changes!) {
- $tag = 'libpod';
- }
-
state $previous_path; # Previous path name, to avoid dups
#
@@ -269,13 +244,6 @@ sub handle_handle {
my $actual = $actual[0];
- # By default, don't compare the operation: there are far too many
- # mismatches here.
- if (! $pedantic) {
- $actual =~ s/\s+\S+\s*$//;
- $expect =~ s/\s+\S+\s*$//;
- }
-
# (Ignore whitespace discrepancies)
(my $a_trimmed = $actual) =~ s/\s+/ /g;
@@ -314,4 +282,72 @@ sub handle_handle {
return;
}
+
+####################
+# operation_name # Given a method + endpoint, return the swagger operation
+####################
+sub operation_name {
+ my ($method, $endpoint) = @_;
+
+ # /libpod/foo/bar -> (libpod, foo, bar)
+ my @endpoints = grep { /\S/ } split '/', $endpoint;
+
+ # /libpod endpoints -> add 'Libpod' to end, e.g. PodStatsLibpod
+ my $Libpod = '';
+ my $main = shift(@endpoints);
+ if ($main eq 'libpod') {
+ $Libpod = ucfirst($main);
+ $main = shift(@endpoints);
+ }
+ $main =~ s/s$//; # e.g. Volumes -> Volume
+
+ # Next path component is an optional action:
+ # GET /containers/json -> ContainerList
+ # DELETE /libpod/containers/{name} -> ContainerDelete
+ # GET /libpod/containers/{name}/logs -> ContainerLogsLibpod
+ my $action = shift(@endpoints) || 'list';
+ $action = 'list' if $action eq 'json';
+ $action = 'delete' if $method eq 'DELETE';
+
+ # Anything with {id}, {name}, {name:..} may have a following component
+ if ($action =~ m!\{.*\}!) {
+ $action = shift(@endpoints) || 'inspect';
+ $action = 'inspect' if $action eq 'json';
+ }
+
+ # All sorts of special cases
+ if ($action eq 'df') {
+ $action = 'dataUsage';
+ }
+ # Grrrrrr, this one is annoying: some operations get an extra 'All'
+ elsif ($action =~ /^(delete|get|stats)$/ && $endpoint !~ /\{/) {
+ $action .= "All";
+ $main .= 's' if $main eq 'container';
+ }
+ # No real way to used MixedCase in an endpoint, so we have to hack it here
+ elsif ($action eq 'showmounted') {
+ $action = 'showMounted';
+ }
+ # Ping is a special endpoint, and even if /libpod/_ping, no 'Libpod'
+ elsif ($main eq '_ping') {
+ $main = 'system';
+ $action = 'ping';
+ $Libpod = '';
+ }
+ # Top-level compat endpoints
+ elsif ($main =~ /^(build|commit)$/) {
+ $main = 'image';
+ $action = $1;
+ }
+ # Top-level system endpoints
+ elsif ($main =~ /^(auth|event|info|version)$/) {
+ $main = 'system';
+ $action = $1;
+ $action .= 's' if $action eq 'event';
+ }
+
+ return "\u${main}\u${action}$Libpod";
+}
+
+
1;
diff --git a/libpod/container_exec.go b/libpod/container_exec.go
index bb43287d9..8d8ed14aa 100644
--- a/libpod/container_exec.go
+++ b/libpod/container_exec.go
@@ -696,6 +696,24 @@ func (c *Container) ExecResize(sessionID string, newSize define.TerminalSize) er
return errors.Wrapf(define.ErrExecSessionStateInvalid, "cannot resize container %s exec session %s as it is not running", c.ID(), session.ID())
}
+ // The exec session may have exited since we last updated.
+ // Needed to prevent race conditions around short-running exec sessions.
+ running, err := c.ociRuntime.ExecUpdateStatus(c, session.ID())
+ if err != nil {
+ return err
+ }
+ if !running {
+ session.State = define.ExecStateStopped
+
+ if err := c.save(); err != nil {
+ logrus.Errorf("Error saving state of container %s: %v", c.ID(), err)
+ }
+
+ return errors.Wrapf(define.ErrExecSessionStateInvalid, "cannot resize container %s exec session %s as it has stopped", c.ID(), session.ID())
+ }
+
+ // Make sure the exec session is still running.
+
return c.ociRuntime.ExecAttachResize(c, sessionID, newSize)
}
@@ -720,8 +738,13 @@ func (c *Container) Exec(config *ExecConfig, streams *define.AttachStreams, resi
logrus.Debugf("Sending resize events to exec session %s", sessionID)
for resizeRequest := range resize {
if err := c.ExecResize(sessionID, resizeRequest); err != nil {
- // Assume the exec session went down.
- logrus.Warnf("Error resizing exec session %s: %v", sessionID, err)
+ if errors.Cause(err) == define.ErrExecSessionStateInvalid {
+ // The exec session stopped
+ // before we could resize.
+ logrus.Infof("Missed resize on exec session %s, already stopped", sessionID)
+ } else {
+ logrus.Warnf("Error resizing exec session %s: %v", sessionID, err)
+ }
return
}
}
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 106e2569b..a53027ab2 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -966,9 +966,7 @@ func (c *Container) completeNetworkSetup() error {
if err := c.syncContainer(); err != nil {
return err
}
- if rootless.IsRootless() {
- return c.runtime.setupRootlessNetNS(c)
- } else if c.config.NetMode.IsSlirp4netns() {
+ if c.config.NetMode.IsSlirp4netns() {
return c.runtime.setupSlirp4netns(c)
}
if err := c.runtime.setupNetNS(c); err != nil {
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index a136fb72d..4fc45e4f0 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -92,11 +92,7 @@ func (c *Container) prepare() error {
// Set up network namespace if not already set up
noNetNS := c.state.NetNS == nil
if c.config.CreateNetNS && noNetNS && !c.config.PostConfigureNetNS {
- if rootless.IsRootless() && len(c.config.Networks) > 0 {
- netNS, networkStatus, createNetNSErr = AllocRootlessCNI(context.Background(), c)
- } else {
- netNS, networkStatus, createNetNSErr = c.runtime.createNetNS(c)
- }
+ netNS, networkStatus, createNetNSErr = c.runtime.createNetNS(c)
if createNetNSErr != nil {
return
}
@@ -380,8 +376,14 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
case "z":
fallthrough
case "Z":
- if err := label.Relabel(m.Source, c.MountLabel(), label.IsShared(o)); err != nil {
- return nil, err
+ if c.MountLabel() != "" {
+ if c.ProcessLabel() != "" {
+ if err := label.Relabel(m.Source, c.MountLabel(), label.IsShared(o)); err != nil {
+ return nil, err
+ }
+ } else {
+ logrus.Infof("Not relabeling volume %q in container %s as SELinux is disabled", m.Source, c.ID())
+ }
}
default:
diff --git a/libpod/container_validate.go b/libpod/container_validate.go
index 245121a91..aae96ae85 100644
--- a/libpod/container_validate.go
+++ b/libpod/container_validate.go
@@ -126,5 +126,11 @@ func (c *Container) validate() error {
}
}
+ // If User in the OCI spec is set, require that c.config.User is set for
+ // security reasons (a lot of our code relies on c.config.User).
+ if c.config.User == "" && (c.config.Spec.Process.User.UID != 0 || c.config.Spec.Process.User.GID != 0) {
+ return errors.Wrapf(define.ErrInvalidArg, "please set User explicitly via WithUser() instead of in OCI spec directly")
+ }
+
return nil
}
diff --git a/libpod/network/create.go b/libpod/network/create.go
index 1a5aa82fc..4fe9b445f 100644
--- a/libpod/network/create.go
+++ b/libpod/network/create.go
@@ -11,7 +11,6 @@ import (
"github.com/containernetworking/cni/pkg/version"
"github.com/containers/common/pkg/config"
"github.com/containers/podman/v3/pkg/domain/entities"
- "github.com/containers/podman/v3/pkg/rootless"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -223,9 +222,8 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon
plugins = append(plugins, NewPortMapPlugin())
plugins = append(plugins, NewFirewallPlugin())
plugins = append(plugins, NewTuningPlugin())
- // if we find the dnsname plugin or are rootless, we add configuration for it
- // the rootless-cni-infra container has the dnsname plugin always installed
- if (HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) || rootless.IsRootless()) && !options.DisableDNS {
+ // if we find the dnsname plugin we add configuration for it
+ if HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) && !options.DisableDNS {
if options.Internal {
logrus.Warnf("dnsname and --internal networks are incompatible. dnsname plugin not configured for network %s", name)
} else {
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 8bf532f66..157c85431 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -3,11 +3,8 @@
package libpod
import (
- "bytes"
- "context"
"crypto/rand"
"fmt"
- "io"
"io/ioutil"
"net"
"os"
@@ -27,9 +24,12 @@ import (
"github.com/containers/podman/v3/libpod/network"
"github.com/containers/podman/v3/pkg/errorhandling"
"github.com/containers/podman/v3/pkg/netns"
+ "github.com/containers/podman/v3/pkg/resolvconf"
"github.com/containers/podman/v3/pkg/rootless"
- "github.com/containers/podman/v3/pkg/rootlessport"
+ "github.com/containers/podman/v3/pkg/util"
+ "github.com/containers/storage/pkg/lockfile"
"github.com/cri-o/ocicni/pkg/ocicni"
+ "github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/vishvananda/netlink"
@@ -46,6 +46,9 @@ const (
// slirp4netnsMTU the default MTU override
slirp4netnsMTU = 65520
+
+ // rootlessCNINSName is the file name for the rootless network namespace bind mount
+ rootlessCNINSName = "rootless-cni-ns"
)
// Get an OCICNI network config
@@ -102,6 +105,361 @@ func (r *Runtime) getPodNetwork(id, name, nsPath string, networks []string, port
return ctrNetwork
}
+type rootlessCNI struct {
+ ns ns.NetNS
+ dir string
+ lock lockfile.Locker
+}
+
+func (r *rootlessCNI) Do(toRun func() error) error {
+ err := r.ns.Do(func(_ ns.NetNS) error {
+ // before we can run the given function
+ // we have to setup all mounts correctly
+
+ // create a new mount namespace
+ // this should happen inside the netns thread
+ err := unix.Unshare(unix.CLONE_NEWNS)
+ if err != nil {
+ return errors.Wrapf(err, "cannot create a new mount namespace")
+ }
+
+ netNsDir, err := netns.GetNSRunDir()
+ if err != nil {
+ return errors.Wrap(err, "could not get network namespace directory")
+ }
+ newNetNsDir := filepath.Join(r.dir, netNsDir)
+ // mount the netns into the new run to keep them accessible
+ // otherwise cni setup will fail because it cannot access the netns files
+ err = unix.Mount(netNsDir, newNetNsDir, "none", unix.MS_BIND|unix.MS_SHARED|unix.MS_REC, "")
+ if err != nil {
+ return errors.Wrap(err, "failed to mount netns directory for rootless cni")
+ }
+
+ // mount resolv.conf to make use of the host dns
+ err = unix.Mount(filepath.Join(r.dir, "resolv.conf"), "/etc/resolv.conf", "none", unix.MS_BIND, "")
+ if err != nil {
+ return errors.Wrap(err, "failed to mount resolv.conf for rootless cni")
+ }
+
+ // also keep /run/systemd if it exists
+ // many files are symlinked into this dir, for example /dev/log
+ runSystemd := "/run/systemd"
+ _, err = os.Stat(runSystemd)
+ if err == nil {
+ newRunSystemd := filepath.Join(r.dir, runSystemd[1:])
+ err = unix.Mount(runSystemd, newRunSystemd, "none", unix.MS_BIND|unix.MS_REC, "")
+ if err != nil {
+ return errors.Wrap(err, "failed to mount /run/systemd directory for rootless cni")
+ }
+ }
+
+ // cni plugins need access to /var and /run
+ runDir := filepath.Join(r.dir, "run")
+ varDir := filepath.Join(r.dir, "var")
+ // make sure to mount var first
+ err = unix.Mount(varDir, "/var", "none", unix.MS_BIND, "")
+ if err != nil {
+ return errors.Wrap(err, "failed to mount /var for rootless cni")
+ }
+ // recursive mount to keep the netns mount
+ err = unix.Mount(runDir, "/run", "none", unix.MS_BIND|unix.MS_REC, "")
+ if err != nil {
+ return errors.Wrap(err, "failed to mount /run for rootless cni")
+ }
+
+ // run the given function in the correct namespace
+ err = toRun()
+ return err
+ })
+ return err
+}
+
+// cleanup the rootless cni namespace if needed
+// check if we have running containers with the bridge network mode
+func (r *rootlessCNI) cleanup(runtime *Runtime) error {
+ r.lock.Lock()
+ defer r.lock.Unlock()
+ running := func(c *Container) bool {
+ // we cannot use c.state() because it will try to lock the container
+ // using c.state.State directly should be good enough for this use case
+ state := c.state.State
+ return state == define.ContainerStateRunning
+ }
+ ctrs, err := runtime.GetContainersWithoutLock(running)
+ if err != nil {
+ return err
+ }
+ cleanup := true
+ for _, ctr := range ctrs {
+ if ctr.config.NetMode.IsBridge() {
+ cleanup = false
+ }
+ }
+ if cleanup {
+ // make sure the the cni results (cache) dir is empty
+ // libpod instances with another root dir are not covered by the check above
+ // this allows several libpod instances to use the same rootless cni ns
+ contents, err := ioutil.ReadDir(filepath.Join(r.dir, "var/lib/cni/results"))
+ if (err == nil && len(contents) == 0) || os.IsNotExist(err) {
+ logrus.Debug("Cleaning up rootless cni namespace")
+ err = netns.UnmountNS(r.ns)
+ if err != nil {
+ return err
+ }
+ // make the following errors not fatal
+ err = r.ns.Close()
+ if err != nil {
+ logrus.Error(err)
+ }
+ b, err := ioutil.ReadFile(filepath.Join(r.dir, "rootless-cni-slirp4netns.pid"))
+ if err == nil {
+ var i int
+ i, err = strconv.Atoi(string(b))
+ if err == nil {
+ // kill the slirp process so we do not leak it
+ err = syscall.Kill(i, syscall.SIGTERM)
+ }
+ }
+ if err != nil {
+ logrus.Errorf("failed to kill slirp4netns process: %s", err)
+ }
+ err = os.RemoveAll(r.dir)
+ if err != nil {
+ logrus.Error(err)
+ }
+ } else if err != nil && !os.IsNotExist(err) {
+ logrus.Errorf("could not read rootless cni directory, skipping cleanup: %s", err)
+ }
+ }
+ return nil
+}
+
+// getRootlessCNINetNs returns the rootless cni object. If create is set to true
+// the rootless cni namespace will be created if it does not exists already.
+func (r *Runtime) getRootlessCNINetNs(new bool) (*rootlessCNI, error) {
+ var rootlessCNINS *rootlessCNI
+ if rootless.IsRootless() {
+ runDir, err := util.GetRuntimeDir()
+ if err != nil {
+ return nil, err
+ }
+ cniDir := filepath.Join(runDir, "rootless-cni")
+ err = os.MkdirAll(cniDir, 0700)
+ if err != nil {
+ return nil, errors.Wrap(err, "could not create rootless-cni directory")
+ }
+
+ lfile := filepath.Join(cniDir, "rootless-cni.lck")
+ lock, err := lockfile.GetLockfile(lfile)
+ if err != nil {
+ return nil, errors.Wrap(err, "failed to get rootless-cni lockfile")
+ }
+ lock.Lock()
+ defer lock.Unlock()
+
+ nsDir, err := netns.GetNSRunDir()
+ if err != nil {
+ return nil, err
+ }
+ path := filepath.Join(nsDir, rootlessCNINSName)
+ ns, err := ns.GetNS(path)
+ if err != nil {
+ if new {
+ // create a new namespace
+ logrus.Debug("creating rootless cni network namespace")
+ ns, err = netns.NewNSWithName(rootlessCNINSName)
+ if err != nil {
+ return nil, errors.Wrap(err, "error creating rootless cni network namespace")
+ }
+
+ // setup slirp4netns here
+ path := r.config.Engine.NetworkCmdPath
+ if path == "" {
+ var err error
+ path, err = exec.LookPath("slirp4netns")
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ syncR, syncW, err := os.Pipe()
+ if err != nil {
+ return nil, errors.Wrapf(err, "failed to open pipe")
+ }
+ defer errorhandling.CloseQuiet(syncR)
+ defer errorhandling.CloseQuiet(syncW)
+
+ netOptions, err := parseSlirp4netnsNetworkOptions(r, nil)
+ if err != nil {
+ return nil, err
+ }
+ slirpFeatures, err := checkSlirpFlags(path)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error checking slirp4netns binary %s: %q", path, err)
+ }
+ cmdArgs, err := createBasicSlirp4netnsCmdArgs(netOptions, slirpFeatures)
+ if err != nil {
+ return nil, err
+ }
+ // Note we do not use --exit-fd, we kill this process by pid
+ cmdArgs = append(cmdArgs, "-c", "-r", "3")
+ cmdArgs = append(cmdArgs, "--netns-type=path", ns.Path(), "tap0")
+
+ cmd := exec.Command(path, cmdArgs...)
+ logrus.Debugf("slirp4netns command: %s", strings.Join(cmd.Args, " "))
+ cmd.SysProcAttr = &syscall.SysProcAttr{
+ Setpgid: true,
+ }
+
+ // workaround for https://github.com/rootless-containers/slirp4netns/pull/153
+ if !netOptions.noPivotRoot && slirpFeatures.HasEnableSandbox {
+ cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNS
+ cmd.SysProcAttr.Unshareflags = syscall.CLONE_NEWNS
+ }
+
+ // Leak one end of the pipe in slirp4netns
+ cmd.ExtraFiles = append(cmd.ExtraFiles, syncW)
+
+ logPath := filepath.Join(r.config.Engine.TmpDir, "slirp4netns-rootless-cni.log")
+ logFile, err := os.Create(logPath)
+ if err != nil {
+ return nil, errors.Wrapf(err, "failed to open slirp4netns log file %s", logPath)
+ }
+ defer logFile.Close()
+ // Unlink immediately the file so we won't need to worry about cleaning it up later.
+ // It is still accessible through the open fd logFile.
+ if err := os.Remove(logPath); err != nil {
+ return nil, errors.Wrapf(err, "delete file %s", logPath)
+ }
+ cmd.Stdout = logFile
+ cmd.Stderr = logFile
+ if err := cmd.Start(); err != nil {
+ return nil, errors.Wrapf(err, "failed to start slirp4netns process")
+ }
+ // create pid file for the slirp4netns process
+ // this is need to kill the process in the cleanup
+ pid := strconv.Itoa(cmd.Process.Pid)
+ err = ioutil.WriteFile(filepath.Join(cniDir, "rootless-cni-slirp4netns.pid"), []byte(pid), 0700)
+ if err != nil {
+ errors.Wrap(err, "unable to write rootless-cni slirp4netns pid file")
+ }
+
+ defer func() {
+ if err := cmd.Process.Release(); err != nil {
+ logrus.Errorf("unable to release command process: %q", err)
+ }
+ }()
+
+ if err := waitForSync(syncR, cmd, logFile, 1*time.Second); err != nil {
+ return nil, err
+ }
+
+ // build a new resolv.conf file which uses the slirp4netns dns server address
+ resolveIP := slirp4netnsDNS
+ if netOptions.cidr != "" {
+ _, cidr, err := net.ParseCIDR(netOptions.cidr)
+ if err != nil {
+ return nil, errors.Wrap(err, "failed to parse slirp4netns cidr")
+ }
+ // the slirp dns ip is always the third ip in the subnet
+ cidr.IP[len(cidr.IP)-1] = cidr.IP[len(cidr.IP)-1] + 3
+ resolveIP = cidr.IP.String()
+ }
+ conf, err := resolvconf.Get()
+ if err != nil {
+ return nil, err
+ }
+ searchDomains := resolvconf.GetSearchDomains(conf.Content)
+ dnsOptions := resolvconf.GetOptions(conf.Content)
+
+ _, err = resolvconf.Build(filepath.Join(cniDir, "resolv.conf"), []string{resolveIP}, searchDomains, dnsOptions)
+ if err != nil {
+ return nil, errors.Wrap(err, "failed to create rootless cni resolv.conf")
+ }
+
+ // create cni directories to store files
+ // they will be bind mounted to the correct location in a extra mount ns
+ err = os.MkdirAll(filepath.Join(cniDir, "var"), 0700)
+ if err != nil {
+ return nil, errors.Wrap(err, "could not create rootless-cni var directory")
+ }
+ runDir := filepath.Join(cniDir, "run")
+ err = os.MkdirAll(runDir, 0700)
+ if err != nil {
+ return nil, errors.Wrap(err, "could not create rootless-cni run directory")
+ }
+ // relabel the new run directory to the iptables /run label
+ // this is important, otherwise the iptables command will fail
+ err = label.Relabel(runDir, "system_u:object_r:iptables_var_run_t:s0", false)
+ if err != nil {
+ return nil, errors.Wrap(err, "could not create relabel rootless-cni run directory")
+ }
+ // create systemd run directory
+ err = os.MkdirAll(filepath.Join(runDir, "systemd"), 0700)
+ if err != nil {
+ return nil, errors.Wrap(err, "could not create rootless-cni systemd directory")
+ }
+ // create the directory for the netns files at the same location
+ // relative to the rootless-cni location
+ err = os.MkdirAll(filepath.Join(cniDir, nsDir), 0700)
+ if err != nil {
+ return nil, errors.Wrap(err, "could not create rootless-cni netns directory")
+ }
+ } else {
+ // return a error if we could not get the namespace and should no create one
+ return nil, errors.Wrap(err, "error getting rootless cni network namespace")
+ }
+ }
+
+ rootlessCNINS = &rootlessCNI{
+ ns: ns,
+ dir: cniDir,
+ lock: lock,
+ }
+ }
+ return rootlessCNINS, nil
+}
+
+// setUpOCICNIPod will set up the cni networks, on error it will also tear down the cni
+// networks. If rootless it will join/create the rootless cni namespace.
+func (r *Runtime) setUpOCICNIPod(podNetwork ocicni.PodNetwork) ([]ocicni.NetResult, error) {
+ rootlessCNINS, err := r.getRootlessCNINetNs(true)
+ if err != nil {
+ return nil, err
+ }
+ var results []ocicni.NetResult
+ setUpPod := func() error {
+ results, err = r.netPlugin.SetUpPod(podNetwork)
+ if err != nil {
+ if err2 := r.netPlugin.TearDownPod(podNetwork); err2 != nil {
+ logrus.Errorf("Error tearing down partially created network namespace for container %s: %v", podNetwork.ID, err2)
+ }
+ return errors.Wrapf(err, "error configuring network namespace for container %s", podNetwork.ID)
+ }
+ return nil
+ }
+ // rootlessCNINS is nil if we are root
+ if rootlessCNINS != nil {
+ // execute the cni setup in the rootless net ns
+ err = rootlessCNINS.Do(setUpPod)
+ } else {
+ err = setUpPod()
+ }
+ return results, err
+}
+
+// getCNIPodName return the pod name (hostname) used by CNI and the dnsname plugin.
+// If we are in the pod network namespace use the pod name otherwise the container name
+func getCNIPodName(c *Container) string {
+ if c.config.NetMode.IsPod() || c.IsInfra() {
+ pod, err := c.runtime.GetPod(c.PodID())
+ if err == nil {
+ return pod.Name()
+ }
+ }
+ return c.Name()
+}
+
// Create and configure a new network namespace for a container
func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) ([]*cnitypes.Result, error) {
var requestedIP net.IP
@@ -147,17 +505,10 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) ([]*cnitypes.Re
podNetwork.Aliases = aliases
}
- results, err := r.netPlugin.SetUpPod(podNetwork)
+ results, err := r.setUpOCICNIPod(podNetwork)
if err != nil {
- return nil, errors.Wrapf(err, "error configuring network namespace for container %s", ctr.ID())
+ return nil, err
}
- defer func() {
- if err != nil {
- if err2 := r.netPlugin.TearDownPod(podNetwork); err2 != nil {
- logrus.Errorf("Error tearing down partially created network namespace for container %s: %v", ctr.ID(), err2)
- }
- }
- }()
networkStatus := make([]*cnitypes.Result, 0)
for idx, r := range results {
@@ -192,52 +543,12 @@ func (r *Runtime) createNetNS(ctr *Container) (n ns.NetNS, q []*cnitypes.Result,
logrus.Debugf("Made network namespace at %s for container %s", ctrNS.Path(), ctr.ID())
networkStatus := []*cnitypes.Result{}
- if !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() {
+ if !ctr.config.NetMode.IsSlirp4netns() {
networkStatus, err = r.configureNetNS(ctr, ctrNS)
}
return ctrNS, networkStatus, err
}
-type slirpFeatures struct {
- HasDisableHostLoopback bool
- HasMTU bool
- HasEnableSandbox bool
- HasEnableSeccomp bool
- HasCIDR bool
- HasOutboundAddr bool
- HasIPv6 bool
-}
-
-type slirp4netnsCmdArg struct {
- Proto string `json:"proto,omitempty"`
- HostAddr string `json:"host_addr"`
- HostPort int32 `json:"host_port"`
- GuestAddr string `json:"guest_addr"`
- GuestPort int32 `json:"guest_port"`
-}
-
-type slirp4netnsCmd struct {
- Execute string `json:"execute"`
- Args slirp4netnsCmdArg `json:"arguments"`
-}
-
-func checkSlirpFlags(path string) (*slirpFeatures, error) {
- cmd := exec.Command(path, "--help")
- out, err := cmd.CombinedOutput()
- if err != nil {
- return nil, errors.Wrapf(err, "slirp4netns %q", out)
- }
- return &slirpFeatures{
- HasDisableHostLoopback: strings.Contains(string(out), "--disable-host-loopback"),
- HasMTU: strings.Contains(string(out), "--mtu"),
- HasEnableSandbox: strings.Contains(string(out), "--enable-sandbox"),
- HasEnableSeccomp: strings.Contains(string(out), "--enable-seccomp"),
- HasCIDR: strings.Contains(string(out), "--cidr"),
- HasOutboundAddr: strings.Contains(string(out), "--outbound-addr"),
- HasIPv6: strings.Contains(string(out), "--enable-ipv6"),
- }, nil
-}
-
// Configure the network namespace for a rootless container
func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
if ctr.config.NetMode.IsSlirp4netns() {
@@ -247,7 +558,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
if err != nil {
return err
}
- if len(networks) > 0 {
+ if len(networks) > 0 && len(ctr.config.PortMappings) > 0 {
// set up port forwarder for CNI-in-slirp4netns
netnsPath := ctr.state.NetNS.Path()
// TODO: support slirp4netns port forwarder as well
@@ -256,456 +567,6 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
return nil
}
-// setupSlirp4netns can be called in rootful as well as in rootless
-func (r *Runtime) setupSlirp4netns(ctr *Container) error {
- path := r.config.Engine.NetworkCmdPath
- slirpOptions := r.config.Engine.NetworkCmdOptions
- noPivotRoot := r.config.Engine.NoPivotRoot
- if path == "" {
- var err error
- path, err = exec.LookPath("slirp4netns")
- if err != nil {
- logrus.Errorf("could not find slirp4netns, the network namespace won't be configured: %v", err)
- return nil
- }
- }
-
- syncR, syncW, err := os.Pipe()
- if err != nil {
- return errors.Wrapf(err, "failed to open pipe")
- }
- defer errorhandling.CloseQuiet(syncR)
- defer errorhandling.CloseQuiet(syncW)
-
- havePortMapping := len(ctr.Config().PortMappings) > 0
- logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID))
-
- cidr := ""
- isSlirpHostForward := false
- disableHostLoopback := true
- enableIPv6 := false
- outboundAddr := ""
- outboundAddr6 := ""
- mtu := slirp4netnsMTU
-
- if ctr.config.NetworkOptions != nil {
- slirpOptions = append(slirpOptions, ctr.config.NetworkOptions["slirp4netns"]...)
- }
-
- for _, o := range slirpOptions {
- parts := strings.SplitN(o, "=", 2)
- if len(parts) < 2 {
- return errors.Errorf("unknown option for slirp4netns: %q", o)
- }
- option, value := parts[0], parts[1]
- switch option {
- case "cidr":
- ipv4, _, err := net.ParseCIDR(value)
- if err != nil || ipv4.To4() == nil {
- return errors.Errorf("invalid cidr %q", value)
- }
- cidr = value
- case "port_handler":
- switch value {
- case "slirp4netns":
- isSlirpHostForward = true
- case "rootlesskit":
- isSlirpHostForward = false
- default:
- return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
- }
- case "allow_host_loopback":
- switch value {
- case "true":
- disableHostLoopback = false
- case "false":
- disableHostLoopback = true
- default:
- return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
- }
- case "enable_ipv6":
- switch value {
- case "true":
- enableIPv6 = true
- case "false":
- enableIPv6 = false
- default:
- return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
- }
- case "outbound_addr":
- ipv4 := net.ParseIP(value)
- if ipv4 == nil || ipv4.To4() == nil {
- _, err := net.InterfaceByName(value)
- if err != nil {
- return errors.Errorf("invalid outbound_addr %q", value)
- }
- }
- outboundAddr = value
- case "outbound_addr6":
- ipv6 := net.ParseIP(value)
- if ipv6 == nil || ipv6.To4() != nil {
- _, err := net.InterfaceByName(value)
- if err != nil {
- return errors.Errorf("invalid outbound_addr6: %q", value)
- }
- }
- outboundAddr6 = value
- case "mtu":
- mtu, err = strconv.Atoi(value)
- if mtu < 68 || err != nil {
- return errors.Errorf("invalid mtu %q", value)
- }
- default:
- return errors.Errorf("unknown option for slirp4netns: %q", o)
- }
- }
-
- cmdArgs := []string{}
- slirpFeatures, err := checkSlirpFlags(path)
- if err != nil {
- return errors.Wrapf(err, "error checking slirp4netns binary %s: %q", path, err)
- }
- if disableHostLoopback && slirpFeatures.HasDisableHostLoopback {
- cmdArgs = append(cmdArgs, "--disable-host-loopback")
- }
- if mtu > -1 && slirpFeatures.HasMTU {
- cmdArgs = append(cmdArgs, fmt.Sprintf("--mtu=%d", mtu))
- }
- if !noPivotRoot && slirpFeatures.HasEnableSandbox {
- cmdArgs = append(cmdArgs, "--enable-sandbox")
- }
- if slirpFeatures.HasEnableSeccomp {
- cmdArgs = append(cmdArgs, "--enable-seccomp")
- }
-
- if cidr != "" {
- if !slirpFeatures.HasCIDR {
- return errors.Errorf("cidr not supported")
- }
- cmdArgs = append(cmdArgs, fmt.Sprintf("--cidr=%s", cidr))
- }
-
- if enableIPv6 {
- if !slirpFeatures.HasIPv6 {
- return errors.Errorf("enable_ipv6 not supported")
- }
- cmdArgs = append(cmdArgs, "--enable-ipv6")
- }
-
- if outboundAddr != "" {
- if !slirpFeatures.HasOutboundAddr {
- return errors.Errorf("outbound_addr not supported")
- }
- cmdArgs = append(cmdArgs, fmt.Sprintf("--outbound-addr=%s", outboundAddr))
- }
-
- if outboundAddr6 != "" {
- if !slirpFeatures.HasOutboundAddr || !slirpFeatures.HasIPv6 {
- return errors.Errorf("outbound_addr6 not supported")
- }
- if !enableIPv6 {
- return errors.Errorf("enable_ipv6=true is required for outbound_addr6")
- }
- cmdArgs = append(cmdArgs, fmt.Sprintf("--outbound-addr6=%s", outboundAddr6))
- }
-
- var apiSocket string
- if havePortMapping && isSlirpHostForward {
- apiSocket = filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("%s.net", ctr.config.ID))
- cmdArgs = append(cmdArgs, "--api-socket", apiSocket)
- }
-
- // the slirp4netns arguments being passed are describes as follows:
- // from the slirp4netns documentation: https://github.com/rootless-containers/slirp4netns
- // -c, --configure Brings up the tap interface
- // -e, --exit-fd=FD specify the FD for terminating slirp4netns
- // -r, --ready-fd=FD specify the FD to write to when the initialization steps are finished
- cmdArgs = append(cmdArgs, "-c", "-e", "3", "-r", "4")
- netnsPath := ""
- if !ctr.config.PostConfigureNetNS {
- ctr.rootlessSlirpSyncR, ctr.rootlessSlirpSyncW, err = os.Pipe()
- if err != nil {
- return errors.Wrapf(err, "failed to create rootless network sync pipe")
- }
- netnsPath = ctr.state.NetNS.Path()
- cmdArgs = append(cmdArgs, "--netns-type=path", netnsPath, "tap0")
- } else {
- defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncR)
- defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncW)
- netnsPath = fmt.Sprintf("/proc/%d/ns/net", ctr.state.PID)
- // we don't use --netns-path here (unavailable for slirp4netns < v0.4)
- cmdArgs = append(cmdArgs, fmt.Sprintf("%d", ctr.state.PID), "tap0")
- }
-
- cmd := exec.Command(path, cmdArgs...)
- logrus.Debugf("slirp4netns command: %s", strings.Join(cmd.Args, " "))
- cmd.SysProcAttr = &syscall.SysProcAttr{
- Setpgid: true,
- }
-
- // workaround for https://github.com/rootless-containers/slirp4netns/pull/153
- if !noPivotRoot && slirpFeatures.HasEnableSandbox {
- cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNS
- cmd.SysProcAttr.Unshareflags = syscall.CLONE_NEWNS
- }
-
- // Leak one end of the pipe in slirp4netns, the other will be sent to conmon
- cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncR, syncW)
-
- logFile, err := os.Create(logPath)
- if err != nil {
- return errors.Wrapf(err, "failed to open slirp4netns log file %s", logPath)
- }
- defer logFile.Close()
- // Unlink immediately the file so we won't need to worry about cleaning it up later.
- // It is still accessible through the open fd logFile.
- if err := os.Remove(logPath); err != nil {
- return errors.Wrapf(err, "delete file %s", logPath)
- }
- cmd.Stdout = logFile
- cmd.Stderr = logFile
- if err := cmd.Start(); err != nil {
- return errors.Wrapf(err, "failed to start slirp4netns process")
- }
- defer func() {
- if err := cmd.Process.Release(); err != nil {
- logrus.Errorf("unable to release command process: %q", err)
- }
- }()
-
- if err := waitForSync(syncR, cmd, logFile, 1*time.Second); err != nil {
- return err
- }
-
- if havePortMapping {
- if isSlirpHostForward {
- return r.setupRootlessPortMappingViaSlirp(ctr, cmd, apiSocket)
- }
- return r.setupRootlessPortMappingViaRLK(ctr, netnsPath)
- }
- return nil
-}
-
-func waitForSync(syncR *os.File, cmd *exec.Cmd, logFile io.ReadSeeker, timeout time.Duration) error {
- prog := filepath.Base(cmd.Path)
- if len(cmd.Args) > 0 {
- prog = cmd.Args[0]
- }
- b := make([]byte, 16)
- for {
- if err := syncR.SetDeadline(time.Now().Add(timeout)); err != nil {
- return errors.Wrapf(err, "error setting %s pipe timeout", prog)
- }
- // FIXME: return err as soon as proc exits, without waiting for timeout
- if _, err := syncR.Read(b); err == nil {
- break
- } else {
- if os.IsTimeout(err) {
- // Check if the process is still running.
- var status syscall.WaitStatus
- pid, err := syscall.Wait4(cmd.Process.Pid, &status, syscall.WNOHANG, nil)
- if err != nil {
- return errors.Wrapf(err, "failed to read %s process status", prog)
- }
- if pid != cmd.Process.Pid {
- continue
- }
- if status.Exited() {
- // Seek at the beginning of the file and read all its content
- if _, err := logFile.Seek(0, 0); err != nil {
- logrus.Errorf("could not seek log file: %q", err)
- }
- logContent, err := ioutil.ReadAll(logFile)
- if err != nil {
- return errors.Wrapf(err, "%s failed", prog)
- }
- return errors.Errorf("%s failed: %q", prog, logContent)
- }
- if status.Signaled() {
- return errors.Errorf("%s killed by signal", prog)
- }
- continue
- }
- return errors.Wrapf(err, "failed to read from %s sync pipe", prog)
- }
- }
- return nil
-}
-
-func (r *Runtime) setupRootlessPortMappingViaRLK(ctr *Container, netnsPath string) error {
- syncR, syncW, err := os.Pipe()
- if err != nil {
- return errors.Wrapf(err, "failed to open pipe")
- }
- defer errorhandling.CloseQuiet(syncR)
- defer errorhandling.CloseQuiet(syncW)
-
- logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("rootlessport-%s.log", ctr.config.ID))
- logFile, err := os.Create(logPath)
- if err != nil {
- return errors.Wrapf(err, "failed to open rootlessport log file %s", logPath)
- }
- defer logFile.Close()
- // Unlink immediately the file so we won't need to worry about cleaning it up later.
- // It is still accessible through the open fd logFile.
- if err := os.Remove(logPath); err != nil {
- return errors.Wrapf(err, "delete file %s", logPath)
- }
-
- if !ctr.config.PostConfigureNetNS {
- ctr.rootlessPortSyncR, ctr.rootlessPortSyncW, err = os.Pipe()
- if err != nil {
- return errors.Wrapf(err, "failed to create rootless port sync pipe")
- }
- }
-
- childIP := slirp4netnsIP
-outer:
- for _, r := range ctr.state.NetworkStatus {
- for _, i := range r.IPs {
- ipv4 := i.Address.IP.To4()
- if ipv4 != nil {
- childIP = ipv4.String()
- break outer
- }
- }
- }
-
- cfg := rootlessport.Config{
- Mappings: ctr.config.PortMappings,
- NetNSPath: netnsPath,
- ExitFD: 3,
- ReadyFD: 4,
- TmpDir: ctr.runtime.config.Engine.TmpDir,
- ChildIP: childIP,
- }
- cfgJSON, err := json.Marshal(cfg)
- if err != nil {
- return err
- }
- cfgR := bytes.NewReader(cfgJSON)
- var stdout bytes.Buffer
- cmd := exec.Command(fmt.Sprintf("/proc/%d/exe", os.Getpid()))
- cmd.Args = []string{rootlessport.ReexecKey}
- // Leak one end of the pipe in rootlessport process, the other will be sent to conmon
-
- if ctr.rootlessPortSyncR != nil {
- defer errorhandling.CloseQuiet(ctr.rootlessPortSyncR)
- }
-
- cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessPortSyncR, syncW)
- cmd.Stdin = cfgR
- // stdout is for human-readable error, stderr is for debug log
- cmd.Stdout = &stdout
- cmd.Stderr = io.MultiWriter(logFile, &logrusDebugWriter{"rootlessport: "})
- cmd.SysProcAttr = &syscall.SysProcAttr{
- Setpgid: true,
- }
- if err := cmd.Start(); err != nil {
- return errors.Wrapf(err, "failed to start rootlessport process")
- }
- defer func() {
- if err := cmd.Process.Release(); err != nil {
- logrus.Errorf("unable to release rootlessport process: %q", err)
- }
- }()
- if err := waitForSync(syncR, cmd, logFile, 3*time.Second); err != nil {
- stdoutStr := stdout.String()
- if stdoutStr != "" {
- // err contains full debug log and too verbose, so return stdoutStr
- logrus.Debug(err)
- return errors.Errorf("rootlessport " + strings.TrimSuffix(stdoutStr, "\n"))
- }
- return err
- }
- logrus.Debug("rootlessport is ready")
- return nil
-}
-
-func (r *Runtime) setupRootlessPortMappingViaSlirp(ctr *Container, cmd *exec.Cmd, apiSocket string) (err error) {
- const pidWaitTimeout = 60 * time.Second
- chWait := make(chan error)
- go func() {
- interval := 25 * time.Millisecond
- for i := time.Duration(0); i < pidWaitTimeout; i += interval {
- // Check if the process is still running.
- var status syscall.WaitStatus
- pid, err := syscall.Wait4(cmd.Process.Pid, &status, syscall.WNOHANG, nil)
- if err != nil {
- break
- }
- if pid != cmd.Process.Pid {
- continue
- }
- if status.Exited() || status.Signaled() {
- chWait <- fmt.Errorf("slirp4netns exited with status %d", status.ExitStatus())
- }
- time.Sleep(interval)
- }
- }()
- defer close(chWait)
-
- // wait that API socket file appears before trying to use it.
- if _, err := WaitForFile(apiSocket, chWait, pidWaitTimeout); err != nil {
- return errors.Wrapf(err, "waiting for slirp4nets to create the api socket file %s", apiSocket)
- }
-
- // for each port we want to add we need to open a connection to the slirp4netns control socket
- // and send the add_hostfwd command.
- for _, i := range ctr.config.PortMappings {
- conn, err := net.Dial("unix", apiSocket)
- if err != nil {
- return errors.Wrapf(err, "cannot open connection to %s", apiSocket)
- }
- defer func() {
- if err := conn.Close(); err != nil {
- logrus.Errorf("unable to close connection: %q", err)
- }
- }()
- hostIP := i.HostIP
- if hostIP == "" {
- hostIP = "0.0.0.0"
- }
- apiCmd := slirp4netnsCmd{
- Execute: "add_hostfwd",
- Args: slirp4netnsCmdArg{
- Proto: i.Protocol,
- HostAddr: hostIP,
- HostPort: i.HostPort,
- GuestPort: i.ContainerPort,
- },
- }
- // create the JSON payload and send it. Mark the end of request shutting down writes
- // to the socket, as requested by slirp4netns.
- data, err := json.Marshal(&apiCmd)
- if err != nil {
- return errors.Wrapf(err, "cannot marshal JSON for slirp4netns")
- }
- if _, err := conn.Write([]byte(fmt.Sprintf("%s\n", data))); err != nil {
- return errors.Wrapf(err, "cannot write to control socket %s", apiSocket)
- }
- if err := conn.(*net.UnixConn).CloseWrite(); err != nil {
- return errors.Wrapf(err, "cannot shutdown the socket %s", apiSocket)
- }
- buf := make([]byte, 2048)
- readLength, err := conn.Read(buf)
- if err != nil {
- return errors.Wrapf(err, "cannot read from control socket %s", apiSocket)
- }
- // if there is no 'error' key in the received JSON data, then the operation was
- // successful.
