summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/attach.go6
-rw-r--r--cmd/podman/build.go66
-rw-r--r--cmd/podman/cliconfig/config.go16
-rw-r--r--cmd/podman/cliconfig/defaults.go2
-rw-r--r--cmd/podman/commands.go113
-rw-r--r--cmd/podman/commands_remoteclient.go86
-rw-r--r--cmd/podman/common.go95
-rw-r--r--cmd/podman/create.go1
-rw-r--r--cmd/podman/errors_remote.go2
-rw-r--r--cmd/podman/exec.go6
-rw-r--r--cmd/podman/generate_systemd.go8
-rw-r--r--cmd/podman/libpodruntime/runtime.go4
-rw-r--r--cmd/podman/login.go16
-rw-r--r--cmd/podman/logout.go6
-rw-r--r--cmd/podman/main.go15
-rw-r--r--cmd/podman/main_local.go43
-rw-r--r--cmd/podman/mount.go6
-rw-r--r--cmd/podman/pod_stop.go5
-rw-r--r--cmd/podman/restart.go10
-rw-r--r--cmd/podman/service.go2
-rw-r--r--cmd/podman/shared/create.go113
-rw-r--r--cmd/podman/shared/intermediate_varlink.go5
-rw-r--r--cmd/podman/shared/pod.go18
-rw-r--r--cmd/podman/sign.go9
-rw-r--r--cmd/podman/start.go5
-rw-r--r--cmd/podman/stop.go17
-rw-r--r--cmd/podman/unshare.go7
-rw-r--r--cmd/podman/utils.go2
-rw-r--r--cmd/podman/varlink.go2
-rw-r--r--cmd/podman/varlink/generate.go3
-rw-r--r--cmd/podman/varlink/io.podman.varlink1390
31 files changed, 484 insertions, 1595 deletions
diff --git a/cmd/podman/attach.go b/cmd/podman/attach.go
index 7d32c57af..6f08cc396 100644
--- a/cmd/podman/attach.go
+++ b/cmd/podman/attach.go
@@ -2,7 +2,6 @@ package main
import (
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/adapter"
"github.com/pkg/errors"
"github.com/spf13/cobra"
@@ -32,10 +31,7 @@ func init() {
attachCommand.SetHelpTemplate(HelpTemplate())
attachCommand.SetUsageTemplate(UsageTemplate())
flags := attachCommand.Flags()
- flags.StringVar(&attachCommand.DetachKeys, "detach-keys", define.DefaultDetachKeys, "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`")
- // Clear the default, the value specified in the config file should have the
- // priority
- attachCommand.DetachKeys = ""
+ flags.StringVar(&attachCommand.DetachKeys, "detach-keys", getDefaultDetachKeys(), "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`")
flags.BoolVar(&attachCommand.NoStdin, "no-stdin", false, "Do not attach STDIN. The default is false")
flags.BoolVar(&attachCommand.SigProxy, "sig-proxy", true, "Proxy received signals to the process")
flags.BoolVarP(&attachCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of")
diff --git a/cmd/podman/build.go b/cmd/podman/build.go
index acd402fdd..04bc56ab0 100644
--- a/cmd/podman/build.go
+++ b/cmd/podman/build.go
@@ -9,9 +9,9 @@ import (
"github.com/containers/buildah"
"github.com/containers/buildah/imagebuildah"
buildahcli "github.com/containers/buildah/pkg/cli"
- "github.com/containers/image/v5/types"
+ "github.com/containers/buildah/pkg/parse"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/adapter"
"github.com/docker/go-units"
"github.com/opencontainers/runtime-spec/specs-go"
@@ -86,6 +86,7 @@ func initBuild() {
fromAndBugFlags, err := buildahcli.GetFromAndBudFlags(&fromAndBudValues, &userNSValues, &namespaceValues)
if err != nil {
logrus.Errorf("failed to setup podman build flags: %v", err)
+ os.Exit(1)
}
flags.AddFlagSet(&budFlags)
@@ -267,14 +268,15 @@ func buildCmd(c *cliconfig.BuildValues) error {
if err != nil {
return err
}
- if conf != nil && conf.CgroupManager == define.SystemdCgroupsManager {
+ if conf != nil && conf.Engine.CgroupManager == config.SystemdCgroupsManager {
runtimeFlags = append(runtimeFlags, "--systemd-cgroup")
}
// end from buildah
defer runtime.DeferredShutdown(false)
- var stdout, stderr, reporter *os.File
+ var stdin, stdout, stderr, reporter *os.File
+ stdin = os.Stdin
stdout = os.Stdout
