6 files changed, 248 insertions, 133 deletions

diff --git a/cmd/podman/autoupdate.go b/cmd/podman/autoupdate.go
new file mode 100644
index 000000000..2cc1ae72e
--- /dev/null
+++ b/cmd/podman/autoupdate.go
@@ -0,0 +1,56 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/containers/libpod/cmd/podman/cliconfig"
+	"github.com/containers/libpod/pkg/adapter"
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+)
+
+var (
+	autoUpdateCommand     cliconfig.AutoUpdateValues
+	autoUpdateDescription = `Auto update containers according to their auto-update policy.
+
+Auto-update policies are specified with the "io.containers.autoupdate" label.`
+	_autoUpdateCommand = &cobra.Command{
+		Use:   "auto-update [flags]",
+		Short: "Auto update containers according to their auto-update policy",
+		Args:  noSubArgs,
+		Long:  autoUpdateDescription,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			restartCommand.InputArgs = args
+			restartCommand.GlobalFlags = MainGlobalOpts
+			return autoUpdateCmd(&restartCommand)
+		},
+		Example: `podman auto-update`,
+	}
+)
+
+func init() {
+	autoUpdateCommand.Command = _autoUpdateCommand
+	autoUpdateCommand.SetHelpTemplate(HelpTemplate())
+	autoUpdateCommand.SetUsageTemplate(UsageTemplate())
+}
+
+func autoUpdateCmd(c *cliconfig.RestartValues) error {
+	runtime, err := adapter.GetRuntime(getContext(), &c.PodmanCommand)
+	if err != nil {
+		return errors.Wrapf(err, "error creating libpod runtime")
+	}
+	defer runtime.DeferredShutdown(false)
+
+	units, failures := runtime.AutoUpdate()
+	for _, unit := range units {
+		fmt.Println(unit)
+	}
+	var finalErr error
+	if len(failures) > 0 {
+		finalErr = failures[0]
+		for _, e := range failures[1:] {
+			finalErr = errors.Errorf("%v\n%v", finalErr, e)
+		}
+	}
+	return finalErr
+}
diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go
index 79917946a..94a7b2091 100644
--- a/cmd/podman/cliconfig/config.go
+++ b/cmd/podman/cliconfig/config.go
@@ -54,6 +54,10 @@ type AttachValues struct {
 	SigProxy   bool
 }
 
+type AutoUpdateValues struct {
+	PodmanCommand
+}
+
 type ImagesValues struct {
 	PodmanCommand
 	All       bool
@@ -470,10 +474,11 @@ type RefreshValues struct {
 
 type RestartValues struct {
 	PodmanCommand
-	All     bool
-	Latest  bool
-	Running bool
-	Timeout uint
+	All        bool
+	AutoUpdate bool
+	Latest     bool
+	Running    bool
+	Timeout    uint
 }
 
 type RestoreValues struct {
diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go
index d6018a6f4..dfa04315e 100644
--- a/cmd/podman/commands.go
+++ b/cmd/podman/commands.go
@@ -11,6 +11,7 @@ const remoteclient = false
 // Commands that the local client implements
 func getMainCommands() []*cobra.Command {
 	rootCommands := []*cobra.Command{
+		_autoUpdateCommand,
 		_cpCommand,
 		_playCommand,
 		_loginCommand,
diff --git a/cmd/podman/pod_ps.go b/cmd/podman/pod_ps.go
index d7731e983..7acbd6888 100644
--- a/cmd/podman/pod_ps.go
+++ b/cmd/podman/pod_ps.go
@@ -4,7 +4,6 @@ import (
 	"fmt"
 	"reflect"
 	"sort"
-	"strconv"
 	"strings"
 	"time"
 
@@ -13,7 +12,6 @@ import (
 	"github.com/containers/libpod/cmd/podman/shared"
 	"github.com/containers/libpod/libpod/define"
 	"github.com/containers/libpod/pkg/adapter"
-	"github.com/containers/libpod/pkg/util"
 	"github.com/docker/go-units"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
@@ -29,8 +27,6 @@ const (
 	NUM_CTR_INFO = 10
 )
 
