aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmd/podman/common/create_opts.go9
-rw-r--r--cmd/podman/machine/inspect.go90
-rw-r--r--docs/source/markdown/podman-container-clone.1.md4
-rw-r--r--docs/source/markdown/podman-machine-inspect.1.md35
-rw-r--r--docs/source/markdown/podman-machine.1.md21
-rw-r--r--go.mod4
-rw-r--r--go.sum8
-rw-r--r--pkg/api/handlers/compat/containers_attach.go2
-rw-r--r--pkg/machine/config.go15
-rw-r--r--pkg/machine/qemu/machine.go50
-rw-r--r--pkg/machine/wsl/machine.go7
-rw-r--r--test/apiv2/20-containers.at13
-rw-r--r--vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go20
-rw-r--r--vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go41
-rw-r--r--vendor/github.com/containers/common/pkg/config/config.go4
-rw-r--r--vendor/github.com/containers/common/pkg/config/containers.conf9
-rw-r--r--vendor/github.com/containers/common/pkg/config/default.go23
-rw-r--r--vendor/modules.txt4
18 files changed, 283 insertions, 76 deletions
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index 39146f918..7b7626040 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -164,8 +164,13 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, rtc *c
}
}
- // netMode
- nsmode, networks, netOpts, err := specgen.ParseNetworkFlag([]string{string(cc.HostConfig.NetworkMode)})
+ // special case for NetworkMode, the podman default is slirp4netns for
+ // rootless but for better docker compat we want bridge.
+ netmode := string(cc.HostConfig.NetworkMode)
+ if netmode == "" || netmode == "default" {
+ netmode = "bridge"
+ }
+ nsmode, networks, netOpts, err := specgen.ParseNetworkFlag([]string{netmode})
if err != nil {
return nil, nil, err
}
diff --git a/cmd/podman/machine/inspect.go b/cmd/podman/machine/inspect.go
new file mode 100644
index 000000000..d43cabf6b
--- /dev/null
+++ b/cmd/podman/machine/inspect.go
@@ -0,0 +1,90 @@
+//go:build amd64 || arm64
+// +build amd64 arm64
+
+package machine
+
+import (
+ "encoding/json"
+ "os"
+
+ "github.com/containers/podman/v4/cmd/podman/common"
+ "github.com/containers/podman/v4/cmd/podman/registry"
+ "github.com/containers/podman/v4/cmd/podman/utils"
+ "github.com/containers/podman/v4/libpod/define"
+ "github.com/containers/podman/v4/pkg/machine"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+)
+
+var (
+ inspectCmd = &cobra.Command{
+ Use: "inspect [options] [MACHINE...]",
+ Short: "Inspect an existing machine",
+ Long: "Provide details on a managed virtual machine",
+ RunE: inspect,
+ Example: `podman machine inspect myvm`,
+ ValidArgsFunction: autocompleteMachine,
+ }
+ inspectFlag = inspectFlagType{}
+)
+
+type inspectFlagType struct {
+ format string
+}
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Command: inspectCmd,
+ Parent: machineCmd,
+ })
+
+ flags := inspectCmd.Flags()
+ formatFlagName := "format"
+ flags.StringVar(&inspectFlag.format, formatFlagName, "", "Format volume output using JSON or a Go template")
+ _ = inspectCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteFormat(machine.InspectInfo{}))
+}
+
+func inspect(cmd *cobra.Command, args []string) error {
+ var (
+ errs utils.OutputErrors
+ )
+ if len(args) < 1 {
+ args = append(args, defaultMachineName)
+ }
+ vms := make([]machine.InspectInfo, 0, len(args))
+ provider := getSystemDefaultProvider()
+ for _, vmName := range args {
+ vm, err := provider.LoadVMByName(vmName)
+ if err != nil {
+ errs = append(errs, err)
+ continue
+ }
+ state, err := vm.State()
+ if err != nil {
+ errs = append(errs, err)
+ continue
+ }
+ ii := machine.InspectInfo{
+ State: state,
+ VM: vm,
+ }
+ vms = append(vms, ii)
+ }
+ if len(inspectFlag.format) > 0 {
+ // need jhonce to work his template magic
+ return define.ErrNotImplemented
+ }
+ if err := printJSON(vms); err != nil {
+ logrus.Error(err)
+ }
+ return errs.PrintErrors()
+}
+
+func printJSON(data []machine.InspectInfo) error {
+ enc := json.NewEncoder(os.Stdout)
+ // by default, json marshallers will force utf=8 from
+ // a string. this breaks healthchecks that use <,>, &&.
