summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/common/create.go14
-rw-r--r--cmd/podman/common/create_opts.go3
-rw-r--r--cmd/podman/common/netflags.go8
-rw-r--r--cmd/podman/common/specgen.go49
-rw-r--r--cmd/podman/common/volumes.go95
-rw-r--r--cmd/podman/containers/create.go12
-rw-r--r--cmd/podman/containers/logs.go2
-rw-r--r--cmd/podman/containers/start.go1
-rw-r--r--cmd/podman/early_init_linux.go39
-rw-r--r--cmd/podman/early_init_unsupported.go6
-rw-r--r--cmd/podman/images/list.go53
-rw-r--r--cmd/podman/images/pull.go1
-rw-r--r--cmd/podman/images/push.go1
-rw-r--r--cmd/podman/main.go1
-rw-r--r--cmd/podman/parse/json.go9
-rw-r--r--cmd/podman/parse/json_test.go30
-rw-r--r--cmd/podman/pods/create.go2
-rw-r--r--cmd/podman/registry/config.go5
-rw-r--r--cmd/podman/root.go32
-rw-r--r--cmd/podman/system/connection.go200
-rw-r--r--cmd/podman/system/connection/add.go223
-rw-r--r--cmd/podman/system/connection/default.go46
-rw-r--r--cmd/podman/system/connection/list.go84
-rw-r--r--cmd/podman/system/connection/remove.go49
-rw-r--r--cmd/podman/system/connection/rename.go54
-rw-r--r--cmd/podman/system/info.go3
-rw-r--r--cmd/podman/system/renumber.go2
-rw-r--r--cmd/podman/system/version.go3
28 files changed, 745 insertions, 282 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index f6fbe8e10..e248e621f 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -155,6 +155,10 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
"device-write-iops", []string{},
"Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)",
)
+ createFlags.Bool(
+ "disable-content-trust", false,
+ "This is a Docker specific option and is a NOOP",
+ )
createFlags.String("entrypoint", "",
"Overwrite the default ENTRYPOINT of the image",
)
@@ -330,8 +334,7 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
"pid", "",
"PID namespace to use",
)
- createFlags.Int64Var(
- &cf.PIDsLimit,
+ createFlags.Int64(
"pids-limit", containerConfig.PidsLimit(),
"Tune container pids limit (set 0 for unlimited, -1 for server defaults)",
)
@@ -402,7 +405,7 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
)
createFlags.StringArrayVar(
&cf.SecurityOpt,
- "security-opt", containerConfig.SecurityOptions(),
+ "security-opt", []string{},
"Security Options",
)
createFlags.String(
@@ -460,6 +463,11 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
"tz", containerConfig.TZ(),
"Set timezone in container",
)
+ createFlags.StringVar(
+ &cf.Umask,
+ "umask", containerConfig.Umask(),
+ "Set umask in container",
+ )
createFlags.StringSliceVar(
&cf.UIDMap,
"uidmap", []string{},
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index eafe7f090..2bea8b0b4 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -66,7 +66,7 @@ type ContainerCLIOpts struct {
OverrideArch string
OverrideOS string
PID string
- PIDsLimit int64
+ PIDsLimit *int64
Pod string
PodIDFile string
PreserveFDs uint
@@ -93,6 +93,7 @@ type ContainerCLIOpts struct {
TmpFS []string
TTY bool
Timezone string
+ Umask string
UIDMap []string
Ulimit []string
User string
diff --git a/cmd/podman/common/netflags.go b/cmd/podman/common/netflags.go
index 5c83a3c9c..82a82b310 100644
--- a/cmd/podman/common/netflags.go
+++ b/cmd/podman/common/netflags.go
@@ -2,6 +2,7 @@ package common
import (
"net"
+ "strings"
"github.com/containers/libpod/v2/cmd/podman/parse"
"github.com/containers/libpod/v2/libpod/define"
@@ -164,11 +165,18 @@ func NetFlagsToNetOptions(cmd *cobra.Command) (*entities.NetOptions, error) {
return nil, err
}
+ parts := strings.SplitN(network, ":", 2)
+
ns, cniNets, err := specgen.ParseNetworkNamespace(network)
if err != nil {
return nil, err
}
+ if len(parts) > 1 {
+ opts.NetworkOptions = make(map[string][]string)
+ opts.NetworkOptions[parts[0]] = strings.Split(parts[1], ",")
+ cniNets = nil
+ }
opts.Network = ns
opts.CNINetworks = cniNets
}
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index eca0da32b..e694317cc 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -7,14 +7,12 @@ import (
"strings"
"time"
- "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/manifest"
"github.com/containers/libpod/v2/cmd/podman/parse"
"github.com/containers/libpod/v2/libpod/define"
ann "github.com/containers/libpod/v2/pkg/annotations"
envLib "github.com/containers/libpod/v2/pkg/env"
ns "github.com/containers/libpod/v2/pkg/namespaces"
- "github.com/containers/libpod/v2/pkg/rootless"
"github.com/containers/libpod/v2/pkg/specgen"
systemdGen "github.com/containers/libpod/v2/pkg/systemd/generate"
"github.com/containers/libpod/v2/pkg/util"
@@ -127,25 +125,6 @@ func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxBlo
return io, nil
}
-func getPidsLimits(c *ContainerCLIOpts) *specs.LinuxPids {
- pids := &specs.LinuxPids{}
- if c.CGroupsMode == "disabled" && c.PIDsLimit != 0 {
- return nil
- }
- if c.PIDsLimit < 0 {
- if rootless.IsRootless() && containerConfig.Engine.CgroupManager != config.SystemdCgroupsManager {
- return nil
- }
- pids.Limit = containerConfig.PidsLimit()
- return pids
- }
- if c.PIDsLimit > 0 {
- pids.Limit = c.PIDsLimit
- return pids
- }
- return nil
-}
-
func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxMemory, error) {
var err error
memory := &specs.LinuxMemory{}
@@ -388,9 +367,10 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.Annotations = annotations
s.WorkDir = c.Workdir
- entrypoint := []string{}
userCommand := []string{}
+ var command []string
if c.Entrypoint != nil {
+ entrypoint := []string{}
if ep := *c.Entrypoint; len(ep) > 0 {
// Check if entrypoint specified is json
if err := json.Unmarshal([]byte(*c.Entrypoint), &entrypoint); err != nil {
@@ -398,14 +378,14 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
}
s.Entrypoint = entrypoint
- }
- var command []string
-
- // Build the command
- // If we have an entry point, it goes first
- if c.Entrypoint != nil {
+ // Build the command
+ // If we have an entry point, it goes first
command = entrypoint
}
+
+ // Include the command used to create the container.
+ s.ContainerCreateCommand = os.Args
+
if len(inputCommand) > 0 {
// User command overrides data CMD
command = append(command, inputCommand...)