-type PodFilter func(*adapter.Pod) bool
-
 var (
 	bc_opts shared.PsOptions
 )
@@ -174,29 +170,23 @@ func podPsCmd(c *cliconfig.PodPsValues) error {
 
 	opts.Format = genPodPsFormat(c)
 
-	var filterFuncs []PodFilter
-	if c.Filter != "" {
-		filters := strings.Split(c.Filter, ",")
-		for _, f := range filters {
-			filterSplit := strings.Split(f, "=")
-			if len(filterSplit) < 2 {
-				return errors.Errorf("filter input must be in the form of filter=value: %s is invalid", f)
-			}
-			generatedFunc, err := generatePodFilterFuncs(filterSplit[0], filterSplit[1])
-			if err != nil {
-				return errors.Wrapf(err, "invalid filter")
-			}
-			filterFuncs = append(filterFuncs, generatedFunc)
-		}
-	}
-
 	var pods []*adapter.Pod
+
+	// If latest is set true filters are ignored.
 	if c.Latest {
 		pod, err := runtime.GetLatestPod()
 		if err != nil {
 			return err
 		}
 		pods = append(pods, pod)
+		return generatePodPsOutput(pods, opts)
+	}
+
+	if c.Filter != "" {
+		pods, err = runtime.GetPodsWithFilters(c.Filter)
+		if err != nil {
+			return err
+		}
 	} else {
 		pods, err = runtime.GetAllPods()
 		if err != nil {
@@ -204,19 +194,7 @@ func podPsCmd(c *cliconfig.PodPsValues) error {
 		}
 	}
 
-	podsFiltered := make([]*adapter.Pod, 0, len(pods))
-	for _, pod := range pods {
-		include := true
-		for _, filter := range filterFuncs {
-			include = include && filter(pod)
-		}
-
-		if include {
-			podsFiltered = append(podsFiltered, pod)
-		}
-	}
-
-	return generatePodPsOutput(podsFiltered, opts)
+	return generatePodPsOutput(pods, opts)
 }
 
 // podPsCheckFlagsPassed checks if mutually exclusive flags are passed together
@@ -235,88 +213,6 @@ func podPsCheckFlagsPassed(c *cliconfig.PodPsValues) error {
 	return nil
 }
 