stderr = os.Stderr
reporter = os.Stderr
@@ -310,6 +312,17 @@ func buildCmd(c *cliconfig.BuildValues) error {
return err
}
+ networkPolicy := buildah.NetworkDefault
+ for _, ns := range nsValues {
+ if ns.Name == "none" {
+ networkPolicy = buildah.NetworkDisabled
+ break
+ } else if !filepath.IsAbs(ns.Path) {
+ networkPolicy = buildah.NetworkEnabled
+ break
+ }
+ }
+
buildOpts := buildah.CommonBuildOptions{
AddHost: c.AddHost,
CgroupParent: c.CgroupParent,
@@ -341,21 +354,49 @@ func buildCmd(c *cliconfig.BuildValues) error {
layers = false
}
+ compression := imagebuildah.Gzip
+ if c.DisableCompression {
+ compression = imagebuildah.Uncompressed
+ }
+
+ isolation, err := parse.IsolationOption(c.Isolation)
+ if err != nil {
+ return errors.Wrapf(err, "error parsing ID mapping options")
+ }
+
+ usernsOption, idmappingOptions, err := parse.IDMappingOptions(c.PodmanCommand.Command, isolation)
+ if err != nil {
+ return errors.Wrapf(err, "error parsing ID mapping options")
+ }
+ nsValues = append(nsValues, usernsOption...)
+
+ systemContext, err := parse.SystemContextFromOptions(c.PodmanCommand.Command)
+ if err != nil {
+ return errors.Wrapf(err, "error building system context")
+ }
+
options := imagebuildah.BuildOptions{
- Architecture: c.Arch,
- CommonBuildOpts: &buildOpts,
+ AddCapabilities: c.CapAdd,
AdditionalTags: tags,
Annotations: c.Annotation,
+ Architecture: c.Arch,
Args: args,
+ BlobDirectory: c.BlobCache,
CNIConfigDir: c.CNIConfigDir,
CNIPluginPath: c.CNIPlugInPath,
- Compression: imagebuildah.Gzip,
+ CommonBuildOpts: &buildOpts,
+ Compression: compression,
+ ConfigureNetwork: networkPolicy,
ContextDirectory: contextDir,
DefaultMountsFilePath: c.GlobalFlags.DefaultMountsFile,
+ Devices: c.Devices,
+ DropCapabilities: c.CapDrop,
Err: stderr,
- In: os.Stdin,
ForceRmIntermediateCtrs: c.ForceRm,
+ IDMappingOptions: idmappingOptions,
IIDFile: c.Iidfile,
+ In: stdin,
+ Isolation: isolation,
Labels: c.Label,
Layers: layers,
NamespaceOptions: nsValues,
@@ -369,13 +410,12 @@ func buildCmd(c *cliconfig.BuildValues) error {
RemoveIntermediateCtrs: c.Rm,
ReportWriter: reporter,
RuntimeArgs: runtimeFlags,
+ SignBy: c.SignBy,
SignaturePolicyPath: c.SignaturePolicy,
Squash: c.Squash,
- SystemContext: &types.SystemContext{
- OSChoice: c.OverrideOS,
- ArchitectureChoice: c.OverrideArch,
- },
- Target: c.Target,
+ SystemContext: systemContext,
+ Target: c.Target,
+ TransientMounts: c.Volumes,
}
_, _, err = runtime.Build(getContext(), c, options, containerfiles)
return err
diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go
index f96140fd2..6d98aaf0e 100644
--- a/cmd/podman/cliconfig/config.go
+++ b/cmd/podman/cliconfig/config.go
@@ -2,7 +2,10 @@ package cliconfig
import (
"net"
+ "os"
+ "github.com/containers/common/pkg/config"
+ "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)
@@ -171,7 +174,7 @@ type GenerateSystemdValues struct {
New bool
Files bool
RestartPolicy string
- StopTimeout int
+ StopTimeout uint
}
type HistoryValues struct {
@@ -701,3 +704,14 @@ type SystemDfValues struct {
type UntagValues struct {
PodmanCommand
}
+
+func GetDefaultConfig() *config.Config {
+ var err error
+ conf, err := config.NewConfig("")
+ conf.CheckCgroupsAndAdjustConfig()
+ if err != nil {
+ logrus.Errorf("Error loading container config %v\n", err)
+ os.Exit(1)
+ }
+ return conf
+}
diff --git a/cmd/podman/cliconfig/defaults.go b/cmd/podman/cliconfig/defaults.go
index ce695d153..3082207e0 100644
--- a/cmd/podman/cliconfig/defaults.go
+++ b/cmd/podman/cliconfig/defaults.go
@@ -11,6 +11,4 @@ var (
DefaultHealthCheckTimeout = "30s"
// DefaultImageVolume default value
DefaultImageVolume = "bind"