+ enc.SetEscapeHTML(false)
+ enc.SetIndent("", " ")
+ return enc.Encode(data)
+}
diff --git a/docs/source/markdown/podman-container-clone.1.md b/docs/source/markdown/podman-container-clone.1.md
index eaf330373..6c23abe81 100644
--- a/docs/source/markdown/podman-container-clone.1.md
+++ b/docs/source/markdown/podman-container-clone.1.md
@@ -7,7 +7,7 @@ podman\-container\-clone - Creates a copy of an existing container
**podman container clone** [*options*] *container* *name* *image*
## DESCRIPTION
-**podman container clone** creates a copy of a container, recreating the original with an identical configuration. This command takes three arguments: the first being the container id or name ot clone, the second argument in this command can change the name of the clone from the default of $ORIGINAL_NAME-clone, and the third is a new image to use in the cloned container.
+**podman container clone** creates a copy of a container, recreating the original with an identical configuration. This command takes three arguments: the first being the container id or name to clone, the second argument in this command can change the name of the clone from the default of $ORIGINAL_NAME-clone, and the third is a new image to use in the cloned container.
## OPTIONS
@@ -59,7 +59,7 @@ Period of 1,000,000us and Runtime of 950,000us means that this container could c
The sum of all runtimes across containers cannot exceed the amount allotted to the parent cgroup.
-This option is not supported on cgroup V2 systems.
+This option is not supported on cgroups V2 systems.
#### **--cpu-shares**=*shares*
diff --git a/docs/source/markdown/podman-machine-inspect.1.md b/docs/source/markdown/podman-machine-inspect.1.md
new file mode 100644
index 000000000..38eb66b0d
--- /dev/null
+++ b/docs/source/markdown/podman-machine-inspect.1.md
@@ -0,0 +1,35 @@
+% podman-machine-inspect(1)
+
+## NAME
+podman\-machine\-inspect - Inspect one or more virtual machines
+
+## SYNOPSIS
+**podman machine inspect** [*options] *name* ...
+
+## DESCRIPTION
+
+Inspect one or more virtual machines
+
+Obtain greater detail about Podman virtual machines. More than one virtual machine can be
+inspected at once.
+
+## OPTIONS
+#### **--format**
+
+Print results with a Go template.
+
+#### **--help**
+
+Print usage statement.
+
+## EXAMPLES
+
+```
+$ podman machine inspect podman-machine-default
+```
+
+## SEE ALSO
+**[podman(1)](podman.1.md)**, **[podman-machine(1)](podman-machine.1.md)**
+
+## HISTORY
+April 2022, Originally compiled by Brent Baude <bbaude@redhat.com>
diff --git a/docs/source/markdown/podman-machine.1.md b/docs/source/markdown/podman-machine.1.md
index 3bdfd0be9..e9f6c7d20 100644
--- a/docs/source/markdown/podman-machine.1.md
+++ b/docs/source/markdown/podman-machine.1.md
@@ -11,18 +11,19 @@ podman\-machine - Manage Podman's virtual machine
## SUBCOMMANDS
-| Command | Man Page | Description |
-| ------- | ------------------------------------------------------- | --------------------------------- |
-| init | [podman-machine-init(1)](podman-machine-init.1.md) | Initialize a new virtual machine |
-| list | [podman-machine-list(1)](podman-machine-list.1.md) | List virtual machines |
-| rm | [podman-machine-rm(1)](podman-machine-rm.1.md) | Remove a virtual machine |
-| set | [podman-machine-set(1)](podman-machine-set.1.md) | Sets a virtual machine setting |
-| ssh | [podman-machine-ssh(1)](podman-machine-ssh.1.md) | SSH into a virtual machine |
-| start | [podman-machine-start(1)](podman-machine-start.1.md) | Start a virtual machine |
-| stop | [podman-machine-stop(1)](podman-machine-stop.1.md) | Stop a virtual machine |
+| Command | Man Page | Description |
+|---------|------------------------------------------------------|-----------------------------------|
+| init | [podman-machine-init(1)](podman-machine-init.1.md) | Initialize a new virtual machine |
+| inspect | [podman-machine-inspect(1)](podman-machine-inspect.1.md) | Inspect one or more virtual machines |
+| list | [podman-machine-list(1)](podman-machine-list.1.md) | List virtual machines |
+| rm | [podman-machine-rm(1)](podman-machine-rm.1.md) | Remove a virtual machine |
+| set | [podman-machine-set(1)](podman-machine-set.1.md) | Sets a virtual machine setting |
+| ssh | [podman-machine-ssh(1)](podman-machine-ssh.1.md) | SSH into a virtual machine |