@@ -437,6 +417,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.DNSOptions = c.Net.DNSOptions
s.StaticIP = c.Net.StaticIP
s.StaticMAC = c.Net.StaticMAC
+ s.NetworkOptions = c.Net.NetworkOptions
s.UseImageHosts = c.Net.NoHosts
s.ImageVolumeMode = c.ImageVolume
@@ -457,7 +438,13 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
if err != nil {
return err
}
- s.ResourceLimits.Pids = getPidsLimits(c)
+ if c.PIDsLimit != nil {
+ pids := specs.LinuxPids{
+ Limit: *c.PIDsLimit,
+ }
+
+ s.ResourceLimits.Pids = &pids
+ }
s.ResourceLimits.CPU = getCPULimits(c)
if s.ResourceLimits.CPU == nil && s.ResourceLimits.Pids == nil && s.ResourceLimits.BlockIO == nil && s.ResourceLimits.Memory == nil {
s.ResourceLimits = nil
@@ -542,12 +529,13 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
// Only add read-only tmpfs mounts in case that we are read-only and the
// read-only tmpfs flag has been set.
- mounts, volumes, err := parseVolumes(c.Volume, c.Mount, c.TmpFS, c.ReadOnlyTmpFS && c.ReadOnly)
+ mounts, volumes, overlayVolumes, err := parseVolumes(c.Volume, c.Mount, c.TmpFS, c.ReadOnlyTmpFS && c.ReadOnly)
if err != nil {
return err
}
s.Mounts = mounts
s.Volumes = volumes
+ s.OverlayVolumes = overlayVolumes
for _, dev := range c.Devices {
s.Devices = append(s.Devices, specs.LinuxDevice{Path: dev})
@@ -623,6 +611,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.Remove = c.Rm
s.StopTimeout = &c.StopTimeout
s.Timezone = c.Timezone
+ s.Umask = c.Umask
return nil
}
diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go
index b201786f0..47a6f3c35 100644
--- a/cmd/podman/common/volumes.go
+++ b/cmd/podman/common/volumes.go
@@ -34,43 +34,43 @@ var (
// Does not handle image volumes, init, and --volumes-from flags.
// Can also add tmpfs mounts from read-only tmpfs.
// TODO: handle options parsing/processing via containers/storage/pkg/mount
-func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bool) ([]spec.Mount, []*specgen.NamedVolume, error) {
+func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bool) ([]spec.Mount, []*specgen.NamedVolume, []*specgen.OverlayVolume, error) {
// Get mounts from the --mounts flag.
unifiedMounts, unifiedVolumes, err := getMounts(mountFlag)
if err != nil {
- return nil, nil, err
+ return nil, nil, nil, err
}
// Next --volumes flag.
- volumeMounts, volumeVolumes, err := getVolumeMounts(volumeFlag)
+ volumeMounts, volumeVolumes, overlayVolumes, err := getVolumeMounts(volumeFlag)
if err != nil {
- return nil, nil, err
+ return nil, nil, nil, err
}
// Next --tmpfs flag.
tmpfsMounts, err := getTmpfsMounts(tmpfsFlag)
if err != nil {
- return nil, nil, err
+ return nil, nil, nil, err
}
// Unify mounts from --mount, --volume, --tmpfs.
// Start with --volume.
for dest, mount := range volumeMounts {
if _, ok := unifiedMounts[dest]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, dest)
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, dest)
}
unifiedMounts[dest] = mount
}
for dest, volume := range volumeVolumes {
if _, ok := unifiedVolumes[dest]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, dest)
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, dest)
}
unifiedVolumes[dest] = volume
}
// Now --tmpfs
for dest, tmpfs := range tmpfsMounts {
if _, ok := unifiedMounts[dest]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, dest)
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, dest)
}
unifiedMounts[dest] = tmpfs
}
@@ -101,15 +101,29 @@ func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bo
}
}
- // Check for conflicts between named volumes and mounts
+ // Check for conflicts between named volumes, overlay volumes, and mounts
for dest := range unifiedMounts {
if _, ok := unifiedVolumes[dest]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
+ }
+ if _, ok := overlayVolumes[dest]; ok {
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
}
}
for dest := range unifiedVolumes {
if _, ok := unifiedMounts[dest]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
+ }
+ if _, ok := overlayVolumes[dest]; ok {
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
+ }
+ }
+ for dest := range overlayVolumes {
+ if _, ok := unifiedMounts[dest]; ok {
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
+ }
+ if _, ok := unifiedVolumes[dest]; ok {
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, "conflict at mount destination %v", dest)
}
}
@@ -119,7 +133,7 @@ func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bo
if mount.Type == TypeBind {
absSrc, err := filepath.Abs(mount.Source)
if err != nil {
- return nil, nil, errors.Wrapf(err, "error getting absolute path of %s", mount.Source)
+ return nil, nil, nil, errors.Wrapf(err, "error getting absolute path of %s", mount.Source)
}
mount.Source = absSrc
}
@@ -129,8 +143,12 @@ func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bo
for _, volume := range unifiedVolumes {
finalVolumes = append(finalVolumes, volume)
}
+ finalOverlayVolume := make([]*specgen.OverlayVolume, 0)
+ for _, volume := range overlayVolumes {
+ finalOverlayVolume = append(finalOverlayVolume, volume)
+ }
- return finalMounts, finalVolumes, nil
+ return finalMounts, finalVolumes, finalOverlayVolume, nil
}
// getMounts takes user-provided input from the --mount flag and creates OCI
@@ -465,9 +483,10 @@ func getNamedVolume(args []string) (*specgen.NamedVolume, error) {
return newVolume, nil
}
-func getVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*specgen.NamedVolume, error) {
+func getVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*specgen.NamedVolume, map[string]*specgen.OverlayVolume, error) {
mounts := make(map[string]spec.Mount)
volumes := make(map[string]*specgen.NamedVolume)
+ overlayVolumes := make(map[string]*specgen.OverlayVolume)