- // DefaultShmSize default value
- DefaultShmSize = "65536k"
)
diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go
index dfa04315e..2ee31b643 100644
--- a/cmd/podman/commands.go
+++ b/cmd/podman/commands.go
@@ -3,6 +3,15 @@
package main
import (
+ "fmt"
+ "os"
+
+ "github.com/containers/buildah/pkg/parse"
+ "github.com/containers/libpod/pkg/apparmor"
+ "github.com/containers/libpod/pkg/cgroups"
+ "github.com/containers/libpod/pkg/rootless"
+ "github.com/containers/libpod/pkg/sysinfo"
+ "github.com/opencontainers/selinux/go-selinux"
"github.com/spf13/cobra"
)
@@ -81,3 +90,107 @@ func getSystemSubCommands() []*cobra.Command {
return systemCommands
}
+
+func getDefaultSecurityOptions() []string {
+ securityOpts := []string{}
+ if defaultContainerConfig.Containers.SeccompProfile != "" && defaultContainerConfig.Containers.SeccompProfile != parse.SeccompDefaultPath {
+ securityOpts = append(securityOpts, fmt.Sprintf("seccomp=%s", defaultContainerConfig.Containers.SeccompProfile))
+ }
+ if apparmor.IsEnabled() && defaultContainerConfig.Containers.ApparmorProfile != "" {
+ securityOpts = append(securityOpts, fmt.Sprintf("apparmor=%s", defaultContainerConfig.Containers.ApparmorProfile))
+ }
+ if selinux.GetEnabled() && !defaultContainerConfig.Containers.EnableLabeling {
+ securityOpts = append(securityOpts, fmt.Sprintf("label=%s", selinux.DisableSecOpt()[0]))
+ }
+ return securityOpts
+}
+
+// getDefaultSysctls
+func getDefaultSysctls() []string {
+ return defaultContainerConfig.Containers.DefaultSysctls
+}
+
+func getDefaultVolumes() []string {
+ return defaultContainerConfig.Containers.Volumes
+}
+
+func getDefaultDevices() []string {
+ return defaultContainerConfig.Containers.Devices
+}
+
+func getDefaultDNSServers() []string {
+ return defaultContainerConfig.Containers.DNSServers
+}
+
+func getDefaultDNSSearches() []string {
+ return defaultContainerConfig.Containers.DNSSearches
+}
+
+func getDefaultDNSOptions() []string {
+ return defaultContainerConfig.Containers.DNSOptions
+}
+
+func getDefaultEnv() []string {
+ return defaultContainerConfig.Containers.Env
+}
+
+func getDefaultInitPath() string {
+ return defaultContainerConfig.Containers.InitPath
+}
+
+func getDefaultIPCNS() string {
+ return defaultContainerConfig.Containers.IPCNS
+}
+
+func getDefaultPidNS() string {
+ return defaultContainerConfig.Containers.PidNS
+}
+
+func getDefaultNetNS() string {
+ if defaultContainerConfig.Containers.NetNS == "private" && rootless.IsRootless() {
+ return "slirp4netns"
+ }
+ return defaultContainerConfig.Containers.NetNS
+}
+
+func getDefaultCgroupNS() string {
+ return defaultContainerConfig.Containers.CgroupNS
+}
+
+func getDefaultUTSNS() string {
+ return defaultContainerConfig.Containers.UTSNS
+}
+
+func getDefaultShmSize() string {
+ return defaultContainerConfig.Containers.ShmSize
+}
+
+func getDefaultUlimits() []string {
+ return defaultContainerConfig.Containers.DefaultUlimits
+}
+
+func getDefaultUserNS() string {
+ userns := os.Getenv("PODMAN_USERNS")
+ if userns != "" {
+ return userns
+ }
+ return defaultContainerConfig.Containers.UserNS
+}
+
+func getDefaultPidsLimit() int64 {
+ if rootless.IsRootless() {
+ cgroup2, _ := cgroups.IsCgroup2UnifiedMode()
+ if cgroup2 {
+ return defaultContainerConfig.Containers.PidsLimit
+ }
+ }
+ return sysinfo.GetDefaultPidsLimit()
+}
+
+func getDefaultPidsDescription() string {
+ return "Tune container pids limit (set 0 for unlimited)"
+}
+
+func getDefaultDetachKeys() string {
+ return defaultContainerConfig.Engine.DetachKeys
+}
diff --git a/cmd/podman/commands_remoteclient.go b/cmd/podman/commands_remoteclient.go
index a278761c1..ef523ffb1 100644