- var y map[string]interface{}
- if err := json.Unmarshal(buf[0:readLength], &y); err != nil {
- return errors.Wrapf(err, "error parsing error status from slirp4netns")
- }
- if e, found := y["error"]; found {
- return errors.Errorf("error from slirp4netns while setting up port redirection: %v", e)
- }
- }
- logrus.Debug("slirp4netns port-forwarding setup via add_hostfwd is ready")
- return nil
-}
-
// Configure the network namespace using the container process
func (r *Runtime) setupNetNS(ctr *Container) error {
nsProcess := fmt.Sprintf("/proc/%d/ns/net", ctr.state.PID)
@@ -715,8 +576,11 @@ func (r *Runtime) setupNetNS(ctr *Container) error {
if _, err := rand.Reader.Read(b); err != nil {
return errors.Wrapf(err, "failed to generate random netns name")
}
-
- nsPath := fmt.Sprintf("/run/netns/cni-%x-%x-%x-%x-%x", b[0:4], b[4:6], b[6:8], b[8:10], b[10:])
+ nsPath, err := netns.GetNSRunDir()
+ if err != nil {
+ return err
+ }
+ nsPath = filepath.Join(nsPath, fmt.Sprintf("cni-%x-%x-%x-%x-%x", b[0:4], b[4:6], b[6:8], b[8:10], b[10:]))
if err := os.MkdirAll(filepath.Dir(nsPath), 0711); err != nil {
return err
@@ -774,6 +638,31 @@ func (r *Runtime) closeNetNS(ctr *Container) error {
return nil
}
+// Tear down a container's CNI network configuration and joins the
+// rootless net ns as rootless user
+func (r *Runtime) teardownOCICNIPod(podNetwork ocicni.PodNetwork) error {
+ rootlessCNINS, err := r.getRootlessCNINetNs(false)
+ if err != nil {
+ return err
+ }
+ tearDownPod := func() error {
+ err := r.netPlugin.TearDownPod(podNetwork)
+ return errors.Wrapf(err, "error tearing down CNI namespace configuration for container %s", podNetwork.ID)
+ }
+
+ // rootlessCNINS is nil if we are root
+ if rootlessCNINS != nil {
+ // execute the cni setup in the rootless net ns
+ err = rootlessCNINS.Do(tearDownPod)
+ if err == nil {
+ err = rootlessCNINS.cleanup(r)
+ }
+ } else {
+ err = tearDownPod()
+ }
+ return err
+}
+
// Tear down a container's CNI network configuration, but do not tear down the
// namespace itself.
func (r *Runtime) teardownCNI(ctr *Container) error {
@@ -789,8 +678,7 @@ func (r *Runtime) teardownCNI(ctr *Container) error {
return err
}
- // rootless containers do not use the CNI plugin directly
- if !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() && len(networks) > 0 {
+ if !ctr.config.NetMode.IsSlirp4netns() && len(networks) > 0 {
var requestedIP net.IP
if ctr.requestedIP != nil {
requestedIP = ctr.requestedIP
@@ -810,10 +698,8 @@ func (r *Runtime) teardownCNI(ctr *Container) error {
}
podNetwork := r.getPodNetwork(ctr.ID(), ctr.Name(), ctr.state.NetNS.Path(), networks, ctr.config.PortMappings, requestedIP, requestedMAC, ctr.state.NetInterfaceDescriptions)
-
- if err := r.netPlugin.TearDownPod(podNetwork); err != nil {
- return errors.Wrapf(err, "error tearing down CNI namespace configuration for container %s", ctr.ID())
- }
+ err = r.teardownOCICNIPod(podNetwork)
+ return err
}
return nil
}
@@ -824,18 +710,6 @@ func (r *Runtime) teardownNetNS(ctr *Container) error {
return err
}
- networks, _, err := ctr.networks()
- if err != nil {
- return err
- }
-
- // CNI-in-slirp4netns
- if rootless.IsRootless() && len(networks) != 0 {
- if err := DeallocRootlessCNI(context.Background(), ctr); err != nil {
- return errors.Wrapf(err, "error tearing down CNI-in-slirp4netns for container %s", ctr.ID())
- }
- }
-
// First unmount the namespace
if err := netns.UnmountNS(ctr.state.NetNS); err != nil {
return errors.Wrapf(err, "error unmounting network namespace for container %s", ctr.ID())
@@ -1177,7 +1051,7 @@ func (c *Container) NetworkDisconnect(nameOrID, netName string, force bool) erro
}
podConfig := c.runtime.getPodNetwork(c.ID(), c.Name(), c.state.NetNS.Path(), []string{netName}, c.config.PortMappings, nil, nil, c.state.NetInterfaceDescriptions)
- if err := c.runtime.netPlugin.TearDownPod(podConfig); err != nil {
+ if err := c.runtime.teardownOCICNIPod(podConfig); err != nil {
return err
}
@@ -1241,7 +1115,7 @@ func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) e
podConfig := c.runtime.getPodNetwork(c.ID(), c.Name(), c.state.NetNS.Path(), []string{netName}, c.config.PortMappings, nil, nil, c.state.NetInterfaceDescriptions)
podConfig.Aliases = make(map[string][]string, 1)
podConfig.Aliases[netName] = aliases
- results, err := c.runtime.netPlugin.SetUpPod(podConfig)
+ results, err := c.runtime.setUpOCICNIPod(podConfig)
if err != nil {
return err
}
@@ -1288,9 +1162,6 @@ func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) e
// DisconnectContainerFromNetwork removes a container from its CNI network
func (r *Runtime) DisconnectContainerFromNetwork(nameOrID, netName string, force bool) error {
- if rootless.IsRootless() {
- return errors.New("network connect is not enabled for rootless containers")
- }
ctr, err := r.LookupContainer(nameOrID)
if err != nil {
return err
@@ -1300,9 +1171,6 @@ func (r *Runtime) DisconnectContainerFromNetwork(nameOrID, netName string, force
// ConnectContainerToNetwork connects a container to a CNI network
func (r *Runtime) ConnectContainerToNetwork(nameOrID, netName string, aliases []string) error {
- if rootless.IsRootless() {
- return errors.New("network disconnect is not enabled for rootless containers")
- }
ctr, err := r.LookupContainer(nameOrID)
if err != nil {
return err
diff --git a/libpod/networking_slirp4netns.go b/libpod/networking_slirp4netns.go
new file mode 100644
index 000000000..72ab3c919
--- /dev/null
+++ b/libpod/networking_slirp4netns.go
@@ -0,0 +1,538 @@
+// +build linux
+
+package libpod
+
+import (
+ "bytes"
+ "fmt"
+ "io"
+ "io/ioutil"
+ "net"
+ "os"
+ "os/exec"
+ "path/filepath"
+ "strconv"
+ "strings"
+ "syscall"
+ "time"
+
+ "github.com/containers/podman/v3/pkg/errorhandling"
+ "github.com/containers/podman/v3/pkg/rootlessport"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+)
+
+type slirpFeatures struct {
+ HasDisableHostLoopback bool
+ HasMTU bool
+ HasEnableSandbox bool
+ HasEnableSeccomp bool
+ HasCIDR bool
+ HasOutboundAddr bool
+ HasIPv6 bool
+}
+
+type slirp4netnsCmdArg struct {
+ Proto string `json:"proto,omitempty"`
+ HostAddr string `json:"host_addr"`
+ HostPort int32 `json:"host_port"`
+ GuestAddr string `json:"guest_addr"`
+ GuestPort int32 `json:"guest_port"`
+}
+
+type slirp4netnsCmd struct {
+ Execute string `json:"execute"`
+ Args slirp4netnsCmdArg `json:"arguments"`
+}
+
+type slirp4netnsNetworkOptions struct {
+ cidr string
+ disableHostLoopback bool
+ enableIPv6 bool
+ isSlirpHostForward bool
+ noPivotRoot bool
+ mtu int
+ outboundAddr string
+ outboundAddr6 string
+}
+
+func checkSlirpFlags(path string) (*slirpFeatures, error) {
+ cmd := exec.Command(path, "--help")
+ out, err := cmd.CombinedOutput()
+ if err != nil {
+ return nil, errors.Wrapf(err, "slirp4netns %q", out)
+ }
+ return &slirpFeatures{
+ HasDisableHostLoopback: strings.Contains(string(out), "--disable-host-loopback"),
+ HasMTU: strings.Contains(string(out), "--mtu"),
+ HasEnableSandbox: strings.Contains(string(out), "--enable-sandbox"),
+ HasEnableSeccomp: strings.Contains(string(out), "--enable-seccomp"),
+ HasCIDR: strings.Contains(string(out), "--cidr"),
+ HasOutboundAddr: strings.Contains(string(out), "--outbound-addr"),
+ HasIPv6: strings.Contains(string(out), "--enable-ipv6"),
+ }, nil
+}
+
+func parseSlirp4netnsNetworkOptions(r *Runtime, extraOptions []string) (*slirp4netnsNetworkOptions, error) {
+ slirpOptions := append(r.config.Engine.NetworkCmdOptions, extraOptions...)
+ slirp4netnsOpts := &slirp4netnsNetworkOptions{
+ // overwrite defaults
+ disableHostLoopback: true,
+ mtu: slirp4netnsMTU,
+ noPivotRoot: r.config.Engine.NoPivotRoot,
+ }
+ for _, o := range slirpOptions {
+ parts := strings.SplitN(o, "=", 2)
+ if len(parts) < 2 {
+ return nil, errors.Errorf("unknown option for slirp4netns: %q", o)
+ }
+ option, value := parts[0], parts[1]
+ switch option {
+ case "cidr":
+ ipv4, _, err := net.ParseCIDR(value)
+ if err != nil || ipv4.To4() == nil {
+ return nil, errors.Errorf("invalid cidr %q", value)
+ }
+ slirp4netnsOpts.cidr = value
+ case "port_handler":
+ switch value {
+ case "slirp4netns":
+ slirp4netnsOpts.isSlirpHostForward = true
+ case "rootlesskit":
+ slirp4netnsOpts.isSlirpHostForward = false
+ default:
+ return nil, errors.Errorf("unknown port_handler for slirp4netns: %q", value)
+ }
+ case "allow_host_loopback":
+ switch value {
+ case "true":
+ slirp4netnsOpts.disableHostLoopback = false
+ case "false":
+ slirp4netnsOpts.disableHostLoopback = true
+ default:
+ return nil, errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
+ }
+ case "enable_ipv6":
+ switch value {
+ case "true":
+ slirp4netnsOpts.enableIPv6 = true
+ case "false":
+ slirp4netnsOpts.enableIPv6 = false
+ default:
+ return nil, errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
+ }
+ case "outbound_addr":
+ ipv4 := net.ParseIP(value)
+ if ipv4 == nil || ipv4.To4() == nil {
+ _, err := net.InterfaceByName(value)
+ if err != nil {
+ return nil, errors.Errorf("invalid outbound_addr %q", value)
+ }
+ }
+ slirp4netnsOpts.outboundAddr = value
+ case "outbound_addr6":
+ ipv6 := net.ParseIP(value)
+ if ipv6 == nil || ipv6.To4() != nil {
+ _, err := net.InterfaceByName(value)
+ if err != nil {
+ return nil, errors.Errorf("invalid outbound_addr6: %q", value)
+ }
+ }
+ slirp4netnsOpts.outboundAddr6 = value
+ case "mtu":
+ var err error
+ slirp4netnsOpts.mtu, err = strconv.Atoi(value)
+ if slirp4netnsOpts.mtu < 68 || err != nil {
+ return nil, errors.Errorf("invalid mtu %q", value)
+ }
+ default:
+ return nil, errors.Errorf("unknown option for slirp4netns: %q", o)
+ }
+ }
+ return slirp4netnsOpts, nil
+}
+
+func createBasicSlirp4netnsCmdArgs(options *slirp4netnsNetworkOptions, features *slirpFeatures) ([]string, error) {
+ cmdArgs := []string{}
+ if options.disableHostLoopback && features.HasDisableHostLoopback {
+ cmdArgs = append(cmdArgs, "--disable-host-loopback")
+ }
+ if options.mtu > -1 && features.HasMTU {
+ cmdArgs = append(cmdArgs, fmt.Sprintf("--mtu=%d", options.mtu))
+ }
+ if !options.noPivotRoot && features.HasEnableSandbox {
+ cmdArgs = append(cmdArgs, "--enable-sandbox")
+ }
+ if features.HasEnableSeccomp {
+ cmdArgs = append(cmdArgs, "--enable-seccomp")
+ }
+
+ if options.cidr != "" {
+ if !features.HasCIDR {
+ return nil, errors.Errorf("cidr not supported")
+ }
+ cmdArgs = append(cmdArgs, fmt.Sprintf("--cidr=%s", options.cidr))
+ }
+
+ if options.enableIPv6 {
+ if !features.HasIPv6 {
+ return nil, errors.Errorf("enable_ipv6 not supported")
+ }
+ cmdArgs = append(cmdArgs, "--enable-ipv6")
+ }
+
+ if options.outboundAddr != "" {
+ if !features.HasOutboundAddr {
+ return nil, errors.Errorf("outbound_addr not supported")
+ }
+ cmdArgs = append(cmdArgs, fmt.Sprintf("--outbound-addr=%s", options.outboundAddr))
+ }
+
+ if options.outboundAddr6 != "" {
+ if !features.HasOutboundAddr || !features.HasIPv6 {
+ return nil, errors.Errorf("outbound_addr6 not supported")
+ }
+ if !options.enableIPv6 {
+ return nil, errors.Errorf("enable_ipv6=true is required for outbound_addr6")
+ }
+ cmdArgs = append(cmdArgs, fmt.Sprintf("--outbound-addr6=%s", options.outboundAddr6))
+ }
+
+ return cmdArgs, nil
+}
+
+// setupSlirp4netns can be called in rootful as well as in rootless
+func (r *Runtime) setupSlirp4netns(ctr *Container) error {
+ path := r.config.Engine.NetworkCmdPath
+ if path == "" {
+ var err error
+ path, err = exec.LookPath("slirp4netns")
+ if err != nil {
+ logrus.Errorf("could not find slirp4netns, the network namespace won't be configured: %v", err)
+ return nil
+ }
+ }
+
+ syncR, syncW, err := os.Pipe()
+ if err != nil {
+ return errors.Wrapf(err, "failed to open pipe")
+ }
+ defer errorhandling.CloseQuiet(syncR)
+ defer errorhandling.CloseQuiet(syncW)
+
+ havePortMapping := len(ctr.Config().PortMappings) > 0
+ logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("slirp4netns-%s.log", ctr.config.ID))
+
+ ctrNetworkSlipOpts := []string{}
+ if ctr.config.NetworkOptions != nil {
+ ctrNetworkSlipOpts = append(ctrNetworkSlipOpts, ctr.config.NetworkOptions["slirp4netns"]...)
+ }
+ netOptions, err := parseSlirp4netnsNetworkOptions(r, ctrNetworkSlipOpts)
+ if err != nil {
+ return err
+ }
+ slirpFeatures, err := checkSlirpFlags(path)
+ if err != nil {
+ return errors.Wrapf(err, "error checking slirp4netns binary %s: %q", path, err)
+ }
+ cmdArgs, err := createBasicSlirp4netnsCmdArgs(netOptions, slirpFeatures)
+ if err != nil {
+ return err
+ }
+
+ // the slirp4netns arguments being passed are describes as follows:
+ // from the slirp4netns documentation: https://github.com/rootless-containers/slirp4netns
+ // -c, --configure Brings up the tap interface
+ // -e, --exit-fd=FD specify the FD for terminating slirp4netns
+ // -r, --ready-fd=FD specify the FD to write to when the initialization steps are finished
+ cmdArgs = append(cmdArgs, "-c", "-e", "3", "-r", "4")
+
+ var apiSocket string
+ if havePortMapping && netOptions.isSlirpHostForward {
+ apiSocket = filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("%s.net", ctr.config.ID))
+ cmdArgs = append(cmdArgs, "--api-socket", apiSocket)
+ }
+ netnsPath := ""
+ if !ctr.config.PostConfigureNetNS {
+ ctr.rootlessSlirpSyncR, ctr.rootlessSlirpSyncW, err = os.Pipe()
+ if err != nil {
+ return errors.Wrapf(err, "failed to create rootless network sync pipe")
+ }
+ netnsPath = ctr.state.NetNS.Path()
+ cmdArgs = append(cmdArgs, "--netns-type=path", netnsPath, "tap0")
+ } else {
+ defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncR)
+ defer errorhandling.CloseQuiet(ctr.rootlessSlirpSyncW)
+ netnsPath = fmt.Sprintf("/proc/%d/ns/net", ctr.state.PID)
+ // we don't use --netns-path here (unavailable for slirp4netns < v0.4)
+ cmdArgs = append(cmdArgs, fmt.Sprintf("%d", ctr.state.PID), "tap0")
+ }
+
+ cmd := exec.Command(path, cmdArgs...)
+ logrus.Debugf("slirp4netns command: %s", strings.Join(cmd.Args, " "))
+ cmd.SysProcAttr = &syscall.SysProcAttr{
+ Setpgid: true,
+ }
+
+ // workaround for https://github.com/rootless-containers/slirp4netns/pull/153
+ if !netOptions.noPivotRoot && slirpFeatures.HasEnableSandbox {
+ cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNS
+ cmd.SysProcAttr.Unshareflags = syscall.CLONE_NEWNS
+ }
+
+ // Leak one end of the pipe in slirp4netns, the other will be sent to conmon
+ cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncR, syncW)
+
+ logFile, err := os.Create(logPath)
+ if err != nil {
+ return errors.Wrapf(err, "failed to open slirp4netns log file %s", logPath)
+ }
+ defer logFile.Close()
+ // Unlink immediately the file so we won't need to worry about cleaning it up later.
+ // It is still accessible through the open fd logFile.
+ if err := os.Remove(logPath); err != nil {
+ return errors.Wrapf(err, "delete file %s", logPath)
+ }
+ cmd.Stdout = logFile
+ cmd.Stderr = logFile
+ if err := cmd.Start(); err != nil {
+ return errors.Wrapf(err, "failed to start slirp4netns process")
+ }
+ defer func() {
+ if err := cmd.Process.Release(); err != nil {
+ logrus.Errorf("unable to release command process: %q", err)
+ }
+ }()
+
+ if err := waitForSync(syncR, cmd, logFile, 1*time.Second); err != nil {
+ return err
+ }
+
+ if havePortMapping {
+ if netOptions.isSlirpHostForward {
+ return r.setupRootlessPortMappingViaSlirp(ctr, cmd, apiSocket)
+ }
+ return r.setupRootlessPortMappingViaRLK(ctr, netnsPath)
+ }
+ return nil
+}
+
+func waitForSync(syncR *os.File, cmd *exec.Cmd, logFile io.ReadSeeker, timeout time.Duration) error {
+ prog := filepath.Base(cmd.Path)
+ if len(cmd.Args) > 0 {
+ prog = cmd.Args[0]
+ }
+ b := make([]byte, 16)
+ for {
+ if err := syncR.SetDeadline(time.Now().Add(timeout)); err != nil {
+ return errors.Wrapf(err, "error setting %s pipe timeout", prog)
+ }
+ // FIXME: return err as soon as proc exits, without waiting for timeout
+ if _, err := syncR.Read(b); err == nil {
+ break
+ } else {
+ if os.IsTimeout(err) {
+ // Check if the process is still running.
+ var status syscall.WaitStatus
+ pid, err := syscall.Wait4(cmd.Process.Pid, &status, syscall.WNOHANG, nil)
+ if err != nil {
+ return errors.Wrapf(err, "failed to read %s process status", prog)
+ }
+ if pid != cmd.Process.Pid {
+ continue
+ }
+ if status.Exited() {
+ // Seek at the beginning of the file and read all its content
+ if _, err := logFile.Seek(0, 0); err != nil {
+ logrus.Errorf("could not seek log file: %q", err)
+ }
+ logContent, err := ioutil.ReadAll(logFile)
+ if err != nil {
+ return errors.Wrapf(err, "%s failed", prog)
+ }
+ return errors.Errorf("%s failed: %q", prog, logContent)
+ }
+ if status.Signaled() {
+ return errors.Errorf("%s killed by signal", prog)
+ }
+ continue
+ }
+ return errors.Wrapf(err, "failed to read from %s sync pipe", prog)
+ }
+ }
+ return nil
+}
+
+func (r *Runtime) setupRootlessPortMappingViaRLK(ctr *Container, netnsPath string) error {
+ syncR, syncW, err := os.Pipe()
+ if err != nil {
+ return errors.Wrapf(err, "failed to open pipe")
+ }
+ defer errorhandling.CloseQuiet(syncR)
+ defer errorhandling.CloseQuiet(syncW)
+
+ logPath := filepath.Join(ctr.runtime.config.Engine.TmpDir, fmt.Sprintf("rootlessport-%s.log", ctr.config.ID))
+ logFile, err := os.Create(logPath)
+ if err != nil {
+ return errors.Wrapf(err, "failed to open rootlessport log file %s", logPath)
+ }
+ defer logFile.Close()
+ // Unlink immediately the file so we won't need to worry about cleaning it up later.
+ // It is still accessible through the open fd logFile.
+ if err := os.Remove(logPath); err != nil {
+ return errors.Wrapf(err, "delete file %s", logPath)
+ }
+
+ if !ctr.config.PostConfigureNetNS {
+ ctr.rootlessPortSyncR, ctr.rootlessPortSyncW, err = os.Pipe()
+ if err != nil {
+ return errors.Wrapf(err, "failed to create rootless port sync pipe")
+ }
+ }
+
+ childIP := slirp4netnsIP
+outer:
+ for _, r := range ctr.state.NetworkStatus {
+ for _, i := range r.IPs {
+ ipv4 := i.Address.IP.To4()
+ if ipv4 != nil {
+ childIP = ipv4.String()
+ break outer
+ }
+ }
+ }
+
+ cfg := rootlessport.Config{
+ Mappings: ctr.config.PortMappings,
+ NetNSPath: netnsPath,
+ ExitFD: 3,
+ ReadyFD: 4,
+ TmpDir: ctr.runtime.config.Engine.TmpDir,
+ ChildIP: childIP,
+ }
+ cfgJSON, err := json.Marshal(cfg)
+ if err != nil {
+ return err
+ }
+ cfgR := bytes.NewReader(cfgJSON)
+ var stdout bytes.Buffer
+ cmd := exec.Command(fmt.Sprintf("/proc/%d/exe", os.Getpid()))
+ cmd.Args = []string{rootlessport.ReexecKey}
+ // Leak one end of the pipe in rootlessport process, the other will be sent to conmon
+
+ if ctr.rootlessPortSyncR != nil {
+ defer errorhandling.CloseQuiet(ctr.rootlessPortSyncR)
+ }
+
+ cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessPortSyncR, syncW)
+ cmd.Stdin = cfgR
+ // stdout is for human-readable error, stderr is for debug log
+ cmd.Stdout = &stdout
+ cmd.Stderr = io.MultiWriter(logFile, &logrusDebugWriter{"rootlessport: "})
+ cmd.SysProcAttr = &syscall.SysProcAttr{
+ Setpgid: true,
+ }
+ if err := cmd.Start(); err != nil {
+ return errors.Wrapf(err, "failed to start rootlessport process")
+ }
+ defer func() {
+ if err := cmd.Process.Release(); err != nil {
+ logrus.Errorf("unable to release rootlessport process: %q", err)
+ }
+ }()
+ if err := waitForSync(syncR, cmd, logFile, 3*time.Second); err != nil {
+ stdoutStr := stdout.String()
+ if stdoutStr != "" {
+ // err contains full debug log and too verbose, so return stdoutStr
+ logrus.Debug(err)
+ return errors.Errorf("rootlessport " + strings.TrimSuffix(stdoutStr, "\n"))
+ }
+ return err
+ }
+ logrus.Debug("rootlessport is ready")
+ return nil
+}
+
+func (r *Runtime) setupRootlessPortMappingViaSlirp(ctr *Container, cmd *exec.Cmd, apiSocket string) (err error) {
+ const pidWaitTimeout = 60 * time.Second
+ chWait := make(chan error)
+ go func() {
+ interval := 25 * time.Millisecond
+ for i := time.Duration(0); i < pidWaitTimeout; i += interval {
+ // Check if the process is still running.
+ var status syscall.WaitStatus
+ pid, err := syscall.Wait4(cmd.Process.Pid, &status, syscall.WNOHANG, nil)
+ if err != nil {
+ break
+ }
+ if pid != cmd.Process.Pid {
+ continue
+ }
+ if status.Exited() || status.Signaled() {
+ chWait <- fmt.Errorf("slirp4netns exited with status %d", status.ExitStatus())
+ }
+ time.Sleep(interval)
+ }
+ }()
+ defer close(chWait)
+
+ // wait that API socket file appears before trying to use it.
+ if _, err := WaitForFile(apiSocket, chWait, pidWaitTimeout); err != nil {
+ return errors.Wrapf(err, "waiting for slirp4nets to create the api socket file %s", apiSocket)
+ }
+
+ // for each port we want to add we need to open a connection to the slirp4netns control socket
+ // and send the add_hostfwd command.
+ for _, i := range ctr.config.PortMappings {
+ conn, err := net.Dial("unix", apiSocket)
+ if err != nil {
+ return errors.Wrapf(err, "cannot open connection to %s", apiSocket)
+ }
+ defer func() {
+ if err := conn.Close(); err != nil {
+ logrus.Errorf("unable to close connection: %q", err)
+ }
+ }()
+ hostIP := i.HostIP
+ if hostIP == "" {
+ hostIP = "0.0.0.0"
+ }
+ apiCmd := slirp4netnsCmd{
+ Execute: "add_hostfwd",
+ Args: slirp4netnsCmdArg{
+ Proto: i.Protocol,
+ HostAddr: hostIP,
+ HostPort: i.HostPort,
+ GuestPort: i.ContainerPort,
+ },
+ }
+ // create the JSON payload and send it. Mark the end of request shutting down writes
+ // to the socket, as requested by slirp4netns.
+ data, err := json.Marshal(&apiCmd)
+ if err != nil {
+ return errors.Wrapf(err, "cannot marshal JSON for slirp4netns")
+ }
+ if _, err := conn.Write([]byte(fmt.Sprintf("%s\n", data))); err != nil {
+ return errors.Wrapf(err, "cannot write to control socket %s", apiSocket)
+ }
+ if err := conn.(*net.UnixConn).CloseWrite(); err != nil {
+ return errors.Wrapf(err, "cannot shutdown the socket %s", apiSocket)
+ }
+ buf := make([]byte, 2048)
+ readLength, err := conn.Read(buf)
+ if err != nil {
+ return errors.Wrapf(err, "cannot read from control socket %s", apiSocket)
+ }
+ // if there is no 'error' key in the received JSON data, then the operation was
+ // successful.
+ var y map[string]interface{}
+ if err := json.Unmarshal(buf[0:readLength], &y); err != nil {
+ return errors.Wrapf(err, "error parsing error status from slirp4netns")
+ }
+ if e, found := y["error"]; found {
+ return errors.Errorf("error from slirp4netns while setting up port redirection: %v", e)
+ }
+ }
+ logrus.Debug("slirp4netns port-forwarding setup via add_hostfwd is ready")
+ return nil
+}
diff --git a/libpod/oci_conmon_exec_linux.go b/libpod/oci_conmon_exec_linux.go
index 173edba2b..b43316951 100644
--- a/libpod/oci_conmon_exec_linux.go
+++ b/libpod/oci_conmon_exec_linux.go
@@ -2,18 +2,23 @@ package libpod
import (
"fmt"
+ "io/ioutil"
"net/http"
"os"
"os/exec"
"path/filepath"
+ "strings"
"syscall"
"time"
+ "github.com/containers/common/pkg/capabilities"
"github.com/containers/common/pkg/config"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/errorhandling"
+ "github.com/containers/podman/v3/pkg/lookup"
"github.com/containers/podman/v3/pkg/util"
"github.com/containers/podman/v3/utils"
+ spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
@@ -654,3 +659,122 @@ func attachExecHTTP(c *Container, sessionID string, r *http.Request, w http.Resp
}
}
}
+
+// prepareProcessExec returns the path of the process.json used in runc exec -p
+// caller is responsible to close the returned *os.File if needed.
+func prepareProcessExec(c *Container, options *ExecOptions, env []string, sessionID string) (*os.File, error) {
+ f, err := ioutil.TempFile(c.execBundlePath(sessionID), "exec-process-")
+ if err != nil {
+ return nil, err
+ }
+ pspec := new(spec.Process)
+ if err := JSONDeepCopy(c.config.Spec.Process, pspec); err != nil {
+ return nil, err
+ }
+ pspec.SelinuxLabel = c.config.ProcessLabel
+ pspec.Args = options.Cmd
+
+ // We need to default this to false else it will inherit terminal as true
+ // from the container.
+ pspec.Terminal = false
+ if options.Terminal {
+ pspec.Terminal = true
+ }
+ if len(env) > 0 {
+ pspec.Env = append(pspec.Env, env...)
+ }
+
+ if options.Cwd != "" {
+ pspec.Cwd = options.Cwd
+ }
+
+ var addGroups []string
+ var sgids []uint32
+
+ // if the user is empty, we should inherit the user that the container is currently running with
+ user := options.User
+ if user == "" {
+ logrus.Debugf("Set user to %s", c.config.User)
+ user = c.config.User
+ addGroups = c.config.Groups
+ }
+
+ overrides := c.getUserOverrides()
+ execUser, err := lookup.GetUserGroupInfo(c.state.Mountpoint, user, overrides)
+ if err != nil {
+ return nil, err
+ }
+
+ if len(addGroups) > 0 {
+ sgids, err = lookup.GetContainerGroups(addGroups, c.state.Mountpoint, overrides)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error looking up supplemental groups for container %s exec session %s", c.ID(), sessionID)
+ }
+ }
+
+ // If user was set, look it up in the container to get a UID to use on
+ // the host
+ if user != "" || len(sgids) > 0 {
+ if user != "" {
+ for _, sgid := range execUser.Sgids {
+ sgids = append(sgids, uint32(sgid))
+ }
+ }
+ processUser := spec.User{
+ UID: uint32(execUser.Uid),
+ GID: uint32(execUser.Gid),
+ AdditionalGids: sgids,
+ }
+
+ pspec.User = processUser
+ }
+
+ ctrSpec, err := c.specFromState()
+ if err != nil {
+ return nil, err
+ }
+
+ allCaps, err := capabilities.BoundingSet()
+ if err != nil {
+ return nil, err
+ }
+ if options.Privileged {
+ pspec.Capabilities.Bounding = allCaps
+ } else {
+ pspec.Capabilities.Bounding = ctrSpec.Process.Capabilities.Bounding
+ }
+ if execUser.Uid == 0 {
+ pspec.Capabilities.Effective = pspec.Capabilities.Bounding
+ pspec.Capabilities.Inheritable = pspec.Capabilities.Bounding
+ pspec.Capabilities.Permitted = pspec.Capabilities.Bounding
+ pspec.Capabilities.Ambient = pspec.Capabilities.Bounding
+ } else {
+ if user == c.config.User {
+ pspec.Capabilities.Effective = ctrSpec.Process.Capabilities.Effective
+ pspec.Capabilities.Inheritable = ctrSpec.Process.Capabilities.Effective
+ pspec.Capabilities.Permitted = ctrSpec.Process.Capabilities.Effective
+ pspec.Capabilities.Ambient = ctrSpec.Process.Capabilities.Effective
+ }
+ }
+
+ hasHomeSet := false
+ for _, s := range pspec.Env {
+ if strings.HasPrefix(s, "HOME=") {
+ hasHomeSet = true
+ break
+ }
+ }
+ if !hasHomeSet {
+ pspec.Env = append(pspec.Env, fmt.Sprintf("HOME=%s", execUser.Home))
+ }
+
+ processJSON, err := json.Marshal(pspec)
+ if err != nil {
+ return nil, err
+ }
+
+ if err := ioutil.WriteFile(f.Name(), processJSON, 0644); err != nil {
+ return nil, err
+ }
+ return f, nil
+}
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
index 1c7089e5d..f26ca67ce 100644
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@@ -22,7 +22,6 @@ import (
"text/template"
"time"
- "github.com/containers/common/pkg/capabilities"
"github.com/containers/common/pkg/config"
conmonConfig "github.com/containers/conmon/runner/config"
"github.com/containers/podman/v3/libpod/define"
@@ -30,7 +29,6 @@ import (
"github.com/containers/podman/v3/pkg/cgroups"
"github.com/containers/podman/v3/pkg/checkpoint/crutils"
"github.com/containers/podman/v3/pkg/errorhandling"
- "github.com/containers/podman/v3/pkg/lookup"
"github.com/containers/podman/v3/pkg/rootless"
"github.com/containers/podman/v3/pkg/util"
"github.com/containers/podman/v3/utils"
@@ -1195,124 +1193,6 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co
return nil
}
-// prepareProcessExec returns the path of the process.json used in runc exec -p
-// caller is responsible to close the returned *os.File if needed.
-func prepareProcessExec(c *Container, options *ExecOptions, env []string, sessionID string) (*os.File, error) {
- f, err := ioutil.TempFile(c.execBundlePath(sessionID), "exec-process-")
- if err != nil {
- return nil, err
- }
- pspec := new(spec.Process)
- if err := JSONDeepCopy(c.config.Spec.Process, pspec); err != nil {
- return nil, err
- }
- pspec.SelinuxLabel = c.config.ProcessLabel
- pspec.Args = options.Cmd
-
- // We need to default this to false else it will inherit terminal as true
- // from the container.
- pspec.Terminal = false
- if options.Terminal {
- pspec.Terminal = true
- }
- if len(env) > 0 {
- pspec.Env = append(pspec.Env, env...)
- }
-
- if options.Cwd != "" {
- pspec.Cwd = options.Cwd
- }
-
- var addGroups []string
- var sgids []uint32
-
- // if the user is empty, we should inherit the user that the container is currently running with
- user := options.User
- if user == "" {
- user = c.config.User
- addGroups = c.config.Groups
- }
-
- overrides := c.getUserOverrides()
- execUser, err := lookup.GetUserGroupInfo(c.state.Mountpoint, user, overrides)
- if err != nil {
- return nil, err
- }
-
- if len(addGroups) > 0 {
- sgids, err = lookup.GetContainerGroups(addGroups, c.state.Mountpoint, overrides)
- if err != nil {
- return nil, errors.Wrapf(err, "error looking up supplemental groups for container %s exec session %s", c.ID(), sessionID)
- }
- }
-
- // If user was set, look it up in the container to get a UID to use on
- // the host
- if user != "" || len(sgids) > 0 {
- if user != "" {
- for _, sgid := range execUser.Sgids {
- sgids = append(sgids, uint32(sgid))
- }
- }
- processUser := spec.User{
- UID: uint32(execUser.Uid),
- GID: uint32(execUser.Gid),
- AdditionalGids: sgids,
- }
-
- pspec.User = processUser
- }
-
- ctrSpec, err := c.specFromState()
- if err != nil {
- return nil, err
- }
-
- allCaps, err := capabilities.BoundingSet()
- if err != nil {
- return nil, err
- }
- if options.Privileged {
- pspec.Capabilities.Bounding = allCaps
- } else {
- pspec.Capabilities.Bounding = ctrSpec.Process.Capabilities.Bounding
- }
- if execUser.Uid == 0 {
- pspec.Capabilities.Effective = pspec.Capabilities.Bounding
- pspec.Capabilities.Inheritable = pspec.Capabilities.Bounding
- pspec.Capabilities.Permitted = pspec.Capabilities.Bounding
- pspec.Capabilities.Ambient = pspec.Capabilities.Bounding
- } else {
- if user == c.config.User {
- pspec.Capabilities.Effective = ctrSpec.Process.Capabilities.Effective
- pspec.Capabilities.Inheritable = ctrSpec.Process.Capabilities.Effective
- pspec.Capabilities.Permitted = ctrSpec.Process.Capabilities.Effective
- pspec.Capabilities.Ambient = ctrSpec.Process.Capabilities.Effective
- }
- }
-
- hasHomeSet := false
- for _, s := range pspec.Env {
- if strings.HasPrefix(s, "HOME=") {
- hasHomeSet = true
- break
- }
- }
- if !hasHomeSet {
- pspec.Env = append(pspec.Env, fmt.Sprintf("HOME=%s", execUser.Home))
- }
-
- processJSON, err := json.Marshal(pspec)
- if err != nil {
- return nil, err
- }
-
- if err := ioutil.WriteFile(f.Name(), processJSON, 0644); err != nil {
- return nil, err
- }
- return f, nil
-}
-
// configureConmonEnv gets the environment values to add to conmon's exec struct
// TODO this may want to be less hardcoded/more configurable in the future
func (r *ConmonOCIRuntime) configureConmonEnv(ctr *Container, runtimeDir string) ([]string, []*os.File) {
diff --git a/libpod/options.go b/libpod/options.go
index 24e9d74f4..333a7c4a5 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -77,8 +77,7 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption {
rt.storageConfig.GraphDriverOptions = make([]string, len(config.GraphDriverOptions))
copy(rt.storageConfig.GraphDriverOptions, config.GraphDriverOptions)
} else {
- // append new options after what is specified in the config files
- rt.storageConfig.GraphDriverOptions = append(rt.storageConfig.GraphDriverOptions, config.GraphDriverOptions...)
+ rt.storageConfig.GraphDriverOptions = config.GraphDriverOptions
}
setField = true
}
diff --git a/libpod/rootless_cni_linux.go b/libpod/rootless_cni_linux.go
deleted file mode 100644
index df690e914..000000000
--- a/libpod/rootless_cni_linux.go
+++ /dev/null
@@ -1,372 +0,0 @@
-// +build linux
-
-package libpod
-
-import (
- "bytes"
- "context"
- "io"
- "path/filepath"
- "runtime"
-
- cnitypes "github.com/containernetworking/cni/pkg/types/current"
- "github.com/containernetworking/plugins/pkg/ns"
- "github.com/containers/podman/v3/libpod/define"
- "github.com/containers/podman/v3/libpod/image"
- "github.com/containers/podman/v3/pkg/env"
- "github.com/containers/podman/v3/pkg/util"
- "github.com/containers/storage/pkg/lockfile"
- "github.com/hashicorp/go-multierror"
- spec "github.com/opencontainers/runtime-spec/specs-go"
- "github.com/opencontainers/runtime-tools/generate"
- "github.com/pkg/errors"
- "github.com/sirupsen/logrus"
-)
-
-// Built from ../contrib/rootless-cni-infra.
-var rootlessCNIInfraImage = map[string]string{
- "amd64": "quay.io/libpod/rootless-cni-infra@sha256:adf352454666f7ce9ca3e1098448b5ee18f89c4516471ec99447ec9ece917f36", // 5-amd64
-}
-
-const (
- rootlessCNIInfraContainerNamespace = "podman-system"
- rootlessCNIInfraContainerName = "rootless-cni-infra"
-)
-
-// AllocRootlessCNI allocates a CNI netns inside the rootless CNI infra container.
-// Locks "rootless-cni-infra.lck".
-//
-// When the infra container is not running, it is created.
-//
-// AllocRootlessCNI does not lock c. c should be already locked.
-func AllocRootlessCNI(ctx context.Context, c *Container) (ns.NetNS, []*cnitypes.Result, error) {
- networks, _, err := c.networks()
- if err != nil {
- return nil, nil, err
- }
- if len(networks) == 0 {
- return nil, nil, errors.New("rootless CNI networking requires that the container has joined at least one CNI network")
- }
- l, err := getRootlessCNIInfraLock(c.runtime)
- if err != nil {
- return nil, nil, err
- }
- l.Lock()
- defer l.Unlock()
- infra, err := ensureRootlessCNIInfraContainerRunning(ctx, c.runtime)
- if err != nil {
- return nil, nil, err
- }
- k8sPodName := getCNIPodName(c) // passed to CNI as K8S_POD_NAME
- ip := ""
- if c.config.StaticIP != nil {
- ip = c.config.StaticIP.String()
- }
- mac := ""
- if c.config.StaticMAC != nil {
- mac = c.config.StaticMAC.String()
- }
- aliases, err := c.runtime.state.GetAllNetworkAliases(c)
- if err != nil {
- return nil, nil, err
- }
- capArgs := ""
- // add network aliases json encoded as capabilityArgs for cni
- if len(aliases) > 0 {
- capabilityArgs := make(map[string]interface{})
- capabilityArgs["aliases"] = aliases
- b, err := json.Marshal(capabilityArgs)
- if err != nil {
- return nil, nil, err
- }
- capArgs = string(b)
- }
-
- cniResults := make([]*cnitypes.Result, len(networks))
- for i, nw := range networks {
- cniRes, err := rootlessCNIInfraCallAlloc(infra, c.ID(), nw, k8sPodName, ip, mac, capArgs)
- if err != nil {
- return nil, nil, err
- }
- cniResults[i] = cniRes
- }
- nsObj, err := rootlessCNIInfraGetNS(infra, c.ID())
- if err != nil {
- return nil, nil, err
- }
- logrus.Debugf("rootless CNI: container %q will join %q", c.ID(), nsObj.Path())
- return nsObj, cniResults, nil
-}
-
-// DeallocRootlessCNI deallocates a CNI netns inside the rootless CNI infra container.
-// Locks "rootless-cni-infra.lck".
-//
-// When the infra container is no longer needed, it is removed.
-//
-// DeallocRootlessCNI does not lock c. c should be already locked.
-func DeallocRootlessCNI(ctx context.Context, c *Container) error {
- networks, _, err := c.networks()
- if err != nil {
- return err
- }
- if len(networks) == 0 {
- return errors.New("rootless CNI networking requires that the container has joined at least one CNI network")
- }
- l, err := getRootlessCNIInfraLock(c.runtime)
- if err != nil {
- return err
- }
- l.Lock()
- defer l.Unlock()
- infra, _ := getRootlessCNIInfraContainer(c.runtime)
- if infra == nil {
- return nil
- }
- var errs *multierror.Error
- for _, nw := range networks {
- err := rootlessCNIInfraCallDealloc(infra, c.ID(), nw)
- if err != nil {
- errs = multierror.Append(errs, err)
- }
- }
- if isIdle, err := rootlessCNIInfraIsIdle(infra); isIdle || err != nil {
- if err != nil {
- logrus.Warn(err)
- }
- logrus.Debugf("rootless CNI: removing infra container %q", infra.ID())
- infra.lock.Lock()
- defer infra.lock.Unlock()
- if err := c.runtime.removeContainer(ctx, infra, true, false, true); err != nil {
- return err
- }
- logrus.Debugf("rootless CNI: removed infra container %q", infra.ID())
- }
- return errs.ErrorOrNil()
-}
-
-func getRootlessCNIInfraLock(r *Runtime) (lockfile.Locker, error) {
- fname := filepath.Join(r.config.Engine.TmpDir, "rootless-cni-infra.lck")
- return lockfile.GetLockfile(fname)
-}
-
-// getCNIPodName return the pod name (hostname) used by CNI and the dnsname plugin.
-// If we are in the pod network namespace use the pod name otherwise the container name
-func getCNIPodName(c *Container) string {
- if c.config.NetMode.IsPod() || c.IsInfra() {
- pod, err := c.runtime.GetPod(c.PodID())
- if err == nil {
- return pod.Name()
- }
- }
- return c.Name()
-}
-
-func rootlessCNIInfraCallAlloc(infra *Container, id, nw, k8sPodName, ip, mac, capArgs string) (*cnitypes.Result, error) {
- logrus.Debugf("rootless CNI: alloc %q, %q, %q, %q, %q, %q", id, nw, k8sPodName, ip, mac, capArgs)
- var err error
-
- _, err = rootlessCNIInfraExec(infra, "alloc", id, nw, k8sPodName, ip, mac, capArgs)
- if err != nil {
- return nil, err
- }
- cniResStr, err := rootlessCNIInfraExec(infra, "print-cni-result", id, nw)
- if err != nil {
- return nil, err
- }
- var cniRes cnitypes.Result
- if err := json.Unmarshal([]byte(cniResStr), &cniRes); err != nil {
- return nil, errors.Wrapf(err, "unmarshaling as cnitypes.Result: %q", cniResStr)
- }
- return &cniRes, nil
-}
-
-func rootlessCNIInfraCallDealloc(infra *Container, id, nw string) error {
- logrus.Debugf("rootless CNI: dealloc %q, %q", id, nw)
- _, err := rootlessCNIInfraExec(infra, "dealloc", id, nw)
- return err
-}
-
-func rootlessCNIInfraIsIdle(infra *Container) (bool, error) {
- type isIdle struct {
- Idle bool `json:"idle"`
- }
- resStr, err := rootlessCNIInfraExec(infra, "is-idle")
- if err != nil {
- return false, err
- }
- var res isIdle
- if err := json.Unmarshal([]byte(resStr), &res); err != nil {
- return false, errors.Wrapf(err, "unmarshaling as isIdle: %q", resStr)
- }
- return res.Idle, nil
-}
-
-func rootlessCNIInfraGetNS(infra *Container, id string) (ns.NetNS, error) {
- type printNetnsPath struct {
- Path string `json:"path"`
- }
- resStr, err := rootlessCNIInfraExec(infra, "print-netns-path", id)
- if err != nil {
- return nil, err
- }
- var res printNetnsPath
- if err := json.Unmarshal([]byte(resStr), &res); err != nil {
- return nil, errors.Wrapf(err, "unmarshaling as printNetnsPath: %q", resStr)
- }
- nsObj, err := ns.GetNS(res.Path)
- if err != nil {
- return nil, err
- }
- return nsObj, nil
-}
-
-func getRootlessCNIInfraContainer(r *Runtime) (*Container, error) {
- containers, err := r.GetContainersWithoutLock(func(c *Container) bool {
- return c.Namespace() == rootlessCNIInfraContainerNamespace &&
- c.Name() == rootlessCNIInfraContainerName
- })
- if err != nil {
- return nil, err
- }
- if len(containers) == 0 {
- return nil, nil
- }
- return containers[0], nil
-}
-
-func ensureRootlessCNIInfraContainerRunning(ctx context.Context, r *Runtime) (*Container, error) {
- c, err := getRootlessCNIInfraContainer(r)
- if err != nil {
- return nil, err
- }
- if c == nil {
- return startRootlessCNIInfraContainer(ctx, r)
- }
- st, err := c.ContainerState()
- if err != nil {
- return nil, err
- }
- if st.State == define.ContainerStateRunning {
- logrus.Debugf("rootless CNI: infra container %q is already running", c.ID())
- return c, nil
- }
- logrus.Debugf("rootless CNI: infra container %q is %q, being started", c.ID(), st.State)
- if err := c.initAndStart(ctx); err != nil {
- return nil, err
- }
- logrus.Debugf("rootless CNI: infra container %q is running", c.ID())
- return c, nil
-}
-
-func startRootlessCNIInfraContainer(ctx context.Context, r *Runtime) (*Container, error) {
- imageName, ok := rootlessCNIInfraImage[runtime.GOARCH]
- if !ok {
- return nil, errors.Errorf("cannot find rootless-podman-network-sandbox image for %s", runtime.GOARCH)
- }
- logrus.Debugf("rootless CNI: ensuring image %q to exist", imageName)
- newImage, err := r.ImageRuntime().New(ctx, imageName, "", "", nil, nil,
- image.SigningOptions{}, nil, util.PullImageMissing, nil)
- if err != nil {
- return nil, err
- }
- logrus.Debugf("rootless CNI: image %q is ready", imageName)
-
- g, err := generate.New("linux")
- if err != nil {
- return nil, err
- }
- g.SetupPrivileged(true)
- // Set --pid=host for ease of propagating "/proc/PID/ns/net" string
- if err := g.RemoveLinuxNamespace(string(spec.PIDNamespace)); err != nil {
- return nil, err
- }
- g.RemoveMount("/proc")
- procMount := spec.Mount{
- Destination: "/proc",
- Type: "bind",
- Source: "/proc",
- Options: []string{"rbind", "nosuid", "noexec", "nodev"},
- }
- g.AddMount(procMount)
- // Mount CNI networks
- etcCNINetD := spec.Mount{
- Destination: "/etc/cni/net.d",
- Type: "bind",
- Source: r.config.Network.NetworkConfigDir,
- Options: []string{"ro", "bind"},
- }
- g.AddMount(etcCNINetD)
-
- inspectData, err := newImage.Inspect(ctx)
- if err != nil {
- return nil, err
- }
- imageEnv, err := env.ParseSlice(inspectData.Config.Env)
- if err != nil {
- return nil, err
- }
- for k, v := range imageEnv {
- g.AddProcessEnv(k, v)
- }
- if len(inspectData.Config.Cmd) == 0 {
- return nil, errors.Errorf("rootless CNI infra image %q has no command specified", imageName)
- }
- g.SetProcessArgs(inspectData.Config.Cmd)
-
- var options []CtrCreateOption
- options = append(options, WithRootFSFromImage(newImage.ID(), imageName, imageName))
- options = append(options, WithCtrNamespace(rootlessCNIInfraContainerNamespace))
- options = append(options, WithName(rootlessCNIInfraContainerName))
- options = append(options, WithPrivileged(true))
- options = append(options, WithSecLabels([]string{"disable"}))
- options = append(options, WithRestartPolicy("always"))
- options = append(options, WithNetNS(nil, false, "slirp4netns", nil))
- c, err := r.NewContainer(ctx, g.Config, options...)