-func generatePodFilterFuncs(filter, filterValue string) (func(pod *adapter.Pod) bool, error) {
-	switch filter {
-	case "ctr-ids":
-		return func(p *adapter.Pod) bool {
-			ctrIds, err := p.AllContainersByID()
-			if err != nil {
-				return false
-			}
-			return util.StringInSlice(filterValue, ctrIds)
-		}, nil
-	case "ctr-names":
-		return func(p *adapter.Pod) bool {
-			ctrs, err := p.AllContainers()
-			if err != nil {
-				return false
-			}
-			for _, ctr := range ctrs {
-				if filterValue == ctr.Name() {
-					return true
-				}
-			}
-			return false
-		}, nil
-	case "ctr-number":
-		return func(p *adapter.Pod) bool {
-			ctrIds, err := p.AllContainersByID()
-			if err != nil {
-				return false
-			}
-
-			fVint, err2 := strconv.Atoi(filterValue)
-			if err2 != nil {
-				return false
-			}
-			return len(ctrIds) == fVint
-		}, nil
-	case "ctr-status":
-		if !util.StringInSlice(filterValue, []string{"created", "restarting", "running", "paused", "exited", "unknown"}) {
-			return nil, errors.Errorf("%s is not a valid status", filterValue)
-		}
-		return func(p *adapter.Pod) bool {
-			ctr_statuses, err := p.Status()
-			if err != nil {
-				return false
-			}
-			for _, ctr_status := range ctr_statuses {
-				state := ctr_status.String()
-				if ctr_status == define.ContainerStateConfigured {
-					state = "created"
-				}
-				if state == filterValue {
-					return true
-				}
-			}
-			return false
-		}, nil
-	case "id":
-		return func(p *adapter.Pod) bool {
-			return strings.Contains(p.ID(), filterValue)
-		}, nil
-	case "name":
-		return func(p *adapter.Pod) bool {
-			return strings.Contains(p.Name(), filterValue)
-		}, nil
-	case "status":
-		if !util.StringInSlice(filterValue, []string{"stopped", "running", "paused", "exited", "dead", "created"}) {
-			return nil, errors.Errorf("%s is not a valid pod status", filterValue)
-		}
-		return func(p *adapter.Pod) bool {
-			status, err := p.GetPodStatus()
-			if err != nil {
-				return false
-			}
-			if strings.ToLower(status) == filterValue {
-				return true
-			}
-			return false
-		}, nil
-	}
-	return nil, errors.Errorf("%s is an invalid filter", filter)
-}
-
 // generate the template based on conditions given
 func genPodPsFormat(c *cliconfig.PodPsValues) string {
 	format := ""
diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go
index 8968f10e8..cec837af6 100644
--- a/cmd/podman/shared/create.go
+++ b/cmd/podman/shared/create.go
@@ -18,6 +18,7 @@ import (
 	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/libpod/image"
 	ann "github.com/containers/libpod/pkg/annotations"
+	"github.com/containers/libpod/pkg/autoupdate"
 	envLib "github.com/containers/libpod/pkg/env"
 	"github.com/containers/libpod/pkg/errorhandling"
 	"github.com/containers/libpod/pkg/inspect"
@@ -25,6 +26,7 @@ import (
 	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/libpod/pkg/seccomp"
 	cc "github.com/containers/libpod/pkg/spec"
+	systemdGen "github.com/containers/libpod/pkg/systemd/generate"
 	"github.com/containers/libpod/pkg/util"
 	"github.com/docker/go-connections/nat"
 	"github.com/docker/go-units"
@@ -69,6 +71,7 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 	}
 
 	imageName := ""
+	rawImageName := ""
 	var imageData *inspect.ImageData = nil
 
 	// Set the storage if there is no rootfs specified
@@ -78,9 +81,8 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 			writer = os.Stderr
 		}
 
-		name := ""
 		if len(c.InputArgs) != 0 {
-			name = c.InputArgs[0]
+			rawImageName = c.InputArgs[0]
 		} else {
 			return nil, nil, errors.Errorf("error, image name not provided")
 		}
@@ -97,7 +99,7 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 			ArchitectureChoice: overrideArch,
 		}
 
-		newImage, err := runtime.ImageRuntime().New(ctx, name, rtc.SignaturePolicyPath, c.String("authfile"), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType)
+		newImage, err := runtime.ImageRuntime().New(ctx, rawImageName, rtc.SignaturePolicyPath, c.String("authfile"), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -174,11 +176,32 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 		}
 	}
 
-	createConfig, err := ParseCreateOpts(ctx, c, runtime, imageName, imageData)
+	createConfig, err := ParseCreateOpts(ctx, c, runtime, imageName, rawImageName, imageData)
 	if err != nil {
 		return nil, nil, err
 	}
 
+	// (VR): Ideally we perform the checks _before_ pulling the image but that
+	// would require some bigger code refactoring of `ParseCreateOpts` and the
+	// logic here.  But as the creation code will be consolidated in the future
+	// and given auto updates are experimental, we can live with that for now.
+	// In the end, the user may only need to correct the policy or the raw image
+	// name.
+	autoUpdatePolicy, autoUpdatePolicySpecified := createConfig.Labels[autoupdate.Label]
+	if autoUpdatePolicySpecified {
+		if _, err := autoupdate.LookupPolicy(autoUpdatePolicy); err != nil {
+			return nil, nil, err
+		}
+		// Now we need to make sure we're having a fully-qualified image reference.
+		if rootfs != "" {
+			return nil, nil, errors.Errorf("auto updates do not work with --rootfs")
+		}
+		// Make sure the input image is a docker.
+		if err := autoupdate.ValidateImageReference(rawImageName); err != nil {
+			return nil, nil, err
+		}
+	}
+
 	// Because parseCreateOpts does derive anything from the image, we add health check
 	// at this point. The rest is done by WithOptions.
 	createConfig.HealthCheck = healthCheck
@@ -270,7 +293,7 @@ func configurePod(c *GenericCLIResults, runtime *libpod.Runtime, namespaces map[
 