volumeFormatErr := errors.Errorf("incorrect volume format, should be [host-dir:]ctr-dir[:option]")
@@ -481,7 +500,7 @@ func getVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*sp
splitVol := strings.Split(vol, ":")
if len(splitVol) > 3 {
- return nil, nil, errors.Wrapf(volumeFormatErr, vol)
+ return nil, nil, nil, errors.Wrapf(volumeFormatErr, vol)
}
src = splitVol[0]
@@ -496,34 +515,54 @@ func getVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*sp
}
if len(splitVol) > 2 {
if options, err = parse.ValidateVolumeOpts(strings.Split(splitVol[2], ",")); err != nil {
- return nil, nil, err
+ return nil, nil, nil, err
}
}
// Do not check source dir for anonymous volumes
if len(splitVol) > 1 {
if err := parse.ValidateVolumeHostDir(src); err != nil {
- return nil, nil, err
+ return nil, nil, nil, err
}
}
if err := parse.ValidateVolumeCtrDir(dest); err != nil {
- return nil, nil, err
+ return nil, nil, nil, err
}
cleanDest := filepath.Clean(dest)
if strings.HasPrefix(src, "/") || strings.HasPrefix(src, ".") {
// This is not a named volume
- newMount := spec.Mount{
- Destination: cleanDest,
- Type: string(TypeBind),
- Source: src,
- Options: options,
+ overlayFlag := false
+ for _, o := range options {
+ if o == "O" {
+ overlayFlag = true
+ if len(options) > 1 {
+ return nil, nil, nil, errors.New("can't use 'O' with other options")
+ }
+ }
}
- if _, ok := mounts[newMount.Destination]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, newMount.Destination)
+ if overlayFlag {
+ // This is a overlay volume
+ newOverlayVol := new(specgen.OverlayVolume)
+ newOverlayVol.Destination = cleanDest
+ newOverlayVol.Source = src
+ if _, ok := overlayVolumes[newOverlayVol.Destination]; ok {
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, newOverlayVol.Destination)
+ }
+ overlayVolumes[newOverlayVol.Destination] = newOverlayVol
+ } else {
+ newMount := spec.Mount{
+ Destination: cleanDest,
+ Type: string(TypeBind),
+ Source: src,
+ Options: options,
+ }
+ if _, ok := mounts[newMount.Destination]; ok {
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, newMount.Destination)
+ }
+ mounts[newMount.Destination] = newMount
}
- mounts[newMount.Destination] = newMount
} else {
// This is a named volume
newNamedVol := new(specgen.NamedVolume)
@@ -532,7 +571,7 @@ func getVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*sp
newNamedVol.Options = options
if _, ok := volumes[newNamedVol.Dest]; ok {
- return nil, nil, errors.Wrapf(errDuplicateDest, newNamedVol.Dest)
+ return nil, nil, nil, errors.Wrapf(errDuplicateDest, newNamedVol.Dest)
}
volumes[newNamedVol.Dest] = newNamedVol
}
@@ -540,7 +579,7 @@ func getVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*sp
logrus.Debugf("User mount %s:%s options %v", src, dest, options)
}
- return mounts, volumes, nil
+ return mounts, volumes, overlayVolumes, nil
}
// GetTmpfsMounts creates spec.Mount structs for user-requested tmpfs mounts
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index a44c0406f..9c9edb14f 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -4,6 +4,7 @@ import (
"context"
"fmt"
"os"
+ "strconv"
"strings"
"github.com/containers/common/pkg/config"
@@ -195,13 +196,18 @@ func createInit(c *cobra.Command) error {
cliVals.UTS = c.Flag("uts").Value.String()
cliVals.PID = c.Flag("pid").Value.String()
cliVals.CGroupsNS = c.Flag("cgroupns").Value.String()
- if !c.Flag("pids-limit").Changed {
- cliVals.PIDsLimit = -1
- }
if c.Flag("entrypoint").Changed {
val := c.Flag("entrypoint").Value.String()
cliVals.Entrypoint = &val
}
+ if c.Flags().Changed("pids-limit") {
+ val := c.Flag("pids-limit").Value.String()
+ pidsLimit, err := strconv.ParseInt(val, 10, 32)
+ if err != nil {
+ return err
+ }
+ cliVals.PIDsLimit = &pidsLimit
+ }
if c.Flags().Changed("env") {
env, err := c.Flags().GetStringArray("env")
if err != nil {
diff --git a/cmd/podman/containers/logs.go b/cmd/podman/containers/logs.go
index 850cb2e1f..966998877 100644
--- a/cmd/podman/containers/logs.go
+++ b/cmd/podman/containers/logs.go
@@ -32,6 +32,8 @@ var (
Long: logsDescription,
Args: func(cmd *cobra.Command, args []string) error {
switch {
+ case registry.IsRemote() && logsOptions.Latest:
+ return errors.New(cmd.Name() + " does not support 'latest' when run remotely")
case registry.IsRemote() && len(args) > 1:
return errors.New(cmd.Name() + " does not support multiple containers when run remotely")
case logsOptions.Latest && len(args) > 0:
diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go
index 941588137..21f22b986 100644
--- a/cmd/podman/containers/start.go
+++ b/cmd/podman/containers/start.go
@@ -82,6 +82,7 @@ func start(cmd *cobra.Command, args []string) error {
if cmd.Flag("sig-proxy").Changed {
sigProxy = startOptions.SigProxy
}
+ startOptions.SigProxy = sigProxy
if sigProxy && !startOptions.Attach {
return errors.Wrapf(define.ErrInvalidArg, "you cannot use sig-proxy without --attach")
diff --git a/cmd/podman/early_init_linux.go b/cmd/podman/early_init_linux.go
new file mode 100644
index 000000000..b43450a7f
--- /dev/null
+++ b/cmd/podman/early_init_linux.go
@@ -0,0 +1,39 @@
+package main
+
+import (
+ "fmt"
+ "os"
+ "syscall"
+
+ "github.com/containers/libpod/v2/libpod/define"
+ "github.com/pkg/errors"
+)
+
+func setRLimits() error {
+ rlimits := new(syscall.Rlimit)
+ rlimits.Cur = define.RLimitDefaultValue
+ rlimits.Max = define.RLimitDefaultValue
+ if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ return errors.Wrapf(err, "error getting rlimits")
+ }
+ rlimits.Cur = rlimits.Max
+ if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ return errors.Wrapf(err, "error setting new rlimits")
+ }
+ }
+ return nil
+}
+
+func setUMask() {
+ // Be sure we can create directories with 0755 mode.