--- a/cmd/podman/commands_remoteclient.go
+++ b/cmd/podman/commands_remoteclient.go
@@ -47,3 +47,89 @@ func getTrustSubCommands() []*cobra.Command {
func getSystemSubCommands() []*cobra.Command {
return []*cobra.Command{}
}
+
+func getDefaultSecurityOptions() []string {
+ return []string{}
+}
+
+// getDefaultSysctls
+func getDefaultSysctls() []string {
+ return []string{}
+}
+
+// getDefaultDevices
+func getDefaultDevices() []string {
+ return []string{}
+}
+
+func getDefaultVolumes() []string {
+ return []string{}
+}
+
+func getDefaultDNSServers() []string {
+ return []string{}
+}
+
+func getDefaultDNSSearches() []string {
+ return []string{}
+}
+
+func getDefaultDNSOptions() []string {
+ return []string{}
+}
+
+func getDefaultEnv() []string {
+ return []string{}
+}
+
+func getDefaultInitPath() string {
+ return ""
+}
+
+func getDefaultIPCNS() string {
+ return ""
+}
+
+func getDefaultPidNS() string {
+ return ""
+}
+
+func getDefaultNetNS() string {
+ return ""
+}
+
+func getDefaultCgroupNS() string {
+ return ""
+}
+
+func getDefaultUTSNS() string {
+ return ""
+}
+
+func getDefaultShmSize() string {
+ return ""
+}
+
+func getDefaultUlimits() []string {
+ return []string{}
+}
+
+func getDefaultUserNS() string {
+ return ""
+}
+
+func getDefaultPidsLimit() int64 {
+ return -1
+}
+
+func getDefaultPidsDescription() string {
+ return "Tune container pids limit (set 0 for unlimited, -1 for server defaults)"
+}
+
+func getDefaultShareNetwork() string {
+ return ""
+}
+
+func getDefaultDetachKeys() string {
+ return ""
+}
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index 4eeb09d42..9aa9a63fe 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -3,15 +3,11 @@ package main
import (
"context"
"fmt"
- "os"
"strings"
"github.com/containers/buildah"
buildahcli "github.com/containers/buildah/pkg/cli"
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/libpod/define"
- "github.com/containers/libpod/pkg/rootless"
- "github.com/containers/libpod/pkg/sysinfo"
"github.com/containers/libpod/pkg/util/camelcase"
jsoniter "github.com/json-iterator/go"
"github.com/pkg/errors"
@@ -110,29 +106,22 @@ func getContext() context.Context {
return context.TODO()
}
-func getDefaultNetwork() string {
- if rootless.IsRootless() {
- return "slirp4netns"
- }
- return "bridge"
-}
-
func getNetFlags() *pflag.FlagSet {
netFlags := pflag.FlagSet{}
netFlags.StringSlice(
"add-host", []string{},
- "Add a custom host-to-IP mapping (host:ip) (default [])",
+ "Add a custom host-to-IP mapping (host:ip)",
)
netFlags.StringSlice(
- "dns", []string{},
+ "dns", getDefaultDNSServers(),
"Set custom DNS servers",
)
netFlags.StringSlice(
- "dns-opt", []string{},
+ "dns-opt", getDefaultDNSOptions(),
"Set custom DNS options",
)
netFlags.StringSlice(
- "dns-search", []string{},
+ "dns-search", getDefaultDNSSearches(),
"Set custom DNS search domains",
)
netFlags.String(
@@ -144,7 +133,7 @@ func getNetFlags() *pflag.FlagSet {
"Container MAC address (e.g. 92:d0:c6:0a:29:33)",
)
netFlags.String(
- "network", getDefaultNetwork(),
+ "network", getDefaultNetNS(),
"Connect a container to a network",
)
netFlags.StringSliceP(
@@ -162,11 +151,11 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
createFlags := c.Flags()
createFlags.StringSlice(
"annotation", []string{},
- "Add annotations to container (key:value) (default [])",
+ "Add annotations to container (key:value)",
)
createFlags.StringSliceP(
"attach", "a", []string{},
- "Attach to STDIN, STDOUT or STDERR (default [])",
+ "Attach to STDIN, STDOUT or STDERR",
)
createFlags.String(
"authfile", buildahcli.GetDefaultAuthFile(),