- if err != nil {
- return nil, err
- }
- logrus.Debugf("rootless CNI infra container %q is created, now being started", c.ID())
- if err := c.initAndStart(ctx); err != nil {
- return nil, err
- }
- logrus.Debugf("rootless CNI: infra container %q is running", c.ID())
-
- return c, nil
-}
-
-func rootlessCNIInfraExec(c *Container, args ...string) (string, error) {
- cmd := "rootless-cni-infra"
- var (
- outB bytes.Buffer
- errB bytes.Buffer
- streams define.AttachStreams
- config ExecConfig
- )
- streams.OutputStream = &nopWriteCloser{Writer: &outB}
- streams.ErrorStream = &nopWriteCloser{Writer: &errB}
- streams.AttachOutput = true
- streams.AttachError = true
- config.Command = append([]string{cmd}, args...)
- config.Privileged = true
- logrus.Debugf("rootlessCNIInfraExec: c.ID()=%s, config=%+v, streams=%v, begin",
- c.ID(), config, streams)
- code, err := c.Exec(&config, &streams, nil)
- logrus.Debugf("rootlessCNIInfraExec: c.ID()=%s, config=%+v, streams=%v, end (code=%d, err=%v)",
- c.ID(), config, streams, code, err)
- if err != nil {
- return "", err
- }
- if code != 0 {
- return "", errors.Errorf("command %s %v in container %s failed with status %d, stdout=%q, stderr=%q",
- cmd, args, c.ID(), code, outB.String(), errB.String())
- }
- return outB.String(), nil
-}
-
-type nopWriteCloser struct {
- io.Writer
-}
-
-func (nwc *nopWriteCloser) Close() error {
- return nil
-}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 201482c65..d4bb691ef 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -436,13 +436,11 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) {
}
// Set up the CNI net plugin
- if !rootless.IsRootless() {
- netPlugin, err := ocicni.InitCNI(runtime.config.Network.DefaultNetwork, runtime.config.Network.NetworkConfigDir, runtime.config.Network.CNIPluginDirs...)
- if err != nil {
- return errors.Wrapf(err, "error configuring CNI network plugin")
- }
- runtime.netPlugin = netPlugin
+ netPlugin, err := ocicni.InitCNI(runtime.config.Network.DefaultNetwork, runtime.config.Network.NetworkConfigDir, runtime.config.Network.CNIPluginDirs...)
+ if err != nil {
+ return errors.Wrapf(err, "error configuring CNI network plugin")
}
+ runtime.netPlugin = netPlugin
// We now need to see if the system has restarted
// We check for the presence of a file in our tmp directory to verify this
diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go
index b427125db..3588467a5 100644
--- a/libpod/runtime_img.go
+++ b/libpod/runtime_img.go
@@ -168,9 +168,7 @@ func (r *Runtime) newImageBuildCompleteEvent(idOrName string) {
// Build adds the runtime to the imagebuildah call
func (r *Runtime) Build(ctx context.Context, options buildahDefine.BuildOptions, dockerfiles ...string) (string, reference.Canonical, error) {
if options.Runtime == "" {
- // Make sure that build containers use the same runtime as Podman (see #9365).
- conf := util.DefaultContainerConfig()
- options.Runtime = conf.Engine.OCIRuntime
+ options.Runtime = r.GetOCIRuntimePath()
}
id, ref, err := imagebuildah.BuildDockerfiles(ctx, r.store, options, dockerfiles...)
// Write event for build completion
diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go
index 0a09e40ea..1ae375ed9 100644
--- a/libpod/runtime_pod_infra_linux.go
+++ b/libpod/runtime_pod_infra_linux.go
@@ -104,7 +104,7 @@ func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawIm
default:
// Since user namespace sharing is not implemented, we only need to check if it's rootless
netmode := "bridge"
- if isRootless || p.config.InfraContainer.Slirp4netns {
+ if p.config.InfraContainer.Slirp4netns {
netmode = "slirp4netns"
if len(p.config.InfraContainer.NetworkOptions) != 0 {
options = append(options, WithNetworkOptions(p.config.InfraContainer.NetworkOptions))
diff --git a/pkg/api/handlers/compat/containers_prune.go b/pkg/api/handlers/compat/containers_prune.go
index e37929d27..61ea7a89e 100644
--- a/pkg/api/handlers/compat/containers_prune.go
+++ b/pkg/api/handlers/compat/containers_prune.go
@@ -23,7 +23,7 @@ func PruneContainers(w http.ResponseWriter, r *http.Request) {
filterFuncs := make([]libpod.ContainerFilter, 0, len(*filtersMap))
for k, v := range *filtersMap {
- generatedFunc, err := filters.GenerateContainerFilterFuncs(k, v, runtime)
+ generatedFunc, err := filters.GeneratePruneContainerFilterFuncs(k, v, runtime)
if err != nil {
utils.InternalServerError(w, err)
return
diff --git a/pkg/api/handlers/compat/containers_top.go b/pkg/api/handlers/compat/containers_top.go
index ab9f613af..cae044a89 100644
--- a/pkg/api/handlers/compat/containers_top.go
+++ b/pkg/api/handlers/compat/containers_top.go
@@ -46,8 +46,16 @@ func TopContainer(w http.ResponseWriter, r *http.Request) {
var body = handlers.ContainerTopOKBody{}
if len(output) > 0 {
body.Titles = strings.Split(output[0], "\t")
+ for i := range body.Titles {
+ body.Titles[i] = strings.TrimSpace(body.Titles[i])
+ }
+
for _, line := range output[1:] {
- body.Processes = append(body.Processes, strings.Split(line, "\t"))
+ process := strings.Split(line, "\t")
+ for i := range process {
+ process[i] = strings.TrimSpace(process[i])
+ }
+ body.Processes = append(body.Processes, process)
}
}
utils.WriteJSON(w, http.StatusOK, body)
diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go
index fd310711f..ab92434b1 100644
--- a/pkg/api/handlers/compat/images_build.go
+++ b/pkg/api/handlers/compat/images_build.go
@@ -10,6 +10,7 @@ import (
"os"
"path/filepath"
"strconv"
+ "strings"
"time"
"github.com/containers/buildah"
@@ -63,52 +64,55 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
}()
query := struct {
- AddHosts string `schema:"extrahosts"`
- AdditionalCapabilities string `schema:"addcaps"`
- Annotations string `schema:"annotations"`
- BuildArgs string `schema:"buildargs"`
- CacheFrom string `schema:"cachefrom"`
- Compression uint64 `schema:"compression"`
- ConfigureNetwork string `schema:"networkmode"`
- CpuPeriod uint64 `schema:"cpuperiod"` // nolint
- CpuQuota int64 `schema:"cpuquota"` // nolint
- CpuSetCpus string `schema:"cpusetcpus"` // nolint
- CpuShares uint64 `schema:"cpushares"` // nolint
- Devices string `schema:"devices"`
- Dockerfile string `schema:"dockerfile"`
- DropCapabilities string `schema:"dropcaps"`
- DNSServers string `schema:"dnsservers"`
- DNSOptions string `schema:"dnsoptions"`
- DNSSearch string `schema:"dnssearch"`
- Excludes string `schema:"excludes"`
- ForceRm bool `schema:"forcerm"`
- From string `schema:"from"`
- HTTPProxy bool `schema:"httpproxy"`
- Isolation string `schema:"isolation"`
- Ignore bool `schema:"ignore"`
- Jobs int `schema:"jobs"` // nolint
- Labels string `schema:"labels"`
- Layers bool `schema:"layers"`
- LogRusage bool `schema:"rusage"`
- Manifest string `schema:"manifest"`
- MemSwap int64 `schema:"memswap"`
- Memory int64 `schema:"memory"`
- NamespaceOptions string `schema:"nsoptions"`
- NoCache bool `schema:"nocache"`
- OutputFormat string `schema:"outputformat"`
- Platform string `schema:"platform"`
- Pull bool `schema:"pull"`
- PullPolicy string `schema:"pullpolicy"`
- Quiet bool `schema:"q"`
- Registry string `schema:"registry"`
- Rm bool `schema:"rm"`
- //FIXME SecurityOpt in remote API is not handled
- SecurityOpt string `schema:"securityopt"`
- ShmSize int `schema:"shmsize"`
- Squash bool `schema:"squash"`
- Tag []string `schema:"t"`
- Target string `schema:"target"`
- Timestamp int64 `schema:"timestamp"`
+ AddHosts string `schema:"extrahosts"`
+ AdditionalCapabilities string `schema:"addcaps"`
+ Annotations string `schema:"annotations"`
+ AppArmor string `schema:"apparmor"`
+ BuildArgs string `schema:"buildargs"`
+ CacheFrom string `schema:"cachefrom"`
+ Compression uint64 `schema:"compression"`
+ ConfigureNetwork string `schema:"networkmode"`
+ CpuPeriod uint64 `schema:"cpuperiod"` // nolint
+ CpuQuota int64 `schema:"cpuquota"` // nolint
+ CpuSetCpus string `schema:"cpusetcpus"` // nolint
+ CpuShares uint64 `schema:"cpushares"` // nolint
+ DNSOptions string `schema:"dnsoptions"`
+ DNSSearch string `schema:"dnssearch"`
+ DNSServers string `schema:"dnsservers"`
+ Devices string `schema:"devices"`
+ Dockerfile string `schema:"dockerfile"`
+ DropCapabilities string `schema:"dropcaps"`
+ Excludes string `schema:"excludes"`
+ ForceRm bool `schema:"forcerm"`
+ From string `schema:"from"`
+ HTTPProxy bool `schema:"httpproxy"`
+ Ignore bool `schema:"ignore"`
+ Isolation string `schema:"isolation"`
+ Jobs int `schema:"jobs"` // nolint
+ LabelOpts string `schema:"labelopts"`
+ Labels string `schema:"labels"`
+ Layers bool `schema:"layers"`
+ LogRusage bool `schema:"rusage"`
+ Manifest string `schema:"manifest"`
+ MemSwap int64 `schema:"memswap"`
+ Memory int64 `schema:"memory"`
+ NamespaceOptions string `schema:"nsoptions"`
+ NoCache bool `schema:"nocache"`
+ OutputFormat string `schema:"outputformat"`
+ Platform string `schema:"platform"`
+ Pull bool `schema:"pull"`
+ PullPolicy string `schema:"pullpolicy"`
+ Quiet bool `schema:"q"`
+ Registry string `schema:"registry"`
+ Rm bool `schema:"rm"`
+ Seccomp string `schema:"seccomp"`
+ SecurityOpt string `schema:"securityopt"`
+ ShmSize int `schema:"shmsize"`
+ Squash bool `schema:"squash"`
+ Tag []string `schema:"t"`
+ Target string `schema:"target"`
+ Timestamp int64 `schema:"timestamp"`
+ Ulimits string `schema:"ulimits"`
}{
Dockerfile: "Dockerfile",
Registry: "docker.io",
@@ -123,7 +127,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
return
}
- // convert label formats
+ // convert addcaps formats
var addCaps = []string{}
if _, found := r.URL.Query()["addcaps"]; found {
var m = []string{}
@@ -133,6 +137,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
}
addCaps = m
}
+
addhosts := []string{}
if _, found := r.URL.Query()["extrahosts"]; found {
if err := json.Unmarshal([]byte(query.AddHosts), &addhosts); err != nil {
@@ -142,7 +147,8 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
}
compression := archive.Compression(query.Compression)
- // convert label formats
+
+ // convert dropcaps formats
var dropCaps = []string{}
if _, found := r.URL.Query()["dropcaps"]; found {
var m = []string{}
@@ -153,7 +159,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
dropCaps = m
}
- // convert label formats
+ // convert devices formats
var devices = []string{}
if _, found := r.URL.Query()["devices"]; found {
var m = []string{}
@@ -233,7 +239,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
}
}
- // convert label formats
+ // convert annotations formats
var annotations = []string{}
if _, found := r.URL.Query()["annotations"]; found {
if err := json.Unmarshal([]byte(query.Annotations), &annotations); err != nil {
@@ -242,7 +248,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
}
}
- // convert label formats
+ // convert nsoptions formats
nsoptions := buildah.NamespaceOptions{}
if _, found := r.URL.Query()["nsoptions"]; found {
if err := json.Unmarshal([]byte(query.NamespaceOptions), &nsoptions); err != nil {
@@ -271,11 +277,75 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
}
}
}
+
jobs := 1
if _, found := r.URL.Query()["jobs"]; found {
jobs = query.Jobs
}
+ var (
+ labelOpts = []string{}
+ seccomp string
+ apparmor string
+ )
+
+ if utils.IsLibpodRequest(r) {
+ seccomp = query.Seccomp
+ apparmor = query.AppArmor
+ // convert labelopts formats
+ if _, found := r.URL.Query()["labelopts"]; found {
+ var m = []string{}
+ if err := json.Unmarshal([]byte(query.LabelOpts), &m); err != nil {
+ utils.BadRequest(w, "labelopts", query.LabelOpts, err)
+ return
+ }
+ labelOpts = m
+ }
+ } else {
+ // handle security-opt
+ if _, found := r.URL.Query()["securityopt"]; found {
+ var securityOpts = []string{}
+ if err := json.Unmarshal([]byte(query.SecurityOpt), &securityOpts); err != nil {
+ utils.BadRequest(w, "securityopt", query.SecurityOpt, err)
+ return
+ }
+ for _, opt := range securityOpts {
+ if opt == "no-new-privileges" {
+ utils.BadRequest(w, "securityopt", query.SecurityOpt, errors.New("no-new-privileges is not supported"))
+ return
+ }
+ con := strings.SplitN(opt, "=", 2)
+ if len(con) != 2 {
+ utils.BadRequest(w, "securityopt", query.SecurityOpt, errors.Errorf("Invalid --security-opt name=value pair: %q", opt))
+ return
+ }
+
+ switch con[0] {
+ case "label":
+ labelOpts = append(labelOpts, con[1])
+ case "apparmor":
+ apparmor = con[1]
+ case "seccomp":
+ seccomp = con[1]
+ default:
+ utils.BadRequest(w, "securityopt", query.SecurityOpt, errors.Errorf("Invalid --security-opt 2: %q", opt))
+ return
+ }
+ }
+ }
+ }
+
+ // convert ulimits formats
+ var ulimits = []string{}
+ if _, found := r.URL.Query()["ulimits"]; found {
+ var m = []string{}
+ if err := json.Unmarshal([]byte(query.Ulimits), &m); err != nil {
+ utils.BadRequest(w, "ulimits", query.Ulimits, err)
+ return
+ }
+ ulimits = m
+ }
+
pullPolicy := buildahDefine.PullIfMissing
if utils.IsLibpodRequest(r) {
pullPolicy = buildahDefine.PolicyMap[query.PullPolicy]
@@ -320,18 +390,22 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
Annotations: annotations,
Args: buildArgs,
CommonBuildOpts: &buildah.CommonBuildOptions{
- AddHost: addhosts,
- CPUPeriod: query.CpuPeriod,
- CPUQuota: query.CpuQuota,
- CPUShares: query.CpuShares,
- CPUSetCPUs: query.CpuSetCpus,
- DNSServers: dnsservers,
- DNSOptions: dnsoptions,
- DNSSearch: dnssearch,
- HTTPProxy: query.HTTPProxy,
- Memory: query.Memory,
- MemorySwap: query.MemSwap,
- ShmSize: strconv.Itoa(query.ShmSize),
+ AddHost: addhosts,
+ ApparmorProfile: apparmor,
+ CPUPeriod: query.CpuPeriod,
+ CPUQuota: query.CpuQuota,
+ CPUSetCPUs: query.CpuSetCpus,
+ CPUShares: query.CpuShares,
+ DNSOptions: dnsoptions,
+ DNSSearch: dnssearch,
+ DNSServers: dnsservers,
+ HTTPProxy: query.HTTPProxy,
+ LabelOpts: labelOpts,
+ Memory: query.Memory,
+ MemorySwap: query.MemSwap,
+ SeccompProfilePath: seccomp,
+ ShmSize: strconv.Itoa(query.ShmSize),
+ Ulimit: ulimits,
},
CNIConfigDir: rtc.Network.CNIPluginDirs[0],
CNIPluginPath: util.DefaultCNIPluginPath,
@@ -349,6 +423,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
Jobs: &jobs,
Labels: labels,
Layers: query.Layers,
+ LogRusage: query.LogRusage,
Manifest: query.Manifest,
MaxPullPushRetries: 3,
NamespaceOptions: nsoptions,
@@ -363,11 +438,11 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
RemoveIntermediateCtrs: query.Rm,
ReportWriter: reporter,
Squash: query.Squash,
+ Target: query.Target,
SystemContext: &types.SystemContext{
AuthFilePath: authfile,
DockerAuthConfig: creds,
},
- Target: query.Target,
}
if _, found := r.URL.Query()["timestamp"]; found {
diff --git a/pkg/api/handlers/libpod/play.go b/pkg/api/handlers/libpod/play.go
index ee2d3c00d..eba5386b6 100644
--- a/pkg/api/handlers/libpod/play.go
+++ b/pkg/api/handlers/libpod/play.go
@@ -20,7 +20,7 @@ func PlayKube(w http.ResponseWriter, r *http.Request) {
runtime := r.Context().Value("runtime").(*libpod.Runtime)
decoder := r.Context().Value("decoder").(*schema.Decoder)
query := struct {
- Network string `schema:"reference"`
+ Network string `schema:"network"`
TLSVerify bool `schema:"tlsVerify"`
LogDriver string `schema:"logDriver"`
Start bool `schema:"start"`
diff --git a/pkg/api/server/docs.go b/pkg/api/server/docs.go
index a99fefd7b..e72b78221 100644
--- a/pkg/api/server/docs.go
+++ b/pkg/api/server/docs.go
@@ -1,4 +1,4 @@
-// Package api Provides a container compatible interface.
+// Package api Provides an API for the Libpod library
//
// This documentation describes the Podman v2.0 RESTful API.
// It replaces the Podman v1.0 API and was initially delivered
@@ -21,22 +21,22 @@
//
// 'podman info'
//
-// curl --unix-socket /run/podman/podman.sock http://d/v1.0.0/libpod/info
+// curl --unix-socket /run/podman/podman.sock http://d/v3.0.0/libpod/info
//
// 'podman pull quay.io/containers/podman'
//
-// curl -XPOST --unix-socket /run/podman/podman.sock -v 'http://d/v1.0.0/images/create?fromImage=quay.io%2Fcontainers%2Fpodman'
+// curl -XPOST --unix-socket /run/podman/podman.sock -v 'http://d/v3.0.0/images/create?fromImage=quay.io%2Fcontainers%2Fpodman'
//
// 'podman list images'
//
-// curl --unix-socket /run/podman/podman.sock -v 'http://d/v1.0.0/libpod/images/json' | jq
+// curl --unix-socket /run/podman/podman.sock -v 'http://d/v3.0.0/libpod/images/json' | jq
//
// Terms Of Service:
//
// Schemes: http, https
// Host: podman.io
// BasePath: /
-// Version: 0.0.1
+// Version: 3.2.0
// License: Apache-2.0 https://opensource.org/licenses/Apache-2.0
// Contact: Podman <podman@lists.podman.io> https://podman.io/community/
//
@@ -47,8 +47,8 @@
//
// Produces:
// - application/json
+// - application/octet-stream
// - text/plain
-// - text/html
//
// Consumes:
// - application/json
diff --git a/pkg/api/server/register_archive.go b/pkg/api/server/register_archive.go
index 2ac126644..ee7449fbb 100644
--- a/pkg/api/server/register_archive.go
+++ b/pkg/api/server/register_archive.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerArchiveHandlers(r *mux.Router) error {
- // swagger:operation PUT /containers/{name}/archive compat putArchive
+ // swagger:operation PUT /containers/{name}/archive compat PutContainerArchive
// ---
// summary: Put files into a container
// description: Put a tar archive of files into a container
@@ -52,7 +52,7 @@ func (s *APIServer) registerArchiveHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
- // swagger:operation GET /containers/{name}/archive compat getArchive
+ // swagger:operation GET /containers/{name}/archive compat ContainerArchive
// ---
// summary: Get files from a container
// description: Get a tar archive of files from a container
@@ -91,7 +91,7 @@ func (s *APIServer) registerArchiveHandlers(r *mux.Router) error {
Libpod
*/
- // swagger:operation PUT /libpod/containers/{name}/archive libpod libpodPutArchive
+ // swagger:operation PUT /libpod/containers/{name}/archive libpod PutContainerArchiveLibpod
// ---
// summary: Copy files into a container
// description: Copy a tar archive of files into a container
@@ -132,7 +132,7 @@ func (s *APIServer) registerArchiveHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
- // swagger:operation GET /libpod/containers/{name}/archive libpod libpodGetArchive
+ // swagger:operation GET /libpod/containers/{name}/archive libpod ContainerArchiveLibpod
// ---
// summary: Copy files from a container
// description: Copy a tar archive of files from a container
diff --git a/pkg/api/server/register_auth.go b/pkg/api/server/register_auth.go
index 56e115e30..c07337653 100644
--- a/pkg/api/server/register_auth.go
+++ b/pkg/api/server/register_auth.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerAuthHandlers(r *mux.Router) error {
- // swagger:operation POST /auth compat auth
+ // swagger:operation POST /auth compat SystemAuth
// ---
// summary: Check auth configuration
// tags:
diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go
index b379d52ce..c2bb44c8f 100644
--- a/pkg/api/server/register_containers.go
+++ b/pkg/api/server/register_containers.go
@@ -9,7 +9,7 @@ import (
)
func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
- // swagger:operation POST /containers/create compat createContainer
+ // swagger:operation POST /containers/create compat ContainerCreate
// ---
// summary: Create a container
// tags:
@@ -35,7 +35,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/create"), s.APIHandler(compat.CreateContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/create", s.APIHandler(compat.CreateContainer)).Methods(http.MethodPost)
- // swagger:operation GET /containers/json compat listContainers
+ // swagger:operation GET /containers/json compat ContainerList
// ---
// tags:
// - containers (compat)
@@ -92,7 +92,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/json"), s.APIHandler(compat.ListContainers)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/json", s.APIHandler(compat.ListContainers)).Methods(http.MethodGet)
- // swagger:operation POST /containers/prune compat pruneContainers
+ // swagger:operation POST /containers/prune compat ContainerPrune
// ---
// tags:
// - containers (compat)
@@ -116,7 +116,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/prune"), s.APIHandler(compat.PruneContainers)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/prune", s.APIHandler(compat.PruneContainers)).Methods(http.MethodPost)
- // swagger:operation DELETE /containers/{name} compat removeContainer
+ // swagger:operation DELETE /containers/{name} compat ContainerDelete
// ---
// tags:
// - containers (compat)
@@ -157,7 +157,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}"), s.APIHandler(compat.RemoveContainer)).Methods(http.MethodDelete)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}", s.APIHandler(compat.RemoveContainer)).Methods(http.MethodDelete)
- // swagger:operation GET /containers/{name}/json compat getContainer
+ // swagger:operation GET /containers/{name}/json compat ContainerInspect
// ---
// tags:
// - containers (compat)
@@ -186,7 +186,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/json"), s.APIHandler(compat.GetContainer)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/json", s.APIHandler(compat.GetContainer)).Methods(http.MethodGet)
- // swagger:operation POST /containers/{name}/kill compat killContainer
+ // swagger:operation POST /containers/{name}/kill compat ContainerKill
// ---
// tags:
// - containers (compat)
@@ -223,7 +223,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/kill"), s.APIHandler(compat.KillContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/kill", s.APIHandler(compat.KillContainer)).Methods(http.MethodPost)
- // swagger:operation GET /containers/{name}/logs compat logsFromContainer
+ // swagger:operation GET /containers/{name}/logs compat ContainerLogs
// ---
// tags:
// - containers (compat)
@@ -277,7 +277,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/logs"), s.APIHandler(compat.LogsFromContainer)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/logs", s.APIHandler(compat.LogsFromContainer)).Methods(http.MethodGet)
- // swagger:operation POST /containers/{name}/pause compat pauseContainer
+ // swagger:operation POST /containers/{name}/pause compat ContainerPause
// ---
// tags:
// - containers (compat)
@@ -301,7 +301,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/pause"), s.APIHandler(compat.PauseContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/pause", s.APIHandler(compat.PauseContainer)).Methods(http.MethodPost)
- // swagger:operation POST /containers/{name}/restart compat restartContainer
+ // swagger:operation POST /containers/{name}/restart compat ContainerRestart
// ---
// tags:
// - containers (compat)
@@ -328,7 +328,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/restart"), s.APIHandler(compat.RestartContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/restart", s.APIHandler(compat.RestartContainer)).Methods(http.MethodPost)
- // swagger:operation POST /containers/{name}/start compat startContainer
+ // swagger:operation POST /containers/{name}/start compat ContainerStart
// ---
// tags:
// - containers (compat)
@@ -358,7 +358,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/start"), s.APIHandler(compat.StartContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/start", s.APIHandler(compat.StartContainer)).Methods(http.MethodPost)
- // swagger:operation GET /containers/{name}/stats compat statsContainer
+ // swagger:operation GET /containers/{name}/stats compat ContainerStats
// ---
// tags:
// - containers (compat)
@@ -387,7 +387,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/stats"), s.APIHandler(compat.StatsContainer)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/stats", s.APIHandler(compat.StatsContainer)).Methods(http.MethodGet)
- // swagger:operation POST /containers/{name}/stop compat stopContainer
+ // swagger:operation POST /containers/{name}/stop compat ContainerStop
// ---
// tags:
// - containers (compat)
@@ -417,7 +417,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/stop"), s.APIHandler(compat.StopContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/stop", s.APIHandler(compat.StopContainer)).Methods(http.MethodPost)
- // swagger:operation GET /containers/{name}/top compat topContainer
+ // swagger:operation GET /containers/{name}/top compat ContainerTop
// ---
// tags:
// - containers (compat)
@@ -444,7 +444,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/top"), s.APIHandler(compat.TopContainer)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/top", s.APIHandler(compat.TopContainer)).Methods(http.MethodGet)
- // swagger:operation POST /containers/{name}/unpause compat unpauseContainer
+ // swagger:operation POST /containers/{name}/unpause compat ContainerUnpause
// ---
// tags:
// - containers (compat)
@@ -468,7 +468,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/unpause"), s.APIHandler(compat.UnpauseContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/unpause", s.APIHandler(compat.UnpauseContainer)).Methods(http.MethodPost)
- // swagger:operation POST /containers/{name}/wait compat waitContainer
+ // swagger:operation POST /containers/{name}/wait compat ContainerWait
// ---
// tags:
// - containers (compat)
@@ -508,7 +508,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/wait"), s.APIHandler(compat.WaitContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/wait", s.APIHandler(compat.WaitContainer)).Methods(http.MethodPost)
- // swagger:operation POST /containers/{name}/attach compat attachContainer
+ // swagger:operation POST /containers/{name}/attach compat ContainerAttach
// ---
// tags:
// - containers (compat)
@@ -565,7 +565,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/attach"), s.APIHandler(compat.AttachContainer)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/attach", s.APIHandler(compat.AttachContainer)).Methods(http.MethodPost)
- // swagger:operation POST /containers/{name}/resize compat resizeContainer
+ // swagger:operation POST /containers/{name}/resize compat ContainerResize
// ---
// tags:
// - containers (compat)
@@ -604,7 +604,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.HandleFunc("/containers/{name}/resize", s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost)
- // swagger:operation GET /containers/{name}/export compat exportContainer
+ // swagger:operation GET /containers/{name}/export compat ContainerExport
// ---
// tags:
// - containers (compat)
@@ -627,7 +627,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/containers/{name}/export"), s.APIHandler(compat.ExportContainer)).Methods(http.MethodGet)
r.HandleFunc("/containers/{name}/export", s.APIHandler(compat.ExportContainer)).Methods(http.MethodGet)
- // swagger:operation POST /containers/{name}/rename compat renameContainer
+ // swagger:operation POST /containers/{name}/rename compat ContainerRename
// ---
// tags:
// - containers (compat)
@@ -662,7 +662,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
libpod endpoints
*/
- // swagger:operation POST /libpod/containers/create libpod libpodCreateContainer
+ // swagger:operation POST /libpod/containers/create libpod ContainerCreateLibpod
// ---
// summary: Create a container
// tags:
@@ -687,7 +687,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/create"), s.APIHandler(libpod.CreateContainer)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/json libpod libpodListContainers
+ // swagger:operation GET /libpod/containers/json libpod ContainerListLibpod
// ---
// tags:
// - containers
@@ -752,7 +752,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/json"), s.APIHandler(libpod.ListContainers)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/prune libpod libpodPruneContainers
+ // swagger:operation POST /libpod/containers/prune libpod ContainerPruneLibpod
// ---
// tags:
// - containers
@@ -774,7 +774,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/prune"), s.APIHandler(compat.PruneContainers)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/showmounted libpod libpodShowMountedContainers
+ // swagger:operation GET /libpod/containers/showmounted libpod ContainerShowMountedLibpod
// ---
// tags:
// - containers
@@ -792,7 +792,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/showmounted"), s.APIHandler(libpod.ShowMountedContainers)).Methods(http.MethodGet)
- // swagger:operation DELETE /libpod/containers/{name} libpod libpodRemoveContainer
+ // swagger:operation DELETE /libpod/containers/{name} libpod ContainerDeleteLibpod
// ---
// tags:
// - containers
@@ -826,7 +826,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}"), s.APIHandler(compat.RemoveContainer)).Methods(http.MethodDelete)
- // swagger:operation GET /libpod/containers/{name}/json libpod libpodGetContainer
+ // swagger:operation GET /libpod/containers/{name}/json libpod ContainerInspectLibpod
// ---
// tags:
// - containers
@@ -852,7 +852,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/json"), s.APIHandler(libpod.GetContainer)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/{name}/kill libpod libpodKillContainer
+ // swagger:operation POST /libpod/containers/{name}/kill libpod ContainerKillLibpod
// ---
// tags:
// - containers
@@ -881,7 +881,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/kill"), s.APIHandler(compat.KillContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/mount libpod libpodMountContainer
+ // swagger:operation POST /libpod/containers/{name}/mount libpod ContainerMountLibpod
// ---
// tags:
// - containers
@@ -907,7 +907,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/mount"), s.APIHandler(libpod.MountContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/unmount libpod libpodUnmountContainer
+ // swagger:operation POST /libpod/containers/{name}/unmount libpod ContainerUnmountLibpod
// ---
// tags:
// - containers
@@ -929,7 +929,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/unmount"), s.APIHandler(libpod.UnmountContainer)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/{name}/logs libpod libpodLogsFromContainer
+ // swagger:operation GET /libpod/containers/{name}/logs libpod ContainerLogsLibpod
// ---
// tags:
// - containers
@@ -981,7 +981,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/logs"), s.APIHandler(compat.LogsFromContainer)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/{name}/pause libpod libpodPauseContainer
+ // swagger:operation POST /libpod/containers/{name}/pause libpod ContainerPauseLibpod
// ---
// tags:
// - containers
@@ -1003,7 +1003,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// "$ref": "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/pause"), s.APIHandler(compat.PauseContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/restart libpod libpodRestartContainer
+ // swagger:operation POST /libpod/containers/{name}/restart libpod ContainerRestartLibpod
// ---
// tags:
// - containers
@@ -1028,7 +1028,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/restart"), s.APIHandler(compat.RestartContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/start libpod libpodStartContainer
+ // swagger:operation POST /libpod/containers/{name}/start libpod ContainerStartLibpod
// ---
// tags:
// - containers
@@ -1056,7 +1056,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/start"), s.APIHandler(compat.StartContainer)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/{name}/stats libpod libpodStatsContainer
+ // swagger:operation GET /libpod/containers/{name}/stats libpod ContainerStatsLibpod
// ---
// tags:
// - containers
@@ -1083,7 +1083,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/stats"), s.APIHandler(compat.StatsContainer)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/containers/stats libpod libpodStatsContainers
+ // swagger:operation GET /libpod/containers/stats libpod ContainersStatsAllLibpod
// ---
// tags:
// - containers
@@ -1112,7 +1112,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/stats"), s.APIHandler(libpod.StatsContainer)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/containers/{name}/top libpod libpodTopContainer
+ // swagger:operation GET /libpod/containers/{name}/top libpod ContainerTopLibpod
// ---
// tags:
// - containers
@@ -1146,7 +1146,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/top"), s.APIHandler(compat.TopContainer)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/{name}/unpause libpod libpodUnpauseContainer
+ // swagger:operation POST /libpod/containers/{name}/unpause libpod ContainerUnpauseLibpod
// ---
// tags:
// - containers
@@ -1167,7 +1167,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/unpause"), s.APIHandler(compat.UnpauseContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/wait libpod libpodWaitContainer
+ // swagger:operation POST /libpod/containers/{name}/wait libpod ContainerWaitLibpod
// ---
// tags:
// - containers
@@ -1204,7 +1204,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/wait"), s.APIHandler(libpod.WaitContainer)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/{name}/exists libpod libpodContainerExists
+ // swagger:operation GET /libpod/containers/{name}/exists libpod ContainerExistsLibpod
// ---
// tags:
// - containers
@@ -1226,7 +1226,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/exists"), s.APIHandler(libpod.ContainerExists)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/{name}/stop libpod libpodStopContainer
+ // swagger:operation POST /libpod/containers/{name}/stop libpod ContainerStopLibpod
// ---
// tags:
// - containers
@@ -1264,7 +1264,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/stop"), s.APIHandler(compat.StopContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/attach libpod libpodAttachContainer
+ // swagger:operation POST /libpod/containers/{name}/attach libpod ContainerAttachLibpod
// ---
// tags:
// - containers
@@ -1319,7 +1319,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/attach"), s.APIHandler(compat.AttachContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/resize libpod libpodResizeContainer
+ // swagger:operation POST /libpod/containers/{name}/resize libpod ContainerResizeLibpod
// ---
// tags:
// - containers
@@ -1351,7 +1351,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/{name}/export libpod libpodExportContainer
+ // swagger:operation GET /libpod/containers/{name}/export libpod ContainerExportLibpod
// ---
// tags:
// - containers
@@ -1373,7 +1373,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/export"), s.APIHandler(compat.ExportContainer)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/{name}/checkpoint libpod libpodCheckpointContainer
+ // swagger:operation POST /libpod/containers/{name}/checkpoint libpod ContainerCheckpointLibpod
// ---
// tags:
// - containers
@@ -1414,7 +1414,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/checkpoint"), s.APIHandler(libpod.Checkpoint)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/restore libpod libpodRestoreContainer
+ // swagger:operation POST /libpod/containers/{name}/restore libpod ContainerRestoreLibpod
// ---
// tags:
// - containers
@@ -1468,8 +1468,8 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/restore"), s.APIHandler(libpod.Restore)).Methods(http.MethodPost)
- // swagger:operation GET /containers/{name}/changes libpod libpodChangesContainer
- // swagger:operation GET /libpod/containers/{name}/changes compat changesContainer
+ // swagger:operation GET /containers/{name}/changes compat ContainerChanges
+ // swagger:operation GET /libpod/containers/{name}/changes libpod ContainerChangesLibpod
// ---
// tags:
// - containers
@@ -1501,7 +1501,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/containers/{name}/changes"), s.APIHandler(compat.Changes)).Methods(http.MethodGet)
r.HandleFunc("/containers/{name}/changes", s.APIHandler(compat.Changes)).Methods(http.MethodGet)
r.HandleFunc(VersionedPath("/libpod/containers/{name}/changes"), s.APIHandler(compat.Changes)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/containers/{name}/init libpod libpodInitContainer
+ // swagger:operation POST /libpod/containers/{name}/init libpod ContainerInitLibpod
// ---
// tags:
// - containers
@@ -1525,7 +1525,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/init"), s.APIHandler(libpod.InitContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/containers/{name}/rename libpod libpodRenameContainer
+ // swagger:operation POST /libpod/containers/{name}/rename libpod ContainerRenameLibpod
// ---
// tags:
// - containers
diff --git a/pkg/api/server/register_events.go b/pkg/api/server/register_events.go
index acccebac1..553f2c0ea 100644
--- a/pkg/api/server/register_events.go
+++ b/pkg/api/server/register_events.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerEventsHandlers(r *mux.Router) error {
- // swagger:operation GET /events system getEvents
+ // swagger:operation GET /events system SystemEvents
// ---
// tags:
// - system (compat)
@@ -37,7 +37,7 @@ func (s *APIServer) registerEventsHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/events"), s.APIHandler(compat.GetEvents)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/events", s.APIHandler(compat.GetEvents)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/events system libpodGetEvents
+ // swagger:operation GET /libpod/events system SystemEventsLibpod
// ---
// tags:
// - system
diff --git a/pkg/api/server/register_exec.go b/pkg/api/server/register_exec.go
index de437ab1a..3716ef6a2 100644
--- a/pkg/api/server/register_exec.go
+++ b/pkg/api/server/register_exec.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerExecHandlers(r *mux.Router) error {
- // swagger:operation POST /containers/{name}/exec compat createExec
+ // swagger:operation POST /containers/{name}/exec compat ContainerExec
// ---
// tags:
// - exec (compat)
@@ -77,7 +77,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/containers/{name}/exec"), s.APIHandler(compat.ExecCreateHandler)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/containers/{name}/exec", s.APIHandler(compat.ExecCreateHandler)).Methods(http.MethodPost)
- // swagger:operation POST /exec/{id}/start compat startExec
+ // swagger:operation POST /exec/{id}/start compat ExecStart
// ---
// tags:
// - exec (compat)
@@ -102,7 +102,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
// type: boolean
// description: Allocate a pseudo-TTY. Presently ignored.
// produces:
- // - application/json
+ // - application/octet-stream
// responses:
// 200:
// description: no error
@@ -115,7 +115,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/exec/{id}/start"), s.APIHandler(compat.ExecStartHandler)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/exec/{id}/start", s.APIHandler(compat.ExecStartHandler)).Methods(http.MethodPost)
- // swagger:operation POST /exec/{id}/resize compat resizeExec
+ // swagger:operation POST /exec/{id}/resize compat ExecResize
// ---
// tags:
// - exec (compat)
@@ -153,7 +153,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/exec/{id}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/exec/{id}/resize", s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost)
- // swagger:operation GET /exec/{id}/json compat inspectExec
+ // swagger:operation GET /exec/{id}/json compat ExecInspect
// ---
// tags:
// - exec (compat)
@@ -182,7 +182,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
libpod api follows
*/
- // swagger:operation POST /libpod/containers/{name}/exec libpod libpodCreateExec
+ // swagger:operation POST /libpod/containers/{name}/exec libpod ContainerExecLibpod
// ---
// tags:
// - exec
@@ -249,7 +249,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/containers/{name}/exec"), s.APIHandler(compat.ExecCreateHandler)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/exec/{id}/start libpod libpodStartExec
+ // swagger:operation POST /libpod/exec/{id}/start libpod ExecStartLibpod
// ---
// tags:
// - exec
@@ -285,7 +285,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/exec/{id}/start"), s.APIHandler(compat.ExecStartHandler)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/exec/{id}/resize libpod libpodResizeExec
+ // swagger:operation POST /libpod/exec/{id}/resize libpod ExecResizeLibpod
// ---
// tags:
// - exec
@@ -316,7 +316,7 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/exec/{id}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/exec/{id}/json libpod libpodInspectExec
+ // swagger:operation GET /libpod/exec/{id}/json libpod ExecInspectLibpod
// ---
// tags:
// - exec
diff --git a/pkg/api/server/register_generate.go b/pkg/api/server/register_generate.go
index abbad1485..208bf668c 100644
--- a/pkg/api/server/register_generate.go
+++ b/pkg/api/server/register_generate.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerGenerateHandlers(r *mux.Router) error {
- // swagger:operation GET /libpod/generate/{name:.*}/systemd libpod libpodGenerateSystemd
+ // swagger:operation GET /libpod/generate/{name:.*}/systemd libpod GenerateSystemdLibpod
// ---
// tags:
// - containers
@@ -75,7 +75,7 @@ func (s *APIServer) registerGenerateHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/generate/{name:.*}/systemd"), s.APIHandler(libpod.GenerateSystemd)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/generate/kube libpod libpodGenerateKube
+ // swagger:operation GET /libpod/generate/kube libpod GenerateKubeLibpod
// ---
// tags:
// - containers
diff --git a/pkg/api/server/register_healthcheck.go b/pkg/api/server/register_healthcheck.go
index 85f3d720c..e2fd5ac68 100644
--- a/pkg/api/server/register_healthcheck.go
+++ b/pkg/api/server/register_healthcheck.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerHealthCheckHandlers(r *mux.Router) error {
- // swagger:operation GET /libpod/containers/{name:.*}/healthcheck libpod libpodRunHealthCheck
+ // swagger:operation GET /libpod/containers/{name:.*}/healthcheck libpod ContainerHealthcheckLibpod
// ---
// tags:
// - containers
diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go
index 423766bd8..de8d50cc9 100644
--- a/pkg/api/server/register_images.go
+++ b/pkg/api/server/register_images.go
@@ -13,12 +13,15 @@ import (
// * /images/create is missing the "message" and "platform" parameters
func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
- // swagger:operation POST /images/create compat createImage
+ // swagger:operation POST /images/create compat ImageCreate
// ---
// tags:
// - images (compat)
// summary: Create an image
// description: Create an image by either pulling it from a registry or importing it.