+ syscall.Umask(0022)
+}
+
+func earlyInitHook() {
+ if err := setRLimits(); err != nil {
+ fmt.Fprint(os.Stderr, "Failed to set rlimits: "+err.Error())
+ }
+
+ setUMask()
+}
diff --git a/cmd/podman/early_init_unsupported.go b/cmd/podman/early_init_unsupported.go
new file mode 100644
index 000000000..4e748559f
--- /dev/null
+++ b/cmd/podman/early_init_unsupported.go
@@ -0,0 +1,6 @@
+// +build !linux
+
+package main
+
+func earlyInitHook() {
+}
diff --git a/cmd/podman/images/list.go b/cmd/podman/images/list.go
index 37ff491c3..a85157dd4 100644
--- a/cmd/podman/images/list.go
+++ b/cmd/podman/images/list.go
@@ -1,7 +1,6 @@
package images
import (
- "errors"
"fmt"
"os"
"sort"
@@ -11,9 +10,11 @@ import (
"time"
"unicode"
+ "github.com/containers/image/v5/docker/reference"
"github.com/containers/libpod/v2/cmd/podman/registry"
"github.com/containers/libpod/v2/pkg/domain/entities"
"github.com/docker/go-units"
+ "github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
)
@@ -98,7 +99,10 @@ func images(cmd *cobra.Command, args []string) error {
return err
}
- imgs := sortImages(summaries)
+ imgs, err := sortImages(summaries)
+ if err != nil {
+ return err
+ }
switch {
case listFlag.quiet:
return writeID(imgs)
@@ -170,14 +174,18 @@ func writeTemplate(imgs []imageReporter) error {
return tmpl.Execute(w, imgs)
}
-func sortImages(imageS []*entities.ImageSummary) []imageReporter {
+func sortImages(imageS []*entities.ImageSummary) ([]imageReporter, error) {
imgs := make([]imageReporter, 0, len(imageS))
+ var err error
for _, e := range imageS {
var h imageReporter
if len(e.RepoTags) > 0 {
for _, tag := range e.RepoTags {
h.ImageSummary = *e
- h.Repository, h.Tag = tokenRepoTag(tag)
+ h.Repository, h.Tag, err = tokenRepoTag(tag)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error parsing repository tag %q:", tag)
+ }
imgs = append(imgs, h)
}
} else {
@@ -189,23 +197,32 @@ func sortImages(imageS []*entities.ImageSummary) []imageReporter {
}
sort.Slice(imgs, sortFunc(listFlag.sort, imgs))
- return imgs
+ return imgs, err
}
-func tokenRepoTag(tag string) (string, string) {
- tokens := strings.Split(tag, ":")
- switch len(tokens) {
- case 0:
- return tag, ""
- case 1:
- return tokens[0], ""
- case 2:
- return tokens[0], tokens[1]
- case 3:
- return tokens[0] + ":" + tokens[1], tokens[2]
- default:
- return "<N/A>", ""
+func tokenRepoTag(ref string) (string, string, error) {
+
+ if ref == "<none>:<none>" {
+ return "<none>", "<none>", nil
+ }
+
+ repo, err := reference.Parse(ref)
+ if err != nil {
+ return "", "", err
+ }
+
+ named, ok := repo.(reference.Named)
+ if !ok {
+ return ref, "", nil
}
+
+ tagged, ok := repo.(reference.Tagged)
+ if !ok {
+ return named.Name(), "", nil
+ }
+
+ return named.Name(), tagged.Tag(), nil
+
}
func sortFunc(key string, data []imageReporter) func(i, j int) bool {
diff --git a/cmd/podman/images/pull.go b/cmd/podman/images/pull.go
index 83bb186df..c10a351d8 100644
--- a/cmd/podman/images/pull.go
+++ b/cmd/podman/images/pull.go
@@ -82,6 +82,7 @@ func pullFlags(flags *pflag.FlagSet) {
flags.StringVar(&pullOptions.CredentialsCLI, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.StringVar(&pullOptions.OverrideArch, "override-arch", "", "Use `ARCH` instead of the architecture of the machine for choosing images")
flags.StringVar(&pullOptions.OverrideOS, "override-os", "", "Use `OS` instead of the running OS for choosing images")
+ flags.Bool("disable-content-trust", false, "This is a Docker specific option and is a NOOP")
flags.BoolVarP(&pullOptions.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
flags.StringVar(&pullOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&pullOptions.TLSVerifyCLI, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
diff --git a/cmd/podman/images/push.go b/cmd/podman/images/push.go
index 4eeed13d4..480b5e0f0 100644
--- a/cmd/podman/images/push.go
+++ b/cmd/podman/images/push.go
@@ -79,6 +79,7 @@ func pushFlags(flags *pflag.FlagSet) {
flags.BoolVar(&pushOptions.Compress, "compress", false, "Compress tarball image layers when pushing to a directory using the 'dir' transport. (default is same compression type as source)")
flags.StringVar(&pushOptions.CredentialsCLI, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.StringVar(&pushOptions.DigestFile, "digestfile", "", "Write the digest of the pushed image to the specified file")
+ flags.Bool("disable-content-trust", false, "This is a Docker specific option and is a NOOP")
flags.StringVarP(&pushOptions.Format, "format", "f", "", "Manifest type (oci, v2s1, or v2s2) to use when pushing an image using the 'dir' transport (default is manifest type of source)")
flags.BoolVarP(&pushOptions.Quiet, "quiet", "q", false, "Suppress output information when pushing images")
flags.BoolVar(&pushOptions.RemoveSignatures, "remove-signatures", false, "Discard any pre-existing signatures in the image")
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index 5f740a006..f46f74547 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -14,6 +14,7 @@ import (
_ "github.com/containers/libpod/v2/cmd/podman/pods"
"github.com/containers/libpod/v2/cmd/podman/registry"
_ "github.com/containers/libpod/v2/cmd/podman/system"
+ _ "github.com/containers/libpod/v2/cmd/podman/system/connection"
_ "github.com/containers/libpod/v2/cmd/podman/volumes"
"github.com/containers/libpod/v2/pkg/rootless"
"github.com/containers/libpod/v2/pkg/terminal"
diff --git a/cmd/podman/parse/json.go b/cmd/podman/parse/json.go
new file mode 100644
index 000000000..95a6633b8
--- /dev/null
+++ b/cmd/podman/parse/json.go
@@ -0,0 +1,9 @@
+package parse
+
+import "regexp"
+
+var jsonFormatRegex = regexp.MustCompile(`^(\s*json\s*|\s*{{\s*json\s*\.\s*}}\s*)$`)
+
+func MatchesJSONFormat(s string) bool {
+ return jsonFormatRegex.Match([]byte(s))
+}
diff --git a/cmd/podman/parse/json_test.go b/cmd/podman/parse/json_test.go
new file mode 100644
index 000000000..5cad185fd
--- /dev/null
+++ b/cmd/podman/parse/json_test.go
@@ -0,0 +1,30 @@
+package parse
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestMatchesJSONFormat(t *testing.T) {
+ tests := []struct {
+ input string
+ expected bool
+ }{
+ {"json", true},
+ {" json", true},
+ {"json ", true},
+ {" json ", true},
+ {"{{json .}}", true},
+ {"{{ json .}}", true},
+ {"{{json . }}", true},
+ {" {{ json . }} ", true},
+ {"{{json }}", false},
+ {"{{json .", false},
+ {"json . }}", false},
+ }
+
+ for _, tt := range tests {
+ assert.Equal(t, tt.expected, MatchesJSONFormat(tt.input))
+ }
+}
diff --git a/cmd/podman/pods/create.go b/cmd/podman/pods/create.go
index 0e2a085fd..d57a2f2f7 100644
--- a/cmd/podman/pods/create.go
+++ b/cmd/podman/pods/create.go
@@ -149,6 +149,8 @@ func create(cmd *cobra.Command, args []string) error {
}
}
+ createOptions.CreateCommand = os.Args
+
if replace {
if err := replacePod(createOptions.Name); err != nil {
return err
diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go
index 75e67b35d..f5a231172 100644
--- a/cmd/podman/registry/config.go
+++ b/cmd/podman/registry/config.go
@@ -44,11 +44,12 @@ func newPodmanConfig() {
case "linux":
// Some linux clients might only be compiled without ABI
// support (e.g., podman-remote).