@@ -189,7 +178,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"Drop capabilities from the container",
)
createFlags.String(
- "cgroupns", "",
+ "cgroupns", getDefaultCgroupNS(),
"cgroup namespace to use",
)
createFlags.String(
@@ -244,17 +233,13 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"detach", "d", false,
"Run container in background and print container ID",
)
- detachKeys := createFlags.String(
- "detach-keys", define.DefaultDetachKeys,
+ createFlags.String(
+ "detach-keys", getDefaultDetachKeys(),
"Override the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`",
)
- // Clear the default, the value specified in the config file should have the
- // priority
- *detachKeys = ""
-
createFlags.StringSlice(
- "device", []string{},
- "Add a host device to the container (default [])",
+ "device", getDefaultDevices(),
+ fmt.Sprintf("Add a host device to the container"),
)
createFlags.StringSlice(
"device-cgroup-rule", []string{},
@@ -281,7 +266,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"Overwrite the default ENTRYPOINT of the image",
)
createFlags.StringArrayP(
- "env", "e", []string{},
+ "env", "e", getDefaultEnv(),
"Set environment variables in container",
)
createFlags.Bool(
@@ -293,7 +278,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
createFlags.StringSlice(
"expose", []string{},
- "Expose a port or a range of ports (default [])",
+ "Expose a port or a range of ports",
)
createFlags.StringSlice(
"gidmap", []string{},
@@ -301,7 +286,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
createFlags.StringSlice(
"group-add", []string{},
- "Add additional groups to join (default [])",
+ "Add additional groups to join",
)
createFlags.Bool(
"help", false, "",
@@ -343,16 +328,16 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"Run an init binary inside the container that forwards signals and reaps processes",
)
createFlags.String(
- "init-path", "",
+ "init-path", getDefaultInitPath(),
// Do not use the Value field for setting the default value to determine user input (i.e., non-empty string)
- fmt.Sprintf("Path to the container-init binary (default: %q)", define.DefaultInitPath),
+ fmt.Sprintf("Path to the container-init binary"),
)
createFlags.BoolP(
"interactive", "i", false,
"Keep STDIN open even if not attached",
)
createFlags.String(
- "ipc", "",
+ "ipc", getDefaultIPCNS(),
"IPC namespace to use",
)
createFlags.String(
@@ -361,11 +346,11 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
createFlags.StringArrayP(
"label", "l", []string{},
- "Set metadata on container (default [])",
+ "Set metadata on container",
)
createFlags.StringSlice(
"label-file", []string{},
- "Read in a line delimited file of labels (default [])",
+ "Read in a line delimited file of labels",
)
createFlags.String(
"log-driver", "",
@@ -373,7 +358,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
createFlags.StringSlice(
"log-opt", []string{},
- "Logging driver options (default [])",
+ "Logging driver options",
)
createFlags.StringP(
"memory", "m", "",
@@ -418,12 +403,12 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
markFlagHidden(createFlags, "override-os")
createFlags.String(
- "pid", "",
+ "pid", getDefaultPidNS(),
"PID namespace to use",
)
createFlags.Int64(
- "pids-limit", sysinfo.GetDefaultPidsLimit(),
- "Tune container pids limit (set 0 for unlimited)",
+ "pids-limit", getDefaultPidsLimit(),
+ getDefaultPidsDescription(),
)
createFlags.String(
"pod", "",
@@ -466,11 +451,11 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"The first argument is not an image but the rootfs to the exploded container",
)
createFlags.StringArray(
- "security-opt", []string{},
- "Security Options (default [])",