+| start | [podman-machine-start(1)](podman-machine-start.1.md) | Start a virtual machine |
+| stop | [podman-machine-stop(1)](podman-machine-stop.1.md) | Stop a virtual machine |
## SEE ALSO
-**[podman(1)](podman.1.md)**, **[podman-machine-init(1)](podman-machine-init.1.md)**, **[podman-machine-list(1)](podman-machine-list.1.md)**, **[podman-machine-rm(1)](podman-machine-rm.1.md)**, **[podman-machine-ssh(1)](podman-machine-ssh.1.md)**, **[podman-machine-start(1)](podman-machine-start.1.md)**, **[podman-machine-stop(1)](podman-machine-stop.1.md)**
+**[podman(1)](podman.1.md)**, **[podman-machine-init(1)](podman-machine-init.1.md)**, **[podman-machine-list(1)](podman-machine-list.1.md)**, **[podman-machine-rm(1)](podman-machine-rm.1.md)**, **[podman-machine-ssh(1)](podman-machine-ssh.1.md)**, **[podman-machine-start(1)](podman-machine-start.1.md)**, **[podman-machine-stop(1)](podman-machine-stop.1.md)**, **[podman-machine-inspect(1)](podman-machine-inspect.1.md)**
## HISTORY
March 2021, Originally compiled by Ashley Cui <acui@redhat.com>
diff --git a/go.mod b/go.mod
index ee73bc99c..f1317118c 100644
--- a/go.mod
+++ b/go.mod
@@ -8,11 +8,11 @@ require (
github.com/buger/goterm v1.0.4
github.com/checkpoint-restore/checkpointctl v0.0.0-20211204171957-54b4ebfdb681
github.com/checkpoint-restore/go-criu/v5 v5.3.0
- github.com/container-orchestrated-devices/container-device-interface v0.3.0
+ github.com/container-orchestrated-devices/container-device-interface v0.3.2
github.com/containernetworking/cni v1.0.1
github.com/containernetworking/plugins v1.1.1
github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057
- github.com/containers/common v0.47.5-0.20220406101255-3dd66c046c25
+ github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.21.1-0.20220405081457-d1b64686e1d0
github.com/containers/ocicrypt v1.1.3
diff --git a/go.sum b/go.sum
index 07e2a7804..1f22ff339 100644
--- a/go.sum
+++ b/go.sum
@@ -244,8 +244,8 @@ github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:z
github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo=
github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
-github.com/container-orchestrated-devices/container-device-interface v0.3.0 h1:tM2zdVYZY8getsFaTc7Z+v+UqDXhk5alchOHVEADes0=
-github.com/container-orchestrated-devices/container-device-interface v0.3.0/go.mod h1:LGs3yHVe1wZn2XsWl4AxywYQ3NRZ6osTEZozCHQCRSM=
+github.com/container-orchestrated-devices/container-device-interface v0.3.2 h1:vZVaQwmFFddi7Y9mJgQTLPFxTWg81+OIHEMu/Th1wuw=
+github.com/container-orchestrated-devices/container-device-interface v0.3.2/go.mod h1:E1zcucIkq9P3eyNmY+68dBQsTcsXJh9cgRo2IVNScKQ=
github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE=
github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU=
github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
@@ -355,8 +355,8 @@ github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19
github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057 h1:lKSxhMBpcHyyQrj2QJYzcm56uiSeibRdSL2KoppF6rg=
github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057/go.mod h1:iSoopbYRb6K4b5c3hXgXNkGTI/T085t2+XiGjceud94=
github.com/containers/common v0.47.5-0.20220331143923-5f14ec785c18/go.mod h1:Vr2Fn6EdzD6JNAbz8L8bTv3uWLv2p31Ih2O3EAK6Hyc=
-github.com/containers/common v0.47.5-0.20220406101255-3dd66c046c25 h1:IQeqv8Hf6CqFUlKaz95QFTrLc9V4sbVQyhP9jzGnNBc=
-github.com/containers/common v0.47.5-0.20220406101255-3dd66c046c25/go.mod h1:0mfWn1RRdpBjXmiunOVLaJ1I86pQjXKAc8zuiAuUesk=
+github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b h1:HVOojcjTGPke7oOh1T/Wj67DK74LBJOR6qU5uW+33zk=
+github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b/go.mod h1:nRW9288gdZqIGoRwoV23i3qO7Zznbd34sdDOBnq2GjY=
github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.19.2-0.20220224100137-1045fb70b094/go.mod h1:XoYK6kE0dpazFNcuS+a8lra+QfbC6s8tzv+cUuCrZpE=
diff --git a/pkg/api/handlers/compat/containers_attach.go b/pkg/api/handlers/compat/containers_attach.go
index 027dadaa3..c8905808f 100644
--- a/pkg/api/handlers/compat/containers_attach.go
+++ b/pkg/api/handlers/compat/containers_attach.go
@@ -83,7 +83,7 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) {
return
}
// For Docker compatibility, we need to re-initialize containers in these states.