- if abiSupport && !remoteOverride {
+ if abiSupport && !IsRemote() {
mode = entities.ABIMode
} else {
mode = entities.TunnelMode
}
+
default:
fmt.Fprintf(os.Stderr, "%s is not a supported OS", runtime.GOOS)
os.Exit(1)
@@ -70,7 +71,7 @@ func newPodmanConfig() {
// setXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set.
// containers/image uses XDG_RUNTIME_DIR to locate the auth file, XDG_CONFIG_HOME is
-// use for the libpod.conf configuration file.
+// use for the containers.conf configuration file.
func setXdgDirs() error {
if !rootless.IsRootless() {
return nil
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index eccca3d11..e9f1ff710 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -77,6 +77,7 @@ func init() {
cobra.OnInitialize(
loggingHook,
syslogHook,
+ earlyInitHook,
)
rootFlags(rootCmd, registry.PodmanConfig())
@@ -235,16 +236,12 @@ func loggingHook() {
func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
cfg := opts.Config
+ uri, ident := resolveDestination()
lFlags := cmd.Flags()
- custom, _ := config.ReadCustomConfig()
- defaultURI := custom.Engine.RemoteURI
- if defaultURI == "" {
- defaultURI = registry.DefaultAPIAddress()
- }
lFlags.BoolVarP(&opts.Remote, "remote", "r", false, "Access remote Podman service (default false)")
- lFlags.StringVar(&opts.URI, "url", defaultURI, "URL to access Podman service (CONTAINER_HOST)")
- lFlags.StringVar(&opts.Identity, "identity", custom.Engine.RemoteIdentity, "path to SSH identity file, (CONTAINER_SSHKEY)")
+ lFlags.StringVar(&opts.URI, "url", uri, "URL to access Podman service (CONTAINER_HOST)")
+ lFlags.StringVar(&opts.Identity, "identity", ident, "path to SSH identity file, (CONTAINER_SSHKEY)")
pFlags := cmd.PersistentFlags()
pFlags.StringVar(&cfg.Engine.CgroupManager, "cgroup-manager", cfg.Engine.CgroupManager, "Cgroup manager to use (\"cgroupfs\"|\"systemd\")")
@@ -291,3 +288,24 @@ func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
pFlags.BoolVar(&useSyslog, "syslog", false, "Output logging information to syslog as well as the console (default false)")
}
}
+
+func resolveDestination() (string, string) {
+ if uri, found := os.LookupEnv("CONTAINER_HOST"); found {
+ var ident string
+ if v, found := os.LookupEnv("CONTAINER_SSHKEY"); found {
+ ident = v
+ }
+ return uri, ident
+ }
+
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return registry.DefaultAPIAddress(), ""
+ }
+
+ uri, ident, err := cfg.ActiveDestination()
+ if err != nil {
+ return registry.DefaultAPIAddress(), ""
+ }
+ return uri, ident
+}
diff --git a/cmd/podman/system/connection.go b/cmd/podman/system/connection.go
index 6a55d2d79..b1c538803 100644
--- a/cmd/podman/system/connection.go
+++ b/cmd/podman/system/connection.go
@@ -1,208 +1,34 @@
package system
import (
- "bytes"
- "fmt"
- "net"
- "net/url"
- "os"
- "os/user"
- "regexp"
-
- "github.com/containers/common/pkg/config"
"github.com/containers/libpod/v2/cmd/podman/registry"
- "github.com/containers/libpod/v2/libpod/define"
+ "github.com/containers/libpod/v2/cmd/podman/validate"
"github.com/containers/libpod/v2/pkg/domain/entities"
- "github.com/containers/libpod/v2/pkg/terminal"
- "github.com/pkg/errors"
- "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
- "golang.org/x/crypto/ssh"
- "golang.org/x/crypto/ssh/agent"
)
-const schemaPattern = "^[A-Za-z][A-Za-z0-9+.-]*:"
-
var (
- // Skip creating engines since this command will obtain connection information to engine
+ // Skip creating engines since this command will obtain connection information to said engines
noOp = func(cmd *cobra.Command, args []string) error {
return nil
}
- connectionCmd = &cobra.Command{
- Use: "connection [flags] DESTINATION",
- Args: cobra.ExactArgs(1),
- Long: `Store ssh destination information in podman configuration.
- "destination" is of the form [user@]hostname or
- an URI of the form ssh://[user@]hostname[:port]
-`,
- Short: "Record remote ssh destination",
- PersistentPreRunE: noOp,
- PersistentPostRunE: noOp,
- TraverseChildren: false,
- RunE: connection,
- Example: `podman system connection server.fubar.com
- podman system connection --identity ~/.ssh/dev_rsa ssh://root@server.fubar.com:2222
- podman system connection --identity ~/.ssh/dev_rsa --port 22 root@server.fubar.com`,
- }
- cOpts = struct {
- Identity string
- Port int
- UDSPath string
- }{}
+ ConnectionCmd = &cobra.Command{
+ Use: "connection",
+ Short: "Manage remote ssh destinations",
+ Long: `Manage ssh destination information in podman configuration`,
+ DisableFlagsInUseLine: true,
+ PersistentPreRunE: noOp,
+ RunE: validate.SubCommandExists,
+ PersistentPostRunE: noOp,
+ TraverseChildren: false,
+ }
)
func init() {
registry.Commands = append(registry.Commands, registry.CliCommand{
Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
- Command: connectionCmd,
+ Command: ConnectionCmd,
Parent: systemCmd,
})
-
- flags := connectionCmd.Flags()
- flags.IntVarP(&cOpts.Port, "port", "p", 22, "port number for destination")
- flags.StringVar(&cOpts.UDSPath, "socket-path", "", "path to podman socket on remote host. (default '/run/podman/podman.sock' or '/run/user/{uid}/podman/podman.sock)")
-}
-
-func connection(cmd *cobra.Command, args []string) error {
- // Default to ssh: schema if none given
- dest := []byte(args[0])
- if match, err := regexp.Match(schemaPattern, dest); err != nil {
- return errors.Wrapf(err, "internal regex error %q", schemaPattern)
- } else if !match {
- dest = append([]byte("ssh://"), dest...)