+ // consumes:
+ // - text/plain
+ // - application/octet-stream
// produces:
// - application/json
// parameters:
@@ -56,7 +59,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/create"), s.APIHandler(compat.CreateImageFromSrc)).Methods(http.MethodPost).Queries("fromSrc", "{fromSrc}")
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/create", s.APIHandler(compat.CreateImageFromSrc)).Methods(http.MethodPost).Queries("fromSrc", "{fromSrc}")
- // swagger:operation GET /images/json compat listImages
+ // swagger:operation GET /images/json compat ImageList
// ---
// tags:
// - images (compat)
@@ -93,7 +96,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/json"), s.APIHandler(compat.GetImages)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/json", s.APIHandler(compat.GetImages)).Methods(http.MethodGet)
- // swagger:operation POST /images/load compat importImage
+ // swagger:operation POST /images/load compat ImageLoad
// ---
// tags:
// - images (compat)
@@ -119,7 +122,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/load"), s.APIHandler(compat.LoadImages)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/load", s.APIHandler(compat.LoadImages)).Methods(http.MethodPost)
- // swagger:operation POST /images/prune compat pruneImages
+ // swagger:operation POST /images/prune compat ImagePrune
// ---
// tags:
// - images (compat)
@@ -146,7 +149,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/prune"), s.APIHandler(compat.PruneImages)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/prune", s.APIHandler(compat.PruneImages)).Methods(http.MethodPost)
- // swagger:operation GET /images/search compat searchImages
+ // swagger:operation GET /images/search compat ImageSearch
// ---
// tags:
// - images (compat)
@@ -185,7 +188,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/search"), s.APIHandler(compat.SearchImages)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/search", s.APIHandler(compat.SearchImages)).Methods(http.MethodGet)
- // swagger:operation DELETE /images/{name:.*} compat removeImage
+ // swagger:operation DELETE /images/{name:.*} compat ImageDelete
// ---
// tags:
// - images (compat)
@@ -219,7 +222,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/{name:.*}"), s.APIHandler(compat.RemoveImage)).Methods(http.MethodDelete)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/{name:.*}", s.APIHandler(compat.RemoveImage)).Methods(http.MethodDelete)
- // swagger:operation POST /images/{name:.*}/push compat pushImage
+ // swagger:operation POST /images/{name:.*}/push compat ImagePush
// ---
// tags:
// - images (compat)
@@ -266,7 +269,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/{name:.*}/push"), s.APIHandler(compat.PushImage)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/{name:.*}/push", s.APIHandler(compat.PushImage)).Methods(http.MethodPost)
- // swagger:operation GET /images/{name:.*}/get compat exportImage
+ // swagger:operation GET /images/{name:.*}/get compat ImageGet
// ---
// tags:
// - images (compat)
@@ -279,7 +282,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// required: true
// description: the name or ID of the container
// produces:
- // - application/json
+ // - application/x-tar
// responses:
// 200:
// description: no error
@@ -291,7 +294,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/{name:.*}/get"), s.APIHandler(compat.ExportImage)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/{name:.*}/get", s.APIHandler(compat.ExportImage)).Methods(http.MethodGet)
- // swagger:operation GET /images/get compat get
+ // swagger:operation GET /images/get compat ImageGetAll
// ---
// tags:
// - images (compat)
@@ -316,7 +319,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/get"), s.APIHandler(compat.ExportImages)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/get", s.APIHandler(compat.ExportImages)).Methods(http.MethodGet)
- // swagger:operation GET /images/{name:.*}/history compat imageHistory
+ // swagger:operation GET /images/{name:.*}/history compat ImageHistory
// ---
// tags:
// - images (compat)
@@ -340,7 +343,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/{name:.*}/history"), s.APIHandler(compat.HistoryImage)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/{name:.*}/history", s.APIHandler(compat.HistoryImage)).Methods(http.MethodGet)
- // swagger:operation GET /images/{name:.*}/json compat inspectImage
+ // swagger:operation GET /images/{name:.*}/json compat ImageInspect
// ---
// tags:
// - images (compat)
@@ -364,7 +367,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/{name:.*}/json"), s.APIHandler(compat.GetImage)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/{name:.*}/json", s.APIHandler(compat.GetImage)).Methods(http.MethodGet)
- // swagger:operation POST /images/{name:.*}/tag compat tagImage
+ // swagger:operation POST /images/{name:.*}/tag compat ImageTag
// ---
// tags:
// - images (compat)
@@ -400,7 +403,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/images/{name:.*}/tag"), s.APIHandler(compat.TagImage)).Methods(http.MethodPost)
// Added non version path to URI to support docker non versioned paths
r.Handle("/images/{name:.*}/tag", s.APIHandler(compat.TagImage)).Methods(http.MethodPost)
- // swagger:operation POST /commit compat commitContainer
+ // swagger:operation POST /commit compat ImageCommit
// ---
// tags:
// - containers (compat)
@@ -448,7 +451,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// Added non version path to URI to support docker non versioned paths
r.Handle("/commit", s.APIHandler(compat.CommitContainer)).Methods(http.MethodPost)
- // swagger:operation POST /build compat buildImage
+ // swagger:operation POST /build compat ImageBuild
// ---
// tags:
// - images (compat)
@@ -664,7 +667,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
libpod endpoints
*/
- // swagger:operation POST /libpod/images/{name:.*}/push libpod libpodPushImage
+ // swagger:operation POST /libpod/images/{name:.*}/push libpod ImagePushLibpod
// ---
// tags:
// - images
@@ -702,7 +705,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/push"), s.APIHandler(libpod.PushImage)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/images/{name:.*}/exists libpod libpodImageExists
+ // swagger:operation GET /libpod/images/{name:.*}/exists libpod ImageExistsLibpod
// ---
// tags:
// - images
@@ -724,7 +727,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/exists"), s.APIHandler(libpod.ImageExists)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/images/{name:.*}/tree libpod libpodImageTree
+ // swagger:operation GET /libpod/images/{name:.*}/tree libpod ImageTreeLibpod
// ---
// tags:
// - images
@@ -750,7 +753,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/tree"), s.APIHandler(libpod.ImageTree)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/images/{name:.*}/history libpod libpodImageHistory
+ // swagger:operation GET /libpod/images/{name:.*}/history libpod ImageHistoryLibpod
// ---
// tags:
// - images
@@ -772,7 +775,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/history"), s.APIHandler(compat.HistoryImage)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/images/json libpod libpodListImages
+ // swagger:operation GET /libpod/images/json libpod ImageListLibpod
// ---
// tags:
// - images
@@ -803,7 +806,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/json"), s.APIHandler(libpod.GetImages)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/images/load libpod libpodImagesLoad
+ // swagger:operation POST /libpod/images/load libpod ImageLoadLibpod
// ---
// tags:
// - images
@@ -828,7 +831,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/load"), s.APIHandler(libpod.ImagesLoad)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/images/import libpod libpodImagesImport
+ // swagger:operation POST /libpod/images/import libpod ImageImportLibpod
// ---
// tags:
// - images
@@ -871,7 +874,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/import"), s.APIHandler(libpod.ImagesImport)).Methods(http.MethodPost)
- // swagger:operation DELETE /libpod/images/remove libpod libpodImagesRemove
+ // swagger:operation DELETE /libpod/images/remove libpod ImageDeleteAllLibpod
// ---
// tags:
// - images
@@ -903,7 +906,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/remove"), s.APIHandler(libpod.ImagesBatchRemove)).Methods(http.MethodDelete)
- // swagger:operation DELETE /libpod/images/{name:.*} libpod libpodRemoveImage
+ // swagger:operation DELETE /libpod/images/{name:.*} libpod ImageDeleteLibpod
// ---
// tags:
// - images
@@ -933,7 +936,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}"), s.APIHandler(libpod.ImagesRemove)).Methods(http.MethodDelete)
- // swagger:operation POST /libpod/images/pull libpod libpodImagesPull
+ // swagger:operation POST /libpod/images/pull libpod ImagePullLibpod
// ---
// tags:
// - images
@@ -979,7 +982,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/pull"), s.APIHandler(libpod.ImagesPull)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/images/prune libpod libpodPruneImages
+ // swagger:operation POST /libpod/images/prune libpod ImagePruneLibpod
// ---
// tags:
// - images
@@ -1004,7 +1007,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/prune"), s.APIHandler(libpod.PruneImages)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/images/search libpod libpodSearchImages
+ // swagger:operation GET /libpod/images/search libpod ImageSearchLibpod
// ---
// tags:
// - images
@@ -1039,7 +1042,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/search"), s.APIHandler(compat.SearchImages)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/images/{name:.*}/get libpod libpodExportImage
+ // swagger:operation GET /libpod/images/{name:.*}/get libpod ImageGetLibpod
// ---
// tags:
// - images
@@ -1060,7 +1063,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// type: boolean
// description: use compression on image
// produces:
- // - application/json
+ // - application/x-tar
// responses:
// 200:
// description: no error
@@ -1072,7 +1075,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/get"), s.APIHandler(libpod.ExportImage)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/images/export libpod libpodExportImages
+ // swagger:operation GET /libpod/images/export libpod ImageExportLibpod
// ---
// tags:
// - images
@@ -1106,7 +1109,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/export"), s.APIHandler(libpod.ExportImages)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/images/{name:.*}/json libpod libpodInspectImage
+ // swagger:operation GET /libpod/images/{name:.*}/json libpod ImageInspectLibpod
// ---
// tags:
// - images
@@ -1128,7 +1131,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/json"), s.APIHandler(libpod.GetImage)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/images/{name:.*}/tag libpod libpodTagImage
+ // swagger:operation POST /libpod/images/{name:.*}/tag libpod ImageTagLibpod
// ---
// tags:
// - images
@@ -1162,7 +1165,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/tag"), s.APIHandler(compat.TagImage)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/commit libpod libpodCommitContainer
+ // swagger:operation POST /libpod/commit libpod ImageCommitLibpod
// ---
// tags:
// - containers
@@ -1214,7 +1217,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/commit"), s.APIHandler(libpod.CommitContainer)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/images/{name:.*}/untag libpod libpodUntagImage
+ // swagger:operation POST /libpod/images/{name:.*}/untag libpod ImageUntagLibpod
// ---
// tags:
// - images
@@ -1249,7 +1252,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/untag"), s.APIHandler(libpod.UntagImage)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/images/{name}/changes libpod libpodChangesImages
+ // swagger:operation GET /libpod/images/{name}/changes libpod ImageChangesLibpod
// ---
// tags:
// - images
@@ -1279,7 +1282,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/images/{name}/changes"), s.APIHandler(compat.Changes)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/build libpod libpodBuildImage
+ // swagger:operation POST /libpod/build libpod ImageBuildLibpod
// ---
// tags:
// - images
diff --git a/pkg/api/server/register_info.go b/pkg/api/server/register_info.go
index c07d4699d..45185ba3b 100644
--- a/pkg/api/server/register_info.go
+++ b/pkg/api/server/register_info.go
@@ -9,7 +9,7 @@ import (
)
func (s *APIServer) registerInfoHandlers(r *mux.Router) error {
- // swagger:operation GET /info compat getInfo
+ // swagger:operation GET /info compat SystemInfo
// ---
// tags:
// - system (compat)
@@ -25,7 +25,7 @@ func (s *APIServer) registerInfoHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/info"), s.APIHandler(compat.GetInfo)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/info", s.APIHandler(compat.GetInfo)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/info libpod libpodGetInfo
+ // swagger:operation GET /libpod/info libpod SystemInfoLibpod
// ---
// tags:
// - system
diff --git a/pkg/api/server/register_manifest.go b/pkg/api/server/register_manifest.go
index c2da5156b..0417462a6 100644
--- a/pkg/api/server/register_manifest.go
+++ b/pkg/api/server/register_manifest.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
- // swagger:operation POST /libpod/manifests/create manifests Create
+ // swagger:operation POST /libpod/manifests/create manifests ManifestCreateLibpod
// ---
// summary: Create
// description: Create a manifest list
@@ -39,7 +39,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/manifests/create"), s.APIHandler(libpod.ManifestCreate)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/manifests/{name}/exists manifests Exists
+ // swagger:operation GET /libpod/manifests/{name}/exists manifests ManifestExistsLibpod
// ---
// summary: Exists
// description: Check if manifest list exists
@@ -59,7 +59,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/manifests/{name}/exists"), s.APIHandler(libpod.ExistsManifest)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/manifests/{name:.*}/json manifests Inspect
+ // swagger:operation GET /libpod/manifests/{name:.*}/json manifests ManifestInspectLibpod
// ---
// summary: Inspect
// description: Display a manifest list
@@ -79,7 +79,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/manifests/{name:.*}/json"), s.APIHandler(libpod.ManifestInspect)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/manifests/{name:.*}/add manifests AddManifest
+ // swagger:operation POST /libpod/manifests/{name:.*}/add manifests ManifestAddLibpod
// ---
// description: Add an image to a manifest list
// produces:
@@ -106,7 +106,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/manifests/{name:.*}/add"), s.APIHandler(libpod.ManifestAdd)).Methods(http.MethodPost)
- // swagger:operation DELETE /libpod/manifests/{name:.*} manifests RemoveManifest
+ // swagger:operation DELETE /libpod/manifests/{name:.*} manifests ManifestDeleteLibpod
// ---
// summary: Remove
// description: Remove an image from a manifest list
@@ -133,7 +133,7 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/manifests/{name:.*}"), s.APIHandler(libpod.ManifestRemove)).Methods(http.MethodDelete)
- // swagger:operation POST /libpod/manifests/{name}/push manifests PushManifest
+ // swagger:operation POST /libpod/manifests/{name}/push manifests ManifestPushLibpod
// ---
// summary: Push
// description: Push a manifest list or image index to a registry
diff --git a/pkg/api/server/register_networks.go b/pkg/api/server/register_networks.go
index a07c6a55e..e25fd071c 100644
--- a/pkg/api/server/register_networks.go
+++ b/pkg/api/server/register_networks.go
@@ -9,7 +9,7 @@ import (
)
func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
- // swagger:operation DELETE /networks/{name} compat compatRemoveNetwork
+ // swagger:operation DELETE /networks/{name} compat NetworkDelete
// ---
// tags:
// - networks (compat)
@@ -32,7 +32,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/networks/{name}"), s.APIHandler(compat.RemoveNetwork)).Methods(http.MethodDelete)
r.HandleFunc("/networks/{name}", s.APIHandler(compat.RemoveNetwork)).Methods(http.MethodDelete)
- // swagger:operation GET /networks/{name} compat compatInspectNetwork
+ // swagger:operation GET /networks/{name} compat NetworkInspect
// ---
// tags:
// - networks (compat)
@@ -55,7 +55,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/networks/{name}"), s.APIHandler(compat.InspectNetwork)).Methods(http.MethodGet)
r.HandleFunc("/networks/{name}", s.APIHandler(compat.InspectNetwork)).Methods(http.MethodGet)
- // swagger:operation GET /networks compat compatListNetwork
+ // swagger:operation GET /networks compat NetworkList
// ---
// tags:
// - networks (compat)
@@ -80,7 +80,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/networks"), s.APIHandler(compat.ListNetworks)).Methods(http.MethodGet)
r.HandleFunc("/networks", s.APIHandler(compat.ListNetworks)).Methods(http.MethodGet)
- // swagger:operation POST /networks/create compat compatCreateNetwork
+ // swagger:operation POST /networks/create compat NetworkCreate
// ---
// tags:
// - networks (compat)
@@ -103,7 +103,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/networks/create"), s.APIHandler(compat.CreateNetwork)).Methods(http.MethodPost)
r.HandleFunc("/networks/create", s.APIHandler(compat.CreateNetwork)).Methods(http.MethodPost)
- // swagger:operation POST /networks/{name}/connect compat compatConnectNetwork
+ // swagger:operation POST /networks/{name}/connect compat NetworkConnect
// ---
// tags:
// - networks (compat)
@@ -131,7 +131,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/networks/{name}/connect"), s.APIHandler(compat.Connect)).Methods(http.MethodPost)
r.HandleFunc("/networks/{name}/connect", s.APIHandler(compat.Connect)).Methods(http.MethodPost)
- // swagger:operation POST /networks/{name}/disconnect compat compatDisconnectNetwork
+ // swagger:operation POST /networks/{name}/disconnect compat NetworkDisconnect
// ---
// tags:
// - networks (compat)
@@ -159,7 +159,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/networks/{name}/disconnect"), s.APIHandler(compat.Disconnect)).Methods(http.MethodPost)
r.HandleFunc("/networks/{name}/disconnect", s.APIHandler(compat.Disconnect)).Methods(http.MethodPost)
- // swagger:operation POST /networks/prune compat compatPruneNetwork
+ // swagger:operation POST /networks/prune compat NetworkPrune
// ---
// tags:
// - networks (compat)
@@ -188,7 +188,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
r.HandleFunc(VersionedPath("/networks/prune"), s.APIHandler(compat.Prune)).Methods(http.MethodPost)
r.HandleFunc("/networks/prune", s.APIHandler(compat.Prune)).Methods(http.MethodPost)
- // swagger:operation DELETE /libpod/networks/{name} libpod libpodRemoveNetwork
+ // swagger:operation DELETE /libpod/networks/{name} libpod NetworkDeleteLibpod
// ---
// tags:
// - networks
@@ -213,13 +213,8 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/NoSuchNetwork"
// 500:
// $ref: "#/responses/InternalError"
-
- /*
- Libpod
- */
-
r.HandleFunc(VersionedPath("/libpod/networks/{name}"), s.APIHandler(libpod.RemoveNetwork)).Methods(http.MethodDelete)
- // swagger:operation GET /libpod/networks/{name}/exists libpod libpodExistsNetwork
+ // swagger:operation GET /libpod/networks/{name}/exists libpod NetworkExistsLibpod
// ---
// tags:
// - networks
@@ -241,7 +236,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/networks/{name}/exists"), s.APIHandler(libpod.ExistsNetwork)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/networks/json libpod libpodListNetwork
+ // swagger:operation GET /libpod/networks/json libpod NetworkListLibpod
// ---
// tags:
// - networks
@@ -266,7 +261,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/networks/json"), s.APIHandler(libpod.ListNetworks)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/networks/{name}/json libpod libpodInspectNetwork
+ // swagger:operation GET /libpod/networks/{name}/json libpod NetworkInspectLibpod
// ---
// tags:
// - networks
@@ -289,7 +284,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/networks/{name}/json"), s.APIHandler(libpod.InspectNetwork)).Methods(http.MethodGet)
r.HandleFunc(VersionedPath("/libpod/networks/{name}"), s.APIHandler(libpod.InspectNetwork)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/networks/create libpod libpodCreateNetwork
+ // swagger:operation POST /libpod/networks/create libpod NetworkCreateLibpod
// ---
// tags:
// - networks
@@ -315,7 +310,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/networks/create"), s.APIHandler(libpod.CreateNetwork)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/networks/{name}/connect libpod libpodConnectNetwork
+ // swagger:operation POST /libpod/networks/{name}/connect libpod NetworkConnectLibpod
// ---
// tags:
// - networks
@@ -342,7 +337,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/networks/{name}/connect"), s.APIHandler(libpod.Connect)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/networks/{name}/disconnect libpod libpodDisconnectNetwork
+ // swagger:operation POST /libpod/networks/{name}/disconnect libpod NetworkDisconnectLibpod
// ---
// tags:
// - networks
@@ -369,7 +364,7 @@ func (s *APIServer) registerNetworkHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/networks/{name}/disconnect"), s.APIHandler(compat.Disconnect)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/networks/prune libpod libpodPruneNetwork
+ // swagger:operation POST /libpod/networks/prune libpod NetworkPruneLibpod
// ---
// tags:
// - networks
diff --git a/pkg/api/server/register_ping.go b/pkg/api/server/register_ping.go
index 1d0876ec1..1222b3dba 100644
--- a/pkg/api/server/register_ping.go
+++ b/pkg/api/server/register_ping.go
@@ -10,7 +10,7 @@ import (
func (s *APIServer) registerPingHandlers(r *mux.Router) error {
r.Handle("/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodGet, http.MethodHead)
r.Handle(VersionedPath("/_ping"), s.APIHandler(compat.Ping)).Methods(http.MethodGet, http.MethodHead)
- // swagger:operation GET /libpod/_ping libpod libpodPingGet
+ // swagger:operation GET /libpod/_ping libpod SystemPing
// ---
// summary: Ping service
// description: |
diff --git a/pkg/api/server/register_play.go b/pkg/api/server/register_play.go
index dbb13cba3..d21029db5 100644
--- a/pkg/api/server/register_play.go
+++ b/pkg/api/server/register_play.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerPlayHandlers(r *mux.Router) error {
- // swagger:operation POST /libpod/play/kube libpod libpodPlayKube
+ // swagger:operation POST /libpod/play/kube libpod PlayKubeLibpod
// ---
// tags:
// - containers
diff --git a/pkg/api/server/register_pods.go b/pkg/api/server/register_pods.go
index c66cc48ff..5944b98fd 100644
--- a/pkg/api/server/register_pods.go
+++ b/pkg/api/server/register_pods.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
- // swagger:operation GET /libpod/pods/json pods ListPods
+ // swagger:operation GET /libpod/pods/json pods PodListLibpod
// ---
// summary: List pods
// produces:
@@ -26,7 +26,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/json"), s.APIHandler(libpod.Pods)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/pods/create pods CreatePod
+ // swagger:operation POST /libpod/pods/create pods PodCreateLibpod
// ---
// summary: Create a pod
// produces:
@@ -51,7 +51,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/create"), s.APIHandler(libpod.PodCreate)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/pods/prune pods PrunePods
+ // swagger:operation POST /libpod/pods/prune pods PodPruneLibpod
// ---
// summary: Prune unused pods
// produces:
@@ -66,7 +66,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/prune"), s.APIHandler(libpod.PodPrune)).Methods(http.MethodPost)
- // swagger:operation DELETE /libpod/pods/{name} pods removePod
+ // swagger:operation DELETE /libpod/pods/{name} pods PodDeleteLibpod
// ---
// summary: Remove pod
// produces:
@@ -91,7 +91,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}"), s.APIHandler(libpod.PodDelete)).Methods(http.MethodDelete)
- // swagger:operation GET /libpod/pods/{name}/json pods inspectPod
+ // swagger:operation GET /libpod/pods/{name}/json pods PodInspectLibpod
// ---
// summary: Inspect pod
// produces:
@@ -110,7 +110,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/json"), s.APIHandler(libpod.PodInspect)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/pods/{name}/exists pods podExists
+ // swagger:operation GET /libpod/pods/{name}/exists pods PodExistsLibpod
// ---
// summary: Pod exists
// description: Check if a pod exists by name or ID
@@ -130,7 +130,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/exists"), s.APIHandler(libpod.PodExists)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/pods/{name}/kill pods killPod
+ // swagger:operation POST /libpod/pods/{name}/kill pods PodKillLibpod
// ---
// summary: Kill a pod
// produces:
@@ -158,7 +158,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/kill"), s.APIHandler(libpod.PodKill)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/pods/{name}/pause pods pausePod
+ // swagger:operation POST /libpod/pods/{name}/pause pods PodPauseLibpod
// ---
// summary: Pause a pod
// description: Pause a pod
@@ -180,7 +180,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/pause"), s.APIHandler(libpod.PodPause)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/pods/{name}/restart pods restartPod
+ // swagger:operation POST /libpod/pods/{name}/restart pods PodRestartLibpod
// ---
// summary: Restart a pod
// produces:
@@ -201,7 +201,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/restart"), s.APIHandler(libpod.PodRestart)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/pods/{name}/start pods startPod
+ // swagger:operation POST /libpod/pods/{name}/start pods PodStartLibpod
// ---
// summary: Start a pod
// produces:
@@ -224,7 +224,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/start"), s.APIHandler(libpod.PodStart)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/pods/{name}/stop pods stopPod
+ // swagger:operation POST /libpod/pods/{name}/stop pods PodStopLibpod
// ---
// summary: Stop a pod
// produces:
@@ -253,7 +253,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/stop"), s.APIHandler(libpod.PodStop)).Methods(http.MethodPost)
- // swagger:operation POST /libpod/pods/{name}/unpause pods unpausePod
+ // swagger:operation POST /libpod/pods/{name}/unpause pods PodUnpauseLibpod
// ---
// summary: Unpause a pod
// produces:
@@ -274,7 +274,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/unpause"), s.APIHandler(libpod.PodUnpause)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/pods/{name}/top pods topPod
+ // swagger:operation GET /libpod/pods/{name}/top pods PodTopLibpod
// ---
// summary: List processes
// description: List processes running inside a pod
@@ -305,7 +305,7 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/pods/{name}/top"), s.APIHandler(libpod.PodTop)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/pods/stats pods statsPod
+ // swagger:operation GET /libpod/pods/stats pods PodStatsAllLibpod
// ---
// tags:
// - pods
diff --git a/pkg/api/server/register_secrets.go b/pkg/api/server/register_secrets.go
index 531623845..ca9790e93 100644
--- a/pkg/api/server/register_secrets.go
+++ b/pkg/api/server/register_secrets.go
@@ -9,7 +9,7 @@ import (
)
func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
- // swagger:operation POST /libpod/secrets/create libpod libpodCreateSecret
+ // swagger:operation POST /libpod/secrets/create libpod SecretCreateLibpod
// ---
// tags:
// - secrets
@@ -38,7 +38,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/secrets/create"), s.APIHandler(libpod.CreateSecret)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/secrets/json libpod libpodListSecret
+ // swagger:operation GET /libpod/secrets/json libpod SecretListLibpod
// ---
// tags:
// - secrets
@@ -53,7 +53,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/secrets/json"), s.APIHandler(compat.ListSecrets)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/secrets/{name}/json libpod libpodInspectSecret
+ // swagger:operation GET /libpod/secrets/{name}/json libpod SecretInspectLibpod
// ---
// tags:
// - secrets
@@ -74,7 +74,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/secrets/{name}/json"), s.APIHandler(compat.InspectSecret)).Methods(http.MethodGet)
- // swagger:operation DELETE /libpod/secrets/{name} libpod libpodRemoveSecret
+ // swagger:operation DELETE /libpod/secrets/{name} libpod SecretDeleteLibpod
// ---
// tags:
// - secrets
@@ -104,7 +104,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
/*
* Docker compatibility endpoints
*/
- // swagger:operation GET /secrets compat ListSecret
+ // swagger:operation GET /secrets compat SecretList
// ---
// tags:
// - secrets (compat)
@@ -120,7 +120,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/secrets"), s.APIHandler(compat.ListSecrets)).Methods(http.MethodGet)
r.Handle("/secrets", s.APIHandler(compat.ListSecrets)).Methods(http.MethodGet)
- // swagger:operation POST /secrets/create compat CreateSecret
+ // swagger:operation POST /secrets/create compat SecretCreate
// ---
// tags:
// - secrets (compat)
@@ -143,7 +143,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/secrets/create"), s.APIHandler(compat.CreateSecret)).Methods(http.MethodPost)
r.Handle("/secrets/create", s.APIHandler(compat.CreateSecret)).Methods(http.MethodPost)
- // swagger:operation GET /secrets/{name} compat InspectSecret
+ // swagger:operation GET /secrets/{name} compat SecretInspect
// ---
// tags:
// - secrets (compat)
@@ -165,7 +165,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error {
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/secrets/{name}"), s.APIHandler(compat.InspectSecret)).Methods(http.MethodGet)
r.Handle("/secrets/{name}", s.APIHandler(compat.InspectSecret)).Methods(http.MethodGet)
- // swagger:operation DELETE /secrets/{name} compat RemoveSecret
+ // swagger:operation DELETE /secrets/{name} compat SecretDelete
// ---
// tags:
// - secrets (compat)
diff --git a/pkg/api/server/register_system.go b/pkg/api/server/register_system.go
index 7bc16acc0..739daf7a6 100644
--- a/pkg/api/server/register_system.go
+++ b/pkg/api/server/register_system.go
@@ -9,10 +9,23 @@ import (
)
func (s *APIServer) registerSystemHandlers(r *mux.Router) error {
+ // swagger:operation GET /system/df compat SystemDataUsage
+ // ---
+ // tags:
+ // - system (compat)
+ // summary: Show disk usage
+ // description: Return information about disk usage for containers, images, and volumes
+ // produces:
+ // - application/json
+ // responses:
+ // 200:
+ // $ref: '#/responses/SystemDiskUse'
+ // 500:
+ // $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/system/df"), s.APIHandler(compat.GetDiskUsage)).Methods(http.MethodGet)
// Added non version path to URI to support docker non versioned paths
r.Handle("/system/df", s.APIHandler(compat.GetDiskUsage)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/system/prune libpod pruneSystem
+ // swagger:operation POST /libpod/system/prune libpod SystemPruneLibpod
// ---
// tags:
// - system
@@ -27,7 +40,7 @@ func (s *APIServer) registerSystemHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/system/prune"), s.APIHandler(libpod.SystemPrune)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/system/df libpod df
+ // swagger:operation GET /libpod/system/df libpod SystemDataUsageLibpod
// ---
// tags:
// - system
diff --git a/pkg/api/server/register_version.go b/pkg/api/server/register_version.go
index 0cedb5dc6..462edf4ee 100644
--- a/pkg/api/server/register_version.go
+++ b/pkg/api/server/register_version.go
@@ -8,7 +8,7 @@ import (
)
func (s *APIServer) registerVersionHandlers(r *mux.Router) error {
- // swagger:operation GET /version compat CompatSystemVersion
+ // swagger:operation GET /version compat SystemVersion
// ---
// summary: Component Version information
// tags:
@@ -20,7 +20,7 @@ func (s *APIServer) registerVersionHandlers(r *mux.Router) error {
// $ref: "#/responses/Version"
r.Handle("/version", s.APIHandler(compat.VersionHandler)).Methods(http.MethodGet)
r.Handle(VersionedPath("/version"), s.APIHandler(compat.VersionHandler)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/version libpod SystemVersion
+ // swagger:operation GET /libpod/version libpod SystemVersionLibpod
// ---
// summary: Component Version information
// tags:
diff --git a/pkg/api/server/register_volumes.go b/pkg/api/server/register_volumes.go
index b19faefdd..58f056626 100644
--- a/pkg/api/server/register_volumes.go
+++ b/pkg/api/server/register_volumes.go
@@ -9,7 +9,7 @@ import (
)
func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
- // swagger:operation POST /libpod/volumes/create libpod libpodCreateVolume
+ // swagger:operation POST /libpod/volumes/create libpod VolumeCreateLibpod
// ---
// tags:
// - volumes
@@ -28,7 +28,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/volumes/create"), s.APIHandler(libpod.CreateVolume)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/volumes/{name}/exists libpod libpodExistsVolume
+ // swagger:operation GET /libpod/volumes/{name}/exists libpod VolumeExistsLibpod
// ---
// tags:
// - volumes
@@ -50,7 +50,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/volumes/{name}/exists"), s.APIHandler(libpod.ExistsVolume)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/volumes/json libpod libpodListVolumes
+ // swagger:operation GET /libpod/volumes/json libpod VolumeListLibpod
// ---
// tags:
// - volumes
@@ -74,7 +74,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/volumes/json"), s.APIHandler(libpod.ListVolumes)).Methods(http.MethodGet)
- // swagger:operation POST /libpod/volumes/prune libpod libpodPruneVolumes
+ // swagger:operation POST /libpod/volumes/prune libpod VolumePruneLibpod
// ---
// tags:
// - volumes
@@ -87,7 +87,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/volumes/prune"), s.APIHandler(libpod.PruneVolumes)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/volumes/{name}/json libpod libpodInspectVolume
+ // swagger:operation GET /libpod/volumes/{name}/json libpod VolumeInspectLibpod
// ---
// tags:
// - volumes
@@ -108,7 +108,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
// '500':
// "$ref": "#/responses/InternalError"
r.Handle(VersionedPath("/libpod/volumes/{name}/json"), s.APIHandler(libpod.InspectVolume)).Methods(http.MethodGet)
- // swagger:operation DELETE /libpod/volumes/{name} libpod libpodRemoveVolume
+ // swagger:operation DELETE /libpod/volumes/{name} libpod VolumeDeleteLibpod
// ---
// tags:
// - volumes
@@ -140,7 +140,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
* Docker compatibility endpoints
*/
- // swagger:operation GET /volumes compat listVolumes
+ // swagger:operation GET /volumes compat VolumeList
// ---
// tags:
// - volumes (compat)
@@ -168,7 +168,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/volumes"), s.APIHandler(compat.ListVolumes)).Methods(http.MethodGet)
r.Handle("/volumes", s.APIHandler(compat.ListVolumes)).Methods(http.MethodGet)
- // swagger:operation POST /volumes/create compat createVolume
+ // swagger:operation POST /volumes/create compat VolumeCreate
// ---
// tags:
// - volumes (compat)
@@ -191,7 +191,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/volumes/create"), s.APIHandler(compat.CreateVolume)).Methods(http.MethodPost)
r.Handle("/volumes/create", s.APIHandler(compat.CreateVolume)).Methods(http.MethodPost)
- // swagger:operation GET /volumes/{name} compat inspectVolume
+ // swagger:operation GET /volumes/{name} compat VolumeInspect
// ---
// tags:
// - volumes (compat)
@@ -214,7 +214,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/volumes/{name}"), s.APIHandler(compat.InspectVolume)).Methods(http.MethodGet)
r.Handle("/volumes/{name}", s.APIHandler(compat.InspectVolume)).Methods(http.MethodGet)
- // swagger:operation DELETE /volumes/{name} compat removeVolume
+ // swagger:operation DELETE /volumes/{name} compat VolumeDelete
// ---
// tags:
// - volumes (compat)
@@ -246,7 +246,7 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error {
r.Handle(VersionedPath("/volumes/{name}"), s.APIHandler(compat.RemoveVolume)).Methods(http.MethodDelete)
r.Handle("/volumes/{name}", s.APIHandler(compat.RemoveVolume)).Methods(http.MethodDelete)
- // swagger:operation POST /volumes/prune compat pruneVolumes
+ // swagger:operation POST /volumes/prune compat VolumePrune
// ---
// tags:
// - volumes (compat)
diff --git a/pkg/api/tags.yaml b/pkg/api/tags.yaml
index bb56098eb..ae29c39a6 100644
--- a/pkg/api/tags.yaml
+++ b/pkg/api/tags.yaml
@@ -24,7 +24,7 @@ tags:
- name: images (compat)
description: Actions related to images for the compatibility endpoints
- name: networks (compat)
- description: Actions related to compatibility networks
+ description: Actions related to networks for the compatibility endpoints
- name: volumes (compat)
description: Actions related to volumes for the compatibility endpoints
- name: secrets (compat)
diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go
index 21a8e7a8b..fd93c5ac7 100644
--- a/pkg/bindings/connection.go
+++ b/pkg/bindings/connection.go
@@ -22,14 +22,6 @@ import (
"golang.org/x/crypto/ssh/agent"
)
-var (
- BasePath = &url.URL{
- Scheme: "http",
- Host: "d",
- Path: "/v" + version.APIVersion[version.Libpod][version.CurrentAPI].String() + "/libpod",
- }
-)
-
type APIResponse struct {
*http.Response
Request *http.Request
@@ -318,16 +310,24 @@ func (c *Connection) DoRequest(httpBody io.Reader, httpMethod, endpoint string,
err error
response *http.Response
)
- safePathValues := make([]interface{}, len(pathValues))
- // Make sure path values are http url safe
+
+ params := make([]interface{}, len(pathValues)+3)
+
+ // Including the semver suffices breaks older services... so do not include them
+ v := version.APIVersion[version.Libpod][version.CurrentAPI]
+ params[0] = v.Major
+ params[1] = v.Minor
+ params[2] = v.Patch
for i, pv := range pathValues {
- safePathValues[i] = url.PathEscape(pv)
+ // url.URL lacks the semantics for escaping embedded path parameters... so we manually
+ // escape each one and assume the caller included the correct formatting in "endpoint"
+ params[i+3] = url.PathEscape(pv)
}
- // Lets eventually use URL for this which might lead to safer
- // usage
- safeEndpoint := fmt.Sprintf(endpoint, safePathValues...)
- e := BasePath.String() + safeEndpoint
- req, err := http.NewRequest(httpMethod, e, httpBody)
+
+ uri := fmt.Sprintf("http://d/v%d.%d.%d/libpod"+endpoint, params...)
+ logrus.Debugf("DoRequest Method: %s URI: %v", httpMethod, uri)
+
+ req, err := http.NewRequest(httpMethod, uri, httpBody)
if err != nil {
return nil, err
}
diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go
index c79d79136..c47a16551 100644
--- a/pkg/bindings/images/build.go
+++ b/pkg/bindings/images/build.go
@@ -120,6 +120,9 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
if options.ForceRmIntermediateCtrs {
params.Set("forcerm", "1")
}
+ if options.RemoveIntermediateCtrs {
+ params.Set("rm", "1")
+ }
if len(options.From) > 0 {
params.Set("from", options.From)
}
@@ -140,6 +143,23 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
}
params.Set("labels", l)
}
+
+ if opt := options.CommonBuildOpts.LabelOpts; len(opt) > 0 {
+ o, err := jsoniter.MarshalToString(opt)
+ if err != nil {
+ return nil, err
+ }
+ params.Set("labelopts", o)
+ }
+
+ if len(options.CommonBuildOpts.SeccompProfilePath) > 0 {
+ params.Set("seccomp", options.CommonBuildOpts.SeccompProfilePath)
+ }
+
+ if len(options.CommonBuildOpts.ApparmorProfile) > 0 {
+ params.Set("apparmor", options.CommonBuildOpts.ApparmorProfile)
+ }
+
if options.Layers {
params.Set("layers", "1")
}
@@ -174,6 +194,7 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
if len(platform) > 0 {
params.Set("platform", platform)
}
+
params.Set("pullpolicy", options.PullPolicy.String())
if options.Quiet {
@@ -182,6 +203,10 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
if options.RemoveIntermediateCtrs {
params.Set("rm", "1")
}
+ if len(options.Target) > 0 {
+ params.Set("target", options.Target)
+ }
+
if hosts := options.CommonBuildOpts.AddHost; len(hosts) > 0 {
h, err := jsoniter.MarshalToString(hosts)
if err != nil {
@@ -212,6 +237,13 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
params.Set("timestamp", strconv.FormatInt(t.Unix(), 10))
}
+ if len(options.CommonBuildOpts.Ulimit) > 0 {
+ ulimitsJSON, err := json.Marshal(options.CommonBuildOpts.Ulimit)
+ if err != nil {
+ return nil, err
+ }
+ params.Set("ulimits", string(ulimitsJSON))
+ }
var (
headers map[string]string
err error
diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go
index b0ddc7862..4d1361746 100644
--- a/pkg/bindings/test/containers_test.go
+++ b/pkg/bindings/test/containers_test.go
@@ -550,21 +550,28 @@ var _ = Describe("Podman containers ", func() {
filtersIncorrect := map[string][]string{
"status": {"dummy"},
}
- pruneResponse, err := containers.Prune(bt.conn, new(containers.PruneOptions).WithFilters(filtersIncorrect))
+ _, err = containers.Prune(bt.conn, new(containers.PruneOptions).WithFilters(filtersIncorrect))
+ Expect(err).ToNot(BeNil())
+
+ // List filter params should not work with prune.
+ filtersIncorrect = map[string][]string{
+ "name": {"top"},
+ }
+ _, err = containers.Prune(bt.conn, new(containers.PruneOptions).WithFilters(filtersIncorrect))
Expect(err).ToNot(BeNil())
// Mismatched filter params no container should be pruned.
filtersIncorrect = map[string][]string{
- "name": {"r"},
+ "label": {"xyz"},
}
- pruneResponse, err = containers.Prune(bt.conn, new(containers.PruneOptions).WithFilters(filtersIncorrect))
+ pruneResponse, err := containers.Prune(bt.conn, new(containers.PruneOptions).WithFilters(filtersIncorrect))
Expect(err).To(BeNil())
Expect(len(reports.PruneReportsIds(pruneResponse))).To(Equal(0))
Expect(len(reports.PruneReportsErrs(pruneResponse))).To(Equal(0))
// Valid filter params container should be pruned now.
filters := map[string][]string{
- "name": {"top"},
+ "until": {"5000000000"}, //Friday, June 11, 2128
}
pruneResponse, err = containers.Prune(bt.conn, new(containers.PruneOptions).WithFilters(filters))
Expect(err).To(BeNil())
@@ -572,6 +579,26 @@ var _ = Describe("Podman containers ", func() {
Expect(len(reports.PruneReportsIds(pruneResponse))).To(Equal(1))
})
+ It("podman list containers with until filter", func() {
+ var name = "top"
+ _, err := bt.RunTopContainer(&name, nil)
+ Expect(err).To(BeNil())
+
+ filters := map[string][]string{
+ "until": {"5000000000"}, //Friday, June 11, 2128
+ }
+ c, err := containers.List(bt.conn, new(containers.ListOptions).WithFilters(filters).WithAll(true))
+ Expect(err).To(BeNil())
+ Expect(len(c)).To(Equal(1))
+
+ filters = map[string][]string{
+ "until": {"500000"}, // Tuesday, January 6, 1970
+ }
+ c, err = containers.List(bt.conn, new(containers.ListOptions).WithFilters(filters).WithAll(true))
+ Expect(err).To(BeNil())
+ Expect(len(c)).To(Equal(0))
+ })
+
It("podman prune running containers", func() {
// Start the container.
var name = "top"
diff --git a/pkg/bindings/test/networks_test.go b/pkg/bindings/test/networks_test.go
new file mode 100644
index 000000000..ef20235ae
--- /dev/null
+++ b/pkg/bindings/test/networks_test.go
@@ -0,0 +1,72 @@
+package test_bindings
+
+import (
+ "context"
+ "net/http"
+ "time"
+
+ "github.com/containers/podman/v3/pkg/bindings"
+ "github.com/containers/podman/v3/pkg/bindings/network"
+ . "github.com/onsi/ginkgo"
+ . "github.com/onsi/gomega"
+ "github.com/onsi/gomega/gexec"
+)
+
+var _ = Describe("Podman networks", func() {
+ var (
+ bt *bindingTest
+ s *gexec.Session
+ connText context.Context
+ err error
+ )
+
+ BeforeEach(func() {
+
+ bt = newBindingTest()
+ bt.RestoreImagesFromCache()
+ s = bt.startAPIService()
+ time.Sleep(1 * time.Second)
+ connText, err = bindings.NewConnection(context.Background(), bt.sock)
+ Expect(err).To(BeNil())
+ _, err = network.Prune(connText, &network.PruneOptions{})
+ Expect(err).To(BeNil())
+ })
+
+ AfterEach(func() {
+ s.Kill()
+ bt.cleanup()
+ })
+
+ It("create network", func() {
+ // create a network with blank config should work
+ _, err = network.Create(connText, &network.CreateOptions{})
+ Expect(err).To(BeNil())
+
+ name := "foobar"
+ opts := network.CreateOptions{
+ Name: &name,
+ }
+
+ report, err := network.Create(connText, &opts)
+ Expect(err).To(BeNil())
+ Expect(report.Filename).To(ContainSubstring(name))
+
+ // create network with same name should 500
+ _, err = network.Create(connText, &opts)
+ Expect(err).ToNot(BeNil())
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusInternalServerError))
+ })
+
+ It("inspect network", func() {
+ name := "foobar"
+ opts := network.CreateOptions{
+ Name: &name,
+ }
+ _, err = network.Create(connText, &opts)
+ Expect(err).To(BeNil())
+ data, err := network.Inspect(connText, name, nil)
+ Expect(err).To(BeNil())
+ Expect(data[0]["name"]).To(Equal(name))
+ })
+})
diff --git a/pkg/domain/filters/containers.go b/pkg/domain/filters/containers.go
index 84cf03764..45791cd84 100644
--- a/pkg/domain/filters/containers.go
+++ b/pkg/domain/filters/containers.go
@@ -165,16 +165,7 @@ func GenerateContainerFilterFuncs(filter string, filterValues []string, r *libpo
return false
}, nil
case "until":
- until, err := util.ComputeUntilTimestamp(filterValues)
- if err != nil {
- return nil, err
- }
- return func(c *libpod.Container) bool {
- if !until.IsZero() && c.CreatedTime().After((until)) {
- return true
- }
- return false
- }, nil
+ return prepareUntilFilterFunc(filterValues)
case "pod":
var pods []*libpod.Pod
for _, podNameOrID := range filterValues {
@@ -226,3 +217,29 @@ func GenerateContainerFilterFuncs(filter string, filterValues []string, r *libpo
}
return nil, errors.Errorf("%s is an invalid filter", filter)
}
+
+// GeneratePruneContainerFilterFuncs return ContainerFilter functions based of filter for prune operation
+func GeneratePruneContainerFilterFuncs(filter string, filterValues []string, r *libpod.Runtime) (func(container *libpod.Container) bool, error) {
+ switch filter {
+ case "label":
+ return func(c *libpod.Container) bool {
+ return util.MatchLabelFilters(filterValues, c.Labels())
+ }, nil
+ case "until":
+ return prepareUntilFilterFunc(filterValues)
+ }
+ return nil, errors.Errorf("%s is an invalid filter", filter)
+}
+
+func prepareUntilFilterFunc(filterValues []string) (func(container *libpod.Container) bool, error) {
+ until, err := util.ComputeUntilTimestamp(filterValues)
+ if err != nil {
+ return nil, err
+ }
+ return func(c *libpod.Container) bool {
+ if !until.IsZero() && c.CreatedTime().Before(until) {
+ return true
+ }
+ return false
+ }, nil
+}
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index 3fe9ef637..6f8845f10 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -194,7 +194,7 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin
func (ic *ContainerEngine) ContainerPrune(ctx context.Context, options entities.ContainerPruneOptions) ([]*reports.PruneReport, error) {
filterFuncs := make([]libpod.ContainerFilter, 0, len(options.Filters))
for k, v := range options.Filters {
- generatedFunc, err := dfilters.GenerateContainerFilterFuncs(k, v, ic.Libpod)
+ generatedFunc, err := dfilters.GeneratePruneContainerFilterFuncs(k, v, ic.Libpod)
if err != nil {
return nil, err
}
diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go
index b0d9dc797..a98c9168a 100644
--- a/pkg/domain/infra/runtime_libpod.go
+++ b/pkg/domain/infra/runtime_libpod.go
@@ -146,7 +146,11 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo
// This should always be checked after storage-driver is checked
if len(cfg.StorageOpts) > 0 {
storageSet = true
- storageOpts.GraphDriverOptions = cfg.StorageOpts
+ if len(cfg.StorageOpts) == 1 && cfg.StorageOpts[0] == "" {
+ storageOpts.GraphDriverOptions = []string{}
+ } else {
+ storageOpts.GraphDriverOptions = cfg.StorageOpts
+ }
}
if opts.migrate {
options = append(options, libpod.WithMigrate())
diff --git a/pkg/machine/config.go b/pkg/machine/config.go
index 273deca00..32b3b5c2b 100644
--- a/pkg/machine/config.go
+++ b/pkg/machine/config.go
@@ -5,6 +5,7 @@ import (
"net/url"
"os"
"path/filepath"
+ "time"
"github.com/containers/storage/pkg/homedir"
"github.com/pkg/errors"
@@ -44,9 +45,18 @@ type Download struct {
VMName string
}
+type ListOptions struct{}
+
+type ListResponse struct {
+ Name string
+ CreatedAt time.Time
+ LastUp time.Time
+ Running bool
+ VMType string
+}
+
type SSHOptions struct {
- Execute bool
- Args []string
+ Args []string
}
type StartOptions struct{}
diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go
index a68d68ac3..cc5c01de6 100644
--- a/pkg/machine/ignition.go
+++ b/pkg/machine/ignition.go
@@ -55,10 +55,16 @@ func NewIgnitionFile(ign DynamicIgnition) error {
}
ignPassword := Passwd{
- Users: []PasswdUser{{
- Name: ign.Name,
- SSHAuthorizedKeys: []SSHAuthorizedKey{SSHAuthorizedKey(ign.Key)},
- }},
+ Users: []PasswdUser{
+ {
+ Name: ign.Name,
+ SSHAuthorizedKeys: []SSHAuthorizedKey{SSHAuthorizedKey(ign.Key)},
+ },
+ {
+ Name: "root",
+ SSHAuthorizedKeys: []SSHAuthorizedKey{SSHAuthorizedKey(ign.Key)},
+ },
+ },
}
ignStorage := Storage{
diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go
index fdb528a86..fd22f465b 100644
--- a/pkg/machine/qemu/machine.go
+++ b/pkg/machine/qemu/machine.go
@@ -10,6 +10,7 @@ import (
"os/exec"
"path/filepath"
"strconv"
+ "strings"
"time"
"github.com/containers/podman/v3/pkg/machine"
@@ -36,12 +37,8 @@ func NewMachine(opts machine.InitOptions) (machine.VM, error) {
if len(opts.Name) > 0 {
vm.Name = opts.Name
}
- vm.IgnitionFilePath = opts.IgnitionPath
- // If no ignitionfilepath was provided, use defaults
- if len(vm.IgnitionFilePath) < 1 {
- ignitionFile := filepath.Join(vmConfigDir, vm.Name+".ign")
- vm.IgnitionFilePath = ignitionFile
- }
+ ignitionFile := filepath.Join(vmConfigDir, vm.Name+".ign")
+ vm.IgnitionFilePath = ignitionFile
// An image was specified
if len(opts.ImagePath) > 0 {
@@ -124,6 +121,9 @@ func LoadVMByName(name string) (machine.VM, error) {
// Init writes the json configuration file to the filesystem for
// other verbs (start, stop)
func (v *MachineVM) Init(opts machine.InitOptions) error {
+ var (
+ key string
+ )
sshDir := filepath.Join(homedir.Get(), ".ssh")
// GetConfDir creates the directory so no need to check for
// its existence
@@ -163,9 +163,18 @@ func (v *MachineVM) Init(opts machine.InitOptions) error {
// Add location of bootable image
v.CmdLine = append(v.CmdLine, "-drive", "if=virtio,file="+v.ImagePath)
// This kind of stinks but no other way around this r/n
- uri := machine.SSHRemoteConnection.MakeSSHURL("localhost", "/run/user/1000/podman/podman.sock", strconv.Itoa(v.Port), v.RemoteUsername)
- if err := machine.AddConnection(&uri, v.Name, filepath.Join(sshDir, v.Name), opts.IsDefault); err != nil {
- return err
+ if len(opts.IgnitionPath) < 1 {
+ uri := machine.SSHRemoteConnection.MakeSSHURL("localhost", "/run/user/1000/podman/podman.sock", strconv.Itoa(v.Port), v.RemoteUsername)
+ if err := machine.AddConnection(&uri, v.Name, filepath.Join(sshDir, v.Name), opts.IsDefault); err != nil {
+ return err
+ }
+
+ uriRoot := machine.SSHRemoteConnection.MakeSSHURL("localhost", "/run/podman/podman.sock", strconv.Itoa(v.Port), "root")
+ if err := machine.AddConnection(&uriRoot, v.Name+"-root", filepath.Join(sshDir, v.Name), opts.IsDefault); err != nil {
+ return err
+ }
+ } else {
+ fmt.Println("An ignition path was provided. No SSH connection was added to Podman")
}
// Write the JSON file
b, err := json.MarshalIndent(v, "", " ")
@@ -175,9 +184,14 @@ func (v *MachineVM) Init(opts machine.InitOptions) error {
if err := ioutil.WriteFile(jsonFile, b, 0644); err != nil {
return err
}
- key, err := machine.CreateSSHKeys(v.IdentityPath)
- if err != nil {
- return err
+
+ // User has provided ignition file so keygen
+ // will be skipped.