- if state == define.ContainerStateConfigured || state == define.ContainerStateExited {
+ if state == define.ContainerStateConfigured || state == define.ContainerStateExited || state == define.ContainerStateStopped {
if err := ctr.Init(r.Context(), ctr.PodID() != ""); err != nil {
utils.Error(w, http.StatusConflict, errors.Wrapf(err, "error preparing container %s for attach", ctr.ID()))
return
diff --git a/pkg/machine/config.go b/pkg/machine/config.go
index 7e1561506..6c2fab0e5 100644
--- a/pkg/machine/config.go
+++ b/pkg/machine/config.go
@@ -33,14 +33,14 @@ type InitOptions struct {
UID string
}
-type QemuMachineStatus = string
+type Status = string
const (
// Running indicates the qemu vm is running.
- Running QemuMachineStatus = "running"
+ Running Status = "running"
// Stopped indicates the vm has stopped.
- Stopped QemuMachineStatus = "stopped"
- DefaultMachineName string = "podman-machine-default"
+ Stopped Status = "stopped"
+ DefaultMachineName string = "podman-machine-default"
)
type Provider interface {
@@ -113,12 +113,15 @@ type RemoveOptions struct {
SaveIgnition bool
}
+type InspectOptions struct{}
+
type VM interface {
Init(opts InitOptions) (bool, error)
Remove(name string, opts RemoveOptions) (string, func() error, error)
Set(name string, opts SetOptions) error
SSH(name string, opts SSHOptions) error
Start(name string, opts StartOptions) error
+ State() (Status, error)
Stop(name string, opts StopOptions) error
}
@@ -126,6 +129,10 @@ type DistributionDownload interface {
HasUsableCache() (bool, error)
Get() *Download
}
+type InspectInfo struct {
+ State Status
+ VM
+}
func (rc RemoteConnectionType) MakeSSHURL(host, path, port, userName string) url.URL {
//TODO Should this function have input verification?
diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go
index 321c1b99c..a3dedeedb 100644
--- a/pkg/machine/qemu/machine.go
+++ b/pkg/machine/qemu/machine.go
@@ -439,12 +439,12 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) error {
return nil
}
- running, err := v.isRunning()
+ state, err := v.State()
if err != nil {
return err
}
- if running {
+ if state == machine.Running {
suffix := ""
if v.Name != machine.DefaultMachineName {
suffix = " " + v.Name
@@ -581,14 +581,14 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error {
}
if len(v.Mounts) > 0 {
- running, err := v.isRunning()
+ state, err := v.State()
if err != nil {
return err
}
listening := v.isListening()
- for !running || !listening {
+ for state != machine.Running || !listening {
time.Sleep(100 * time.Millisecond)
- running, err = v.isRunning()
+ state, err = v.State()
if err != nil {
return err
}
@@ -634,7 +634,7 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error {
return nil
}
-func (v *MachineVM) checkStatus(monitor *qmp.SocketMonitor) (machine.QemuMachineStatus, error) {
+func (v *MachineVM) checkStatus(monitor *qmp.SocketMonitor) (machine.Status, error) {
// this is the format returned from the monitor
// {"return": {"status": "running", "singlestep": false, "running": true}}
@@ -748,11 +748,11 @@ func (v *MachineVM) Stop(_ string, _ machine.StopOptions) error {
disconnected = true
waitInternal := 250 * time.Millisecond
for i := 0; i < 5; i++ {
- running, err := v.isRunning()
+ state, err := v.State()
if err != nil {
return err
}
- if !running {