- }
-
- uri, err := url.Parse(string(dest))
- if err != nil {
- return errors.Wrapf(err, "failed to parse %q", string(dest))
- }
-
- if uri.User.Username() == "" {
- if uri.User, err = getUserInfo(uri); err != nil {
- return err
- }
- }
-
- if cmd.Flag("socket-path").Changed {
- uri.Path = cmd.Flag("socket-path").Value.String()
- }
-
- if cmd.Flag("port").Changed {
- uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").Value.String())
- }
-
- if uri.Port() == "" {
- uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").DefValue)
- }
-
- if uri.Path == "" {
- if uri.Path, err = getUDS(cmd, uri); err != nil {
- return errors.Wrapf(err, "failed to connect to %q", uri.String())
- }
- }
-
- custom, err := config.ReadCustomConfig()
- if err != nil {
- return err
- }
-
- if cmd.Flag("identity").Changed {
- custom.Engine.RemoteIdentity = cOpts.Identity
- }
-
- custom.Engine.RemoteURI = uri.String()
- return custom.Write()
-}
-
-func getUserInfo(uri *url.URL) (*url.Userinfo, error) {
- var (
- usr *user.User
- err error
- )
- if u, found := os.LookupEnv("_CONTAINERS_ROOTLESS_UID"); found {
- usr, err = user.LookupId(u)
- if err != nil {
- return nil, errors.Wrapf(err, "failed to find user %q", u)
- }
- } else {
- usr, err = user.Current()
- if err != nil {
- return nil, errors.Wrapf(err, "failed to obtain current user")
- }
- }
-
- pw, set := uri.User.Password()
- if set {
- return url.UserPassword(usr.Username, pw), nil
- }
- return url.User(usr.Username), nil
-}
-
-func getUDS(cmd *cobra.Command, uri *url.URL) (string, error) {
- var authMethods []ssh.AuthMethod
- passwd, set := uri.User.Password()
- if set {
- authMethods = append(authMethods, ssh.Password(passwd))
- }
-
- ident := cmd.Flag("identity")
- if ident.Changed {
- auth, err := terminal.PublicKey(ident.Value.String(), []byte(passwd))
- if err != nil {
- return "", errors.Wrapf(err, "Failed to read identity %q", ident.Value.String())
- }
- authMethods = append(authMethods, auth)
- }
-
- if sock, found := os.LookupEnv("SSH_AUTH_SOCK"); found {
- logrus.Debugf("Found SSH_AUTH_SOCK %q, ssh-agent signer enabled", sock)
-
- c, err := net.Dial("unix", sock)
- if err != nil {
- return "", err
- }
- a := agent.NewClient(c)
- authMethods = append(authMethods, ssh.PublicKeysCallback(a.Signers))
- }
-
- config := &ssh.ClientConfig{
- User: uri.User.Username(),
- Auth: authMethods,
- HostKeyCallback: ssh.InsecureIgnoreHostKey(),
- }
- dial, err := ssh.Dial("tcp", uri.Host, config)
- if err != nil {
- return "", errors.Wrapf(err, "failed to connect to %q", uri.Host)
- }
- defer dial.Close()
-
- session, err := dial.NewSession()
- if err != nil {
- return "", errors.Wrapf(err, "failed to create new ssh session on %q", uri.Host)
- }
- defer session.Close()
-
- // Override podman binary for testing etc
- podman := "podman"
- if v, found := os.LookupEnv("PODMAN_BINARY"); found {
- podman = v
- }
- run := podman + " info --format=json"
-
- var buffer bytes.Buffer
- session.Stdout = &buffer
- if err := session.Run(run); err != nil {
- return "", errors.Wrapf(err, "failed to run %q", run)
- }
-
- var info define.Info
- if err := json.Unmarshal(buffer.Bytes(), &info); err != nil {
- return "", errors.Wrapf(err, "failed to parse 'podman info' results")
- }
-
- if info.Host.RemoteSocket == nil || len(info.Host.RemoteSocket.Path) == 0 {
- return "", fmt.Errorf("remote podman %q failed to report its UDS socket", uri.Host)
- }
- return info.Host.RemoteSocket.Path, nil
}
diff --git a/cmd/podman/system/connection/add.go b/cmd/podman/system/connection/add.go
new file mode 100644
index 000000000..7522eb190
--- /dev/null
+++ b/cmd/podman/system/connection/add.go
@@ -0,0 +1,223 @@
+package connection
+
+import (
+ "bytes"
+ "encoding/json"
+ "fmt"
+ "net"
+ "net/url"
+ "os"
+ "os/user"
+ "regexp"
+
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/libpod/v2/cmd/podman/registry"
+ "github.com/containers/libpod/v2/cmd/podman/system"
+ "github.com/containers/libpod/v2/libpod/define"
+ "github.com/containers/libpod/v2/pkg/domain/entities"
+ "github.com/containers/libpod/v2/pkg/terminal"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+ "golang.org/x/crypto/ssh"
+ "golang.org/x/crypto/ssh/agent"
+)
+
+const schemaPattern = "^[A-Za-z][A-Za-z0-9+.-]*:"
+
+var (
+ addCmd = &cobra.Command{
+ Use: "add [flags] NAME DESTINATION",
+ Args: cobra.ExactArgs(2),
+ Short: "Record destination for the Podman service",
+ Long: `Add destination to podman configuration.