+ if len(opts.IgnitionPath) < 1 {
+ key, err = machine.CreateSSHKeys(v.IdentityPath)
+ if err != nil {
+ return err
+ }
}
// Run arch specific things that need to be done
if err := v.prepare(); err != nil {
@@ -199,6 +213,15 @@ func (v *MachineVM) Init(opts machine.InitOptions) error {
return errors.Errorf("error resizing image: %q", err)
}
}
+ // If the user provides an ignition file, we need to
+ // copy it into the conf dir
+ if len(opts.IgnitionPath) > 0 {
+ inputIgnition, err := ioutil.ReadFile(opts.IgnitionPath)
+ if err != nil {
+ return err
+ }
+ return ioutil.WriteFile(v.IgnitionFilePath, inputIgnition, 0644)
+ }
// Write the ignition file
ign := machine.DynamicIgnition{
Name: opts.Username,
@@ -339,6 +362,10 @@ func (v *MachineVM) Remove(name string, opts machine.RemoveOptions) (string, fun
if err := machine.RemoveConnection(v.Name); err != nil {
logrus.Error(err)
}
+ if err := machine.RemoveConnection(v.Name + "-root"); err != nil {
+ logrus.Error(err)
+ }
+
vmConfigDir, err := machine.GetConfDir(vmtype)
if err != nil {
return "", nil, err
@@ -382,7 +409,7 @@ func (v *MachineVM) SSH(name string, opts machine.SSHOptions) error {
port := strconv.Itoa(v.Port)
args := []string{"-i", v.IdentityPath, "-p", port, sshDestination}
- if opts.Execute {
+ if len(opts.Args) > 0 {
args = append(args, opts.Args...)
} else {
fmt.Printf("Connecting to vm %s. To close connection, use `~.` or `exit`\n", v.Name)
@@ -426,3 +453,69 @@ func getDiskSize(path string) (uint64, error) {
}
return tmpInfo.VirtualSize, nil
}
+
+// List lists all vm's that use qemu virtualization
+func List(_ machine.ListOptions) ([]*machine.ListResponse, error) {
+ return GetVMInfos()
+}
+
+func GetVMInfos() ([]*machine.ListResponse, error) {
+ vmConfigDir, err := machine.GetConfDir(vmtype)
+ if err != nil {
+ return nil, err
+ }
+
+ var listed []*machine.ListResponse
+
+ if err = filepath.Walk(vmConfigDir, func(path string, info os.FileInfo, err error) error {
+ vm := new(MachineVM)
+ if strings.HasSuffix(info.Name(), ".json") {
+ fullPath := filepath.Join(vmConfigDir, info.Name())
+ b, err := ioutil.ReadFile(fullPath)
+ if err != nil {
+ return err
+ }
+ err = json.Unmarshal(b, vm)
+ if err != nil {
+ return err
+ }
+ listEntry := new(machine.ListResponse)
+
+ listEntry.Name = vm.Name
+ listEntry.VMType = "qemu"
+ fi, err := os.Stat(fullPath)
+ if err != nil {
+ return err
+ }
+ listEntry.CreatedAt = fi.ModTime()
+
+ fi, err = os.Stat(vm.ImagePath)
+ if err != nil {
+ return err
+ }
+ listEntry.LastUp = fi.ModTime()
+ if vm.isRunning() {
+ listEntry.Running = true
+ }
+
+ listed = append(listed, listEntry)
+ }
+ return nil
+ }); err != nil {
+ return nil, err
+ }
+ return listed, err
+}
+
+func IsValidVMName(name string) (bool, error) {
+ infos, err := GetVMInfos()
+ if err != nil {
+ return false, err
+ }
+ for _, vm := range infos {
+ if vm.Name == name {
+ return true, nil
+ }
+ }
+ return false, nil
+}
diff --git a/pkg/netns/netns_linux.go b/pkg/netns/netns_linux.go
index 0b7d1782c..ecefb65ff 100644
--- a/pkg/netns/netns_linux.go
+++ b/pkg/netns/netns_linux.go
@@ -35,9 +35,9 @@ import (
"golang.org/x/sys/unix"
)
-// get NSRunDir returns the dir of where to create the netNS. When running
+// GetNSRunDir returns the dir of where to create the netNS. When running
// rootless, it needs to be at a location writable by user.
-func getNSRunDir() (string, error) {
+func GetNSRunDir() (string, error) {
if rootless.IsRootless() {
rootlessDir, err := util.GetRuntimeDir()
if err != nil {
@@ -51,15 +51,21 @@ func getNSRunDir() (string, error) {
// NewNS creates a new persistent (bind-mounted) network namespace and returns
// an object representing that namespace, without switching to it.
func NewNS() (ns.NetNS, error) {
- nsRunDir, err := getNSRunDir()
+ b := make([]byte, 16)
+ _, err := rand.Reader.Read(b)
if err != nil {
- return nil, err
+ return nil, fmt.Errorf("failed to generate random netns name: %v", err)
}
+ nsName := fmt.Sprintf("cni-%x-%x-%x-%x-%x", b[0:4], b[4:6], b[6:8], b[8:10], b[10:])
+ return NewNSWithName(nsName)
+}
- b := make([]byte, 16)
- _, err = rand.Reader.Read(b)
+// NewNSWithName creates a new persistent (bind-mounted) network namespace and returns
+// an object representing that namespace, without switching to it.
+func NewNSWithName(name string) (ns.NetNS, error) {
+ nsRunDir, err := GetNSRunDir()
if err != nil {
- return nil, fmt.Errorf("failed to generate random netns name: %v", err)
+ return nil, err
}
// Create the directory for mounting network namespaces
@@ -93,10 +99,8 @@ func NewNS() (ns.NetNS, error) {
}
}
- nsName := fmt.Sprintf("cni-%x-%x-%x-%x-%x", b[0:4], b[4:6], b[6:8], b[8:10], b[10:])
-
// create an empty file at the mount point
- nsPath := path.Join(nsRunDir, nsName)
+ nsPath := path.Join(nsRunDir, name)
mountPointFd, err := os.Create(nsPath)
if err != nil {
return nil, err
@@ -177,7 +181,7 @@ func NewNS() (ns.NetNS, error) {
// UnmountNS unmounts the NS held by the netns object
func UnmountNS(ns ns.NetNS) error {
- nsRunDir, err := getNSRunDir()
+ nsRunDir, err := GetNSRunDir()
if err != nil {
return err
}
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
index 7a2bf0377..918b9a7e6 100644
--- a/pkg/rootless/rootless_linux.c
+++ b/pkg/rootless/rootless_linux.c
@@ -61,6 +61,10 @@ static int open_files_max_fd;
static fd_set *open_files_set;
static uid_t rootless_uid_init;
static gid_t rootless_gid_init;
+static bool do_socket_activation = false;
+static char *saved_systemd_listen_fds;
+static char *saved_systemd_listen_pid;
+static char *saved_systemd_listen_fdnames;
static int
syscall_setresuid (uid_t ruid, uid_t euid, uid_t suid)
@@ -242,6 +246,10 @@ static void __attribute__((constructor)) init()
{
const char *xdg_runtime_dir;
const char *pause;
+ const char *listen_pid;
+ const char *listen_fds;
+ const char *listen_fdnames;
+
DIR *d;
pause = getenv ("_PODMAN_PAUSE");
@@ -293,6 +301,26 @@ static void __attribute__((constructor)) init()
closedir (d);
}
+ listen_pid = getenv("LISTEN_PID");
+ listen_fds = getenv("LISTEN_FDS");
+ listen_fdnames = getenv("LISTEN_FDNAMES");
+
+ if (listen_pid != NULL && listen_fds != NULL && strtol(listen_pid, NULL, 10) == getpid())
+ {
+ // save systemd socket environment for rootless child
+ do_socket_activation = true;
+ saved_systemd_listen_pid = strdup(listen_pid);
+ saved_systemd_listen_fds = strdup(listen_fds);
+ saved_systemd_listen_fdnames = strdup(listen_fdnames);
+ if (saved_systemd_listen_pid == NULL
+ || saved_systemd_listen_fds == NULL
+ || saved_systemd_listen_fdnames == NULL)
+ {
+ fprintf (stderr, "save socket listen environments error: %s\n", strerror (errno));
+ _exit (EXIT_FAILURE);
+ }
+ }
+
/* Shortcut. If we are able to join the pause pid file, do it now so we don't
need to re-exec. */
xdg_runtime_dir = getenv ("XDG_RUNTIME_DIR");
@@ -635,6 +663,12 @@ reexec_userns_join (int pid_to_join, char *pause_pid_file_path)
for (f = 3; f <= open_files_max_fd; f++)
if (is_fd_inherited (f))
close (f);
+ if (do_socket_activation)
+ {
+ unsetenv ("LISTEN_PID");
+ unsetenv ("LISTEN_FDS");
+ unsetenv ("LISTEN_FDNAMES");
+ }
return pid;
}
@@ -660,6 +694,15 @@ reexec_userns_join (int pid_to_join, char *pause_pid_file_path)
_exit (EXIT_FAILURE);
}
+ if (do_socket_activation)
+ {
+ char s[32];
+ sprintf (s, "%d", getpid());
+ setenv ("LISTEN_PID", s, true);
+ setenv ("LISTEN_FDS", saved_systemd_listen_fds, true);
+ setenv ("LISTEN_FDNAMES", saved_systemd_listen_fdnames, true);
+ }
+
setenv ("_CONTAINERS_USERNS_CONFIGURED", "init", 1);
setenv ("_CONTAINERS_ROOTLESS_UID", uid, 1);
setenv ("_CONTAINERS_ROOTLESS_GID", gid, 1);
@@ -777,9 +820,6 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re
char **argv;
char uid[16];
char gid[16];
- char *listen_fds = NULL;
- char *listen_pid = NULL;
- bool do_socket_activation = false;
char *cwd = getcwd (NULL, 0);
sigset_t sigset, oldsigset;
@@ -789,14 +829,6 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re
_exit (EXIT_FAILURE);
}
- listen_pid = getenv("LISTEN_PID");
- listen_fds = getenv("LISTEN_FDS");
-
- if (listen_pid != NULL && listen_fds != NULL)
- {
- if (strtol(listen_pid, NULL, 10) == getpid())
- do_socket_activation = true;
- }
sprintf (uid, "%d", geteuid ());
sprintf (gid, "%d", getegid ());
@@ -814,7 +846,7 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re
{
long num_fds;
- num_fds = strtol (listen_fds, NULL, 10);
+ num_fds = strtol (saved_systemd_listen_fds, NULL, 10);
if (num_fds != LONG_MIN && num_fds != LONG_MAX)
{
int f;
@@ -863,6 +895,8 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re
char s[32];
sprintf (s, "%d", getpid());
setenv ("LISTEN_PID", s, true);
+ setenv ("LISTEN_FDS", saved_systemd_listen_fds, true);
+ setenv ("LISTEN_FDNAMES", saved_systemd_listen_fdnames, true);
}
setenv ("_CONTAINERS_USERNS_CONFIGURED", "init", 1);
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go
index b87375a92..b52e8d100 100644
--- a/pkg/specgen/generate/namespaces.go
+++ b/pkg/specgen/generate/namespaces.go
@@ -157,6 +157,16 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.
case specgen.KeepID:
if rootless.IsRootless() {
toReturn = append(toReturn, libpod.WithAddCurrentUserPasswdEntry())
+
+ // If user is not overridden, set user in the container
+ // to user running Podman.
+ if s.User == "" {
+ _, uid, gid, err := util.GetKeepIDMapping()
+ if err != nil {
+ return nil, err
+ }
+ toReturn = append(toReturn, libpod.WithUser(fmt.Sprintf("%d:%d", uid, gid)))
+ }
} else {
// keep-id as root doesn't need a user namespace
s.UserNS.NSMode = specgen.Host
@@ -236,9 +246,6 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.
case specgen.Private:
fallthrough
case specgen.Bridge:
- if postConfigureNetNS && rootless.IsRootless() {
- return nil, errors.New("CNI networks not supported with user namespaces")
- }
portMappings, err := createPortMappings(ctx, s, img)
if err != nil {
return nil, err
diff --git a/pkg/specgen/generate/pod_create.go b/pkg/specgen/generate/pod_create.go
index 5d7bf1930..20151f016 100644
--- a/pkg/specgen/generate/pod_create.go
+++ b/pkg/specgen/generate/pod_create.go
@@ -4,6 +4,7 @@ import (
"context"
"github.com/containers/podman/v3/libpod"
+ "github.com/containers/podman/v3/pkg/rootless"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -94,8 +95,19 @@ func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod
}
switch p.NetNS.NSMode {
- case specgen.Bridge, specgen.Default, "":
- logrus.Debugf("Pod using default network mode")
+ case specgen.Default, "":
+ if p.NoInfra {
+ logrus.Debugf("No networking because the infra container is missing")
+ break
+ }
+ if rootless.IsRootless() {
+ logrus.Debugf("Pod will use slirp4netns")
+ options = append(options, libpod.WithPodSlirp4netns(p.NetworkOptions))
+ } else {
+ logrus.Debugf("Pod using bridge network mode")
+ }
+ case specgen.Bridge:
+ logrus.Debugf("Pod using bridge network mode")
case specgen.Host:
logrus.Debugf("Pod will use host networking")
options = append(options, libpod.WithPodHostNetwork())
diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at
index 9030f0095..58b2dff0a 100644
--- a/test/apiv2/20-containers.at
+++ b/test/apiv2/20-containers.at
@@ -298,7 +298,7 @@ t POST containers/prune?filters='garb1age}' 500 \
t POST libpod/containers/prune?filters='garb1age}' 500 \
.cause="invalid character 'g' looking for beginning of value"
-## Prune containers with illformed label
+# Prune containers with illformed label
t POST containers/prune?filters='{"label":["tes' 500 \
.cause="unexpected end of JSON input"
t POST libpod/containers/prune?filters='{"label":["tes' 500 \
@@ -306,6 +306,22 @@ t POST libpod/containers/prune?filters='{"label":["tes' 500 \
t GET libpod/containers/json?filters='{"label":["testlabel"]}' 200 length=0
+# libpod api: do not use list filters for prune
+t POST libpod/containers/prune?filters='{"name":["anyname"]}' 500 \
+ .cause="name is an invalid filter"
+t POST libpod/containers/prune?filters='{"id":["anyid"]}' 500 \
+ .cause="id is an invalid filter"
+t POST libpod/containers/prune?filters='{"network":["anynetwork"]}' 500 \
+ .cause="network is an invalid filter"
+
+# compat api: do not use list filters for prune
+t POST containers/prune?filters='{"name":["anyname"]}' 500 \
+ .cause="name is an invalid filter"
+t POST containers/prune?filters='{"id":["anyid"]}' 500 \
+ .cause="id is an invalid filter"
+t POST containers/prune?filters='{"network":["anynetwork"]}' 500 \
+ .cause="network is an invalid filter"
+
# Test CPU limit (NanoCPUs)
t POST containers/create Image=$IMAGE HostConfig='{"NanoCpus":500000}' 201 \
.Id~[0-9a-f]\\{64\\}
diff --git a/test/apiv2/25-containersMore.at b/test/apiv2/25-containersMore.at
index 39bfa2e32..0a049d869 100644
--- a/test/apiv2/25-containersMore.at
+++ b/test/apiv2/25-containersMore.at
@@ -38,7 +38,8 @@ t GET libpod/containers/foo/json 200 \
# List processes of the container
t GET libpod/containers/foo/top 200 \
- length=2
+ length=2 \
+ .Processes[0][7]="top"
# List processes of none such
t GET libpod/containers/nonesuch/top 404
diff --git a/test/apiv2/35-networks.at b/test/apiv2/35-networks.at
index 21840a42d..59947faac 100644
--- a/test/apiv2/35-networks.at
+++ b/test/apiv2/35-networks.at
@@ -106,7 +106,7 @@ t POST libpod/networks/prune?filters='{"label":["tes' 500 \
# prune networks using filter - compat api
t POST networks/prune?filters='{"label":["xyz"]}' 200
-t GET networks/json?filters='{"label":["xyz"]}' 404
+t GET networks?filters='{"label":["xyz"]}' 200 length=0
# prune networks using filter - libpod api
t POST libpod/networks/prune?filters='{"label":["zaq=val"]}' 200
@@ -120,5 +120,26 @@ t DELETE libpod/networks/network2 200 \
.[0].Name~network2 \
.[0].Err=null
+# test until filter - libpod api
+podman network create network5 --label xyz
+
+# with date way back in the past, network should not be deleted
+t POST libpod/networks/prune?filters='{"until":["500000"]}' 200
+t GET libpod/networks/json?filters='{"label":["xyz"]}' 200 length=1
+
+# with date far in the future, network should be deleted
+t POST libpod/networks/prune?filters='{"until":["5000000000"]}' 200
+t GET libpod/networks/json?filters='{"label":["xyz"]}' 200 length=0
+
+# test until filter - compat api
+podman network create network6 --label zaq
+
+# with date way back in the past, network should not be deleted
+t POST networks/prune?filters='{"until":["500000"]}' 200
+t GET networks?filters='{"label":["zaq"]}' 200 length=1
+
+# with date far in the future, network should be deleted
+t POST networks/prune?filters='{"until":["5000000000"]}' 200
+t GET networks?filters='{"label":["zaq"]}' 200 length=0
# vim: filetype=sh
diff --git a/test/compose/mount_and_label/tests.sh b/test/compose/mount_and_label/tests.sh
index 07ff089b5..fa929bed6 100644
--- a/test/compose/mount_and_label/tests.sh
+++ b/test/compose/mount_and_label/tests.sh
@@ -1,4 +1,5 @@
# -*- bash -*-
test_port 5000 = "Podman rulez!"
-podman container inspect -l --format '{{.Config.Labels}}' | grep "the_best"
+podman container inspect -l --format '{{.Config.Labels}}'
+like "$output" "io.podman:the_best" "$testname : Container label is set"
diff --git a/test/compose/test-compose b/test/compose/test-compose
index 9558fbf58..704c71a9f 100755
--- a/test/compose/test-compose
+++ b/test/compose/test-compose
@@ -13,7 +13,8 @@ TEST_ROOTDIR=$(realpath $(dirname $0))
# Podman executable
PODMAN_BIN=$(realpath $TEST_ROOTDIR/../../bin)/podman
-# Local path to docker socket (we will add the unix:/ prefix when we need it)
+# Local path to docker socket with unix prefix
+# The path will be changed for rootless users
DOCKER_SOCK=/var/run/docker.sock
# END stuff you can but probably shouldn't customize
@@ -40,6 +41,13 @@ echo 0 >$failures_file
###############################################################################
# BEGIN infrastructure code - the helper functions used in tests themselves
+#################
+# is_rootless # Check if we run as normal user
+#################
+function is_rootless() {
+ [ "$(id -u)" -ne 0 ]
+}
+
#########
# die # Exit error with a message to stderr
#########
@@ -155,7 +163,7 @@ function test_port() {
local op="$2" # '=' or '~'
local expect="$3" # what to expect from curl output
- local actual=$(curl --retry 5 --retry-connrefused -s http://127.0.0.1:$port/)
+ local actual=$(curl --retry 10 --retry-all-errors -s http://127.0.0.1:$port/)
local curl_rc=$?
if [ $curl_rc -ne 0 ]; then
_show_ok 0 "$testname - curl failed with status $curl_rc"
@@ -179,7 +187,12 @@ function start_service() {
test -x $PODMAN_BIN || die "Not found: $PODMAN_BIN"
# FIXME: use ${testname} subdir but we can't: 50-char limit in runroot
- rm -rf $WORKDIR/{root,runroot,cni}
+ if ! is_rootless; then
+ rm -rf $WORKDIR/{root,runroot,cni}
+ else
+ $PODMAN_BIN unshare rm -rf $WORKDIR/{root,runroot,cni}
+ fi
+ rm -f $DOCKER_SOCK
mkdir --mode 0755 $WORKDIR/{root,runroot,cni}
chcon --reference=/var/lib/containers $WORKDIR/root
cp /etc/cni/net.d/*podman*conflist $WORKDIR/cni/
@@ -190,7 +203,7 @@ function start_service() {
--cgroup-manager=systemd \
--cni-config-dir $WORKDIR/cni \
system service \
- --time 0 unix:/$DOCKER_SOCK \
+ --time 0 unix://$DOCKER_SOCK \
&> $WORKDIR/server.log &
service_pid=$!
@@ -211,10 +224,11 @@ function start_service() {
############
function podman() {
echo "\$ podman $*" >>$WORKDIR/output.log
- $PODMAN_BIN \
+ output=$($PODMAN_BIN \
--root $WORKDIR/root \
--runroot $WORKDIR/runroot \
- "$@" >>$WORKDIR/output.log 2>&1
+ "$@")
+ echo -n "$output" >>$WORKDIR/output.log
}
###################
@@ -239,6 +253,14 @@ done
###############################################################################
# BEGIN entry handler (subtest invoker)
+# When rootless use a socket path accessible by the rootless user
+if is_rootless; then
+ DOCKER_SOCK="$WORKDIR/docker.sock"
+ DOCKER_HOST="unix://$DOCKER_SOCK"
+ # export DOCKER_HOST docker-compose will use it
+ export DOCKER_HOST
+fi
+
# Identify the tests to run. If called with args, use those as globs.
tests_to_run=()
if [ -n "$*" ]; then
@@ -308,7 +330,7 @@ for t in ${tests_to_run[@]}; do
fi
# Done. Clean up.
- docker-compose down &> $logfile
+ docker-compose down &>> $logfile
rc=$?
if [[ $rc -eq 0 ]]; then
_show_ok 1 "$testname - down"
@@ -322,7 +344,11 @@ for t in ${tests_to_run[@]}; do
wait $service_pid
# FIXME: otherwise we get EBUSY
- umount $WORKDIR/root/overlay &>/dev/null
+ if ! is_rootless; then
+ umount $WORKDIR/root/overlay &>/dev/null
+ else
+ $PODMAN_BIN unshare umount $WORKDIR/root/overlay &>/dev/null
+ fi
# FIXME: run 'podman ps'?
# rm -rf $WORKDIR/${testname}
@@ -336,9 +362,13 @@ done
test_count=$(<$testcounter_file)
failure_count=$(<$failures_file)
-#if [ -z "$PODMAN_TESTS_KEEP_WORKDIR" ]; then
-# rm -rf $WORKDIR
-#fi
+if [ -z "$PODMAN_TESTS_KEEP_WORKDIR" ]; then
+ if ! is_rootless; then
+ rm -rf $WORKDIR
+ else
+ $PODMAN_BIN unshare rm -rf $WORKDIR
+ fi
+fi
echo "1..${test_count}"
diff --git a/test/compose/two_networks/Readme.md b/test/compose/two_networks/Readme.md
new file mode 100644
index 000000000..471004f7d
--- /dev/null
+++ b/test/compose/two_networks/Readme.md
@@ -0,0 +1,8 @@
+two networks
+===============
+
+This test checks that we can create containers with more than one network.
+
+Validation
+------------
+* podman container inspect two_networks_con1_1 --format '{{len .NetworkSettings.Networks}}' shows 2
diff --git a/test/compose/two_networks/docker-compose.yml b/test/compose/two_networks/docker-compose.yml
new file mode 100644
index 000000000..686396ccc
--- /dev/null
+++ b/test/compose/two_networks/docker-compose.yml
@@ -0,0 +1,11 @@
+version: '3'
+services:
+ con1:
+ image: alpine
+ command: top
+ networks:
+ - net1
+ - net2
+networks:
+ net1:
+ net2:
diff --git a/test/compose/two_networks/tests.sh b/test/compose/two_networks/tests.sh
new file mode 100644
index 000000000..1cc88aa5f
--- /dev/null
+++ b/test/compose/two_networks/tests.sh
@@ -0,0 +1,7 @@
+# -*- bash -*-
+
+podman container inspect two_networks_con1_1 --format '{{len .NetworkSettings.Networks}}'
+is "$output" "2" "$testname : Container is connected to both networks"
+podman container inspect two_networks_con1_1 --format '{{.NetworkSettings.Networks}}'
+like "$output" "two_networks_net1" "$testname : First network name exists"
+like "$output" "two_networks_net2" "$testname : Second network name exists"
diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go
index 95ed23313..4f337116e 100644
--- a/test/e2e/build_test.go
+++ b/test/e2e/build_test.go
@@ -549,4 +549,21 @@ RUN echo hello`, ALPINE)
inspect.WaitWithDefaultTimeout()
Expect(inspect.OutputToString()).To(Equal("1970-01-01 00:00:00 +0000 UTC"))
})
+
+ It("podman build --log-rusage", func() {
+ targetPath, err := CreateTempDirInTempDir()
+ Expect(err).To(BeNil())
+
+ containerFile := filepath.Join(targetPath, "Containerfile")
+ content := `FROM scratch`
+
+ Expect(ioutil.WriteFile(containerFile, []byte(content), 0755)).To(BeNil())
+
+ session := podmanTest.Podman([]string{"build", "--log-rusage", "--pull-never", targetPath})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("(system)"))
+ Expect(session.OutputToString()).To(ContainSubstring("(user)"))
+ Expect(session.OutputToString()).To(ContainSubstring("(elapsed)"))
+ })
})
diff --git a/test/e2e/exec_test.go b/test/e2e/exec_test.go
index df86eab15..e6f63a391 100644
--- a/test/e2e/exec_test.go
+++ b/test/e2e/exec_test.go
@@ -119,6 +119,19 @@ var _ = Describe("Podman exec", func() {
Expect(session.ExitCode()).To(Equal(100))
})
+ It("podman exec in keep-id container drops privileges", func() {
+ SkipIfNotRootless("This function is not enabled for rootful podman")
+ ctrName := "testctr1"
+ testCtr := podmanTest.Podman([]string{"run", "-d", "--name", ctrName, "--userns=keep-id", ALPINE, "top"})
+ testCtr.WaitWithDefaultTimeout()
+ Expect(testCtr.ExitCode()).To(Equal(0))
+
+ session := podmanTest.Podman([]string{"exec", ctrName, "grep", "CapEff", "/proc/self/status"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ Expect(session.OutputToString()).To(ContainSubstring("0000000000000000"))
+ })
+
It("podman exec --privileged", func() {
session := podmanTest.Podman([]string{"run", "--privileged", "--rm", ALPINE, "sh", "-c", "grep ^CapBnd /proc/self/status | cut -f 2"})
session.WaitWithDefaultTimeout()
@@ -143,7 +156,6 @@ var _ = Describe("Podman exec", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(ContainSubstring(bndPerms))
-
})
It("podman exec --privileged", func() {
diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go
index e9a7b421f..6974c7614 100644
--- a/test/e2e/network_connect_disconnect_test.go
+++ b/test/e2e/network_connect_disconnect_test.go
@@ -33,14 +33,12 @@ var _ = Describe("Podman network connect and disconnect", func() {
})
It("bad network name in disconnect should result in error", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
dis := podmanTest.Podman([]string{"network", "disconnect", "foobar", "test"})
dis.WaitWithDefaultTimeout()
Expect(dis.ExitCode()).ToNot(BeZero())
})
It("bad container name in network disconnect should result in error", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
netName := "aliasTest" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", netName})
session.WaitWithDefaultTimeout()
@@ -72,7 +70,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
})
It("podman network disconnect", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
netName := "aliasTest" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", netName})
session.WaitWithDefaultTimeout()
@@ -102,14 +99,12 @@ var _ = Describe("Podman network connect and disconnect", func() {
})
It("bad network name in connect should result in error", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
dis := podmanTest.Podman([]string{"network", "connect", "foobar", "test"})
dis.WaitWithDefaultTimeout()
Expect(dis.ExitCode()).ToNot(BeZero())
})
It("bad container name in network connect should result in error", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
netName := "aliasTest" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", netName})
session.WaitWithDefaultTimeout()
@@ -141,7 +136,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
})
It("podman connect on a container that already is connected to the network should error", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
netName := "aliasTest" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", netName})
session.WaitWithDefaultTimeout()
@@ -159,7 +153,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
It("podman network connect", func() {
SkipIfRemote("This requires a pending PR to be merged before it will work")
- SkipIfRootless("network connect and disconnect are only rootful")
netName := "aliasTest" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", netName})
session.WaitWithDefaultTimeout()
@@ -203,18 +196,23 @@ var _ = Describe("Podman network connect and disconnect", func() {
})
It("podman network connect when not running", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
- netName := "aliasTest" + stringid.GenerateNonCryptoID()
- session := podmanTest.Podman([]string{"network", "create", netName})
+ netName1 := "connect1" + stringid.GenerateNonCryptoID()
+ session := podmanTest.Podman([]string{"network", "create", netName1})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(BeZero())
- defer podmanTest.removeCNINetwork(netName)
+ defer podmanTest.removeCNINetwork(netName1)
- ctr := podmanTest.Podman([]string{"create", "--name", "test", ALPINE, "top"})
+ netName2 := "connect2" + stringid.GenerateNonCryptoID()
+ session = podmanTest.Podman([]string{"network", "create", netName2})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(BeZero())
+ defer podmanTest.removeCNINetwork(netName2)
+
+ ctr := podmanTest.Podman([]string{"create", "--name", "test", "--network", netName1, ALPINE, "top"})
ctr.WaitWithDefaultTimeout()
Expect(ctr.ExitCode()).To(BeZero())
- dis := podmanTest.Podman([]string{"network", "connect", netName, "test"})
+ dis := podmanTest.Podman([]string{"network", "connect", netName2, "test"})
dis.WaitWithDefaultTimeout()
Expect(dis.ExitCode()).To(BeZero())
@@ -286,7 +284,6 @@ var _ = Describe("Podman network connect and disconnect", func() {
})
It("podman network disconnect when not running", func() {
- SkipIfRootless("network connect and disconnect are only rootful")
netName1 := "aliasTest" + stringid.GenerateNonCryptoID()
session := podmanTest.Podman([]string{"network", "create", netName1})
session.WaitWithDefaultTimeout()
diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go
index 0e6e636bc..4c66e2823 100644
--- a/test/e2e/run_networking_test.go
+++ b/test/e2e/run_networking_test.go
@@ -641,22 +641,26 @@ var _ = Describe("Podman run networking", func() {
Expect(run.OutputToString()).To(ContainSubstring(ipAddr))
})
- It("podman rootless fails custom CNI network with --uidmap", func() {
- SkipIfNotRootless("The configuration works with rootless")
-
+ It("podman cni network works across user ns", func() {
netName := stringid.GenerateNonCryptoID()
create := podmanTest.Podman([]string{"network", "create", netName})
create.WaitWithDefaultTimeout()
Expect(create.ExitCode()).To(BeZero())
defer podmanTest.removeCNINetwork(netName)
- run := podmanTest.Podman([]string{"run", "--rm", "--net", netName, "--uidmap", "0:1:4096", ALPINE, "true"})
+ name := "nc-server"
+ run := podmanTest.Podman([]string{"run", "-d", "--name", name, "--net", netName, ALPINE, "nc", "-l", "-p", "8080"})
+ run.WaitWithDefaultTimeout()
+ Expect(run.ExitCode()).To(Equal(0))
+
+ run = podmanTest.Podman([]string{"run", "--rm", "--net", netName, "--uidmap", "0:1:4096", ALPINE, "sh", "-c", fmt.Sprintf("echo podman | nc -w 1 %s.dns.podman 8080", name)})
run.WaitWithDefaultTimeout()
- Expect(run.ExitCode()).To(Equal(125))
+ Expect(run.ExitCode()).To(Equal(0))
- remove := podmanTest.Podman([]string{"network", "rm", netName})
- remove.WaitWithDefaultTimeout()
- Expect(remove.ExitCode()).To(BeZero())
+ log := podmanTest.Podman([]string{"logs", name})
+ log.WaitWithDefaultTimeout()
+ Expect(log.ExitCode()).To(Equal(0))
+ Expect(log.OutputToString()).To(Equal("podman"))
})
It("podman run with new:pod and static-ip", func() {
@@ -762,7 +766,7 @@ var _ = Describe("Podman run networking", func() {
Expect(session.ExitCode()).To(Equal(1))
Expect(session.ErrorToString()).To(ContainSubstring("can't resolve 'con1'"))
- session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, ALPINE, "nslookup", pod2})
+ session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, ALPINE, "nslookup", pod2 + ".dns.podman"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(BeZero())
})
diff --git a/test/system/001-basic.bats b/test/system/001-basic.bats
index d276cfda1..081bb1171 100644
--- a/test/system/001-basic.bats
+++ b/test/system/001-basic.bats
@@ -10,6 +10,13 @@ function setup() {
:
}
+@test "podman --context emits reasonable output" {
+ run_podman 125 --context=swarm version
+ is "$output" "Error: Podman does not support swarm, the only --context value allowed is \"default\"" "--context=default or fail"
+
+ run_podman --context=default version
+}
+
@test "podman version emits reasonable output" {
run_podman version
diff --git a/test/system/005-info.bats b/test/system/005-info.bats
index 7452c1901..c0af2e937 100644
--- a/test/system/005-info.bats
+++ b/test/system/005-info.bats
@@ -53,4 +53,13 @@ store.imageStore.number | 1
}
+@test "podman info --storage-opt='' " {
+ skip_if_remote "--storage-opt flag is not supported for remote"
+ skip_if_rootless "storage opts are required for rootless running"
+ run_podman --storage-opt='' info
+ # Note this will not work in rootless mode, unless you specify
+ # storage-driver=vfs, until we have kernels that support rootless overlay
+ # mounts.
+ is "$output" ".*graphOptions: {}" "output includes graphOptions: {}"
+}
# vim: filetype=sh
diff --git a/test/system/070-build.bats b/test/system/070-build.bats
index e5b68a0d8..5a887c71e 100644
--- a/test/system/070-build.bats
+++ b/test/system/070-build.bats
@@ -712,6 +712,51 @@ EOF
run_podman rmi -f build_test
}
+@test "podman build check_label" {
+ skip_if_no_selinux
+ tmpdir=$PODMAN_TMPDIR/build-test
+ mkdir -p $tmpdir
+ tmpbuilddir=$tmpdir/build
+ mkdir -p $tmpbuilddir
+ dockerfile=$tmpbuilddir/Dockerfile
+ cat >$dockerfile <<EOF
+FROM $IMAGE
+RUN cat /proc/self/attr/current
+EOF
+
+ run_podman build -t build_test --security-opt label=level:s0:c3,c4 --format=docker $tmpbuilddir
+ is "$output" ".*s0:c3,c4STEP 3: COMMIT" "label setting level"
+
+ run_podman rmi -f build_test
+}
+
+@test "podman build check_seccomp_ulimits" {
+ tmpdir=$PODMAN_TMPDIR/build-test
+ mkdir -p $tmpdir
+ tmpbuilddir=$tmpdir/build
+ mkdir -p $tmpbuilddir
+ dockerfile=$tmpbuilddir/Dockerfile
+ cat >$dockerfile <<EOF
+FROM $IMAGE
+RUN grep Seccomp: /proc/self/status |awk '{ print \$1\$2 }'
+RUN grep "Max open files" /proc/self/limits |awk '{ print \$4":"\$5 }'
+EOF
+
+ run_podman build --ulimit nofile=101:102 -t build_test $tmpbuilddir
+ is "$output" ".*Seccomp:2" "setting seccomp"
+ is "$output" ".*101:102" "setting ulimits"
+ run_podman rmi -f build_test
+
+ run_podman build -t build_test --security-opt seccomp=unconfined $tmpbuilddir
+ is "$output" ".*Seccomp:0" "setting seccomp"
+ run_podman rmi -f build_test
+}
+
+@test "podman build --authfile bogus test" {
+ run_podman 125 build --authfile=/tmp/bogus - <<< "from scratch"
+ is "$output" ".*/tmp/bogus: no such file or directory"
+}
+
function teardown() {
# A timeout or other error in 'build' can leave behind stale images
# that podman can't even see and which will cascade into subsequent
diff --git a/test/system/270-socket-activation.bats b/test/system/270-socket-activation.bats
new file mode 100644
index 000000000..25206c6a7
--- /dev/null
+++ b/test/system/270-socket-activation.bats
@@ -0,0 +1,103 @@
+#!/usr/bin/env bats -*- bats -*-
+#
+# Tests podman system service under systemd socket activation
+#
+
+load helpers
+
+SERVICE_NAME="podman_test_$(random_string)"
+
+SYSTEMCTL="systemctl"
+UNIT_DIR="/usr/lib/systemd/system"
+SERVICE_SOCK_ADDR="/run/podman/podman.sock"
+
+if is_rootless; then
+ UNIT_DIR="$HOME/.config/systemd/user"
+ mkdir -p $UNIT_DIR
+
+ SYSTEMCTL="$SYSTEMCTL --user"
+ if [ -z "$XDG_RUNTIME_DIR" ]; then
+ export XDG_RUNTIME_DIR=/run/user/$(id -u)
+ fi
+ SERVICE_SOCK_ADDR="$XDG_RUNTIME_DIR/podman/podman.sock"
+fi
+
+SERVICE_FILE="$UNIT_DIR/$SERVICE_NAME.service"
+SOCKET_FILE="$UNIT_DIR/$SERVICE_NAME.socket"
+
+
+function setup() {
+ skip_if_remote "systemd tests are meaningless over remote"
+
+ basic_setup
+
+ cat > $SERVICE_FILE <<EOF
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-system-service(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=exec
+KillMode=process
+Environment=LOGGING="--log-level=info"
+ExecStart=$PODMAN $LOGGING system service -t 2
+EOF
+ cat > $SOCKET_FILE <<EOF
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-system-service(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+EOF
+
+ # ensure pause die before each test runs
+ if is_rootless; then
+ local pause_pid="$XDG_RUNTIME_DIR/libpod/tmp/pause.pid"
+ if [ -f $pause_pid ]; then
+ kill -9 $(cat $pause_pid) 2> /dev/null
+ rm -f $pause_pid
+ fi
+ fi
+ $SYSTEMCTL start "$SERVICE_NAME.socket"
+}
+
+function teardown() {
+ $SYSTEMCTL stop "$SERVICE_NAME.socket"
+ rm -f "$SERVICE_FILE" "$SOCKET_FILE"
+ $SYSTEMCTL daemon-reload
+ basic_teardown
+}
+
+@test "podman system service - socket activation - no container" {
+ run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR http://podman/libpod/_ping
+ is "$output" "OK" "podman service responses normally"
+}
+
+@test "podman system service - socket activation - exist container " {
+ run_podman run $IMAGE sleep 90
+ run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR http://podman/libpod/_ping
+ is "$output" "OK" "podman service responses normally"
+}
+
+@test "podman system service - socket activation - kill rootless pause " {
+ if ! is_rootless; then
+ skip "root podman no need pause process"
+ fi
+ run_podman run $IMAGE sleep 90
+ local pause_pid="$XDG_RUNTIME_DIR/libpod/tmp/pause.pid"
+ if [ -f $pause_pid ]; then
+ kill -9 $(cat $pause_pid) 2> /dev/null
+ fi
+ run curl -s --max-time 3 --unix-socket $SERVICE_SOCK_ADDR http://podman/libpod/_ping
+ is "$output" "OK" "podman service responses normally"
+}
+
+# vim: filetype=sh
diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats
index 4a2c7b7a4..8a690fb48 100644
--- a/test/system/410-selinux.bats
+++ b/test/system/410-selinux.bats
@@ -191,5 +191,33 @@ function check_label() {
is "$output" "Error.*: \`/proc/thread-self/attr/exec\`: OCI runtime error: unable to assign security attribute" "useful diagnostic"
}
+@test "podman selinux: check relabel" {
+ skip_if_no_selinux
+
+ LABEL="system_u:object_r:tmp_t:s0"
+ tmpdir=$PODMAN_TMPDIR/vol
+ touch $tmpdir
+ chcon -vR ${LABEL} $tmpdir
+ ls -Z $tmpdir
+
+ run_podman run -v $tmpdir:/test $IMAGE cat /proc/self/attr/current
+ level=$(secon -l $output)
+ run ls -dZ ${tmpdir}
+ is "$output" ${LABEL} "No Relabel Correctly"
+
+ run_podman run -v $tmpdir:/test:Z --security-opt label=disable $IMAGE cat /proc/self/attr/current
+ level=$(secon -l $output)
+ run ls -dZ $tmpdir
+ is "$output" ${LABEL} "No Privileged Relabel Correctly"
+
+ run_podman run -v $tmpdir:/test:Z $IMAGE cat /proc/self/attr/current
+ level=$(secon -l $output)
+ run ls -dZ $tmpdir
+ is "$output" "system_u:object_r:container_file_t:$level" "Confined Relabel Correctly"
+
+ run_podman run -v $tmpdir:/test:z $IMAGE cat /proc/self/attr/current
+ run ls -dZ $tmpdir
+ is "$output" "system_u:object_r:container_file_t:s0" "Shared Relabel Correctly"
+}
# vim: filetype=sh
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index 4868ad6a0..804dd46b1 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -143,13 +143,6 @@ load helpers
run_podman network rm $mynetname
run_podman 1 network rm $mynetname
-
- # rootless CNI leaves behind an image pulled by SHA, hence with no tag.
- # Remove it if present; we can only remove it by ID.
- run_podman images --format '{{.Id}}' rootless-cni-infra
- if [ -n "$output" ]; then
- run_podman rmi $output
- fi
}
@test "podman network reload" {
diff --git a/vendor/github.com/coreos/go-systemd/v22/sdjournal/journal.go b/vendor/github.com/coreos/go-systemd/v22/sdjournal/journal.go
index 344016ebe..fb11b1179 100644
--- a/vendor/github.com/coreos/go-systemd/v22/sdjournal/journal.go
+++ b/vendor/github.com/coreos/go-systemd/v22/sdjournal/journal.go
@@ -1155,7 +1155,7 @@ func (j *Journal) GetBootID() (string, error) {
return "", err
}
- id128StringMax := C.ulong(C.SD_ID128_STRING_MAX)
+ id128StringMax := C.size_t(C.SD_ID128_STRING_MAX)
c := (*C.char)(C.malloc(id128StringMax))
defer C.free(unsafe.Pointer(c))
C.my_sd_id128_to_string(sd_id128_to_string, boot_id, c)
diff --git a/vendor/github.com/go-task/slim-sprig/.editorconfig b/vendor/github.com/go-task/slim-sprig/.editorconfig
new file mode 100644
index 000000000..b0c95367e
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/.editorconfig
@@ -0,0 +1,14 @@
+# editorconfig.org
+
+root = true
+
+[*]
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+indent_style = tab
+indent_size = 8
+
+[*.{md,yml,yaml,json}]
+indent_style = space
+indent_size = 2
diff --git a/vendor/github.com/go-task/slim-sprig/.gitattributes b/vendor/github.com/go-task/slim-sprig/.gitattributes
new file mode 100644
index 000000000..176a458f9
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/.gitattributes
@@ -0,0 +1 @@
+* text=auto
diff --git a/vendor/github.com/go-task/slim-sprig/.gitignore b/vendor/github.com/go-task/slim-sprig/.gitignore
new file mode 100644
index 000000000..5e3002f88
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/.gitignore
@@ -0,0 +1,2 @@
+vendor/
+/.glide
diff --git a/vendor/github.com/go-task/slim-sprig/CHANGELOG.md b/vendor/github.com/go-task/slim-sprig/CHANGELOG.md
new file mode 100644
index 000000000..61d8ebffc
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/CHANGELOG.md
@@ -0,0 +1,364 @@
+# Changelog
+
+## Release 3.2.0 (2020-12-14)
+
+### Added
+
+- #211: Added randInt function (thanks @kochurovro)
+- #223: Added fromJson and mustFromJson functions (thanks @mholt)
+- #242: Added a bcrypt function (thanks @robbiet480)
+- #253: Added randBytes function (thanks @MikaelSmith)
+- #254: Added dig function for dicts (thanks @nyarly)
+- #257: Added regexQuoteMeta for quoting regex metadata (thanks @rheaton)
+- #261: Added filepath functions osBase, osDir, osExt, osClean, osIsAbs (thanks @zugl)
+- #268: Added and and all functions for testing conditions (thanks @phuslu)
+- #181: Added float64 arithmetic addf, add1f, subf, divf, mulf, maxf, and minf
+ (thanks @andrewmostello)
+- #265: Added chunk function to split array into smaller arrays (thanks @karelbilek)
+- #270: Extend certificate functions to handle non-RSA keys + add support for
+ ed25519 keys (thanks @misberner)
+
+### Changed
+
+- Removed testing and support for Go 1.12. ed25519 support requires Go 1.13 or newer
+- Using semver 3.1.1 and mergo 0.3.11
+
+### Fixed
+
+- #249: Fix htmlDateInZone example (thanks @spawnia)
+
+NOTE: The dependency github.com/imdario/mergo reverted the breaking change in
+0.3.9 via 0.3.10 release.