+ if state != machine.Running {
break
}
time.Sleep(waitInternal)
@@ -800,11 +800,11 @@ func (v *MachineVM) Remove(_ string, opts machine.RemoveOptions) (string, func()
)
// cannot remove a running vm unless --force is used
- running, err := v.isRunning()
+ state, err := v.State()
if err != nil {
return "", nil, err
}
- if running && !opts.Force {
+ if state == machine.Running && !opts.Force {
return "", nil, errors.Errorf("running vm %q cannot be destroyed", v.Name)
}
@@ -858,10 +858,7 @@ func (v *MachineVM) Remove(_ string, opts machine.RemoveOptions) (string, func()
confirmationMessage += "\n"
return confirmationMessage, func() error {
for _, f := range files {
- if err := os.Remove(f); err != nil {
- if errors.Is(err, os.ErrNotExist) {
- continue
- }
+ if err := os.Remove(f); err != nil && !errors.Is(err, os.ErrNotExist) {
logrus.Error(err)
}
}
@@ -869,19 +866,19 @@ func (v *MachineVM) Remove(_ string, opts machine.RemoveOptions) (string, func()
}, nil
}
-func (v *MachineVM) isRunning() (bool, error) {
+func (v *MachineVM) State() (machine.Status, error) {
// Check if qmp socket path exists
if _, err := os.Stat(v.QMPMonitor.Address.GetPath()); os.IsNotExist(err) {
- return false, nil
+ return "", nil
}
// Check if we can dial it
monitor, err := qmp.NewSocketMonitor(v.QMPMonitor.Network, v.QMPMonitor.Address.GetPath(), v.QMPMonitor.Timeout)
if err != nil {
// FIXME: this error should probably be returned
- return false, nil // nolint: nilerr
+ return "", err
}
if err := monitor.Connect(); err != nil {
- return false, err
+ return "", err
}
defer func() {
if err := monitor.Disconnect(); err != nil {
@@ -889,14 +886,7 @@ func (v *MachineVM) isRunning() (bool, error) {
}
}()
// If there is a monitor, lets see if we can query state
- state, err := v.checkStatus(monitor)
- if err != nil {
- return false, err
- }
- if state == machine.Running {
- return true, nil
- }
- return false, nil
+ return v.checkStatus(monitor)
}
func (v *MachineVM) isListening() bool {
@@ -912,11 +902,11 @@ func (v *MachineVM) isListening() bool {
// SSH opens an interactive SSH session to the vm specified.
// Added ssh function to VM interface: pkg/machine/config/go : line 58
func (v *MachineVM) SSH(_ string, opts machine.SSHOptions) error {
- running, err := v.isRunning()
+ state, err := v.State()
if err != nil {
return err
}
- if !running {
+ if state != machine.Running {
return errors.Errorf("vm %q is not running.", v.Name)
}
@@ -1037,11 +1027,11 @@ func getVMInfos() ([]*machine.ListResponse, error) {
return err
}
listEntry.LastUp = fi.ModTime()
- running, err := vm.isRunning()
+ state, err := vm.State()
if err != nil {
return err
}
- if running {
+ if state == machine.Running {
listEntry.Running = true
}
diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go
index fdda45ca6..1da042f6a 100644
--- a/pkg/machine/wsl/machine.go
+++ b/pkg/machine/wsl/machine.go
@@ -18,6 +18,7 @@ import (
"strings"
"time"
+ "github.com/containers/podman/v4/libpod/define"
"github.com/containers/podman/v4/pkg/machine"
"github.com/containers/podman/v4/utils"
"github.com/containers/storage/pkg/homedir"
@@ -1013,6 +1014,12 @@ func (v *MachineVM) Stop(name string, _ machine.StopOptions) error {
return nil
}
+// TODO: We need to rename isRunning to State(); I do not have a
+// windows system to test this on.