+ "destination" is of the form [user@]hostname or
+ an URI of the form ssh://[user@]hostname[:port]
+`,
+ RunE: add,
+ Example: `podman system connection add laptop server.fubar.com
+ podman system connection add --identity ~/.ssh/dev_rsa testing ssh://root@server.fubar.com:2222
+ podman system connection add --identity ~/.ssh/dev_rsa --port 22 production root@server.fubar.com
+ `,
+ }
+
+ cOpts = struct {
+ Identity string
+ Port int
+ UDSPath string
+ Default bool
+ }{}
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: addCmd,
+ Parent: system.ConnectionCmd,
+ })
+
+ flags := addCmd.Flags()
+ flags.IntVarP(&cOpts.Port, "port", "p", 22, "SSH port number for destination")
+ flags.StringVar(&cOpts.Identity, "identity", "", "path to SSH identity file")
+ flags.StringVar(&cOpts.UDSPath, "socket-path", "", "path to podman socket on remote host. (default '/run/podman/podman.sock' or '/run/user/{uid}/podman/podman.sock)")
+ flags.BoolVarP(&cOpts.Default, "default", "d", false, "Set connection to be default")
+}
+
+func add(cmd *cobra.Command, args []string) error {
+ // Default to ssh: schema if none given
+ dest := args[1]
+ if match, err := regexp.Match(schemaPattern, []byte(dest)); err != nil {
+ return errors.Wrapf(err, "internal regex error %q", schemaPattern)
+ } else if !match {
+ dest = "ssh://" + dest
+ }
+
+ uri, err := url.Parse(dest)
+ if err != nil {
+ return errors.Wrapf(err, "failed to parse %q", dest)
+ }
+
+ if uri.User.Username() == "" {
+ if uri.User, err = getUserInfo(uri); err != nil {
+ return err
+ }
+ }
+
+ if cmd.Flags().Changed("socket-path") {
+ uri.Path = cmd.Flag("socket-path").Value.String()
+ }
+
+ if cmd.Flags().Changed("port") {
+ uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").Value.String())
+ }
+
+ if uri.Port() == "" {
+ uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").DefValue)
+ }
+
+ if uri.Path == "" {
+ if uri.Path, err = getUDS(cmd, uri); err != nil {
+ return errors.Wrapf(err, "failed to connect to %q", uri.String())
+ }
+ }
+
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return err
+ }
+
+ if cmd.Flags().Changed("default") {
+ if cOpts.Default {
+ cfg.Engine.ActiveService = args[0]
+ }
+ }
+
+ dst := config.Destination{
+ URI: uri.String(),
+ }
+
+ if cmd.Flags().Changed("identity") {
+ dst.Identity = cOpts.Identity
+ }
+
+ if cfg.Engine.ServiceDestinations == nil {
+ cfg.Engine.ServiceDestinations = map[string]config.Destination{
+ args[0]: dst,
+ }
+ } else {
+ cfg.Engine.ServiceDestinations[args[0]] = dst
+ }
+ return cfg.Write()
+}
+
+func getUserInfo(uri *url.URL) (*url.Userinfo, error) {
+ var (
+ usr *user.User
+ err error
+ )
+ if u, found := os.LookupEnv("_CONTAINERS_ROOTLESS_UID"); found {
+ usr, err = user.LookupId(u)
+ if err != nil {
+ return nil, errors.Wrapf(err, "failed to find user %q", u)
+ }
+ } else {
+ usr, err = user.Current()
+ if err != nil {
+ return nil, errors.Wrapf(err, "failed to obtain current user")
+ }
+ }
+
+ pw, set := uri.User.Password()
+ if set {
+ return url.UserPassword(usr.Username, pw), nil
+ }
+ return url.User(usr.Username), nil
+}
+
+func getUDS(cmd *cobra.Command, uri *url.URL) (string, error) {
+ var authMethods []ssh.AuthMethod
+ passwd, set := uri.User.Password()
+ if set {
+ authMethods = append(authMethods, ssh.Password(passwd))
+ }
+
+ if cmd.Flags().Changed("identity") {
+ value := cmd.Flag("identity").Value.String()
+ auth, err := terminal.PublicKey(value, []byte(passwd))
+ if err != nil {
+ return "", errors.Wrapf(err, "Failed to read identity %q", value)
+ }
+ authMethods = append(authMethods, auth)
+ }
+
+ if sock, found := os.LookupEnv("SSH_AUTH_SOCK"); found {
+ logrus.Debugf("Found SSH_AUTH_SOCK %q, ssh-agent signer enabled", sock)
+
+ c, err := net.Dial("unix", sock)
+ if err != nil {
+ return "", err
+ }
+ a := agent.NewClient(c)
+ authMethods = append(authMethods, ssh.PublicKeysCallback(a.Signers))
+ }
+
+ config := &ssh.ClientConfig{
+ User: uri.User.Username(),
+ Auth: authMethods,
+ HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+ }
+ dial, err := ssh.Dial("tcp", uri.Host, config)
+ if err != nil {
+ return "", errors.Wrapf(err, "failed to connect to %q", uri.Host)
+ }
+ defer dial.Close()
+
+ session, err := dial.NewSession()
+ if err != nil {
+ return "", errors.Wrapf(err, "failed to create new ssh session on %q", uri.Host)
+ }
+ defer session.Close()
+
+ // Override podman binary for testing etc
+ podman := "podman"
+ if v, found := os.LookupEnv("PODMAN_BINARY"); found {
+ podman = v
+ }
+ run := podman + " info --format=json"
+
+ var buffer bytes.Buffer
+ session.Stdout = &buffer
+ if err := session.Run(run); err != nil {
+ return "", errors.Wrapf(err, "failed to run %q", run)
+ }
+
+ var info define.Info
+ if err := json.Unmarshal(buffer.Bytes(), &info); err != nil {
+ return "", errors.Wrapf(err, "failed to parse 'podman info' results")
+ }
+
+ if info.Host.RemoteSocket == nil || len(info.Host.RemoteSocket.Path) == 0 {
+ return "", fmt.Errorf("remote podman %q failed to report its UDS socket", uri.Host)
+ }
+ return info.Host.RemoteSocket.Path, nil
+}
diff --git a/cmd/podman/system/connection/default.go b/cmd/podman/system/connection/default.go
new file mode 100644
index 000000000..b85343dc2
--- /dev/null
+++ b/cmd/podman/system/connection/default.go
@@ -0,0 +1,46 @@
+package connection
+
+import (
+ "fmt"
+
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/libpod/v2/cmd/podman/registry"
+ "github.com/containers/libpod/v2/cmd/podman/system"
+ "github.com/containers/libpod/v2/pkg/domain/entities"
+ "github.com/spf13/cobra"
+)
+
+var (
+ // Skip creating engines since this command will obtain connection information to said engines
+ dfltCmd = &cobra.Command{
+ Use: "default NAME",
+ Args: cobra.ExactArgs(1),
+ Short: "Set named destination as default",
+ Long: `Set named destination as default for the Podman service`,
+ DisableFlagsInUseLine: true,
+ RunE: defaultRunE,
+ Example: `podman system connection default testing`,
+ }
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: dfltCmd,
+ Parent: system.ConnectionCmd,
+ })
+}
+
+func defaultRunE(cmd *cobra.Command, args []string) error {
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return err
+ }
+
+ if _, found := cfg.Engine.ServiceDestinations[args[0]]; !found {
+ return fmt.Errorf("%q destination is not defined. See \"podman system connection add ...\" to create a connection", args[0])
+ }
+
+ cfg.Engine.ActiveService = args[0]
+ return cfg.Write()
+}
diff --git a/cmd/podman/system/connection/list.go b/cmd/podman/system/connection/list.go
new file mode 100644
index 000000000..c0a9087f5
--- /dev/null
+++ b/cmd/podman/system/connection/list.go