+
+## Release 3.1.0 (2020-04-16)
+
+NOTE: The dependency github.com/imdario/mergo made a behavior change in 0.3.9
+that impacts sprig functionality. Do not use sprig with a version newer than 0.3.8.
+
+### Added
+
+- #225: Added support for generating htpasswd hash (thanks @rustycl0ck)
+- #224: Added duration filter (thanks @frebib)
+- #205: Added `seq` function (thanks @thadc23)
+
+### Changed
+
+- #203: Unlambda functions with correct signature (thanks @muesli)
+- #236: Updated the license formatting for GitHub display purposes
+- #238: Updated package dependency versions. Note, mergo not updated to 0.3.9
+ as it causes a breaking change for sprig. That issue is tracked at
+ https://github.com/imdario/mergo/issues/139
+
+### Fixed
+
+- #229: Fix `seq` example in docs (thanks @kalmant)
+
+## Release 3.0.2 (2019-12-13)
+
+### Fixed
+
+- #220: Updating to semver v3.0.3 to fix issue with <= ranges
+- #218: fix typo elyptical->elliptic in ecdsa key description (thanks @laverya)
+
+## Release 3.0.1 (2019-12-08)
+
+### Fixed
+
+- #212: Updated semver fixing broken constraint checking with ^0.0
+
+## Release 3.0.0 (2019-10-02)
+
+### Added
+
+- #187: Added durationRound function (thanks @yjp20)
+- #189: Added numerous template functions that return errors rather than panic (thanks @nrvnrvn)
+- #193: Added toRawJson support (thanks @Dean-Coakley)
+- #197: Added get support to dicts (thanks @Dean-Coakley)
+
+### Changed
+
+- #186: Moving dependency management to Go modules
+- #186: Updated semver to v3. This has changes in the way ^ is handled
+- #194: Updated documentation on merging and how it copies. Added example using deepCopy
+- #196: trunc now supports negative values (thanks @Dean-Coakley)
+
+## Release 2.22.0 (2019-10-02)
+
+### Added
+
+- #173: Added getHostByName function to resolve dns names to ips (thanks @fcgravalos)
+- #195: Added deepCopy function for use with dicts
+
+### Changed
+
+- Updated merge and mergeOverwrite documentation to explain copying and how to
+ use deepCopy with it
+
+## Release 2.21.0 (2019-09-18)
+
+### Added
+
+- #122: Added encryptAES/decryptAES functions (thanks @n0madic)
+- #128: Added toDecimal support (thanks @Dean-Coakley)
+- #169: Added list contcat (thanks @astorath)
+- #174: Added deepEqual function (thanks @bonifaido)
+- #170: Added url parse and join functions (thanks @astorath)
+
+### Changed
+
+- #171: Updated glide config for Google UUID to v1 and to add ranges to semver and testify
+
+### Fixed
+
+- #172: Fix semver wildcard example (thanks @piepmatz)
+- #175: Fix dateInZone doc example (thanks @s3than)
+
+## Release 2.20.0 (2019-06-18)
+
+### Added
+
+- #164: Adding function to get unix epoch for a time (@mattfarina)
+- #166: Adding tests for date_in_zone (@mattfarina)
+
+### Changed
+
+- #144: Fix function comments based on best practices from Effective Go (@CodeLingoTeam)
+- #150: Handles pointer type for time.Time in "htmlDate" (@mapreal19)
+- #161, #157, #160, #153, #158, #156, #155, #159, #152 documentation updates (@badeadan)
+
+### Fixed
+
+## Release 2.19.0 (2019-03-02)
+
+IMPORTANT: This release reverts a change from 2.18.0
+
+In the previous release (2.18), we prematurely merged a partial change to the crypto functions that led to creating two sets of crypto functions (I blame @technosophos -- since that's me). This release rolls back that change, and does what was originally intended: It alters the existing crypto functions to use secure random.
+
+We debated whether this classifies as a change worthy of major revision, but given the proximity to the last release, we have decided that treating 2.18 as a faulty release is the correct course of action. We apologize for any inconvenience.
+
+### Changed
+
+- Fix substr panic 35fb796 (Alexey igrychev)
+- Remove extra period 1eb7729 (Matthew Lorimor)
+- Make random string functions use crypto by default 6ceff26 (Matthew Lorimor)
+- README edits/fixes/suggestions 08fe136 (Lauri Apple)
+
+
+## Release 2.18.0 (2019-02-12)
+
+### Added
+
+- Added mergeOverwrite function
+- cryptographic functions that use secure random (see fe1de12)
+
+### Changed
+
+- Improve documentation of regexMatch function, resolves #139 90b89ce (Jan Tagscherer)
+- Handle has for nil list 9c10885 (Daniel Cohen)
+- Document behaviour of mergeOverwrite fe0dbe9 (Lukas Rieder)
+- doc: adds missing documentation. 4b871e6 (Fernandez Ludovic)
+- Replace outdated goutils imports 01893d2 (Matthew Lorimor)
+- Surface crypto secure random strings from goutils fe1de12 (Matthew Lorimor)
+- Handle untyped nil values as paramters to string functions 2b2ec8f (Morten Torkildsen)
+
+### Fixed
+
+- Fix dict merge issue and provide mergeOverwrite .dst .src1 to overwrite from src -> dst 4c59c12 (Lukas Rieder)
+- Fix substr var names and comments d581f80 (Dean Coakley)
+- Fix substr documentation 2737203 (Dean Coakley)
+
+## Release 2.17.1 (2019-01-03)
+
+### Fixed
+
+The 2.17.0 release did not have a version pinned for xstrings, which caused compilation failures when xstrings < 1.2 was used. This adds the correct version string to glide.yaml.
+
+## Release 2.17.0 (2019-01-03)
+
+### Added
+
+- adds alder32sum function and test 6908fc2 (marshallford)
+- Added kebabcase function ca331a1 (Ilyes512)
+
+### Changed
+
+- Update goutils to 1.1.0 4e1125d (Matt Butcher)
+
+### Fixed
+
+- Fix 'has' documentation e3f2a85 (dean-coakley)
+- docs(dict): fix typo in pick example dc424f9 (Dustin Specker)
+- fixes spelling errors... not sure how that happened 4cf188a (marshallford)
+
+## Release 2.16.0 (2018-08-13)
+
+### Added
+
+- add splitn function fccb0b0 (Helgi Þorbjörnsson)
+- Add slice func df28ca7 (gongdo)
+- Generate serial number a3bdffd (Cody Coons)
+- Extract values of dict with values function df39312 (Lawrence Jones)
+
+### Changed
+
+- Modify panic message for list.slice ae38335 (gongdo)
+- Minor improvement in code quality - Removed an unreachable piece of code at defaults.go#L26:6 - Resolve formatting issues. 5834241 (Abhishek Kashyap)
+- Remove duplicated documentation 1d97af1 (Matthew Fisher)
+- Test on go 1.11 49df809 (Helgi Þormar Þorbjörnsson)
+
+### Fixed
+
+- Fix file permissions c5f40b5 (gongdo)
+- Fix example for buildCustomCert 7779e0d (Tin Lam)
+
+## Release 2.15.0 (2018-04-02)
+
+### Added
+
+- #68 and #69: Add json helpers to docs (thanks @arunvelsriram)
+- #66: Add ternary function (thanks @binoculars)
+- #67: Allow keys function to take multiple dicts (thanks @binoculars)
+- #89: Added sha1sum to crypto function (thanks @benkeil)
+- #81: Allow customizing Root CA that used by genSignedCert (thanks @chenzhiwei)
+- #92: Add travis testing for go 1.10
+- #93: Adding appveyor config for windows testing
+
+### Changed
+
+- #90: Updating to more recent dependencies
+- #73: replace satori/go.uuid with google/uuid (thanks @petterw)
+
+### Fixed
+
+- #76: Fixed documentation typos (thanks @Thiht)
+- Fixed rounding issue on the `ago` function. Note, the removes support for Go 1.8 and older
+
+## Release 2.14.1 (2017-12-01)
+
+### Fixed
+
+- #60: Fix typo in function name documentation (thanks @neil-ca-moore)
+- #61: Removing line with {{ due to blocking github pages genertion
+- #64: Update the list functions to handle int, string, and other slices for compatibility
+
+## Release 2.14.0 (2017-10-06)
+
+This new version of Sprig adds a set of functions for generating and working with SSL certificates.
+
+- `genCA` generates an SSL Certificate Authority
+- `genSelfSignedCert` generates an SSL self-signed certificate
+- `genSignedCert` generates an SSL certificate and key based on a given CA
+
+## Release 2.13.0 (2017-09-18)
+
+This release adds new functions, including:
+
+- `regexMatch`, `regexFindAll`, `regexFind`, `regexReplaceAll`, `regexReplaceAllLiteral`, and `regexSplit` to work with regular expressions
+- `floor`, `ceil`, and `round` math functions
+- `toDate` converts a string to a date
+- `nindent` is just like `indent` but also prepends a new line
+- `ago` returns the time from `time.Now`
+
+### Added
+
+- #40: Added basic regex functionality (thanks @alanquillin)
+- #41: Added ceil floor and round functions (thanks @alanquillin)
+- #48: Added toDate function (thanks @andreynering)
+- #50: Added nindent function (thanks @binoculars)
+- #46: Added ago function (thanks @slayer)
+
+### Changed
+
+- #51: Updated godocs to include new string functions (thanks @curtisallen)
+- #49: Added ability to merge multiple dicts (thanks @binoculars)
+
+## Release 2.12.0 (2017-05-17)
+
+- `snakecase`, `camelcase`, and `shuffle` are three new string functions
+- `fail` allows you to bail out of a template render when conditions are not met
+
+## Release 2.11.0 (2017-05-02)
+
+- Added `toJson` and `toPrettyJson`
+- Added `merge`
+- Refactored documentation
+
+## Release 2.10.0 (2017-03-15)
+
+- Added `semver` and `semverCompare` for Semantic Versions
+- `list` replaces `tuple`
+- Fixed issue with `join`
+- Added `first`, `last`, `intial`, `rest`, `prepend`, `append`, `toString`, `toStrings`, `sortAlpha`, `reverse`, `coalesce`, `pluck`, `pick`, `compact`, `keys`, `omit`, `uniq`, `has`, `without`
+
+## Release 2.9.0 (2017-02-23)
+
+- Added `splitList` to split a list
+- Added crypto functions of `genPrivateKey` and `derivePassword`
+
+## Release 2.8.0 (2016-12-21)
+
+- Added access to several path functions (`base`, `dir`, `clean`, `ext`, and `abs`)
+- Added functions for _mutating_ dictionaries (`set`, `unset`, `hasKey`)
+
+## Release 2.7.0 (2016-12-01)
+
+- Added `sha256sum` to generate a hash of an input
+- Added functions to convert a numeric or string to `int`, `int64`, `float64`
+
+## Release 2.6.0 (2016-10-03)
+
+- Added a `uuidv4` template function for generating UUIDs inside of a template.
+
+## Release 2.5.0 (2016-08-19)
+
+- New `trimSuffix`, `trimPrefix`, `hasSuffix`, and `hasPrefix` functions
+- New aliases have been added for a few functions that didn't follow the naming conventions (`trimAll` and `abbrevBoth`)
+- `trimall` and `abbrevboth` (notice the case) are deprecated and will be removed in 3.0.0
+
+## Release 2.4.0 (2016-08-16)
+
+- Adds two functions: `until` and `untilStep`
+
+## Release 2.3.0 (2016-06-21)
+
+- cat: Concatenate strings with whitespace separators.
+- replace: Replace parts of a string: `replace " " "-" "Me First"` renders "Me-First"
+- plural: Format plurals: `len "foo" | plural "one foo" "many foos"` renders "many foos"
+- indent: Indent blocks of text in a way that is sensitive to "\n" characters.
+
+## Release 2.2.0 (2016-04-21)
+
+- Added a `genPrivateKey` function (Thanks @bacongobbler)
+
+## Release 2.1.0 (2016-03-30)
+
+- `default` now prints the default value when it does not receive a value down the pipeline. It is much safer now to do `{{.Foo | default "bar"}}`.
+- Added accessors for "hermetic" functions. These return only functions that, when given the same input, produce the same output.
+
+## Release 2.0.0 (2016-03-29)
+
+Because we switched from `int` to `int64` as the return value for all integer math functions, the library's major version number has been incremented.
+
+- `min` complements `max` (formerly `biggest`)
+- `empty` indicates that a value is the empty value for its type
+- `tuple` creates a tuple inside of a template: `{{$t := tuple "a", "b" "c"}}`
+- `dict` creates a dictionary inside of a template `{{$d := dict "key1" "val1" "key2" "val2"}}`
+- Date formatters have been added for HTML dates (as used in `date` input fields)
+- Integer math functions can convert from a number of types, including `string` (via `strconv.ParseInt`).
+
+## Release 1.2.0 (2016-02-01)
+
+- Added quote and squote
+- Added b32enc and b32dec
+- add now takes varargs
+- biggest now takes varargs
+
+## Release 1.1.0 (2015-12-29)
+
+- Added #4: Added contains function. strings.Contains, but with the arguments
+ switched to simplify common pipelines. (thanks krancour)
+- Added Travis-CI testing support
+
+## Release 1.0.0 (2015-12-23)
+
+- Initial release
diff --git a/vendor/github.com/go-task/slim-sprig/LICENSE.txt b/vendor/github.com/go-task/slim-sprig/LICENSE.txt
new file mode 100644
index 000000000..f311b1eaa
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/LICENSE.txt
@@ -0,0 +1,19 @@
+Copyright (C) 2013-2020 Masterminds
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
diff --git a/vendor/github.com/go-task/slim-sprig/README.md b/vendor/github.com/go-task/slim-sprig/README.md
new file mode 100644
index 000000000..72579471f
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/README.md
@@ -0,0 +1,73 @@
+# Slim-Sprig: Template functions for Go templates [![GoDoc](https://godoc.org/github.com/go-task/slim-sprig?status.svg)](https://godoc.org/github.com/go-task/slim-sprig) [![Go Report Card](https://goreportcard.com/badge/github.com/go-task/slim-sprig)](https://goreportcard.com/report/github.com/go-task/slim-sprig)
+
+Slim-Sprig is a fork of [Sprig](https://github.com/Masterminds/sprig), but with
+all functions that depend on external (non standard library) or crypto packages
+removed.
+The reason for this is to make this library more lightweight. Most of these
+functions (specially crypto ones) are not needed on most apps, but costs a lot
+in terms of binary size and compilation time.
+
+## Usage
+
+**Template developers**: Please use Slim-Sprig's [function documentation](https://go-task.github.io/slim-sprig/) for
+detailed instructions and code snippets for the >100 template functions available.
+
+**Go developers**: If you'd like to include Slim-Sprig as a library in your program,
+our API documentation is available [at GoDoc.org](http://godoc.org/github.com/go-task/slim-sprig).
+
+For standard usage, read on.
+
+### Load the Slim-Sprig library
+
+To load the Slim-Sprig `FuncMap`:
+
+```go
+
+import (
+ "html/template"
+
+ "github.com/go-task/slim-sprig"
+)
+
+// This example illustrates that the FuncMap *must* be set before the
+// templates themselves are loaded.
+tpl := template.Must(
+ template.New("base").Funcs(sprig.FuncMap()).ParseGlob("*.html")
+)
+```
+
+### Calling the functions inside of templates
+
+By convention, all functions are lowercase. This seems to follow the Go
+idiom for template functions (as opposed to template methods, which are
+TitleCase). For example, this:
+
+```
+{{ "hello!" | upper | repeat 5 }}
+```
+
+produces this:
+
+```
+HELLO!HELLO!HELLO!HELLO!HELLO!
+```
+
+## Principles Driving Our Function Selection
+
+We followed these principles to decide which functions to add and how to implement them:
+
+- Use template functions to build layout. The following
+ types of operations are within the domain of template functions:
+ - Formatting
+ - Layout
+ - Simple type conversions
+ - Utilities that assist in handling common formatting and layout needs (e.g. arithmetic)
+- Template functions should not return errors unless there is no way to print
+ a sensible value. For example, converting a string to an integer should not
+ produce an error if conversion fails. Instead, it should display a default
+ value.
+- Simple math is necessary for grid layouts, pagers, and so on. Complex math
+ (anything other than arithmetic) should be done outside of templates.
+- Template functions only deal with the data passed into them. They never retrieve
+ data from a source.
+- Finally, do not override core Go template functions.
diff --git a/vendor/github.com/go-task/slim-sprig/Taskfile.yml b/vendor/github.com/go-task/slim-sprig/Taskfile.yml
new file mode 100644
index 000000000..cdcfd223b
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/Taskfile.yml
@@ -0,0 +1,12 @@
+# https://taskfile.dev
+
+version: '2'
+
+tasks:
+ default:
+ cmds:
+ - task: test
+
+ test:
+ cmds:
+ - go test -v .
diff --git a/vendor/github.com/go-task/slim-sprig/crypto.go b/vendor/github.com/go-task/slim-sprig/crypto.go
new file mode 100644
index 000000000..d06e516d4
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/crypto.go
@@ -0,0 +1,24 @@
+package sprig
+
+import (
+ "crypto/sha1"
+ "crypto/sha256"
+ "encoding/hex"
+ "fmt"
+ "hash/adler32"
+)
+
+func sha256sum(input string) string {
+ hash := sha256.Sum256([]byte(input))
+ return hex.EncodeToString(hash[:])
+}
+
+func sha1sum(input string) string {
+ hash := sha1.Sum([]byte(input))
+ return hex.EncodeToString(hash[:])
+}
+
+func adler32sum(input string) string {
+ hash := adler32.Checksum([]byte(input))
+ return fmt.Sprintf("%d", hash)
+}
diff --git a/vendor/github.com/go-task/slim-sprig/date.go b/vendor/github.com/go-task/slim-sprig/date.go
new file mode 100644
index 000000000..ed022ddac
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/date.go
@@ -0,0 +1,152 @@
+package sprig
+
+import (
+ "strconv"
+ "time"
+)
+
+// Given a format and a date, format the date string.
+//
+// Date can be a `time.Time` or an `int, int32, int64`.
+// In the later case, it is treated as seconds since UNIX
+// epoch.
+func date(fmt string, date interface{}) string {
+ return dateInZone(fmt, date, "Local")
+}
+
+func htmlDate(date interface{}) string {
+ return dateInZone("2006-01-02", date, "Local")
+}
+
+func htmlDateInZone(date interface{}, zone string) string {
+ return dateInZone("2006-01-02", date, zone)
+}
+
+func dateInZone(fmt string, date interface{}, zone string) string {
+ var t time.Time
+ switch date := date.(type) {
+ default:
+ t = time.Now()
+ case time.Time:
+ t = date
+ case *time.Time:
+ t = *date
+ case int64:
+ t = time.Unix(date, 0)
+ case int:
+ t = time.Unix(int64(date), 0)
+ case int32:
+ t = time.Unix(int64(date), 0)
+ }
+
+ loc, err := time.LoadLocation(zone)
+ if err != nil {
+ loc, _ = time.LoadLocation("UTC")
+ }
+
+ return t.In(loc).Format(fmt)
+}
+
+func dateModify(fmt string, date time.Time) time.Time {
+ d, err := time.ParseDuration(fmt)
+ if err != nil {
+ return date
+ }
+ return date.Add(d)
+}
+
+func mustDateModify(fmt string, date time.Time) (time.Time, error) {
+ d, err := time.ParseDuration(fmt)
+ if err != nil {
+ return time.Time{}, err
+ }
+ return date.Add(d), nil
+}
+
+func dateAgo(date interface{}) string {
+ var t time.Time
+
+ switch date := date.(type) {
+ default:
+ t = time.Now()
+ case time.Time:
+ t = date
+ case int64:
+ t = time.Unix(date, 0)
+ case int:
+ t = time.Unix(int64(date), 0)
+ }
+ // Drop resolution to seconds
+ duration := time.Since(t).Round(time.Second)
+ return duration.String()
+}
+
+func duration(sec interface{}) string {
+ var n int64
+ switch value := sec.(type) {
+ default:
+ n = 0
+ case string:
+ n, _ = strconv.ParseInt(value, 10, 64)
+ case int64:
+ n = value
+ }
+ return (time.Duration(n) * time.Second).String()
+}
+
+func durationRound(duration interface{}) string {
+ var d time.Duration
+ switch duration := duration.(type) {
+ default:
+ d = 0
+ case string:
+ d, _ = time.ParseDuration(duration)
+ case int64:
+ d = time.Duration(duration)
+ case time.Time:
+ d = time.Since(duration)
+ }
+
+ u := uint64(d)
+ neg := d < 0
+ if neg {
+ u = -u
+ }
+
+ var (
+ year = uint64(time.Hour) * 24 * 365
+ month = uint64(time.Hour) * 24 * 30
+ day = uint64(time.Hour) * 24
+ hour = uint64(time.Hour)
+ minute = uint64(time.Minute)
+ second = uint64(time.Second)
+ )
+ switch {
+ case u > year:
+ return strconv.FormatUint(u/year, 10) + "y"
+ case u > month:
+ return strconv.FormatUint(u/month, 10) + "mo"
+ case u > day:
+ return strconv.FormatUint(u/day, 10) + "d"
+ case u > hour:
+ return strconv.FormatUint(u/hour, 10) + "h"
+ case u > minute:
+ return strconv.FormatUint(u/minute, 10) + "m"
+ case u > second:
+ return strconv.FormatUint(u/second, 10) + "s"
+ }
+ return "0s"
+}
+
+func toDate(fmt, str string) time.Time {
+ t, _ := time.ParseInLocation(fmt, str, time.Local)
+ return t
+}
+
+func mustToDate(fmt, str string) (time.Time, error) {
+ return time.ParseInLocation(fmt, str, time.Local)
+}
+
+func unixEpoch(date time.Time) string {
+ return strconv.FormatInt(date.Unix(), 10)
+}
diff --git a/vendor/github.com/go-task/slim-sprig/defaults.go b/vendor/github.com/go-task/slim-sprig/defaults.go
new file mode 100644
index 000000000..b9f979666
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/defaults.go
@@ -0,0 +1,163 @@
+package sprig
+
+import (
+ "bytes"
+ "encoding/json"
+ "math/rand"
+ "reflect"
+ "strings"
+ "time"
+)
+
+func init() {
+ rand.Seed(time.Now().UnixNano())
+}
+
+// dfault checks whether `given` is set, and returns default if not set.
+//
+// This returns `d` if `given` appears not to be set, and `given` otherwise.
+//
+// For numeric types 0 is unset.
+// For strings, maps, arrays, and slices, len() = 0 is considered unset.
+// For bool, false is unset.
+// Structs are never considered unset.
+//
+// For everything else, including pointers, a nil value is unset.
+func dfault(d interface{}, given ...interface{}) interface{} {
+
+ if empty(given) || empty(given[0]) {
+ return d
+ }
+ return given[0]
+}
+
+// empty returns true if the given value has the zero value for its type.
+func empty(given interface{}) bool {
+ g := reflect.ValueOf(given)
+ if !g.IsValid() {
+ return true
+ }
+
+ // Basically adapted from text/template.isTrue
+ switch g.Kind() {
+ default:
+ return g.IsNil()
+ case reflect.Array, reflect.Slice, reflect.Map, reflect.String:
+ return g.Len() == 0
+ case reflect.Bool:
+ return !g.Bool()
+ case reflect.Complex64, reflect.Complex128:
+ return g.Complex() == 0
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ return g.Int() == 0
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ return g.Uint() == 0
+ case reflect.Float32, reflect.Float64:
+ return g.Float() == 0
+ case reflect.Struct:
+ return false
+ }
+}
+
+// coalesce returns the first non-empty value.
+func coalesce(v ...interface{}) interface{} {
+ for _, val := range v {
+ if !empty(val) {
+ return val
+ }
+ }
+ return nil
+}
+
+// all returns true if empty(x) is false for all values x in the list.
+// If the list is empty, return true.
+func all(v ...interface{}) bool {
+ for _, val := range v {
+ if empty(val) {
+ return false
+ }
+ }
+ return true
+}
+
+// any returns true if empty(x) is false for any x in the list.
+// If the list is empty, return false.
+func any(v ...interface{}) bool {
+ for _, val := range v {
+ if !empty(val) {
+ return true
+ }
+ }
+ return false
+}
+
+// fromJson decodes JSON into a structured value, ignoring errors.
+func fromJson(v string) interface{} {
+ output, _ := mustFromJson(v)
+ return output
+}
+
+// mustFromJson decodes JSON into a structured value, returning errors.
+func mustFromJson(v string) (interface{}, error) {
+ var output interface{}
+ err := json.Unmarshal([]byte(v), &output)
+ return output, err
+}
+
+// toJson encodes an item into a JSON string
+func toJson(v interface{}) string {
+ output, _ := json.Marshal(v)
+ return string(output)
+}
+
+func mustToJson(v interface{}) (string, error) {
+ output, err := json.Marshal(v)
+ if err != nil {
+ return "", err
+ }
+ return string(output), nil
+}
+
+// toPrettyJson encodes an item into a pretty (indented) JSON string
+func toPrettyJson(v interface{}) string {
+ output, _ := json.MarshalIndent(v, "", " ")
+ return string(output)
+}
+
+func mustToPrettyJson(v interface{}) (string, error) {
+ output, err := json.MarshalIndent(v, "", " ")
+ if err != nil {
+ return "", err
+ }
+ return string(output), nil
+}
+
+// toRawJson encodes an item into a JSON string with no escaping of HTML characters.
+func toRawJson(v interface{}) string {
+ output, err := mustToRawJson(v)
+ if err != nil {
+ panic(err)
+ }
+ return string(output)
+}
+
+// mustToRawJson encodes an item into a JSON string with no escaping of HTML characters.
+func mustToRawJson(v interface{}) (string, error) {
+ buf := new(bytes.Buffer)
+ enc := json.NewEncoder(buf)
+ enc.SetEscapeHTML(false)
+ err := enc.Encode(&v)
+ if err != nil {
+ return "", err
+ }
+ return strings.TrimSuffix(buf.String(), "\n"), nil
+}
+
+// ternary returns the first value if the last value is true, otherwise returns the second value.
+func ternary(vt interface{}, vf interface{}, v bool) interface{} {
+ if v {
+ return vt
+ }
+
+ return vf
+}
diff --git a/vendor/github.com/go-task/slim-sprig/dict.go b/vendor/github.com/go-task/slim-sprig/dict.go
new file mode 100644
index 000000000..77ebc61b1
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/dict.go
@@ -0,0 +1,118 @@
+package sprig
+
+func get(d map[string]interface{}, key string) interface{} {
+ if val, ok := d[key]; ok {
+ return val
+ }
+ return ""
+}
+
+func set(d map[string]interface{}, key string, value interface{}) map[string]interface{} {
+ d[key] = value
+ return d
+}
+
+func unset(d map[string]interface{}, key string) map[string]interface{} {
+ delete(d, key)
+ return d
+}
+
+func hasKey(d map[string]interface{}, key string) bool {
+ _, ok := d[key]
+ return ok
+}
+
+func pluck(key string, d ...map[string]interface{}) []interface{} {
+ res := []interface{}{}
+ for _, dict := range d {
+ if val, ok := dict[key]; ok {
+ res = append(res, val)
+ }
+ }
+ return res
+}
+
+func keys(dicts ...map[string]interface{}) []string {
+ k := []string{}
+ for _, dict := range dicts {
+ for key := range dict {
+ k = append(k, key)
+ }
+ }
+ return k
+}
+
+func pick(dict map[string]interface{}, keys ...string) map[string]interface{} {
+ res := map[string]interface{}{}
+ for _, k := range keys {
+ if v, ok := dict[k]; ok {
+ res[k] = v
+ }
+ }
+ return res
+}
+
+func omit(dict map[string]interface{}, keys ...string) map[string]interface{} {
+ res := map[string]interface{}{}
+
+ omit := make(map[string]bool, len(keys))
+ for _, k := range keys {
+ omit[k] = true
+ }
+
+ for k, v := range dict {
+ if _, ok := omit[k]; !ok {
+ res[k] = v
+ }
+ }
+ return res
+}
+
+func dict(v ...interface{}) map[string]interface{} {
+ dict := map[string]interface{}{}
+ lenv := len(v)
+ for i := 0; i < lenv; i += 2 {
+ key := strval(v[i])
+ if i+1 >= lenv {
+ dict[key] = ""
+ continue
+ }
+ dict[key] = v[i+1]
+ }
+ return dict
+}
+
+func values(dict map[string]interface{}) []interface{} {
+ values := []interface{}{}
+ for _, value := range dict {
+ values = append(values, value)
+ }
+
+ return values
+}
+
+func dig(ps ...interface{}) (interface{}, error) {
+ if len(ps) < 3 {
+ panic("dig needs at least three arguments")
+ }
+ dict := ps[len(ps)-1].(map[string]interface{})
+ def := ps[len(ps)-2]
+ ks := make([]string, len(ps)-2)
+ for i := 0; i < len(ks); i++ {
+ ks[i] = ps[i].(string)
+ }
+
+ return digFromDict(dict, def, ks)
+}
+
+func digFromDict(dict map[string]interface{}, d interface{}, ks []string) (interface{}, error) {
+ k, ns := ks[0], ks[1:len(ks)]
+ step, has := dict[k]
+ if !has {
+ return d, nil
+ }
+ if len(ns) == 0 {
+ return step, nil
+ }
+ return digFromDict(step.(map[string]interface{}), d, ns)
+}
diff --git a/vendor/github.com/go-task/slim-sprig/doc.go b/vendor/github.com/go-task/slim-sprig/doc.go
new file mode 100644
index 000000000..aabb9d448
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/doc.go
@@ -0,0 +1,19 @@
+/*
+Package sprig provides template functions for Go.
+
+This package contains a number of utility functions for working with data
+inside of Go `html/template` and `text/template` files.
+
+To add these functions, use the `template.Funcs()` method:
+
+ t := templates.New("foo").Funcs(sprig.FuncMap())
+
+Note that you should add the function map before you parse any template files.
+
+ In several cases, Sprig reverses the order of arguments from the way they
+ appear in the standard library. This is to make it easier to pipe
+ arguments into functions.
+
+See http://masterminds.github.io/sprig/ for more detailed documentation on each of the available functions.
+*/
+package sprig
diff --git a/vendor/github.com/go-task/slim-sprig/functions.go b/vendor/github.com/go-task/slim-sprig/functions.go
new file mode 100644
index 000000000..5ea74f899
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/functions.go
@@ -0,0 +1,317 @@
+package sprig
+
+import (
+ "errors"
+ "html/template"
+ "math/rand"
+ "os"
+ "path"
+ "path/filepath"
+ "reflect"
+ "strconv"
+ "strings"
+ ttemplate "text/template"
+ "time"
+)
+
+// FuncMap produces the function map.
+//
+// Use this to pass the functions into the template engine:
+//
+// tpl := template.New("foo").Funcs(sprig.FuncMap()))
+//
+func FuncMap() template.FuncMap {
+ return HtmlFuncMap()
+}
+
+// HermeticTxtFuncMap returns a 'text/template'.FuncMap with only repeatable functions.
+func HermeticTxtFuncMap() ttemplate.FuncMap {
+ r := TxtFuncMap()
+ for _, name := range nonhermeticFunctions {
+ delete(r, name)
+ }
+ return r
+}
+
+// HermeticHtmlFuncMap returns an 'html/template'.Funcmap with only repeatable functions.
+func HermeticHtmlFuncMap() template.FuncMap {
+ r := HtmlFuncMap()
+ for _, name := range nonhermeticFunctions {
+ delete(r, name)
+ }
+ return r
+}
+
+// TxtFuncMap returns a 'text/template'.FuncMap
+func TxtFuncMap() ttemplate.FuncMap {
+ return ttemplate.FuncMap(GenericFuncMap())
+}
+
+// HtmlFuncMap returns an 'html/template'.Funcmap
+func HtmlFuncMap() template.FuncMap {
+ return template.FuncMap(GenericFuncMap())
+}
+
+// GenericFuncMap returns a copy of the basic function map as a map[string]interface{}.
+func GenericFuncMap() map[string]interface{} {
+ gfm := make(map[string]interface{}, len(genericMap))
+ for k, v := range genericMap {
+ gfm[k] = v
+ }
+ return gfm
+}
+
+// These functions are not guaranteed to evaluate to the same result for given input, because they
+// refer to the environment or global state.
+var nonhermeticFunctions = []string{
+ // Date functions
+ "date",
+ "date_in_zone",
+ "date_modify",
+ "now",
+ "htmlDate",
+ "htmlDateInZone",
+ "dateInZone",
+ "dateModify",
+
+ // Strings
+ "randAlphaNum",
+ "randAlpha",
+ "randAscii",
+ "randNumeric",
+ "randBytes",
+ "uuidv4",
+
+ // OS
+ "env",
+ "expandenv",
+
+ // Network
+ "getHostByName",
+}
+
+var genericMap = map[string]interface{}{
+ "hello": func() string { return "Hello!" },
+
+ // Date functions
+ "ago": dateAgo,
+ "date": date,
+ "date_in_zone": dateInZone,
+ "date_modify": dateModify,
+ "dateInZone": dateInZone,
+ "dateModify": dateModify,
+ "duration": duration,
+ "durationRound": durationRound,
+ "htmlDate": htmlDate,
+ "htmlDateInZone": htmlDateInZone,
+ "must_date_modify": mustDateModify,
+ "mustDateModify": mustDateModify,
+ "mustToDate": mustToDate,
+ "now": time.Now,
+ "toDate": toDate,
+ "unixEpoch": unixEpoch,
+
+ // Strings
+ "trunc": trunc,
+ "trim": strings.TrimSpace,
+ "upper": strings.ToUpper,
+ "lower": strings.ToLower,
+ "title": strings.Title,
+ "substr": substring,
+ // Switch order so that "foo" | repeat 5
+ "repeat": func(count int, str string) string { return strings.Repeat(str, count) },
+ // Deprecated: Use trimAll.
+ "trimall": func(a, b string) string { return strings.Trim(b, a) },
+ // Switch order so that "$foo" | trimall "$"
+ "trimAll": func(a, b string) string { return strings.Trim(b, a) },
+ "trimSuffix": func(a, b string) string { return strings.TrimSuffix(b, a) },
+ "trimPrefix": func(a, b string) string { return strings.TrimPrefix(b, a) },
+ // Switch order so that "foobar" | contains "foo"
+ "contains": func(substr string, str string) bool { return strings.Contains(str, substr) },
+ "hasPrefix": func(substr string, str string) bool { return strings.HasPrefix(str, substr) },
+ "hasSuffix": func(substr string, str string) bool { return strings.HasSuffix(str, substr) },
+ "quote": quote,
+ "squote": squote,
+ "cat": cat,
+ "indent": indent,
+ "nindent": nindent,
+ "replace": replace,
+ "plural": plural,
+ "sha1sum": sha1sum,
+ "sha256sum": sha256sum,
+ "adler32sum": adler32sum,
+ "toString": strval,
+
+ // Wrap Atoi to stop errors.
+ "atoi": func(a string) int { i, _ := strconv.Atoi(a); return i },
+ "int64": toInt64,
+ "int": toInt,
+ "float64": toFloat64,
+ "seq": seq,
+ "toDecimal": toDecimal,
+
+ //"gt": func(a, b int) bool {return a > b},
+ //"gte": func(a, b int) bool {return a >= b},
+ //"lt": func(a, b int) bool {return a < b},
+ //"lte": func(a, b int) bool {return a <= b},
+
+ // split "/" foo/bar returns map[int]string{0: foo, 1: bar}
+ "split": split,
+ "splitList": func(sep, orig string) []string { return strings.Split(orig, sep) },
+ // splitn "/" foo/bar/fuu returns map[int]string{0: foo, 1: bar/fuu}
+ "splitn": splitn,
+ "toStrings": strslice,
+
+ "until": until,
+ "untilStep": untilStep,
+
+ // VERY basic arithmetic.
+ "add1": func(i interface{}) int64 { return toInt64(i) + 1 },
+ "add": func(i ...interface{}) int64 {
+ var a int64 = 0
+ for _, b := range i {
+ a += toInt64(b)
+ }
+ return a
+ },
+ "sub": func(a, b interface{}) int64 { return toInt64(a) - toInt64(b) },
+ "div": func(a, b interface{}) int64 { return toInt64(a) / toInt64(b) },
+ "mod": func(a, b interface{}) int64 { return toInt64(a) % toInt64(b) },
+ "mul": func(a interface{}, v ...interface{}) int64 {
+ val := toInt64(a)
+ for _, b := range v {
+ val = val * toInt64(b)
+ }
+ return val
+ },
+ "randInt": func(min, max int) int { return rand.Intn(max-min) + min },
+ "biggest": max,
+ "max": max,
+ "min": min,
+ "maxf": maxf,
+ "minf": minf,
+ "ceil": ceil,
+ "floor": floor,
+ "round": round,
+
+ // string slices. Note that we reverse the order b/c that's better
+ // for template processing.
+ "join": join,
+ "sortAlpha": sortAlpha,
+
+ // Defaults
+ "default": dfault,
+ "empty": empty,
+ "coalesce": coalesce,
+ "all": all,
+ "any": any,
+ "compact": compact,
+ "mustCompact": mustCompact,
+ "fromJson": fromJson,
+ "toJson": toJson,
+ "toPrettyJson": toPrettyJson,
+ "toRawJson": toRawJson,
+ "mustFromJson": mustFromJson,
+ "mustToJson": mustToJson,
+ "mustToPrettyJson": mustToPrettyJson,
+ "mustToRawJson": mustToRawJson,
+ "ternary": ternary,
+
+ // Reflection
+ "typeOf": typeOf,
+ "typeIs": typeIs,
+ "typeIsLike": typeIsLike,
+ "kindOf": kindOf,
+ "kindIs": kindIs,
+ "deepEqual": reflect.DeepEqual,
+
+ // OS:
+ "env": os.Getenv,
+ "expandenv": os.ExpandEnv,
+
+ // Network:
+ "getHostByName": getHostByName,
+
+ // Paths:
+ "base": path.Base,
+ "dir": path.Dir,
+ "clean": path.Clean,
+ "ext": path.Ext,
+ "isAbs": path.IsAbs,
+
+ // Filepaths:
+ "osBase": filepath.Base,
+ "osClean": filepath.Clean,
+ "osDir": filepath.Dir,
+ "osExt": filepath.Ext,
+ "osIsAbs": filepath.IsAbs,
+
+ // Encoding:
+ "b64enc": base64encode,
+ "b64dec": base64decode,
+ "b32enc": base32encode,
+ "b32dec": base32decode,
+
+ // Data Structures:
+ "tuple": list, // FIXME: with the addition of append/prepend these are no longer immutable.
+ "list": list,
+ "dict": dict,
+ "get": get,
+ "set": set,
+ "unset": unset,
+ "hasKey": hasKey,
+ "pluck": pluck,
+ "keys": keys,
+ "pick": pick,
+ "omit": omit,
+ "values": values,
+
+ "append": push, "push": push,
+ "mustAppend": mustPush, "mustPush": mustPush,
+ "prepend": prepend,
+ "mustPrepend": mustPrepend,
+ "first": first,
+ "mustFirst": mustFirst,
+ "rest": rest,
+ "mustRest": mustRest,
+ "last": last,
+ "mustLast": mustLast,
+ "initial": initial,
+ "mustInitial": mustInitial,
+ "reverse": reverse,
+ "mustReverse": mustReverse,
+ "uniq": uniq,
+ "mustUniq": mustUniq,
+ "without": without,
+ "mustWithout": mustWithout,
+ "has": has,
+ "mustHas": mustHas,
+ "slice": slice,
+ "mustSlice": mustSlice,
+ "concat": concat,
+ "dig": dig,
+ "chunk": chunk,
+ "mustChunk": mustChunk,
+
+ // Flow Control:
+ "fail": func(msg string) (string, error) { return "", errors.New(msg) },
+
+ // Regex
+ "regexMatch": regexMatch,
+ "mustRegexMatch": mustRegexMatch,
+ "regexFindAll": regexFindAll,
+ "mustRegexFindAll": mustRegexFindAll,
+ "regexFind": regexFind,
+ "mustRegexFind": mustRegexFind,
+ "regexReplaceAll": regexReplaceAll,
+ "mustRegexReplaceAll": mustRegexReplaceAll,
+ "regexReplaceAllLiteral": regexReplaceAllLiteral,
+ "mustRegexReplaceAllLiteral": mustRegexReplaceAllLiteral,
+ "regexSplit": regexSplit,
+ "mustRegexSplit": mustRegexSplit,
+ "regexQuoteMeta": regexQuoteMeta,
+
+ // URLs:
+ "urlParse": urlParse,
+ "urlJoin": urlJoin,
+}
diff --git a/vendor/github.com/go-task/slim-sprig/go.mod b/vendor/github.com/go-task/slim-sprig/go.mod
new file mode 100644
index 000000000..d90a221be
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/go.mod
@@ -0,0 +1,8 @@
+module github.com/go-task/slim-sprig
+
+go 1.13
+
+require (
+ github.com/davecgh/go-spew v1.1.1 // indirect
+ github.com/stretchr/testify v1.5.1
+)
diff --git a/vendor/github.com/go-task/slim-sprig/go.sum b/vendor/github.com/go-task/slim-sprig/go.sum
new file mode 100644
index 000000000..256ef8493
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/go.sum
@@ -0,0 +1,22 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
diff --git a/vendor/github.com/go-task/slim-sprig/list.go b/vendor/github.com/go-task/slim-sprig/list.go
new file mode 100644
index 000000000..ca0fbb789
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/list.go
@@ -0,0 +1,464 @@
+package sprig
+
+import (
+ "fmt"
+ "math"
+ "reflect"
+ "sort"
+)
+
+// Reflection is used in these functions so that slices and arrays of strings,
+// ints, and other types not implementing []interface{} can be worked with.
+// For example, this is useful if you need to work on the output of regexs.
+
+func list(v ...interface{}) []interface{} {
+ return v
+}
+
+func push(list interface{}, v interface{}) []interface{} {
+ l, err := mustPush(list, v)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustPush(list interface{}, v interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ nl := make([]interface{}, l)
+ for i := 0; i < l; i++ {
+ nl[i] = l2.Index(i).Interface()
+ }
+
+ return append(nl, v), nil
+
+ default:
+ return nil, fmt.Errorf("Cannot push on type %s", tp)
+ }
+}
+
+func prepend(list interface{}, v interface{}) []interface{} {
+ l, err := mustPrepend(list, v)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustPrepend(list interface{}, v interface{}) ([]interface{}, error) {
+ //return append([]interface{}{v}, list...)