+func (v *MachineVM) State() (machine.Status, error) {
+ return "", define.ErrNotImplemented
+}
+
func stopWinProxy(v *MachineVM) error {
pid, tid, tidFile, err := readWinProxyTid(v)
if err != nil {
diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at
index a3675d40a..2d5754077 100644
--- a/test/apiv2/20-containers.at
+++ b/test/apiv2/20-containers.at
@@ -239,16 +239,11 @@ t GET containers/$cid/json 200 \
t POST containers/create Image=$IMAGE Entrypoint='["top"]' 201 \
.Id~[0-9a-f]\\{64\\}
cid_top=$(jq -r '.Id' <<<"$output")
-# .Network is N/A when rootless
-network_expect=
-if root; then
- network_expect='.NetworkSettings.Networks.podman.NetworkID=podman'
-fi
t GET containers/${cid_top}/json 200 \
.Config.Entrypoint[0]="top" \
.Config.Cmd='[]' \
.Path="top" \
- $network_expect
+ .NetworkSettings.Networks.podman.NetworkID=podman
t POST containers/${cid_top}/start 204
# make sure the container is running
t GET containers/${cid_top}/json 200 \
@@ -372,15 +367,11 @@ t GET containers/$cid/json 200 \
t DELETE containers/$cid?v=true 204
# Test Compat Create with default network mode (#10569)
-networkmode=slirp4netns
-if root; then
- networkmode=bridge
-fi
t POST containers/create Image=$IMAGE HostConfig='{"NetworkMode":"default"}' 201 \
.Id~[0-9a-f]\\{64\\}
cid=$(jq -r '.Id' <<<"$output")
t GET containers/$cid/json 200 \
- .HostConfig.NetworkMode="$networkmode"
+ .HostConfig.NetworkMode="bridge"
t DELETE containers/$cid?v=true 204
diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go
index 4fcdc44db..a9017259c 100644
--- a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go
+++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go
@@ -127,4 +127,24 @@
// The default directories are '/etc/cdi' and '/var/run/cdi'. By putting
// dynamically generated Spec files under '/var/run/cdi', those take
// precedence over static ones in '/etc/cdi'.
+//
+// CDI Spec Validation
+//
+// This package performs both syntactic and semantic validation of CDI
+// Spec file data when a Spec file is loaded via the registry or using
+// the ReadSpec API function. As part of the semantic verification, the
+// Spec file is verified against the CDI Spec JSON validation schema.
+//
+// If a valid externally provided JSON validation schema is found in
+// the filesystem at /etc/cdi/schema/schema.json it is loaded and used
+// as the default validation schema. If such a file is not found or
+// fails to load, an embedded no-op schema is used.
+//
+// The used validation schema can also be changed programmatically using
+// the SetSchema API convenience function. This function also accepts
+// the special "builtin" (BuiltinSchemaName) and "none" (NoneSchemaName)
+// schema names which switch the used schema to the in-repo validation
+// schema embedded into the binary or the now default no-op schema
+// correspondingly. Other names are interpreted as the path to the actual
+/// validation schema to load and use.
package cdi
diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go
index adebc101f..59f01acb7 100644
--- a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go
+++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go
@@ -35,6 +35,9 @@ var (
"0.2.0": {},
"0.3.0": {},
}
+
+ // Externally set CDI Spec validation function.
+ specValidator func(*cdi.Spec) error
)
// Spec represents a single CDI Spec. It is usually loaded from a
@@ -68,8 +71,16 @@ func ReadSpec(path string, priority int) (*Spec, error) {
if err != nil {
return nil, errors.Wrapf(err, "failed to parse CDI Spec %q", path)
}
+ if raw == nil {
+ return nil, errors.Errorf("failed to parse CDI Spec %q, no Spec data", path)
+ }
+
+ spec, err := NewSpec(raw, path, priority)
+ if err != nil {
+ return nil, err
+ }
- return NewSpec(raw, path, priority)
+ return spec, nil
}
// NewSpec creates a new Spec from the given CDI Spec data. The
@@ -77,7 +88,10 @@ func ReadSpec(path string, priority int) (*Spec, error) {
// priority. If Spec data validation fails NewSpec returns a nil
// Spec and an error.
func NewSpec(raw *cdi.Spec, path string, priority int) (*Spec, error) {
- var err error
+ err := validateSpec(raw)
+ if err != nil {
+ return nil, err
+ }
spec := &Spec{
Spec: raw,
@@ -170,16 +184,29 @@ func validateVersion(version string) error {
// Parse raw CDI Spec file data.
func parseSpec(data []byte) (*cdi.Spec, error) {
- raw := &cdi.Spec{}
+ var raw *cdi.Spec
err := yaml.UnmarshalStrict(data, &raw)
if err != nil {
return nil, errors.Wrap(err, "failed to unmarshal CDI Spec")
}
- return raw, validateJSONSchema(raw)
+ return raw, nil
+}
+
+// SetSpecValidator sets a CDI Spec validator function. This function
+// is used for extra CDI Spec content validation whenever a Spec file
+// loaded (using ReadSpec() or NewSpec()) or written (Spec.Write()).