@@ -0,0 +1,84 @@
+package connection
+
+import (
+ "os"
+ "text/tabwriter"
+ "text/template"
+
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/libpod/v2/cmd/podman/registry"
+ "github.com/containers/libpod/v2/cmd/podman/system"
+ "github.com/containers/libpod/v2/cmd/podman/validate"
+ "github.com/containers/libpod/v2/pkg/domain/entities"
+ "github.com/spf13/cobra"
+)
+
+var (
+ listCmd = &cobra.Command{
+ Use: "list",
+ Aliases: []string{"ls"},
+ Args: validate.NoArgs,
+ Short: "List destination for the Podman service(s)",
+ Long: `List destination information for the Podman service(s) in podman configuration`,
+ DisableFlagsInUseLine: true,
+ Example: `podman system connection list
+ podman system connection ls`,
+ RunE: list,
+ TraverseChildren: false,
+ }
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: listCmd,
+ Parent: system.ConnectionCmd,
+ })
+}
+
+type namedDestination struct {
+ Name string
+ config.Destination
+}
+
+func list(_ *cobra.Command, _ []string) error {
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return err
+ }
+
+ if len(cfg.Engine.ServiceDestinations) == 0 {
+ return nil
+ }
+
+ hdrs := []map[string]string{{
+ "Identity": "Identity",
+ "Name": "Name",
+ "URI": "URI",
+ }}
+
+ rows := make([]namedDestination, 0)
+ for k, v := range cfg.Engine.ServiceDestinations {
+ if k == cfg.Engine.ActiveService {
+ k += "*"
+ }
+
+ r := namedDestination{
+ Name: k,
+ Destination: config.Destination{
+ Identity: v.Identity,
+ URI: v.URI,
+ },
+ }
+ rows = append(rows, r)
+ }
+
+ // TODO: Allow user to override format
+ format := "{{range . }}{{.Name}}\t{{.Identity}}\t{{.URI}}\n{{end}}"
+ tmpl := template.Must(template.New("connection").Parse(format))
+ w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0)
+ defer w.Flush()
+
+ _ = tmpl.Execute(w, hdrs)
+ return tmpl.Execute(w, rows)
+}
diff --git a/cmd/podman/system/connection/remove.go b/cmd/podman/system/connection/remove.go
new file mode 100644
index 000000000..a2ca66c8d
--- /dev/null
+++ b/cmd/podman/system/connection/remove.go
@@ -0,0 +1,49 @@
+package connection
+
+import (
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/libpod/v2/cmd/podman/registry"
+ "github.com/containers/libpod/v2/cmd/podman/system"
+ "github.com/containers/libpod/v2/pkg/domain/entities"
+ "github.com/spf13/cobra"
+)
+
+var (
+ // Skip creating engines since this command will obtain connection information to said engines
+ rmCmd = &cobra.Command{
+ Use: "remove NAME",
+ Args: cobra.ExactArgs(1),
+ Aliases: []string{"rm"},
+ Long: `Delete named destination from podman configuration`,
+ Short: "Delete named destination",
+ DisableFlagsInUseLine: true,
+ RunE: rm,
+ Example: `podman system connection remove devl
+ podman system connection rm devl`,
+ }
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: rmCmd,
+ Parent: system.ConnectionCmd,
+ })
+}
+
+func rm(_ *cobra.Command, args []string) error {
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return err
+ }
+
+ if cfg.Engine.ServiceDestinations != nil {
+ delete(cfg.Engine.ServiceDestinations, args[0])
+ }
+
+ if cfg.Engine.ActiveService == args[0] {
+ cfg.Engine.ActiveService = ""
+ }
+
+ return cfg.Write()
+}
diff --git a/cmd/podman/system/connection/rename.go b/cmd/podman/system/connection/rename.go
new file mode 100644
index 000000000..d6cd55c31
--- /dev/null
+++ b/cmd/podman/system/connection/rename.go
@@ -0,0 +1,54 @@
+package connection
+
+import (
+ "fmt"
+
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/libpod/v2/cmd/podman/registry"
+ "github.com/containers/libpod/v2/cmd/podman/system"
+ "github.com/containers/libpod/v2/pkg/domain/entities"
+ "github.com/spf13/cobra"
+)
+
+var (
+ // Skip creating engines since this command will obtain connection information to said engines
+ renameCmd = &cobra.Command{
+ Use: "rename OLD NEW",
+ Aliases: []string{"mv"},
+ Args: cobra.ExactArgs(2),
+ Short: "Rename \"old\" to \"new\"",
+ Long: `Rename destination for the Podman service from "old" to "new"`,
+ DisableFlagsInUseLine: true,
+ RunE: rename,
+ Example: `podman system connection rename laptop devl,
+ podman system connection mv laptop devl`,
+ }
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: renameCmd,
+ Parent: system.ConnectionCmd,
+ })
+}
+
+func rename(cmd *cobra.Command, args []string) error {
+ cfg, err := config.ReadCustomConfig()
+ if err != nil {
+ return err
+ }
+
+ if _, found := cfg.Engine.ServiceDestinations[args[0]]; !found {
+ return fmt.Errorf("%q destination is not defined. See \"podman system connection add ...\" to create a connection", args[0])
+ }
+
+ cfg.Engine.ServiceDestinations[args[1]] = cfg.Engine.ServiceDestinations[args[0]]
+ delete(cfg.Engine.ServiceDestinations, args[0])
+
+ if cfg.Engine.ActiveService == args[0] {
+ cfg.Engine.ActiveService = args[1]
+ }
+
+ return cfg.Write()
+}
diff --git a/cmd/podman/system/info.go b/cmd/podman/system/info.go
index 699f7b55c..410b3455a 100644
--- a/cmd/podman/system/info.go
+++ b/cmd/podman/system/info.go
@@ -5,6 +5,7 @@ import (
"os"
"text/template"
+ "github.com/containers/libpod/v2/cmd/podman/parse"
"github.com/containers/libpod/v2/cmd/podman/registry"
"github.com/containers/libpod/v2/cmd/podman/validate"
"github.com/containers/libpod/v2/pkg/domain/entities"
@@ -68,7 +69,7 @@ func info(cmd *cobra.Command, args []string) error {
return err
}
- if inFormat == "json" {
+ if parse.MatchesJSONFormat(inFormat) {
b, err := json.MarshalIndent(info, "", " ")
if err != nil {
return err
diff --git a/cmd/podman/system/renumber.go b/cmd/podman/system/renumber.go
index 82cf65d8f..7cec5b986 100644
--- a/cmd/podman/system/renumber.go
+++ b/cmd/podman/system/renumber.go
@@ -18,7 +18,7 @@ var (
podman system renumber
Migrate lock numbers to handle a change in maximum number of locks.
- Mandatory after the number of locks in libpod.conf is changed.
+ Mandatory after the number of locks in containers.conf is changed.
`
renumberCommand = &cobra.Command{
diff --git a/cmd/podman/system/version.go b/cmd/podman/system/version.go
index 5aac34699..9b70bc9f4 100644
--- a/cmd/podman/system/version.go
+++ b/cmd/podman/system/version.go
@@ -8,6 +8,7 @@ import (
"text/tabwriter"
"github.com/containers/buildah/pkg/formats"
+ "github.com/containers/libpod/v2/cmd/podman/parse"
"github.com/containers/libpod/v2/cmd/podman/registry"
"github.com/containers/libpod/v2/cmd/podman/validate"
"github.com/containers/libpod/v2/libpod/define"
@@ -41,7 +42,7 @@ func version(cmd *cobra.Command, args []string) error {
}
switch {
- case versionFormat == "json", versionFormat == "{{ json .}}":
+ case parse.MatchesJSONFormat(versionFormat):
s, err := json.MarshalToString(versions)
if err != nil {
return err