+
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ nl := make([]interface{}, l)
+ for i := 0; i < l; i++ {
+ nl[i] = l2.Index(i).Interface()
+ }
+
+ return append([]interface{}{v}, nl...), nil
+
+ default:
+ return nil, fmt.Errorf("Cannot prepend on type %s", tp)
+ }
+}
+
+func chunk(size int, list interface{}) [][]interface{} {
+ l, err := mustChunk(size, list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustChunk(size int, list interface{}) ([][]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+
+ cs := int(math.Floor(float64(l-1)/float64(size)) + 1)
+ nl := make([][]interface{}, cs)
+
+ for i := 0; i < cs; i++ {
+ clen := size
+ if i == cs-1 {
+ clen = int(math.Floor(math.Mod(float64(l), float64(size))))
+ if clen == 0 {
+ clen = size
+ }
+ }
+
+ nl[i] = make([]interface{}, clen)
+
+ for j := 0; j < clen; j++ {
+ ix := i*size + j
+ nl[i][j] = l2.Index(ix).Interface()
+ }
+ }
+
+ return nl, nil
+
+ default:
+ return nil, fmt.Errorf("Cannot chunk type %s", tp)
+ }
+}
+
+func last(list interface{}) interface{} {
+ l, err := mustLast(list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustLast(list interface{}) (interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ if l == 0 {
+ return nil, nil
+ }
+
+ return l2.Index(l - 1).Interface(), nil
+ default:
+ return nil, fmt.Errorf("Cannot find last on type %s", tp)
+ }
+}
+
+func first(list interface{}) interface{} {
+ l, err := mustFirst(list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustFirst(list interface{}) (interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ if l == 0 {
+ return nil, nil
+ }
+
+ return l2.Index(0).Interface(), nil
+ default:
+ return nil, fmt.Errorf("Cannot find first on type %s", tp)
+ }
+}
+
+func rest(list interface{}) []interface{} {
+ l, err := mustRest(list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustRest(list interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ if l == 0 {
+ return nil, nil
+ }
+
+ nl := make([]interface{}, l-1)
+ for i := 1; i < l; i++ {
+ nl[i-1] = l2.Index(i).Interface()
+ }
+
+ return nl, nil
+ default:
+ return nil, fmt.Errorf("Cannot find rest on type %s", tp)
+ }
+}
+
+func initial(list interface{}) []interface{} {
+ l, err := mustInitial(list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustInitial(list interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ if l == 0 {
+ return nil, nil
+ }
+
+ nl := make([]interface{}, l-1)
+ for i := 0; i < l-1; i++ {
+ nl[i] = l2.Index(i).Interface()
+ }
+
+ return nl, nil
+ default:
+ return nil, fmt.Errorf("Cannot find initial on type %s", tp)
+ }
+}
+
+func sortAlpha(list interface{}) []string {
+ k := reflect.Indirect(reflect.ValueOf(list)).Kind()
+ switch k {
+ case reflect.Slice, reflect.Array:
+ a := strslice(list)
+ s := sort.StringSlice(a)
+ s.Sort()
+ return s
+ }
+ return []string{strval(list)}
+}
+
+func reverse(v interface{}) []interface{} {
+ l, err := mustReverse(v)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustReverse(v interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(v).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(v)
+
+ l := l2.Len()
+ // We do not sort in place because the incoming array should not be altered.
+ nl := make([]interface{}, l)
+ for i := 0; i < l; i++ {
+ nl[l-i-1] = l2.Index(i).Interface()
+ }
+
+ return nl, nil
+ default:
+ return nil, fmt.Errorf("Cannot find reverse on type %s", tp)
+ }
+}
+
+func compact(list interface{}) []interface{} {
+ l, err := mustCompact(list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustCompact(list interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ nl := []interface{}{}
+ var item interface{}
+ for i := 0; i < l; i++ {
+ item = l2.Index(i).Interface()
+ if !empty(item) {
+ nl = append(nl, item)
+ }
+ }
+
+ return nl, nil
+ default:
+ return nil, fmt.Errorf("Cannot compact on type %s", tp)
+ }
+}
+
+func uniq(list interface{}) []interface{} {
+ l, err := mustUniq(list)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustUniq(list interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ dest := []interface{}{}
+ var item interface{}
+ for i := 0; i < l; i++ {
+ item = l2.Index(i).Interface()
+ if !inList(dest, item) {
+ dest = append(dest, item)
+ }
+ }
+
+ return dest, nil
+ default:
+ return nil, fmt.Errorf("Cannot find uniq on type %s", tp)
+ }
+}
+
+func inList(haystack []interface{}, needle interface{}) bool {
+ for _, h := range haystack {
+ if reflect.DeepEqual(needle, h) {
+ return true
+ }
+ }
+ return false
+}
+
+func without(list interface{}, omit ...interface{}) []interface{} {
+ l, err := mustWithout(list, omit...)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustWithout(list interface{}, omit ...interface{}) ([]interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ res := []interface{}{}
+ var item interface{}
+ for i := 0; i < l; i++ {
+ item = l2.Index(i).Interface()
+ if !inList(omit, item) {
+ res = append(res, item)
+ }
+ }
+
+ return res, nil
+ default:
+ return nil, fmt.Errorf("Cannot find without on type %s", tp)
+ }
+}
+
+func has(needle interface{}, haystack interface{}) bool {
+ l, err := mustHas(needle, haystack)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustHas(needle interface{}, haystack interface{}) (bool, error) {
+ if haystack == nil {
+ return false, nil
+ }
+ tp := reflect.TypeOf(haystack).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(haystack)
+ var item interface{}
+ l := l2.Len()
+ for i := 0; i < l; i++ {
+ item = l2.Index(i).Interface()
+ if reflect.DeepEqual(needle, item) {
+ return true, nil
+ }
+ }
+
+ return false, nil
+ default:
+ return false, fmt.Errorf("Cannot find has on type %s", tp)
+ }
+}
+
+// $list := [1, 2, 3, 4, 5]
+// slice $list -> list[0:5] = list[:]
+// slice $list 0 3 -> list[0:3] = list[:3]
+// slice $list 3 5 -> list[3:5]
+// slice $list 3 -> list[3:5] = list[3:]
+func slice(list interface{}, indices ...interface{}) interface{} {
+ l, err := mustSlice(list, indices...)
+ if err != nil {
+ panic(err)
+ }
+
+ return l
+}
+
+func mustSlice(list interface{}, indices ...interface{}) (interface{}, error) {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+
+ l := l2.Len()
+ if l == 0 {
+ return nil, nil
+ }
+
+ var start, end int
+ if len(indices) > 0 {
+ start = toInt(indices[0])
+ }
+ if len(indices) < 2 {
+ end = l
+ } else {
+ end = toInt(indices[1])
+ }
+
+ return l2.Slice(start, end).Interface(), nil
+ default:
+ return nil, fmt.Errorf("list should be type of slice or array but %s", tp)
+ }
+}
+
+func concat(lists ...interface{}) interface{} {
+ var res []interface{}
+ for _, list := range lists {
+ tp := reflect.TypeOf(list).Kind()
+ switch tp {
+ case reflect.Slice, reflect.Array:
+ l2 := reflect.ValueOf(list)
+ for i := 0; i < l2.Len(); i++ {
+ res = append(res, l2.Index(i).Interface())
+ }
+ default:
+ panic(fmt.Sprintf("Cannot concat type %s as list", tp))
+ }
+ }
+ return res
+}
diff --git a/vendor/github.com/go-task/slim-sprig/network.go b/vendor/github.com/go-task/slim-sprig/network.go
new file mode 100644
index 000000000..108d78a94
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/network.go
@@ -0,0 +1,12 @@
+package sprig
+
+import (
+ "math/rand"
+ "net"
+)
+
+func getHostByName(name string) string {
+ addrs, _ := net.LookupHost(name)
+ //TODO: add error handing when release v3 comes out
+ return addrs[rand.Intn(len(addrs))]
+}
diff --git a/vendor/github.com/go-task/slim-sprig/numeric.go b/vendor/github.com/go-task/slim-sprig/numeric.go
new file mode 100644
index 000000000..98cbb37a1
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/numeric.go
@@ -0,0 +1,228 @@
+package sprig
+
+import (
+ "fmt"
+ "math"
+ "reflect"
+ "strconv"
+ "strings"
+)
+
+// toFloat64 converts 64-bit floats
+func toFloat64(v interface{}) float64 {
+ if str, ok := v.(string); ok {
+ iv, err := strconv.ParseFloat(str, 64)
+ if err != nil {
+ return 0
+ }
+ return iv
+ }
+
+ val := reflect.Indirect(reflect.ValueOf(v))
+ switch val.Kind() {
+ case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
+ return float64(val.Int())
+ case reflect.Uint8, reflect.Uint16, reflect.Uint32:
+ return float64(val.Uint())
+ case reflect.Uint, reflect.Uint64:
+ return float64(val.Uint())
+ case reflect.Float32, reflect.Float64:
+ return val.Float()
+ case reflect.Bool:
+ if val.Bool() {
+ return 1
+ }
+ return 0
+ default:
+ return 0
+ }
+}
+
+func toInt(v interface{}) int {
+ //It's not optimal. Bud I don't want duplicate toInt64 code.
+ return int(toInt64(v))
+}
+
+// toInt64 converts integer types to 64-bit integers
+func toInt64(v interface{}) int64 {
+ if str, ok := v.(string); ok {
+ iv, err := strconv.ParseInt(str, 10, 64)
+ if err != nil {
+ return 0
+ }
+ return iv
+ }
+
+ val := reflect.Indirect(reflect.ValueOf(v))
+ switch val.Kind() {
+ case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
+ return val.Int()
+ case reflect.Uint8, reflect.Uint16, reflect.Uint32:
+ return int64(val.Uint())
+ case reflect.Uint, reflect.Uint64:
+ tv := val.Uint()
+ if tv <= math.MaxInt64 {
+ return int64(tv)
+ }
+ // TODO: What is the sensible thing to do here?
+ return math.MaxInt64
+ case reflect.Float32, reflect.Float64:
+ return int64(val.Float())
+ case reflect.Bool:
+ if val.Bool() {
+ return 1
+ }
+ return 0
+ default:
+ return 0
+ }
+}
+
+func max(a interface{}, i ...interface{}) int64 {
+ aa := toInt64(a)
+ for _, b := range i {
+ bb := toInt64(b)
+ if bb > aa {
+ aa = bb
+ }
+ }
+ return aa
+}
+
+func maxf(a interface{}, i ...interface{}) float64 {
+ aa := toFloat64(a)
+ for _, b := range i {
+ bb := toFloat64(b)
+ aa = math.Max(aa, bb)
+ }
+ return aa
+}
+
+func min(a interface{}, i ...interface{}) int64 {
+ aa := toInt64(a)
+ for _, b := range i {
+ bb := toInt64(b)
+ if bb < aa {
+ aa = bb
+ }
+ }
+ return aa
+}
+
+func minf(a interface{}, i ...interface{}) float64 {
+ aa := toFloat64(a)
+ for _, b := range i {
+ bb := toFloat64(b)
+ aa = math.Min(aa, bb)
+ }
+ return aa
+}
+
+func until(count int) []int {
+ step := 1
+ if count < 0 {
+ step = -1
+ }
+ return untilStep(0, count, step)
+}
+
+func untilStep(start, stop, step int) []int {
+ v := []int{}
+
+ if stop < start {
+ if step >= 0 {
+ return v
+ }
+ for i := start; i > stop; i += step {
+ v = append(v, i)
+ }
+ return v
+ }
+
+ if step <= 0 {
+ return v
+ }
+ for i := start; i < stop; i += step {
+ v = append(v, i)
+ }
+ return v
+}
+
+func floor(a interface{}) float64 {
+ aa := toFloat64(a)
+ return math.Floor(aa)
+}
+
+func ceil(a interface{}) float64 {
+ aa := toFloat64(a)
+ return math.Ceil(aa)
+}
+
+func round(a interface{}, p int, rOpt ...float64) float64 {
+ roundOn := .5
+ if len(rOpt) > 0 {
+ roundOn = rOpt[0]
+ }
+ val := toFloat64(a)
+ places := toFloat64(p)
+
+ var round float64
+ pow := math.Pow(10, places)
+ digit := pow * val
+ _, div := math.Modf(digit)
+ if div >= roundOn {
+ round = math.Ceil(digit)
+ } else {
+ round = math.Floor(digit)
+ }
+ return round / pow
+}
+
+// converts unix octal to decimal
+func toDecimal(v interface{}) int64 {
+ result, err := strconv.ParseInt(fmt.Sprint(v), 8, 64)
+ if err != nil {
+ return 0
+ }
+ return result
+}
+
+func seq(params ...int) string {
+ increment := 1
+ switch len(params) {
+ case 0:
+ return ""
+ case 1:
+ start := 1
+ end := params[0]
+ if end < start {
+ increment = -1
+ }
+ return intArrayToString(untilStep(start, end+increment, increment), " ")
+ case 3:
+ start := params[0]
+ end := params[2]
+ step := params[1]
+ if end < start {
+ increment = -1
+ if step > 0 {
+ return ""
+ }
+ }
+ return intArrayToString(untilStep(start, end+increment, step), " ")
+ case 2:
+ start := params[0]
+ end := params[1]
+ step := 1
+ if end < start {
+ step = -1
+ }
+ return intArrayToString(untilStep(start, end+step, step), " ")
+ default:
+ return ""
+ }
+}
+
+func intArrayToString(slice []int, delimeter string) string {
+ return strings.Trim(strings.Join(strings.Fields(fmt.Sprint(slice)), delimeter), "[]")
+}
diff --git a/vendor/github.com/go-task/slim-sprig/reflect.go b/vendor/github.com/go-task/slim-sprig/reflect.go
new file mode 100644
index 000000000..8a65c132f
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/reflect.go
@@ -0,0 +1,28 @@
+package sprig
+
+import (
+ "fmt"
+ "reflect"
+)
+
+// typeIs returns true if the src is the type named in target.
+func typeIs(target string, src interface{}) bool {
+ return target == typeOf(src)
+}
+
+func typeIsLike(target string, src interface{}) bool {
+ t := typeOf(src)
+ return target == t || "*"+target == t
+}
+
+func typeOf(src interface{}) string {
+ return fmt.Sprintf("%T", src)
+}
+
+func kindIs(target string, src interface{}) bool {
+ return target == kindOf(src)
+}
+
+func kindOf(src interface{}) string {
+ return reflect.ValueOf(src).Kind().String()
+}
diff --git a/vendor/github.com/go-task/slim-sprig/regex.go b/vendor/github.com/go-task/slim-sprig/regex.go
new file mode 100644
index 000000000..fab551018
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/regex.go
@@ -0,0 +1,83 @@
+package sprig
+
+import (
+ "regexp"
+)
+
+func regexMatch(regex string, s string) bool {
+ match, _ := regexp.MatchString(regex, s)
+ return match
+}
+
+func mustRegexMatch(regex string, s string) (bool, error) {
+ return regexp.MatchString(regex, s)
+}
+
+func regexFindAll(regex string, s string, n int) []string {
+ r := regexp.MustCompile(regex)
+ return r.FindAllString(s, n)
+}
+
+func mustRegexFindAll(regex string, s string, n int) ([]string, error) {
+ r, err := regexp.Compile(regex)
+ if err != nil {
+ return []string{}, err
+ }
+ return r.FindAllString(s, n), nil
+}
+
+func regexFind(regex string, s string) string {
+ r := regexp.MustCompile(regex)
+ return r.FindString(s)
+}
+
+func mustRegexFind(regex string, s string) (string, error) {
+ r, err := regexp.Compile(regex)
+ if err != nil {
+ return "", err
+ }
+ return r.FindString(s), nil
+}
+
+func regexReplaceAll(regex string, s string, repl string) string {
+ r := regexp.MustCompile(regex)
+ return r.ReplaceAllString(s, repl)
+}
+
+func mustRegexReplaceAll(regex string, s string, repl string) (string, error) {
+ r, err := regexp.Compile(regex)
+ if err != nil {
+ return "", err
+ }
+ return r.ReplaceAllString(s, repl), nil
+}
+
+func regexReplaceAllLiteral(regex string, s string, repl string) string {
+ r := regexp.MustCompile(regex)
+ return r.ReplaceAllLiteralString(s, repl)
+}
+
+func mustRegexReplaceAllLiteral(regex string, s string, repl string) (string, error) {
+ r, err := regexp.Compile(regex)
+ if err != nil {
+ return "", err
+ }
+ return r.ReplaceAllLiteralString(s, repl), nil
+}
+
+func regexSplit(regex string, s string, n int) []string {
+ r := regexp.MustCompile(regex)
+ return r.Split(s, n)
+}
+
+func mustRegexSplit(regex string, s string, n int) ([]string, error) {
+ r, err := regexp.Compile(regex)
+ if err != nil {
+ return []string{}, err
+ }
+ return r.Split(s, n), nil
+}
+
+func regexQuoteMeta(s string) string {
+ return regexp.QuoteMeta(s)
+}
diff --git a/vendor/github.com/go-task/slim-sprig/strings.go b/vendor/github.com/go-task/slim-sprig/strings.go
new file mode 100644
index 000000000..3c62d6b6f
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/strings.go
@@ -0,0 +1,189 @@
+package sprig
+
+import (
+ "encoding/base32"
+ "encoding/base64"
+ "fmt"
+ "reflect"
+ "strconv"
+ "strings"
+)
+
+func base64encode(v string) string {
+ return base64.StdEncoding.EncodeToString([]byte(v))
+}
+
+func base64decode(v string) string {
+ data, err := base64.StdEncoding.DecodeString(v)
+ if err != nil {
+ return err.Error()
+ }
+ return string(data)
+}
+
+func base32encode(v string) string {
+ return base32.StdEncoding.EncodeToString([]byte(v))
+}
+
+func base32decode(v string) string {
+ data, err := base32.StdEncoding.DecodeString(v)
+ if err != nil {
+ return err.Error()
+ }
+ return string(data)
+}
+
+func quote(str ...interface{}) string {
+ out := make([]string, 0, len(str))
+ for _, s := range str {
+ if s != nil {
+ out = append(out, fmt.Sprintf("%q", strval(s)))
+ }
+ }
+ return strings.Join(out, " ")
+}
+
+func squote(str ...interface{}) string {
+ out := make([]string, 0, len(str))
+ for _, s := range str {
+ if s != nil {
+ out = append(out, fmt.Sprintf("'%v'", s))
+ }
+ }
+ return strings.Join(out, " ")
+}
+
+func cat(v ...interface{}) string {
+ v = removeNilElements(v)
+ r := strings.TrimSpace(strings.Repeat("%v ", len(v)))
+ return fmt.Sprintf(r, v...)
+}
+
+func indent(spaces int, v string) string {
+ pad := strings.Repeat(" ", spaces)
+ return pad + strings.Replace(v, "\n", "\n"+pad, -1)
+}
+
+func nindent(spaces int, v string) string {
+ return "\n" + indent(spaces, v)
+}
+
+func replace(old, new, src string) string {
+ return strings.Replace(src, old, new, -1)
+}
+
+func plural(one, many string, count int) string {
+ if count == 1 {
+ return one
+ }
+ return many
+}
+
+func strslice(v interface{}) []string {
+ switch v := v.(type) {
+ case []string:
+ return v
+ case []interface{}:
+ b := make([]string, 0, len(v))
+ for _, s := range v {
+ if s != nil {
+ b = append(b, strval(s))
+ }
+ }
+ return b
+ default:
+ val := reflect.ValueOf(v)
+ switch val.Kind() {
+ case reflect.Array, reflect.Slice:
+ l := val.Len()
+ b := make([]string, 0, l)
+ for i := 0; i < l; i++ {
+ value := val.Index(i).Interface()
+ if value != nil {
+ b = append(b, strval(value))
+ }
+ }
+ return b
+ default:
+ if v == nil {
+ return []string{}
+ }
+
+ return []string{strval(v)}
+ }
+ }
+}
+
+func removeNilElements(v []interface{}) []interface{} {
+ newSlice := make([]interface{}, 0, len(v))
+ for _, i := range v {
+ if i != nil {
+ newSlice = append(newSlice, i)
+ }
+ }
+ return newSlice
+}
+
+func strval(v interface{}) string {
+ switch v := v.(type) {
+ case string:
+ return v
+ case []byte:
+ return string(v)
+ case error:
+ return v.Error()
+ case fmt.Stringer:
+ return v.String()
+ default:
+ return fmt.Sprintf("%v", v)
+ }
+}
+
+func trunc(c int, s string) string {
+ if c < 0 && len(s)+c > 0 {
+ return s[len(s)+c:]
+ }
+ if c >= 0 && len(s) > c {
+ return s[:c]
+ }
+ return s
+}
+
+func join(sep string, v interface{}) string {
+ return strings.Join(strslice(v), sep)
+}
+
+func split(sep, orig string) map[string]string {
+ parts := strings.Split(orig, sep)
+ res := make(map[string]string, len(parts))
+ for i, v := range parts {
+ res["_"+strconv.Itoa(i)] = v
+ }
+ return res
+}
+
+func splitn(sep string, n int, orig string) map[string]string {
+ parts := strings.SplitN(orig, sep, n)
+ res := make(map[string]string, len(parts))
+ for i, v := range parts {
+ res["_"+strconv.Itoa(i)] = v
+ }
+ return res
+}
+
+// substring creates a substring of the given string.
+//
+// If start is < 0, this calls string[:end].
+//
+// If start is >= 0 and end < 0 or end bigger than s length, this calls string[start:]
+//
+// Otherwise, this calls string[start, end].
+func substring(start, end int, s string) string {
+ if start < 0 {
+ return s[:end]
+ }
+ if end < 0 || end > len(s) {
+ return s[start:]
+ }
+ return s[start:end]
+}
diff --git a/vendor/github.com/go-task/slim-sprig/url.go b/vendor/github.com/go-task/slim-sprig/url.go
new file mode 100644
index 000000000..b8e120e19
--- /dev/null
+++ b/vendor/github.com/go-task/slim-sprig/url.go
@@ -0,0 +1,66 @@
+package sprig
+
+import (
+ "fmt"
+ "net/url"
+ "reflect"
+)
+
+func dictGetOrEmpty(dict map[string]interface{}, key string) string {
+ value, ok := dict[key]
+ if !ok {
+ return ""
+ }
+ tp := reflect.TypeOf(value).Kind()
+ if tp != reflect.String {
+ panic(fmt.Sprintf("unable to parse %s key, must be of type string, but %s found", key, tp.String()))
+ }
+ return reflect.ValueOf(value).String()
+}
+
+// parses given URL to return dict object
+func urlParse(v string) map[string]interface{} {
+ dict := map[string]interface{}{}
+ parsedURL, err := url.Parse(v)
+ if err != nil {
+ panic(fmt.Sprintf("unable to parse url: %s", err))
+ }
+ dict["scheme"] = parsedURL.Scheme
+ dict["host"] = parsedURL.Host
+ dict["hostname"] = parsedURL.Hostname()
+ dict["path"] = parsedURL.Path
+ dict["query"] = parsedURL.RawQuery
+ dict["opaque"] = parsedURL.Opaque
+ dict["fragment"] = parsedURL.Fragment
+ if parsedURL.User != nil {
+ dict["userinfo"] = parsedURL.User.String()
+ } else {
+ dict["userinfo"] = ""
+ }
+
+ return dict
+}
+
+// join given dict to URL string
+func urlJoin(d map[string]interface{}) string {
+ resURL := url.URL{
+ Scheme: dictGetOrEmpty(d, "scheme"),
+ Host: dictGetOrEmpty(d, "host"),
+ Path: dictGetOrEmpty(d, "path"),
+ RawQuery: dictGetOrEmpty(d, "query"),
+ Opaque: dictGetOrEmpty(d, "opaque"),
+ Fragment: dictGetOrEmpty(d, "fragment"),
+ }
+ userinfo := dictGetOrEmpty(d, "userinfo")
+ var user *url.Userinfo
+ if userinfo != "" {
+ tempURL, err := url.Parse(fmt.Sprintf("proto://%s@host", userinfo))
+ if err != nil {
+ panic(fmt.Sprintf("unable to parse userinfo in dict: %s", err))
+ }
+ user = tempURL.User
+ }
+
+ resURL.User = user
+ return resURL.String()
+}
diff --git a/vendor/github.com/godbus/dbus/v5/.travis.yml b/vendor/github.com/godbus/dbus/v5/.travis.yml
deleted file mode 100644
index dd6767204..000000000
--- a/vendor/github.com/godbus/dbus/v5/.travis.yml
+++ /dev/null
@@ -1,50 +0,0 @@
-dist: bionic
-language: go
-go_import_path: github.com/godbus/dbus
-
-go:
- - 1.11.x
- - 1.12.x
- - 1.13.x
- - tip
-
-matrix:
- fast_finish: true
- allow_failures:
- - go: tip
-
-addons:
- apt:
- packages:
- - dbus
- - dbus-x11
-
-before_install:
- - export GO111MODULE=on
-
-script:
- - go test -v -race -mod=readonly ./... # Run all the tests with the race detector enabled
- - go vet ./... # go vet is the official Go static analyzer
-
-jobs:
- include:
- # The build matrix doesn't cover build stages, so manually expand
- # the jobs with anchors
- - &multiarch
- stage: "Multiarch Test"
- go: 1.11.x
- env: TARGETS="386 arm arm64 ppc64le"
- before_install:
- - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- script:
- - |
- set -e
- for target in $TARGETS; do
- printf "\e[1mRunning test suite under ${target}.\e[0m\n"
- GOARCH="$target" go test -v ./...
- printf "\n\n"
- done
- - <<: *multiarch
- go: 1.12.x
- - <<: *multiarch
- go: 1.13.x
diff --git a/vendor/github.com/godbus/dbus/v5/README.markdown b/vendor/github.com/godbus/dbus/v5/README.markdown
index fd2964875..1fb2eacaa 100644
--- a/vendor/github.com/godbus/dbus/v5/README.markdown
+++ b/vendor/github.com/godbus/dbus/v5/README.markdown
@@ -1,4 +1,4 @@
-[![Build Status](https://travis-ci.org/godbus/dbus.svg?branch=master)](https://travis-ci.org/godbus/dbus)
+![Build Status](https://github.com/godbus/dbus/workflows/Go/badge.svg)
dbus
----
@@ -32,6 +32,8 @@ gives a short overview over the basic usage.
#### Projects using godbus
- [notify](https://github.com/esiqveland/notify) provides desktop notifications over dbus into a library.
- [go-bluetooth](https://github.com/muka/go-bluetooth) provides a bluetooth client over bluez dbus API.
+- [playerbm](https://github.com/altdesktop/playerbm) a bookmark utility for media players.
+- [iwd](https://github.com/shibumi/iwd) go bindings for the internet wireless daemon "iwd".
Please note that the API is considered unstable for now and may change without
further notice.
diff --git a/vendor/github.com/godbus/dbus/v5/auth.go b/vendor/github.com/godbus/dbus/v5/auth.go
index 31abac629..283487a0e 100644
--- a/vendor/github.com/godbus/dbus/v5/auth.go
+++ b/vendor/github.com/godbus/dbus/v5/auth.go
@@ -37,7 +37,7 @@ const (
// Auth defines the behaviour of an authentication mechanism.
type Auth interface {
- // Return the name of the mechnism, the argument to the first AUTH command
+ // Return the name of the mechanism, the argument to the first AUTH command
// and the next status.
FirstData() (name, resp []byte, status AuthStatus)
diff --git a/vendor/github.com/godbus/dbus/v5/call.go b/vendor/github.com/godbus/dbus/v5/call.go
index 2cb189012..b06b06358 100644
--- a/vendor/github.com/godbus/dbus/v5/call.go
+++ b/vendor/github.com/godbus/dbus/v5/call.go
@@ -24,6 +24,15 @@ type Call struct {
// Holds the response once the call is done.
Body []interface{}
+ // ResponseSequence stores the sequence number of the DBus message containing
+ // the call response (or error). This can be compared to the sequence number
+ // of other call responses and signals on this connection to determine their
+ // relative ordering on the underlying DBus connection.
+ // For errors, ResponseSequence is populated only if the error came from a
+ // DBusMessage that was received or if there was an error receiving. In case of
+ // failure to make the call, ResponseSequence will be NoSequence.
+ ResponseSequence Sequence
+
// tracks context and canceler
ctx context.Context
ctxCanceler context.CancelFunc
diff --git a/vendor/github.com/godbus/dbus/v5/conn.go b/vendor/github.com/godbus/dbus/v5/conn.go
index b55bc99c8..29fe018ad 100644
--- a/vendor/github.com/godbus/dbus/v5/conn.go
+++ b/vendor/github.com/godbus/dbus/v5/conn.go
@@ -45,6 +45,7 @@ type Conn struct {
serialGen SerialGenerator
inInt Interceptor
outInt Interceptor
+ auth []Auth
names *nameTracker
calls *callTracker
@@ -59,7 +60,8 @@ type Conn struct {
func SessionBus() (conn *Conn, err error) {
sessionBusLck.Lock()
defer sessionBusLck.Unlock()
- if sessionBus != nil {
+ if sessionBus != nil &&
+ sessionBus.Connected() {
return sessionBus, nil
}
defer func() {
@@ -67,19 +69,7 @@ func SessionBus() (conn *Conn, err error) {
sessionBus = conn
}
}()
- conn, err = SessionBusPrivate()
- if err != nil {
- return
- }
- if err = conn.Auth(nil); err != nil {
- conn.Close()
- conn = nil
- return
- }
- if err = conn.Hello(); err != nil {
- conn.Close()
- conn = nil
- }
+ conn, err = ConnectSessionBus()
return
}
@@ -116,7 +106,8 @@ func SessionBusPrivateHandler(handler Handler, signalHandler SignalHandler) (*Co
func SystemBus() (conn *Conn, err error) {
systemBusLck.Lock()
defer systemBusLck.Unlock()
- if systemBus != nil {
+ if systemBus != nil &&
+ systemBus.Connected() {
return systemBus, nil
}
defer func() {
@@ -124,20 +115,42 @@ func SystemBus() (conn *Conn, err error) {
systemBus = conn
}
}()
- conn, err = SystemBusPrivate()
+ conn, err = ConnectSystemBus()
+ return
+}
+
+// ConnectSessionBus connects to the session bus.
+func ConnectSessionBus(opts ...ConnOption) (*Conn, error) {
+ address, err := getSessionBusAddress()
if err != nil {
- return
+ return nil, err
}
- if err = conn.Auth(nil); err != nil {
- conn.Close()
- conn = nil
- return
+ return Connect(address, opts...)
+}
+
+// ConnectSystemBus connects to the system bus.
+func ConnectSystemBus(opts ...ConnOption) (*Conn, error) {
+ return Connect(getSystemBusPlatformAddress(), opts...)
+}
+
+// Connect connects to the given address.
+//
+// Returned connection is ready to use and doesn't require calling
+// Auth and Hello methods to make it usable.
+func Connect(address string, opts ...ConnOption) (*Conn, error) {
+ conn, err := Dial(address, opts...)
+ if err != nil {
+ return nil, err
+ }
+ if err = conn.Auth(conn.auth); err != nil {
+ _ = conn.Close()
+ return nil, err
}
if err = conn.Hello(); err != nil {
- conn.Close()
- conn = nil
+ _ = conn.Close()
+ return nil, err
}
- return
+ return conn, nil
}
// SystemBusPrivate returns a new private connection to the system bus.
@@ -197,6 +210,14 @@ func WithSerialGenerator(gen SerialGenerator) ConnOption {
}
}
+// WithAuth sets authentication methods for the auth conversation.
+func WithAuth(methods ...Auth) ConnOption {
+ return func(conn *Conn) error {
+ conn.auth = methods
+ return nil
+ }
+}
+
// Interceptor intercepts incoming and outgoing messages.
type Interceptor func(msg *Message)
@@ -309,6 +330,11 @@ func (conn *Conn) Context() context.Context {
return conn.ctx
}
+// Connected returns whether conn is connected
+func (conn *Conn) Connected() bool {
+ return conn.ctx.Err() == nil
+}
+
// Eavesdrop causes conn to send all incoming messages to the given channel
// without further processing. Method replies, errors and signals will not be
// sent to the appropriate channels and method calls will not be handled. If nil
@@ -342,8 +368,9 @@ func (conn *Conn) Hello() error {
}
// inWorker runs in an own goroutine, reading incoming messages from the
-// transport and dispatching them appropiately.
+// transport and dispatching them appropriately.
func (conn *Conn) inWorker() {
+ sequenceGen := newSequenceGenerator()
for {
msg, err := conn.ReadMessage()
if err != nil {
@@ -352,7 +379,7 @@ func (conn *Conn) inWorker() {
// anything but to shut down all stuff and returns errors to all
// pending replies.
conn.Close()
- conn.calls.finalizeAllWithError(err)
+ conn.calls.finalizeAllWithError(sequenceGen, err)
return
}
// invalid messages are ignored
@@ -381,13 +408,14 @@ func (conn *Conn) inWorker() {
if conn.inInt != nil {
conn.inInt(msg)
}
+ sequence := sequenceGen.next()
switch msg.Type {
case TypeError:
- conn.serialGen.RetireSerial(conn.calls.handleDBusError(msg))
+ conn.serialGen.RetireSerial(conn.calls.handleDBusError(sequence, msg))
case TypeMethodReply:
- conn.serialGen.RetireSerial(conn.calls.handleReply(msg))
+ conn.serialGen.RetireSerial(conn.calls.handleReply(sequence, msg))
case TypeSignal:
- conn.handleSignal(msg)
+ conn.handleSignal(sequence, msg)
case TypeMethodCall:
go conn.handleCall(msg)
}
@@ -395,7 +423,7 @@ func (conn *Conn) inWorker() {
}
}
-func (conn *Conn) handleSignal(msg *Message) {
+func (conn *Conn) handleSignal(sequence Sequence, msg *Message) {
iface := msg.Headers[FieldInterface].value.(string)
member := msg.Headers[FieldMember].value.(string)
// as per http://dbus.freedesktop.org/doc/dbus-specification.html ,
@@ -421,10 +449,11 @@ func (conn *Conn) handleSignal(msg *Message) {
}
}
signal := &Signal{
- Sender: sender,
- Path: msg.Headers[FieldPath].value.(ObjectPath),
- Name: iface + "." + member,
- Body: msg.Body,
+ Sender: sender,
+ Path: msg.Headers[FieldPath].value.(ObjectPath),
+ Name: iface + "." + member,
+ Body: msg.Body,
+ Sequence: sequence,
}
conn.signalHandler.DeliverSignal(iface, member, signal)
}
@@ -442,6 +471,9 @@ func (conn *Conn) Object(dest string, path ObjectPath) BusObject {
}
func (conn *Conn) sendMessageAndIfClosed(msg *Message, ifClosed func()) {
+ if msg.serial == 0 {
+ msg.serial = conn.getSerial()
+ }
if conn.outInt != nil {
conn.outInt(msg)
}
@@ -473,16 +505,16 @@ func (conn *Conn) send(ctx context.Context, msg *Message, ch chan *Call) *Call {
if ctx == nil {
panic("nil context")
}
+ if ch == nil {
+ ch = make(chan *Call, 1)
+ } else if cap(ch) == 0 {
+ panic("dbus: unbuffered channel passed to (*Conn).Send")
+ }
var call *Call
ctx, canceler := context.WithCancel(ctx)
msg.serial = conn.getSerial()
if msg.Type == TypeMethodCall && msg.Flags&FlagNoReplyExpected == 0 {
- if ch == nil {
- ch = make(chan *Call, 5)
- } else if cap(ch) == 0 {
- panic("dbus: unbuffered channel passed to (*Conn).Send")
- }
call = new(Call)
call.Destination, _ = msg.Headers[FieldDestination].value.(string)
call.Path, _ = msg.Headers[FieldPath].value.(ObjectPath)
@@ -504,7 +536,8 @@ func (conn *Conn) send(ctx context.Context, msg *Message, ch chan *Call) *Call {
})
} else {
canceler()
- call = &Call{Err: nil}
+ call = &Call{Err: nil, Done: ch}
+ ch <- call
conn.sendMessageAndIfClosed(msg, func() {
call = &Call{Err: ErrClosed}
})
@@ -529,7 +562,6 @@ func (conn *Conn) sendError(err error, dest string, serial uint32) {
}
msg := new(Message)
msg.Type = TypeError
- msg.serial = conn.getSerial()
msg.Headers = make(map[HeaderField]Variant)
if dest != "" {
msg.Headers[FieldDestination] = MakeVariant(dest)
@@ -548,7 +580,6 @@ func (conn *Conn) sendError(err error, dest string, serial uint32) {
func (conn *Conn) sendReply(dest string, serial uint32, values ...interface{}) {
msg := new(Message)
msg.Type = TypeMethodReply
- msg.serial = conn.getSerial()
msg.Headers = make(map[HeaderField]Variant)
if dest != "" {
msg.Headers[FieldDestination] = MakeVariant(dest)
@@ -564,8 +595,14 @@ func (conn *Conn) sendReply(dest string, serial uint32, values ...interface{}) {
// AddMatchSignal registers the given match rule to receive broadcast
// signals based on their contents.
func (conn *Conn) AddMatchSignal(options ...MatchOption) error {
+ return conn.AddMatchSignalContext(context.Background(), options...)
+}
+
+// AddMatchSignalContext acts like AddMatchSignal but takes a context.
+func (conn *Conn) AddMatchSignalContext(ctx context.Context, options ...MatchOption) error {
options = append([]MatchOption{withMatchType("signal")}, options...)
- return conn.busObj.Call(
+ return conn.busObj.CallWithContext(
+ ctx,
"org.freedesktop.DBus.AddMatch", 0,
formatMatchOptions(options),
).Store()
@@ -573,8 +610,14 @@ func (conn *Conn) AddMatchSignal(options ...MatchOption) error {
// RemoveMatchSignal removes the first rule that matches previously registered with AddMatchSignal.
func (conn *Conn) RemoveMatchSignal(options ...MatchOption) error {
+ return conn.RemoveMatchSignalContext(context.Background(), options...)
+}
+
+// RemoveMatchSignalContext acts like RemoveMatchSignal but takes a context.
+func (conn *Conn) RemoveMatchSignalContext(ctx context.Context, options ...MatchOption) error {
options = append([]MatchOption{withMatchType("signal")}, options...)
- return conn.busObj.Call(
+ return conn.busObj.CallWithContext(
+ ctx,
"org.freedesktop.DBus.RemoveMatch", 0,
formatMatchOptions(options),
).Store()
@@ -639,10 +682,11 @@ func (e Error) Error() string {
// Signal represents a D-Bus message of type Signal. The name member is given in
// "interface.member" notation, e.g. org.freedesktop.D-Bus.NameLost.
type Signal struct {
- Sender string
- Path ObjectPath
- Name string
- Body []interface{}
+ Sender string
+ Path ObjectPath
+ Name string
+ Body []interface{}
+ Sequence Sequence
}
// transport is a D-Bus transport.
@@ -825,25 +869,25 @@ func (tracker *callTracker) track(sn uint32, call *Call) {
tracker.lck.Unlock()
}
-func (tracker *callTracker) handleReply(msg *Message) uint32 {
+func (tracker *callTracker) handleReply(sequence Sequence, msg *Message) uint32 {
serial := msg.Headers[FieldReplySerial].value.(uint32)
tracker.lck.RLock()
_, ok := tracker.calls[serial]
tracker.lck.RUnlock()
if ok {
- tracker.finalizeWithBody(serial, msg.Body)
+ tracker.finalizeWithBody(serial, sequence, msg.Body)
}
return serial
}
-func (tracker *callTracker) handleDBusError(msg *Message) uint32 {
+func (tracker *callTracker) handleDBusError(sequence Sequence, msg *Message) uint32 {
serial := msg.Headers[FieldReplySerial].value.(uint32)
tracker.lck.RLock()
_, ok := tracker.calls[serial]
tracker.lck.RUnlock()
if ok {
name, _ := msg.Headers[FieldErrorName].value.(string)
- tracker.finalizeWithError(serial, Error{name, msg.Body})
+ tracker.finalizeWithError(serial, sequence, Error{name, msg.Body})
}
return serial
}
@@ -856,7 +900,7 @@ func (tracker *callTracker) handleSendError(msg *Message, err error) {
_, ok := tracker.calls[msg.serial]
tracker.lck.RUnlock()
if ok {
- tracker.finalizeWithError(msg.serial, err)
+ tracker.finalizeWithError(msg.serial, NoSequence, err)
}
}
@@ -871,7 +915,7 @@ func (tracker *callTracker) finalize(sn uint32) {
}
}
-func (tracker *callTracker) finalizeWithBody(sn uint32, body []interface{}) {
+func (tracker *callTracker) finalizeWithBody(sn uint32, sequence Sequence, body []interface{}) {
tracker.lck.Lock()
c, ok := tracker.calls[sn]
if ok {
@@ -880,11 +924,12 @@ func (tracker *callTracker) finalizeWithBody(sn uint32, body []interface{}) {
tracker.lck.Unlock()
if ok {
c.Body = body
+ c.ResponseSequence = sequence
c.done()
}
}
-func (tracker *callTracker) finalizeWithError(sn uint32, err error) {
+func (tracker *callTracker) finalizeWithError(sn uint32, sequence Sequence, err error) {
tracker.lck.Lock()
c, ok := tracker.calls[sn]
if ok {
@@ -893,11 +938,12 @@ func (tracker *callTracker) finalizeWithError(sn uint32, err error) {
tracker.lck.Unlock()
if ok {
c.Err = err
+ c.ResponseSequence = sequence
c.done()
}
}
-func (tracker *callTracker) finalizeAllWithError(err error) {
+func (tracker *callTracker) finalizeAllWithError(sequenceGen *sequenceGenerator, err error) {
tracker.lck.Lock()
closedCalls := make([]*Call, 0, len(tracker.calls))
for sn := range tracker.calls {
@@ -907,6 +953,7 @@ func (tracker *callTracker) finalizeAllWithError(err error) {
tracker.lck.Unlock()
for _, call := range closedCalls {
call.Err = err
+ call.ResponseSequence = sequenceGen.next()
call.done()
}
}
diff --git a/vendor/github.com/godbus/dbus/v5/dbus.go b/vendor/github.com/godbus/dbus/v5/dbus.go
index 428923d26..ddf3b7afd 100644
--- a/vendor/github.com/godbus/dbus/v5/dbus.go
+++ b/vendor/github.com/godbus/dbus/v5/dbus.go
@@ -28,6 +28,7 @@ var (
interfaceType = reflect.TypeOf((*interface{})(nil)).Elem()
unixFDType = reflect.TypeOf(UnixFD(0))
unixFDIndexType = reflect.TypeOf(UnixFDIndex(0))
+ errType = reflect.TypeOf((*error)(nil)).Elem()
)
// An InvalidTypeError signals that a value which cannot be represented in the
@@ -63,6 +64,9 @@ func storeInterfaces(src, dest interface{}) error {
func store(dest, src reflect.Value) error {
if dest.Kind() == reflect.Ptr {
+ if dest.IsNil() {
+ dest.Set(reflect.New(dest.Type().Elem()))
+ }
return store(dest.Elem(), src)
}
switch src.Kind() {
diff --git a/vendor/github.com/godbus/dbus/v5/default_handler.go b/vendor/github.com/godbus/dbus/v5/default_handler.go
index 6d8bf32f9..13132c6b4 100644
--- a/vendor/github.com/godbus/dbus/v5/default_handler.go
+++ b/vendor/github.com/godbus/dbus/v5/default_handler.go
@@ -126,14 +126,28 @@ func (m exportedMethod) Call(args ...interface{}) ([]interface{}, error) {
}
ret := m.Value.Call(params)
-
- err := ret[t.NumOut()-1].Interface().(*Error)
- ret = ret[:t.NumOut()-1]
+ var err error
+ nilErr := false // The reflection will find almost-nils, let's only pass back clean ones!
+ if t.NumOut() > 0 {
+ if e, ok := ret[t.NumOut()-1].Interface().(*Error); ok { // godbus *Error
+ nilErr = ret[t.NumOut()-1].IsNil()
+ ret = ret[:t.NumOut()-1]
+ err = e
+ } else if ret[t.NumOut()-1].Type().Implements(errType) { // Go error
+ i := ret[t.NumOut()-1].Interface()
+ if i == nil {
+ nilErr = ret[t.NumOut()-1].IsNil()
+ } else {
+ err = i.(error)
+ }
+ ret = ret[:t.NumOut()-1]
+ }
+ }
out := make([]interface{}, len(ret))
for i, val := range ret {
out[i] = val.Interface()
}
- if err == nil {
+ if nilErr || err == nil {
//concrete type to interface nil is a special case
return out, nil
}
diff --git a/vendor/github.com/godbus/dbus/v5/export.go b/vendor/github.com/godbus/dbus/v5/export.go
index c277ab142..2447b51d4 100644
--- a/vendor/github.com/godbus/dbus/v5/export.go
+++ b/vendor/github.com/godbus/dbus/v5/export.go
@@ -69,6 +69,22 @@ func getMethods(in interface{}, mapping map[string]string) map[string]reflect.Va
return methods
}
+func getAllMethods(in interface{}, mapping map[string]string) map[string]reflect.Value {
+ if in == nil {
+ return nil
+ }
+ methods := make(map[string]reflect.Value)
+ val := reflect.ValueOf(in)
+ typ := val.Type()
+ for i := 0; i < typ.NumMethod(); i++ {
+ methtype := typ.Method(i)
+ method := val.Method(i)
+ // map names while building table
+ methods[computeMethodName(methtype.Name, mapping)] = method
+ }
+ return methods
+}
+
func standardMethodArgumentDecode(m Method, sender string, msg *Message, body []interface{}) ([]interface{}, error) {
pointers := make([]interface{}, m.NumArguments())
decode := make([]interface{}, 0, len(body))
@@ -159,7 +175,6 @@ func (conn *Conn) handleCall(msg *Message) {
if msg.Flags&FlagNoReplyExpected == 0 {
reply := new(Message)
reply.Type = TypeMethodReply
- reply.serial = conn.getSerial()
reply.Headers = make(map[HeaderField]Variant)
if hasSender {
reply.Headers[FieldDestination] = msg.Headers[FieldSender]
@@ -195,7 +210,6 @@ func (conn *Conn) Emit(path ObjectPath, name string, values ...interface{}) erro
}
msg := new(Message)
msg.Type = TypeSignal
- msg.serial = conn.getSerial()
msg.Headers = make(map[HeaderField]Variant)
msg.Headers[FieldInterface] = MakeVariant(iface)
msg.Headers[FieldMember] = MakeVariant(member)
@@ -247,6 +261,18 @@ func (conn *Conn) Export(v interface{}, path ObjectPath, iface string) error {
return conn.ExportWithMap(v, nil, path, iface)
}
+// ExportAll registers all exported methods defined by the given object on
+// the message bus.