 // Parses CLI options related to container creation into a config which can be
 // parsed into an OCI runtime spec
-func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.Runtime, imageName string, data *inspect.ImageData) (*cc.CreateConfig, error) {
+func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.Runtime, imageName string, rawImageName string, data *inspect.ImageData) (*cc.CreateConfig, error) {
 	var (
 		inputCommand, command                                    []string
 		memoryLimit, memoryReservation, memorySwap, memoryKernel int64
@@ -481,12 +504,15 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 		"container": "podman",
 	}
 
+	// First transform the os env into a map. We need it for the labels later in
+	// any case.
+	osEnv, err := envLib.ParseSlice(os.Environ())
+	if err != nil {
+		return nil, errors.Wrap(err, "error parsing host environment variables")
+	}
+
 	// Start with env-host
 	if c.Bool("env-host") {
-		osEnv, err := envLib.ParseSlice(os.Environ())
-		if err != nil {
-			return nil, errors.Wrap(err, "error parsing host environment variables")
-		}
 		env = envLib.Join(env, osEnv)
 	}
 
@@ -534,6 +560,10 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 		}
 	}
 
+	if systemdUnit, exists := osEnv[systemdGen.EnvVariable]; exists {
+		labels[systemdGen.EnvVariable] = systemdUnit
+	}
+
 	// ANNOTATIONS
 	annotations := make(map[string]string)
 
@@ -764,11 +794,12 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
 		Entrypoint:        entrypoint,
 		Env:               env,
 		// ExposedPorts:   ports,
-		Init:        c.Bool("init"),
-		InitPath:    c.String("init-path"),
-		Image:       imageName,
-		ImageID:     imageID,
-		Interactive: c.Bool("interactive"),
+		Init:         c.Bool("init"),
+		InitPath:     c.String("init-path"),
+		Image:        imageName,
+		RawImageName: rawImageName,
+		ImageID:      imageID,
+		Interactive:  c.Bool("interactive"),
 		// IP6Address:     c.String("ipv6"), // Not implemented yet - needs CNI support for static v6
 		Labels: labels,
 		// LinkLocalIP:    c.StringSlice("link-local-ip"), // Not implemented yet
diff --git a/cmd/podman/shared/pod.go b/cmd/podman/shared/pod.go
index 7b0b497fc..3046953b5 100644
--- a/cmd/podman/shared/pod.go
+++ b/cmd/podman/shared/pod.go
@@ -2,9 +2,11 @@ package shared
 
 import (
 	"strconv"
+	"strings"
 
 	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/libpod/define"
+	"github.com/containers/libpod/pkg/util"
 	"github.com/cri-o/ocicni/pkg/ocicni"
 	"github.com/docker/go-connections/nat"
 	"github.com/pkg/errors"
@@ -134,4 +136,128 @@ func CreatePortBindings(ports []string) ([]ocicni.PortMapping, error) {
 	return portBindings, nil
 }
 