+ "security-opt", getDefaultSecurityOptions(),
+ fmt.Sprintf("Security Options"),
)
createFlags.String(
- "shm-size", cliconfig.DefaultShmSize,
+ "shm-size", getDefaultShmSize(),
"Size of /dev/shm "+sizeWithUnitFormat,
)
createFlags.String(
@@ -478,12 +463,12 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"Signal to stop a container. Default is SIGTERM",
)
createFlags.Uint(
- "stop-timeout", define.CtrRemoveTimeout,
+ "stop-timeout", defaultContainerConfig.Engine.StopTimeout,
"Timeout (in seconds) to stop a container. Default is 10",
)
createFlags.StringSlice(
"storage-opt", []string{},
- "Storage driver options per container (default [])",
+ "Storage driver options per container",
)
createFlags.String(
"subgidname", "",
@@ -495,8 +480,8 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
createFlags.StringSlice(
- "sysctl", []string{},
- "Sysctl options (default [])",
+ "sysctl", getDefaultSysctls(),
+ "Sysctl options",
)
createFlags.String(
"systemd", "true",
@@ -504,7 +489,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
)
createFlags.StringArray(
"tmpfs", []string{},
- "Mount a temporary filesystem (`tmpfs`) into a container (default [])",
+ "Mount a temporary filesystem (`tmpfs`) into a container",
)
createFlags.BoolP(
"tty", "t", false,
@@ -515,32 +500,32 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"UID map to use for the user namespace",
)
createFlags.StringSlice(
- "ulimit", []string{},
- "Ulimit options (default [])",
+ "ulimit", getDefaultUlimits(),
+ "Ulimit options",
)
createFlags.StringP(
"user", "u", "",
"Username or UID (format: <name|uid>[:<group|gid>])",
)
createFlags.String(
- "userns", os.Getenv("PODMAN_USERNS"),
+ "userns", getDefaultUserNS(),
"User namespace to use",
)
createFlags.String(
- "uts", "",
+ "uts", getDefaultUTSNS(),
"UTS namespace to use",
)
createFlags.StringArray(
"mount", []string{},
- "Attach a filesystem mount to the container (default [])",
+ "Attach a filesystem mount to the container",
)
createFlags.StringArrayP(
- "volume", "v", []string{},
- "Bind mount a volume into the container (default [])",
+ "volume", "v", getDefaultVolumes(),
+ "Bind mount a volume into the container",
)
createFlags.StringSlice(
"volumes-from", []string{},
- "Mount volumes from the specified container(s) (default [])",
+ "Mount volumes from the specified container(s)",
)
createFlags.StringP(
"workdir", "w", "",
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index 73d62bddb..03eb1b09f 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -38,7 +38,6 @@ func init() {
createCommand.PodmanCommand.Command = _createCommand
createCommand.SetHelpTemplate(HelpTemplate())
createCommand.SetUsageTemplate(UsageTemplate())
-
getCreateFlags(&createCommand.PodmanCommand)
flags := createCommand.Flags()
flags.AddFlagSet(getNetFlags())
diff --git a/cmd/podman/errors_remote.go b/cmd/podman/errors_remote.go
index 378f9398f..4b543ccd5 100644
--- a/cmd/podman/errors_remote.go
+++ b/cmd/podman/errors_remote.go
@@ -8,8 +8,8 @@ import (
"os/exec"
"syscall"
- "github.com/containers/libpod/cmd/podman/varlink"
"github.com/containers/libpod/libpod/define"
+ iopodman "github.com/containers/libpod/pkg/varlink"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
diff --git a/cmd/podman/exec.go b/cmd/podman/exec.go
index 6e5799396..b341ab496 100644
--- a/cmd/podman/exec.go
+++ b/cmd/podman/exec.go
@@ -2,7 +2,6 @@ package main
import (
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/adapter"
"github.com/pkg/errors"
"github.com/spf13/cobra"
@@ -35,10 +34,7 @@ func init() {
execCommand.SetUsageTemplate(UsageTemplate())
flags := execCommand.Flags()