+//
+// Unlike Export there is no requirement to have the last parameter as type
+// *Error. If you want to be able to return error then you can append an error
+// type parameter to your method signature. If the error returned is not nil,
+// it is sent back to the caller as an error. Otherwise, a method reply is
+// sent with the other return values as its body.
+func (conn *Conn) ExportAll(v interface{}, path ObjectPath, iface string) error {
+ return conn.export(getAllMethods(v, nil), path, iface, false)
+}
+
// ExportWithMap works exactly like Export but provides the ability to remap
// method names (e.g. export a lower-case method).
//
@@ -299,19 +325,22 @@ func (conn *Conn) ExportSubtreeMethodTable(methods map[string]interface{}, path
}
func (conn *Conn) exportMethodTable(methods map[string]interface{}, path ObjectPath, iface string, includeSubtree bool) error {
- out := make(map[string]reflect.Value)
- for name, method := range methods {
- rval := reflect.ValueOf(method)
- if rval.Kind() != reflect.Func {
- continue
- }
- t := rval.Type()
- // only track valid methods must return *Error as last arg
- if t.NumOut() == 0 ||
- t.Out(t.NumOut()-1) != reflect.TypeOf(&ErrMsgInvalidArg) {
- continue
+ var out map[string]reflect.Value
+ if methods != nil {
+ out = make(map[string]reflect.Value)
+ for name, method := range methods {
+ rval := reflect.ValueOf(method)
+ if rval.Kind() != reflect.Func {
+ continue
+ }
+ t := rval.Type()
+ // only track valid methods must return *Error as last arg
+ if t.NumOut() == 0 ||
+ t.Out(t.NumOut()-1) != reflect.TypeOf(&ErrMsgInvalidArg) {
+ continue
+ }
+ out[name] = rval
}
- out[name] = rval
}
return conn.export(out, path, iface, includeSubtree)
}
@@ -327,12 +356,12 @@ func (conn *Conn) unexport(h *defaultHandler, path ObjectPath, iface string) err
return nil
}
-// exportWithMap is the worker function for all exports/registrations.
+// export is the worker function for all exports/registrations.
func (conn *Conn) export(methods map[string]reflect.Value, path ObjectPath, iface string, includeSubtree bool) error {
h, ok := conn.handler.(*defaultHandler)
if !ok {
return fmt.Errorf(
- `dbus: export only allowed on the default hander handler have %T"`,
+ `dbus: export only allowed on the default handler. Received: %T"`,
conn.handler)
}
diff --git a/vendor/github.com/godbus/dbus/v5/match.go b/vendor/github.com/godbus/dbus/v5/match.go
index 086ee336a..5a607e53e 100644
--- a/vendor/github.com/godbus/dbus/v5/match.go
+++ b/vendor/github.com/godbus/dbus/v5/match.go
@@ -1,6 +1,7 @@
package dbus
import (
+ "strconv"
"strings"
)
@@ -60,3 +61,29 @@ func WithMatchPathNamespace(namespace ObjectPath) MatchOption {
func WithMatchDestination(destination string) MatchOption {
return WithMatchOption("destination", destination)
}
+
+// WithMatchArg sets argN match option, range of N is 0 to 63.
+func WithMatchArg(argIdx int, value string) MatchOption {
+ if argIdx < 0 || argIdx > 63 {
+ panic("range of argument index is 0 to 63")
+ }
+ return WithMatchOption("arg"+strconv.Itoa(argIdx), value)
+}
+
+// WithMatchArgPath sets argN path match option, range of N is 0 to 63.
+func WithMatchArgPath(argIdx int, path string) MatchOption {
+ if argIdx < 0 || argIdx > 63 {
+ panic("range of argument index is 0 to 63")
+ }
+ return WithMatchOption("arg"+strconv.Itoa(argIdx)+"path", path)
+}
+
+// WithMatchArg0Namespace sets arg0namespace match option.
+func WithMatchArg0Namespace(arg0Namespace string) MatchOption {
+ return WithMatchOption("arg0namespace", arg0Namespace)
+}
+
+// WithMatchEavesdrop sets eavesdrop match option.
+func WithMatchEavesdrop(eavesdrop bool) MatchOption {
+ return WithMatchOption("eavesdrop", strconv.FormatBool(eavesdrop))
+}
diff --git a/vendor/github.com/godbus/dbus/v5/object.go b/vendor/github.com/godbus/dbus/v5/object.go
index 8acd7fc8b..664abb7fb 100644
--- a/vendor/github.com/godbus/dbus/v5/object.go
+++ b/vendor/github.com/godbus/dbus/v5/object.go
@@ -16,6 +16,7 @@ type BusObject interface {
AddMatchSignal(iface, member string, options ...MatchOption) *Call
RemoveMatchSignal(iface, member string, options ...MatchOption) *Call
GetProperty(p string) (Variant, error)
+ StoreProperty(p string, value interface{}) error
SetProperty(p string, v interface{}) error
Destination() string
Path() ObjectPath
@@ -109,7 +110,6 @@ func (o *Object) createCall(ctx context.Context, method string, flags Flags, ch
method = method[i+1:]
msg := new(Message)
msg.Type = TypeMethodCall
- msg.serial = o.conn.getSerial()
msg.Flags = flags & (FlagNoAutoStart | FlagNoReplyExpected)
msg.Headers = make(map[HeaderField]Variant)
msg.Headers[FieldPath] = MakeVariant(o.path)
@@ -122,68 +122,31 @@ func (o *Object) createCall(ctx context.Context, method string, flags Flags, ch
if len(args) > 0 {
msg.Headers[FieldSignature] = MakeVariant(SignatureOf(args...))
}
- if msg.Flags&FlagNoReplyExpected == 0 {
- if ch == nil {
- ch = make(chan *Call, 1)
- } else if cap(ch) == 0 {
- panic("dbus: unbuffered channel passed to (*Object).Go")
- }
- ctx, cancel := context.WithCancel(ctx)
- call := &Call{
- Destination: o.dest,
- Path: o.path,
- Method: method,
- Args: args,
- Done: ch,
- ctxCanceler: cancel,
- ctx: ctx,
- }
- o.conn.calls.track(msg.serial, call)
- o.conn.sendMessageAndIfClosed(msg, func() {
- o.conn.calls.handleSendError(msg, ErrClosed)
- cancel()
- })
- go func() {
- <-ctx.Done()
- o.conn.calls.handleSendError(msg, ctx.Err())
- }()
-
- return call
- }
- done := make(chan *Call, 1)
- call := &Call{
- Err: nil,
- Done: done,
- }
- defer func() {
- call.Done <- call
- close(done)
- }()
- o.conn.sendMessageAndIfClosed(msg, func() {
- call.Err = ErrClosed
- })
- return call
+ return o.conn.SendWithContext(ctx, msg, ch)
}
// GetProperty calls org.freedesktop.DBus.Properties.Get on the given
// object. The property name must be given in interface.member notation.
func (o *Object) GetProperty(p string) (Variant, error) {
+ var result Variant
+ err := o.StoreProperty(p, &result)
+ return result, err
+}
+
+// StoreProperty calls org.freedesktop.DBus.Properties.Get on the given
+// object. The property name must be given in interface.member notation.
+// It stores the returned property into the provided value.
+func (o *Object) StoreProperty(p string, value interface{}) error {
idx := strings.LastIndex(p, ".")
if idx == -1 || idx+1 == len(p) {
- return Variant{}, errors.New("dbus: invalid property " + p)
+ return errors.New("dbus: invalid property " + p)
}
iface := p[:idx]
prop := p[idx+1:]
- result := Variant{}
- err := o.Call("org.freedesktop.DBus.Properties.Get", 0, iface, prop).Store(&result)
-
- if err != nil {
- return Variant{}, err
- }
-
- return result, nil
+ return o.Call("org.freedesktop.DBus.Properties.Get", 0, iface, prop).
+ Store(value)
}
// SetProperty calls org.freedesktop.DBus.Properties.Set on the given
diff --git a/vendor/github.com/godbus/dbus/v5/sequence.go b/vendor/github.com/godbus/dbus/v5/sequence.go
new file mode 100644
index 000000000..89435d393
--- /dev/null
+++ b/vendor/github.com/godbus/dbus/v5/sequence.go
@@ -0,0 +1,24 @@
+package dbus
+
+// Sequence represents the value of a monotonically increasing counter.
+type Sequence uint64
+
+const (
+ // NoSequence indicates the absence of a sequence value.
+ NoSequence Sequence = 0
+)
+
+// sequenceGenerator represents a monotonically increasing counter.
+type sequenceGenerator struct {
+ nextSequence Sequence
+}
+
+func (generator *sequenceGenerator) next() Sequence {
+ result := generator.nextSequence
+ generator.nextSequence++
+ return result
+}
+
+func newSequenceGenerator() *sequenceGenerator {
+ return &sequenceGenerator{nextSequence: 1}
+}
diff --git a/vendor/github.com/godbus/dbus/v5/sequential_handler.go b/vendor/github.com/godbus/dbus/v5/sequential_handler.go
new file mode 100644
index 000000000..ef2fcdba1
--- /dev/null
+++ b/vendor/github.com/godbus/dbus/v5/sequential_handler.go
@@ -0,0 +1,125 @@
+package dbus
+
+import (
+ "sync"
+)
+
+// NewSequentialSignalHandler returns an instance of a new
+// signal handler that guarantees sequential processing of signals. It is a
+// guarantee of this signal handler that signals will be written to
+// channels in the order they are received on the DBus connection.
+func NewSequentialSignalHandler() SignalHandler {
+ return &sequentialSignalHandler{}
+}
+
+type sequentialSignalHandler struct {
+ mu sync.RWMutex
+ closed bool
+ signals []*sequentialSignalChannelData
+}
+
+func (sh *sequentialSignalHandler) DeliverSignal(intf, name string, signal *Signal) {
+ sh.mu.RLock()
+ defer sh.mu.RUnlock()
+ if sh.closed {
+ return
+ }
+ for _, scd := range sh.signals {
+ scd.deliver(signal)
+ }
+}
+
+func (sh *sequentialSignalHandler) Terminate() {
+ sh.mu.Lock()
+ defer sh.mu.Unlock()
+ if sh.closed {
+ return
+ }
+
+ for _, scd := range sh.signals {
+ scd.close()
+ close(scd.ch)
+ }
+ sh.closed = true
+ sh.signals = nil
+}
+
+func (sh *sequentialSignalHandler) AddSignal(ch chan<- *Signal) {
+ sh.mu.Lock()
+ defer sh.mu.Unlock()
+ if sh.closed {
+ return
+ }
+ sh.signals = append(sh.signals, newSequentialSignalChannelData(ch))
+}
+
+func (sh *sequentialSignalHandler) RemoveSignal(ch chan<- *Signal) {
+ sh.mu.Lock()
+ defer sh.mu.Unlock()
+ if sh.closed {
+ return
+ }
+ for i := len(sh.signals) - 1; i >= 0; i-- {
+ if ch == sh.signals[i].ch {
+ sh.signals[i].close()
+ copy(sh.signals[i:], sh.signals[i+1:])
+ sh.signals[len(sh.signals)-1] = nil
+ sh.signals = sh.signals[:len(sh.signals)-1]
+ }
+ }
+}
+
+type sequentialSignalChannelData struct {
+ ch chan<- *Signal
+ in chan *Signal
+ done chan struct{}
+}
+
+func newSequentialSignalChannelData(ch chan<- *Signal) *sequentialSignalChannelData {
+ scd := &sequentialSignalChannelData{
+ ch: ch,
+ in: make(chan *Signal),
+ done: make(chan struct{}),
+ }
+ go scd.bufferSignals()
+ return scd
+}
+
+func (scd *sequentialSignalChannelData) bufferSignals() {
+ defer close(scd.done)
+
+ // Ensure that signals are delivered to scd.ch in the same
+ // order they are received from scd.in.
+ var queue []*Signal
+ for {
+ if len(queue) == 0 {
+ signal, ok := <- scd.in
+ if !ok {
+ return
+ }
+ queue = append(queue, signal)
+ }
+ select {
+ case scd.ch <- queue[0]:
+ copy(queue, queue[1:])
+ queue[len(queue)-1] = nil
+ queue = queue[:len(queue)-1]
+ case signal, ok := <-scd.in:
+ if !ok {
+ return
+ }
+ queue = append(queue, signal)
+ }
+ }
+}
+
+func (scd *sequentialSignalChannelData) deliver(signal *Signal) {
+ scd.in <- signal
+}
+
+func (scd *sequentialSignalChannelData) close() {
+ close(scd.in)
+ // Ensure that bufferSignals() has exited and won't attempt
+ // any future sends on scd.ch
+ <-scd.done
+}
diff --git a/vendor/github.com/godbus/dbus/v5/sig.go b/vendor/github.com/godbus/dbus/v5/sig.go
index c1b809202..2d326cebc 100644
--- a/vendor/github.com/godbus/dbus/v5/sig.go
+++ b/vendor/github.com/godbus/dbus/v5/sig.go
@@ -137,7 +137,7 @@ func ParseSignatureMust(s string) Signature {
return sig
}
-// Empty retruns whether the signature is the empty signature.
+// Empty returns whether the signature is the empty signature.
func (s Signature) Empty() bool {
return s.str == ""
}
diff --git a/vendor/github.com/godbus/dbus/v5/transport_unixcred_freebsd.go b/vendor/github.com/godbus/dbus/v5/transport_unixcred_freebsd.go
index 0fc5b9273..1b5ed2089 100644
--- a/vendor/github.com/godbus/dbus/v5/transport_unixcred_freebsd.go
+++ b/vendor/github.com/godbus/dbus/v5/transport_unixcred_freebsd.go
@@ -10,6 +10,7 @@ package dbus
/*
const int sizeofPtr = sizeof(void*);
#define _WANT_UCRED
+#include <sys/types.h>
#include <sys/ucred.h>
*/
import "C"
diff --git a/vendor/github.com/godbus/dbus/v5/variant.go b/vendor/github.com/godbus/dbus/v5/variant.go
index 5b51828c8..f1e81f3ed 100644
--- a/vendor/github.com/godbus/dbus/v5/variant.go
+++ b/vendor/github.com/godbus/dbus/v5/variant.go
@@ -142,3 +142,9 @@ func (v Variant) String() string {
func (v Variant) Value() interface{} {
return v.value
}
+
+// Store converts the variant into a native go type using the same
+// mechanism as the "Store" function.
+func (v Variant) Store(value interface{}) error {
+ return storeInterfaces(v.value, value)
+}
diff --git a/vendor/github.com/onsi/ginkgo/CHANGELOG.md b/vendor/github.com/onsi/ginkgo/CHANGELOG.md
index 623b1ad37..f99f89480 100644
--- a/vendor/github.com/onsi/ginkgo/CHANGELOG.md
+++ b/vendor/github.com/onsi/ginkgo/CHANGELOG.md
@@ -1,3 +1,16 @@
+## 1.16.0
+
+### Features
+- Advertise Ginkgo 2.0. Introduce deprecations. [9ef1913]
+ - Update README.md to advertise that Ginkgo 2.0 is coming.
+ - Backport the 2.0 DeprecationTracker and start alerting users
+ about upcoming deprecations.
+
+- Add slim-sprig template functions to bootstrap/generate (#775) [9162b86]
+
+### Fixes
+- Fix accidental reference to 1488 (#784) [9fb7fe4]
+
## 1.15.2
### Fixes
diff --git a/vendor/github.com/onsi/ginkgo/README.md b/vendor/github.com/onsi/ginkgo/README.md
index 008cbcb75..05321e6ea 100644
--- a/vendor/github.com/onsi/ginkgo/README.md
+++ b/vendor/github.com/onsi/ginkgo/README.md
@@ -7,6 +7,18 @@ Jump to the [docs](https://onsi.github.io/ginkgo/) | [中文文档](https://ke-c
If you have a question, comment, bug report, feature request, etc. please open a GitHub issue, or visit the [Ginkgo Slack channel](https://app.slack.com/client/T029RQSE6/CQQ50BBNW).
+# Ginkgo 2.0 is coming soon!
+
+An effort is underway to develop and deliver Ginkgo 2.0. The work is happening in the [v2](https://github.com/onsi/ginkgo/tree/v2) branch and a changelog and migration guide is being maintained on that branch [here](https://github.com/onsi/ginkgo/blob/v2/docs/MIGRATING_TO_V2.md). Issue [#711](https://github.com/onsi/ginkgo/issues/711) is the central place for discussion and links to the original [proposal doc](https://docs.google.com/document/d/1h28ZknXRsTLPNNiOjdHIO-F2toCzq4xoZDXbfYaBdoQ/edit#).
+
+As described in the [changelog](https://github.com/onsi/ginkgo/blob/v2/docs/MIGRATING_TO_V2.md) and [proposal](https://docs.google.com/document/d/1h28ZknXRsTLPNNiOjdHIO-F2toCzq4xoZDXbfYaBdoQ/edit#), Ginkgo 2.0 will clean up the Ginkgo codebase, deprecate and remove some v1 functionality, and add several new much-requested features. To help users get ready for the migration, Ginkgo v1 has started emitting deprecation warnings for features that will no longer be supported with links to documentation for how to migrate away from these features. If you have concerns or comments please chime in on [#711](https://github.com/onsi/ginkgo/issues/711).
+
+The current timeline for completion of 2.0 looks like:
+
+- Early April 2021: first public release of 2.0, deprecation warnings land in v1.
+- May 2021: first beta/rc of 2.0 with most new functionality in place.
+- June/July 2021: 2.0 ships and fully replaces the 1.x codebase on master.
+
## TLDR
Ginkgo builds on Go's `testing` package, allowing expressive [Behavior-Driven Development](https://en.wikipedia.org/wiki/Behavior-driven_development) ("BDD") style tests.
It is typically (and optionally) paired with the [Gomega](https://github.com/onsi/gomega) matcher library.
diff --git a/vendor/github.com/onsi/ginkgo/config/config.go b/vendor/github.com/onsi/ginkgo/config/config.go
index d2857a7ef..25f8758a6 100644
--- a/vendor/github.com/onsi/ginkgo/config/config.go
+++ b/vendor/github.com/onsi/ginkgo/config/config.go
@@ -20,7 +20,7 @@ import (
"fmt"
)
-const VERSION = "1.15.2"
+const VERSION = "1.16.0"
type GinkgoConfigType struct {
RandomSeed int64
diff --git a/vendor/github.com/onsi/ginkgo/formatter/formatter.go b/vendor/github.com/onsi/ginkgo/formatter/formatter.go
new file mode 100644
index 000000000..30d7cbe12
--- /dev/null
+++ b/vendor/github.com/onsi/ginkgo/formatter/formatter.go
@@ -0,0 +1,190 @@
+package formatter
+
+import (
+ "fmt"
+ "regexp"
+ "strings"
+)
+
+const COLS = 80
+
+type ColorMode uint8
+
+const (
+ ColorModeNone ColorMode = iota
+ ColorModeTerminal
+ ColorModePassthrough
+)
+
+var SingletonFormatter = New(ColorModeTerminal)
+
+func F(format string, args ...interface{}) string {
+ return SingletonFormatter.F(format, args...)
+}
+
+func Fi(indentation uint, format string, args ...interface{}) string {
+ return SingletonFormatter.Fi(indentation, format, args...)
+}
+
+func Fiw(indentation uint, maxWidth uint, format string, args ...interface{}) string {
+ return SingletonFormatter.Fiw(indentation, maxWidth, format, args...)
+}
+
+type Formatter struct {
+ ColorMode ColorMode
+ colors map[string]string
+ styleRe *regexp.Regexp
+ preserveColorStylingTags bool
+}
+
+func NewWithNoColorBool(noColor bool) Formatter {
+ if noColor {
+ return New(ColorModeNone)
+ }
+ return New(ColorModeTerminal)
+}
+
+func New(colorMode ColorMode) Formatter {
+ f := Formatter{
+ ColorMode: colorMode,
+ colors: map[string]string{
+ "/": "\x1b[0m",
+ "bold": "\x1b[1m",
+ "underline": "\x1b[4m",
+
+ "red": "\x1b[38;5;9m",
+ "orange": "\x1b[38;5;214m",
+ "coral": "\x1b[38;5;204m",
+ "magenta": "\x1b[38;5;13m",
+ "green": "\x1b[38;5;10m",
+ "dark-green": "\x1b[38;5;28m",
+ "yellow": "\x1b[38;5;11m",
+ "light-yellow": "\x1b[38;5;228m",
+ "cyan": "\x1b[38;5;14m",
+ "gray": "\x1b[38;5;243m",
+ "light-gray": "\x1b[38;5;246m",
+ "blue": "\x1b[38;5;12m",
+ },
+ }
+ colors := []string{}
+ for color := range f.colors {
+ colors = append(colors, color)
+ }
+ f.styleRe = regexp.MustCompile("{{(" + strings.Join(colors, "|") + ")}}")
+ return f
+}
+
+func (f Formatter) F(format string, args ...interface{}) string {
+ return f.Fi(0, format, args...)
+}
+
+func (f Formatter) Fi(indentation uint, format string, args ...interface{}) string {
+ return f.Fiw(indentation, 0, format, args...)
+}
+
+func (f Formatter) Fiw(indentation uint, maxWidth uint, format string, args ...interface{}) string {
+ out := fmt.Sprintf(f.style(format), args...)
+
+ if indentation == 0 && maxWidth == 0 {
+ return out
+ }
+
+ lines := strings.Split(out, "\n")
+
+ if maxWidth != 0 {
+ outLines := []string{}
+
+ maxWidth = maxWidth - indentation*2
+ for _, line := range lines {
+ if f.length(line) <= maxWidth {
+ outLines = append(outLines, line)
+ continue
+ }
+ outWords := []string{}
+ length := uint(0)
+ words := strings.Split(line, " ")
+ for _, word := range words {
+ wordLength := f.length(word)
+ if length+wordLength <= maxWidth {
+ length += wordLength
+ outWords = append(outWords, word)
+ continue
+ }
+ outLines = append(outLines, strings.Join(outWords, " "))
+ outWords = []string{word}
+ length = wordLength
+ }
+ if len(outWords) > 0 {
+ outLines = append(outLines, strings.Join(outWords, " "))
+ }
+ }
+
+ lines = outLines
+ }
+
+ if indentation == 0 {
+ return strings.Join(lines, "\n")
+ }
+
+ padding := strings.Repeat(" ", int(indentation))
+ for i := range lines {
+ if lines[i] != "" {
+ lines[i] = padding + lines[i]
+ }
+ }
+
+ return strings.Join(lines, "\n")
+}
+
+func (f Formatter) length(styled string) uint {
+ n := uint(0)
+ inStyle := false
+ for _, b := range styled {
+ if inStyle {
+ if b == 'm' {
+ inStyle = false
+ }
+ continue
+ }
+ if b == '\x1b' {
+ inStyle = true
+ continue
+ }
+ n += 1
+ }
+ return n
+}
+
+func (f Formatter) CycleJoin(elements []string, joiner string, cycle []string) string {
+ if len(elements) == 0 {
+ return ""
+ }
+ n := len(cycle)
+ out := ""
+ for i, text := range elements {
+ out += cycle[i%n] + text
+ if i < len(elements)-1 {
+ out += joiner
+ }
+ }
+ out += "{{/}}"
+ return f.style(out)
+}
+
+func (f Formatter) style(s string) string {
+ switch f.ColorMode {
+ case ColorModeNone:
+ return f.styleRe.ReplaceAllString(s, "")
+ case ColorModePassthrough:
+ return s
+ case ColorModeTerminal:
+ return f.styleRe.ReplaceAllStringFunc(s, func(match string) string {
+ if out, ok := f.colors[strings.Trim(match, "{}")]; ok {
+ return out
+ }
+ return match
+ })
+ }
+
+ return ""
+}
diff --git a/vendor/github.com/onsi/ginkgo/ginkgo/bootstrap_command.go b/vendor/github.com/onsi/ginkgo/ginkgo/bootstrap_command.go
index 93150d1a4..6f5af3913 100644
--- a/vendor/github.com/onsi/ginkgo/ginkgo/bootstrap_command.go
+++ b/vendor/github.com/onsi/ginkgo/ginkgo/bootstrap_command.go
@@ -12,6 +12,7 @@ import (
"go/build"
+ sprig "github.com/go-task/slim-sprig"
"github.com/onsi/ginkgo/ginkgo/nodot"
)
@@ -176,7 +177,7 @@ func generateBootstrap(agouti, noDot, internal bool, customBootstrapFile string)
templateText = bootstrapText
}
- bootstrapTemplate, err := template.New("bootstrap").Parse(templateText)
+ bootstrapTemplate, err := template.New("bootstrap").Funcs(sprig.TxtFuncMap()).Parse(templateText)
if err != nil {
panic(err.Error())
}
diff --git a/vendor/github.com/onsi/ginkgo/ginkgo/convert_command.go b/vendor/github.com/onsi/ginkgo/ginkgo/convert_command.go
index 5944ed85c..8e99f56a2 100644
--- a/vendor/github.com/onsi/ginkgo/ginkgo/convert_command.go
+++ b/vendor/github.com/onsi/ginkgo/ginkgo/convert_command.go
@@ -6,6 +6,8 @@ import (
"os"
"github.com/onsi/ginkgo/ginkgo/convert"
+ colorable "github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable"
+ "github.com/onsi/ginkgo/types"
)
func BuildConvertCommand() *Command {
@@ -21,6 +23,10 @@ func BuildConvertCommand() *Command {
}
func convertPackage(args []string, additionalArgs []string) {
+ deprecationTracker := types.NewDeprecationTracker()
+ deprecationTracker.TrackDeprecation(types.Deprecations.Convert())
+ fmt.Fprintln(colorable.NewColorableStderr(), deprecationTracker.DeprecationsReport())
+
if len(args) != 1 {
println(fmt.Sprintf("usage: ginkgo convert /path/to/your/package"))
os.Exit(1)
diff --git a/vendor/github.com/onsi/ginkgo/ginkgo/generate_command.go b/vendor/github.com/onsi/ginkgo/ginkgo/generate_command.go
index 288df7797..27758beba 100644
--- a/vendor/github.com/onsi/ginkgo/ginkgo/generate_command.go
+++ b/vendor/github.com/onsi/ginkgo/ginkgo/generate_command.go
@@ -10,6 +10,8 @@ import (
"strconv"
"strings"
"text/template"
+
+ sprig "github.com/go-task/slim-sprig"
)
func BuildGenerateCommand() *Command {
@@ -157,7 +159,7 @@ func generateSpecForSubject(subject string, agouti, noDot, internal bool, custom
templateText = specText
}
- specTemplate, err := template.New("spec").Parse(templateText)
+ specTemplate, err := template.New("spec").Funcs(sprig.TxtFuncMap()).Parse(templateText)
if err != nil {
return err
}
diff --git a/vendor/github.com/onsi/ginkgo/ginkgo/run_command.go b/vendor/github.com/onsi/ginkgo/ginkgo/run_command.go
index f225d272f..dd87e1f89 100644
--- a/vendor/github.com/onsi/ginkgo/ginkgo/run_command.go
+++ b/vendor/github.com/onsi/ginkgo/ginkgo/run_command.go
@@ -15,6 +15,7 @@ import (
"github.com/onsi/ginkgo/config"
"github.com/onsi/ginkgo/ginkgo/interrupthandler"
"github.com/onsi/ginkgo/ginkgo/testrunner"
+ colorable "github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable"
"github.com/onsi/ginkgo/types"
)
@@ -53,6 +54,26 @@ func (r *SpecRunner) RunSpecs(args []string, additionalArgs []string) {
r.commandFlags.computeNodes()
r.notifier.VerifyNotificationsAreAvailable()
+ deprecationTracker := types.NewDeprecationTracker()
+
+ if r.commandFlags.ParallelStream {
+ deprecationTracker.TrackDeprecation(types.Deprecation{
+ Message: "--stream is deprecated and will be removed in Ginkgo 2.0",
+ DocLink: "removed--stream",
+ })
+ }
+
+ if r.commandFlags.Notify {
+ deprecationTracker.TrackDeprecation(types.Deprecation{
+ Message: "--notify is deprecated and will be removed in Ginkgo 2.0",
+ DocLink: "removed--notify",
+ })
+ }
+
+ if deprecationTracker.DidTrackDeprecations() {
+ fmt.Fprintln(colorable.NewColorableStderr(), deprecationTracker.DeprecationsReport())
+ }
+
suites, skippedPackages := findSuites(args, r.commandFlags.Recurse, r.commandFlags.SkipPackage, true)
if len(skippedPackages) > 0 {
fmt.Println("Will skip:")
diff --git a/vendor/github.com/onsi/ginkgo/ginkgo_dsl.go b/vendor/github.com/onsi/ginkgo/ginkgo_dsl.go
index 7e8a48708..998c2c2ca 100644
--- a/vendor/github.com/onsi/ginkgo/ginkgo_dsl.go
+++ b/vendor/github.com/onsi/ginkgo/ginkgo_dsl.go
@@ -17,6 +17,7 @@ import (
"io"
"net/http"
"os"
+ "reflect"
"strings"
"time"
@@ -32,6 +33,8 @@ import (
"github.com/onsi/ginkgo/types"
)
+var deprecationTracker = types.NewDeprecationTracker()
+
const GINKGO_VERSION = config.VERSION
const GINKGO_PANIC = `
Your test failed.
@@ -205,21 +208,27 @@ func RunSpecs(t GinkgoTestingT, description string) bool {
if config.DefaultReporterConfig.ReportFile != "" {
reportFile := config.DefaultReporterConfig.ReportFile
specReporters[0] = reporters.NewJUnitReporter(reportFile)
- return RunSpecsWithDefaultAndCustomReporters(t, description, specReporters)
+ specReporters = append(specReporters, buildDefaultReporter())
}
- return RunSpecsWithCustomReporters(t, description, specReporters)
+ return runSpecsWithCustomReporters(t, description, specReporters)
}
//To run your tests with Ginkgo's default reporter and your custom reporter(s), replace
//RunSpecs() with this method.
func RunSpecsWithDefaultAndCustomReporters(t GinkgoTestingT, description string, specReporters []Reporter) bool {
+ deprecationTracker.TrackDeprecation(types.Deprecations.CustomReporter())
specReporters = append(specReporters, buildDefaultReporter())
- return RunSpecsWithCustomReporters(t, description, specReporters)
+ return runSpecsWithCustomReporters(t, description, specReporters)
}
//To run your tests with your custom reporter(s) (and *not* Ginkgo's default reporter), replace
//RunSpecs() with this method. Note that parallel tests will not work correctly without the default reporter
func RunSpecsWithCustomReporters(t GinkgoTestingT, description string, specReporters []Reporter) bool {
+ deprecationTracker.TrackDeprecation(types.Deprecations.CustomReporter())
+ return runSpecsWithCustomReporters(t, description, specReporters)
+}
+
+func runSpecsWithCustomReporters(t GinkgoTestingT, description string, specReporters []Reporter) bool {
writer := GinkgoWriter.(*writer.Writer)
writer.SetStream(config.DefaultReporterConfig.Verbose)
reporters := make([]reporters.Reporter, len(specReporters))
@@ -227,6 +236,11 @@ func RunSpecsWithCustomReporters(t GinkgoTestingT, description string, specRepor
reporters[i] = reporter
}
passed, hasFocusedTests := global.Suite.Run(t, description, reporters, writer, config.GinkgoConfig)
+
+ if deprecationTracker.DidTrackDeprecations() {
+ fmt.Fprintln(colorable.NewColorableStderr(), deprecationTracker.DeprecationsReport())
+ }
+
if passed && hasFocusedTests && strings.TrimSpace(os.Getenv("GINKGO_EDITOR_INTEGRATION")) == "" {
fmt.Println("PASS | FOCUSED")
os.Exit(types.GINKGO_FOCUS_EXIT_CODE)
@@ -380,12 +394,14 @@ func XWhen(text string, body func()) bool {
//Ginkgo will normally run It blocks synchronously. To perform asynchronous tests, pass a
//function that accepts a Done channel. When you do this, you can also provide an optional timeout.
func It(text string, body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushItNode(text, body, types.FlagTypeNone, codelocation.New(1), parseTimeout(timeout...))
return true
}
//You can focus individual Its using FIt
func FIt(text string, body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushItNode(text, body, types.FlagTypeFocused, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -406,12 +422,14 @@ func XIt(text string, _ ...interface{}) bool {
//which "It" does not fit into a natural sentence flow. All the same protocols apply for Specify blocks
//which apply to It blocks.
func Specify(text string, body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushItNode(text, body, types.FlagTypeNone, codelocation.New(1), parseTimeout(timeout...))
return true
}
//You can focus individual Specifys using FSpecify
func FSpecify(text string, body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushItNode(text, body, types.FlagTypeFocused, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -484,6 +502,7 @@ func XMeasure(text string, _ ...interface{}) bool {
//
//You may only register *one* BeforeSuite handler per test suite. You typically do so in your bootstrap file at the top level.
func BeforeSuite(body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.SetBeforeSuiteNode(body, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -497,6 +516,7 @@ func BeforeSuite(body interface{}, timeout ...float64) bool {
//
//You may only register *one* AfterSuite handler per test suite. You typically do so in your bootstrap file at the top level.
func AfterSuite(body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.SetAfterSuiteNode(body, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -584,6 +604,7 @@ func SynchronizedAfterSuite(allNodesBody interface{}, node1Body interface{}, tim
//Like It blocks, BeforeEach blocks can be made asynchronous by providing a body function that accepts
//a Done channel
func BeforeEach(body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushBeforeEachNode(body, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -594,6 +615,7 @@ func BeforeEach(body interface{}, timeout ...float64) bool {
//Like It blocks, BeforeEach blocks can be made asynchronous by providing a body function that accepts
//a Done channel
func JustBeforeEach(body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushJustBeforeEachNode(body, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -604,6 +626,7 @@ func JustBeforeEach(body interface{}, timeout ...float64) bool {
//Like It blocks, JustAfterEach blocks can be made asynchronous by providing a body function that accepts
//a Done channel
func JustAfterEach(body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushJustAfterEachNode(body, codelocation.New(1), parseTimeout(timeout...))
return true
}
@@ -614,10 +637,30 @@ func JustAfterEach(body interface{}, timeout ...float64) bool {
//Like It blocks, AfterEach blocks can be made asynchronous by providing a body function that accepts
//a Done channel
func AfterEach(body interface{}, timeout ...float64) bool {
+ validateBodyFunc(body, codelocation.New(1))
global.Suite.PushAfterEachNode(body, codelocation.New(1), parseTimeout(timeout...))
return true
}
+func validateBodyFunc(body interface{}, cl types.CodeLocation) {
+ t := reflect.TypeOf(body)
+ if t.Kind() != reflect.Func {
+ return
+ }
+
+ if t.NumOut() > 0 {
+ return
+ }
+
+ if t.NumIn() == 0 {
+ return
+ }
+
+ if t.In(0) == reflect.TypeOf(make(Done)) {
+ deprecationTracker.TrackDeprecation(types.Deprecations.Async(), cl)
+ }
+}
+
func parseTimeout(timeout ...float64) time.Duration {
if len(timeout) == 0 {
return global.DefaultTimeout
diff --git a/vendor/github.com/onsi/ginkgo/go.mod b/vendor/github.com/onsi/ginkgo/go.mod
index 738a2f107..664372fb6 100644
--- a/vendor/github.com/onsi/ginkgo/go.mod
+++ b/vendor/github.com/onsi/ginkgo/go.mod
@@ -3,6 +3,7 @@ module github.com/onsi/ginkgo
go 1.15
require (
+ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0
github.com/nxadm/tail v1.4.8
github.com/onsi/gomega v1.10.1
golang.org/x/sys v0.0.0-20210112080510-489259a85091
diff --git a/vendor/github.com/onsi/ginkgo/go.sum b/vendor/github.com/onsi/ginkgo/go.sum
index 8fdaac400..5c5c3c502 100644
--- a/vendor/github.com/onsi/ginkgo/go.sum
+++ b/vendor/github.com/onsi/ginkgo/go.sum
@@ -1,6 +1,11 @@
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
@@ -22,6 +27,11 @@ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE=
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -70,6 +80,7 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
diff --git a/vendor/github.com/onsi/ginkgo/types/deprecation_support.go b/vendor/github.com/onsi/ginkgo/types/deprecation_support.go
new file mode 100644
index 000000000..c7bbfbf41
--- /dev/null
+++ b/vendor/github.com/onsi/ginkgo/types/deprecation_support.go
@@ -0,0 +1,96 @@
+package types
+
+import (
+ "github.com/onsi/ginkgo/formatter"
+)
+
+type Deprecation struct {
+ Message string
+ DocLink string
+}
+
+type deprecations struct{}
+
+var Deprecations = deprecations{}
+
+func (d deprecations) CustomReporter() Deprecation {
+ return Deprecation{
+ Message: "You are using a custom reporter. Support for custom reporters will likely be removed in V2. Most users were using them to generate junit or teamcity reports and this functionality will be merged into the core reporter. In addition, Ginkgo 2.0 will support emitting a JSON-formatted report that users can then manipulate to generate custom reports.\n\n{{red}}{{bold}}If this change will be impactful to you please leave a comment on {{cyan}}{{underline}}https://github.com/onsi/ginkgo/issues/711{{/}}",
+ DocLink: "removed-custom-reporters",
+ }
+}
+
+func (d deprecations) V1Reporter() Deprecation {
+ return Deprecation{
+ Message: "You are using a V1 Ginkgo Reporter. Please update your custom reporter to the new V2 Reporter interface.",
+ DocLink: "changed-reporter-interface",
+ }
+}
+
+func (d deprecations) Async() Deprecation {
+ return Deprecation{
+ Message: "You are passing a Done channel to a test node to test asynchronous behavior. This is deprecated in Ginkgo V2. Your test will run synchronously and the timeout will be ignored.",
+ DocLink: "removed-async-testing",
+ }
+}
+
+func (d deprecations) Measure() Deprecation {
+ return Deprecation{
+ Message: "Measure is deprecated in Ginkgo V2",
+ DocLink: "removed-measure",
+ }
+}
+
+func (d deprecations) Convert() Deprecation {
+ return Deprecation{
+ Message: "The convert command is deprecated in Ginkgo V2",
+ DocLink: "removed-ginkgo-convert",
+ }
+}
+
+func (d deprecations) Blur() Deprecation {
+ return Deprecation{
+ Message: "The blur command is deprecated in Ginkgo V2. Use 'ginkgo unfocus' instead.",
+ }
+}
+
+type DeprecationTracker struct {
+ deprecations map[Deprecation][]CodeLocation
+}
+
+func NewDeprecationTracker() *DeprecationTracker {
+ return &DeprecationTracker{
+ deprecations: map[Deprecation][]CodeLocation{},
+ }
+}
+
+func (d *DeprecationTracker) TrackDeprecation(deprecation Deprecation, cl ...CodeLocation) {
+ if len(cl) == 1 {
+ d.deprecations[deprecation] = append(d.deprecations[deprecation], cl[0])
+ } else {
+ d.deprecations[deprecation] = []CodeLocation{}
+ }
+}
+
+func (d *DeprecationTracker) DidTrackDeprecations() bool {
+ return len(d.deprecations) > 0
+}
+
+func (d *DeprecationTracker) DeprecationsReport() string {
+ out := formatter.F("{{light-yellow}}You're using deprecated Ginkgo functionality:{{/}}\n")
+ out += formatter.F("{{light-yellow}}============================================={{/}}\n")
+ out += formatter.F("Ginkgo 2.0 is under active development and will introduce (a small number of) breaking changes.\n")
+ out += formatter.F("To learn more, view the migration guide at {{cyan}}{{underline}}https://github.com/onsi/ginkgo/blob/v2/docs/MIGRATING_TO_V2.md{{/}}\n")
+ out += formatter.F("To comment, chime in at {{cyan}}{{underline}}https://github.com/onsi/ginkgo/issues/711{{/}}\n")
+
+ for deprecation, locations := range d.deprecations {
+ out += formatter.Fi(1, "{{yellow}}"+deprecation.Message+"{{/}}\n")
+ if deprecation.DocLink != "" {
+ out += formatter.Fi(1, "{{bold}}Learn more at:{{/}} {{cyan}}{{underline}}https://github.com/onsi/ginkgo/blob/v2/docs/MIGRATING_TO_V2.md#%s{{/}}\n", deprecation.DocLink)
+ }
+ for _, location := range locations {
+ out += formatter.Fi(2, "{{gray}}%s{{/}}\n", location)
+ }
+ }
+ return out
+}
diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/api/api.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/api/api.go
index b6779bf70..5d74cae49 100644
--- a/vendor/github.com/rootless-containers/rootlesskit/pkg/api/api.go
+++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/api/api.go
@@ -5,7 +5,7 @@ import "net"
const (
// Version of the REST API, not implementation version.
// See openapi.yaml for the definition.
- Version = "1.1.0"
+ Version = "1.1.1"
)
// ErrorJSON is returned with "application/json" content type and non-2XX status code
@@ -25,12 +25,15 @@ type Info struct {
// NetworkDriverInfo in Info
type NetworkDriverInfo struct {
- Driver string `json:"driver"`
- DNS []net.IP `json:"dns,omitempty"`
+ Driver string `json:"driver"`
+ DNS []net.IP `json:"dns,omitempty"`
+ ChildIP net.IP `json:"childIP,omitempty"` // since API v1.1.1 (RootlessKit v0.14.1)
+ DynamicChildIP bool `json:"dynamicChildIP,omitempty"` // since API v1.1.1
}
// PortDriverInfo in Info
type PortDriverInfo struct {
- Driver string `json:"driver"`
- Protos []string `json:"protos"`
+ Driver string `json:"driver"`
+ Protos []string `json:"protos"`
+ DisallowLoopbackChildIP bool `json:"disallowLoopbackChildIP,omitempty"` // since API v1.1.1
}
diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/api/openapi.yaml b/vendor/github.com/rootless-containers/rootlesskit/pkg/api/openapi.yaml
index 6a6550c33..dffc49680 100644
--- a/vendor/github.com/rootless-containers/rootlesskit/pkg/api/openapi.yaml
+++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/api/openapi.yaml
@@ -1,7 +1,7 @@
# When you made a change to this YAML, please validate with https://editor.swagger.io
openapi: 3.0.3
info:
- version: 1.1.0
+ version: 1.1.1
title: RootlessKit API
servers:
- url: 'http://rootlesskit/v1'
@@ -144,6 +144,13 @@ components:
items:
type: string
example: ["10.0.2.3"]
+ childIP:
+ type: string
+ description: "Child IP (v4)"
+ example: "10.0.2.100"
+ dynamicChildIP:
+ type: boolean
+ description: "Child IP may change"
PortDriverInfo:
required:
- driver
@@ -159,3 +166,6 @@ components:
example: ["tcp","udp"]
items:
$ref: '#/components/schemas/Proto'
+ disallowLoopbackChildIP:
+ type: boolean
+ description: "If this field is set to true, loopback IP such as 127.0.0.1 cannot be specified as a child IP"
diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go
index e7ce641e1..2895a8f07 100644
--- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go
+++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go
@@ -59,8 +59,9 @@ type driver struct {
func (d *driver) Info(ctx context.Context) (*api.PortDriverInfo, error) {
info := &api.PortDriverInfo{
- Driver: "builtin",
- Protos: []string{"tcp", "tcp4", "tcp6", "udp", "udp4", "udp6"},
+ Driver: "builtin",
+ Protos: []string{"tcp", "tcp4", "tcp6", "udp", "udp4", "udp6"},
+ DisallowLoopbackChildIP: false,
}
return info, nil
}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 4e02c35f7..52ed2101e 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -233,7 +233,7 @@ github.com/containers/storage/types
github.com/coreos/go-iptables/iptables
# github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e
github.com/coreos/go-systemd/activation
-# github.com/coreos/go-systemd/v22 v22.3.0
+# github.com/coreos/go-systemd/v22 v22.3.1
github.com/coreos/go-systemd/v22/activation
github.com/coreos/go-systemd/v22/daemon
github.com/coreos/go-systemd/v22/dbus
@@ -327,7 +327,9 @@ github.com/fsouza/go-dockerclient
github.com/ghodss/yaml
# github.com/go-logr/logr v0.2.0
github.com/go-logr/logr
-# github.com/godbus/dbus/v5 v5.0.3
+# github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0
+github.com/go-task/slim-sprig
+# github.com/godbus/dbus/v5 v5.0.4
github.com/godbus/dbus/v5
# github.com/gogo/protobuf v1.3.2
github.com/gogo/protobuf/gogoproto
@@ -425,10 +427,11 @@ github.com/nxadm/tail/ratelimiter
github.com/nxadm/tail/util
github.com/nxadm/tail/watch
github.com/nxadm/tail/winfile
-# github.com/onsi/ginkgo v1.15.2
+# github.com/onsi/ginkgo v1.16.0
github.com/onsi/ginkgo
github.com/onsi/ginkgo/config
github.com/onsi/ginkgo/extensions/table
+github.com/onsi/ginkgo/formatter
github.com/onsi/ginkgo/ginkgo
github.com/onsi/ginkgo/ginkgo/convert
github.com/onsi/ginkgo/ginkgo/interrupthandler
@@ -530,7 +533,7 @@ github.com/prometheus/procfs/internal/fs
github.com/prometheus/procfs/internal/util
# github.com/rivo/uniseg v0.2.0
github.com/rivo/uniseg
-# github.com/rootless-containers/rootlesskit v0.14.0
+# github.com/rootless-containers/rootlesskit v0.14.1
github.com/rootless-containers/rootlesskit/pkg/api
github.com/rootless-containers/rootlesskit/pkg/msgutil
github.com/rootless-containers/rootlesskit/pkg/port