+// GetPodsWithFilters uses the cliconfig to categorize if the latest pod is required.
+func GetPodsWithFilters(r *libpod.Runtime, filters string) ([]*libpod.Pod, error) {
+	filterFuncs, err := GenerateFilterFunction(r, strings.Split(filters, ","))
+	if err != nil {
+		return nil, err
+	}
+	return FilterAllPodsWithFilterFunc(r, filterFuncs...)
+}
+
+// FilterAllPodsWithFilterFunc retrieves all pods
+// Filters can be provided which will determine which pods are included in the
+// output. Multiple filters are handled by ANDing their output, so only pods
+// matching all filters are returned
+func FilterAllPodsWithFilterFunc(r *libpod.Runtime, filters ...libpod.PodFilter) ([]*libpod.Pod, error) {
+	pods, err := r.Pods(filters...)
+	if err != nil {
+		return nil, err
+	}
+	return pods, nil
+}
+
+// GenerateFilterFunction basically gets the filters based on the input by the user
+// and filter the pod list based on the criteria.
+func GenerateFilterFunction(r *libpod.Runtime, filters []string) ([]libpod.PodFilter, error) {
+	var filterFuncs []libpod.PodFilter
+	for _, f := range filters {
+		filterSplit := strings.Split(f, "=")
+		if len(filterSplit) < 2 {
+			return nil, errors.Errorf("filter input must be in the form of filter=value: %s is invalid", f)
+		}
+		generatedFunc, err := generatePodFilterFuncs(filterSplit[0], filterSplit[1])
+		if err != nil {
+			return nil, errors.Wrapf(err, "invalid filter")
+		}
+		filterFuncs = append(filterFuncs, generatedFunc)
+	}
+
+	return filterFuncs, nil
+}
+func generatePodFilterFuncs(filter, filterValue string) (
+	func(pod *libpod.Pod) bool, error) {
+	switch filter {
+	case "ctr-ids":
+		return func(p *libpod.Pod) bool {
+			ctrIds, err := p.AllContainersByID()
+			if err != nil {
+				return false
+			}
+			return util.StringInSlice(filterValue, ctrIds)
+		}, nil
+	case "ctr-names":
+		return func(p *libpod.Pod) bool {
+			ctrs, err := p.AllContainers()
+			if err != nil {
+				return false
+			}
+			for _, ctr := range ctrs {
+				if filterValue == ctr.Name() {
+					return true
+				}
+			}
+			return false
+		}, nil
+	case "ctr-number":
+		return func(p *libpod.Pod) bool {
+			ctrIds, err := p.AllContainersByID()
+			if err != nil {
+				return false
+			}
+
+			fVint, err2 := strconv.Atoi(filterValue)
+			if err2 != nil {
+				return false
+			}
+			return len(ctrIds) == fVint
+		}, nil
+	case "ctr-status":
+		if !util.StringInSlice(filterValue,
+			[]string{"created", "restarting", "running", "paused",
+				"exited", "unknown"}) {
+			return nil, errors.Errorf("%s is not a valid status", filterValue)
+		}
+		return func(p *libpod.Pod) bool {
+			ctr_statuses, err := p.Status()
+			if err != nil {
+				return false
+			}
+			for _, ctr_status := range ctr_statuses {
+				state := ctr_status.String()
+				if ctr_status == define.ContainerStateConfigured {
+					state = "created"
+				}
+				if state == filterValue {
+					return true
+				}
+			}
+			return false
+		}, nil
+	case "id":
+		return func(p *libpod.Pod) bool {
+			return strings.Contains(p.ID(), filterValue)
+		}, nil
+	case "name":
+		return func(p *libpod.Pod) bool {
+			return strings.Contains(p.Name(), filterValue)
+		}, nil
+	case "status":
+		if !util.StringInSlice(filterValue, []string{"stopped", "running", "paused", "exited", "dead", "created"}) {
+			return nil, errors.Errorf("%s is not a valid pod status", filterValue)
+		}
+		return func(p *libpod.Pod) bool {
+			status, err := p.GetPodStatus()
+			if err != nil {
+				return false
+			}
+			if strings.ToLower(status) == filterValue {
+				return true
+			}
+			return false
+		}, nil
+	}
+	return nil, errors.Errorf("%s is an invalid filter", filter)
+}
+
 var DefaultKernelNamespaces = "cgroup,ipc,net,uts"