+func SetSpecValidator(fn func(*cdi.Spec) error) {
+ specValidator = fn
}
-// Validate CDI Spec against JSON Schema.
-func validateJSONSchema(raw *cdi.Spec) error {
- // TODO
+// validateSpec validates the Spec using the extneral validator.
+func validateSpec(raw *cdi.Spec) error {
+ if specValidator == nil {
+ return nil
+ }
+ err := specValidator(raw)
+ if err != nil {
+ return errors.Wrap(err, "Spec validation failed")
+ }
return nil
}
diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
index 2c556c1bb..77654406a 100644
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -558,8 +558,10 @@ type MachineConfig struct {
Image string `toml:"image,omitempty"`
// Memory in MB a machine is created with.
Memory uint64 `toml:"memory,omitempty,omitzero"`
- // Username to use for rootless podman when init-ing a podman machine VM
+ // User to use for rootless podman when init-ing a podman machine VM
User string `toml:"user,omitempty"`
+ // Volumes are host directories mounted into the VM by default.
+ Volumes []string `toml:"volumes"`
}
// Destination represents destination for remote service
diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf
index 48ea8263b..923b668bb 100644
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@@ -627,6 +627,15 @@ default_sysctls = [
#
#user = "core"
+# Host directories to be mounted as volumes into the VM by default.
+# Environment variables like $HOME as well as complete paths are supported for
+# the source and destination. An optional third field `:ro` can be used to
+# tell the container engines to mount the volume readonly.
+#
+# volumes = [
+# "$HOME:$HOME",
+#]
+
# The [machine] table MUST be the last entry in this file.
# (Unless another table is added)
# TOML does not provide a way to end a table other than a further table being
diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go
index 14858e967..1a1da3fcd 100644
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@@ -9,6 +9,7 @@ import (
"path/filepath"
"regexp"
"strconv"
+ "strings"
nettypes "github.com/containers/common/libnetwork/types"
"github.com/containers/common/pkg/apparmor"
@@ -246,6 +247,7 @@ func defaultMachineConfig() MachineConfig {
Image: getDefaultMachineImage(),
Memory: 2048,
User: getDefaultMachineUser(),
+ Volumes: []string{"$HOME:$HOME"},
}
}
@@ -593,3 +595,24 @@ func (c *Config) LogDriver() string {
func (c *Config) MachineEnabled() bool {
return c.Engine.MachineEnabled
}
+
+// MachineVolumes returns volumes to mount into the VM
+func (c *Config) MachineVolumes() ([]string, error) {
+ return machineVolumes(c.Machine.Volumes)
+}
+
+func machineVolumes(volumes []string) ([]string, error) {
+ translatedVolumes := []string{}
+ for _, v := range volumes {
+ vol := os.ExpandEnv(v)
+ split := strings.Split(vol, ":")
+ if len(split) < 2 || len(split) > 3 {
+ return nil, errors.Errorf("invalid machine volume %s, 2 or 3 fields required", v)
+ }
+ if split[0] == "" || split[1] == "" {
+ return nil, errors.Errorf("invalid machine volume %s, fields must container data", v)
+ }
+ translatedVolumes = append(translatedVolumes, vol)
+ }
+ return translatedVolumes, nil
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 11ee3b189..d6d26b561 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -57,7 +57,7 @@ github.com/checkpoint-restore/go-criu/v5/rpc
github.com/checkpoint-restore/go-criu/v5/stats
# github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e
github.com/chzyer/readline
-# github.com/container-orchestrated-devices/container-device-interface v0.3.0
+# github.com/container-orchestrated-devices/container-device-interface v0.3.2
## explicit
github.com/container-orchestrated-devices/container-device-interface/pkg/cdi
github.com/container-orchestrated-devices/container-device-interface/specs-go
@@ -109,7 +109,7 @@ github.com/containers/buildah/pkg/rusage
github.com/containers/buildah/pkg/sshagent
github.com/containers/buildah/pkg/util
github.com/containers/buildah/util
-# github.com/containers/common v0.47.5-0.20220406101255-3dd66c046c25
+# github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b
## explicit
github.com/containers/common/libimage
github.com/containers/common/libimage/manifests