flags.SetInterspersed(false)
- flags.StringVar(&execCommand.DetachKeys, "detach-keys", define.DefaultDetachKeys, "Select the key sequence for detaching a container. Format is a single character [a-Z] or ctrl-<value> where <value> is one of: a-z, @, ^, [, , or _")
- // Clear the default, the value specified in the config file should have the
- // priority
- execCommand.DetachKeys = ""
+ flags.StringVar(&execCommand.DetachKeys, "detach-keys", getDefaultDetachKeys(), "Select the key sequence for detaching a container. Format is a single character [a-Z] or ctrl-<value> where <value> is one of: a-z, @, ^, [, , or _")
flags.StringArrayVarP(&execCommand.Env, "env", "e", []string{}, "Set environment variables")
flags.StringSliceVar(&execCommand.EnvFile, "env-file", []string{}, "Read in a file of environment variables")
flags.BoolVarP(&execCommand.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached")
diff --git a/cmd/podman/generate_systemd.go b/cmd/podman/generate_systemd.go
index a9775f9cb..fd0d13d78 100644
--- a/cmd/podman/generate_systemd.go
+++ b/cmd/podman/generate_systemd.go
@@ -43,9 +43,10 @@ func init() {
if !remoteclient {
flags.BoolVarP(&containerSystemdCommand.Files, "files", "f", false, "generate files instead of printing to stdout")
}
- flags.IntVarP(&containerSystemdCommand.StopTimeout, "timeout", "t", -1, "stop timeout override")
+ flags.UintVarP(&containerSystemdCommand.StopTimeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "stop timeout override")
flags.StringVar(&containerSystemdCommand.RestartPolicy, "restart-policy", "on-failure", "applicable systemd restart-policy")
flags.BoolVarP(&containerSystemdCommand.New, "new", "", false, "create a new container instead of starting an existing one")
+ flags.SetNormalizeFunc(aliasFlags)
}
func generateSystemdCmd(c *cliconfig.GenerateSystemdValues) error {
@@ -55,11 +56,6 @@ func generateSystemdCmd(c *cliconfig.GenerateSystemdValues) error {
}
defer runtime.DeferredShutdown(false)
- // User input stop timeout must be 0 or greater
- if c.Flag("timeout").Changed && c.StopTimeout < 0 {
- return errors.New("timeout value must be 0 or greater")
- }
-
unit, err := runtime.GenerateSystemd(c)
if err != nil {
return err
diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go
index e9dc87de1..8dbc4009b 100644
--- a/cmd/podman/libpodruntime/runtime.go
+++ b/cmd/podman/libpodruntime/runtime.go
@@ -211,8 +211,6 @@ func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, opts *runtimeOp
if !opts.withFDS {
options = append(options, libpod.WithEnableSDNotify())
}
- if c.Flags().Changed("config") {
- return libpod.NewRuntimeFromConfig(ctx, c.GlobalFlags.Config, options...)
- }
+
return libpod.NewRuntime(ctx, options...)
}
diff --git a/cmd/podman/login.go b/cmd/podman/login.go
index e09117833..1539e3a79 100644
--- a/cmd/podman/login.go
+++ b/cmd/podman/login.go
@@ -95,17 +95,19 @@ func loginCmd(c *cliconfig.LoginValues) error {
}
// username of user logged in to server (if one exists)
- userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server)
+ authConfig, err := config.GetCredentials(sc, server)
// Do not return error if no credentials found in credHelpers, new credentials will be stored by config.SetAuthentication
if err != nil && err != credentials.NewErrCredentialsNotFound() {
return errors.Wrapf(err, "error reading auth file")
}
-
+ if authConfig.IdentityToken != "" {
+ return errors.Errorf("currently logged in, auth file contains an Identity token")
+ }
if c.Flag("get-login").Changed {
- if userFromAuthFile == "" {
+ if authConfig.Username == "" {
return errors.Errorf("not logged into %s", server)
}
- fmt.Printf("%s\n", userFromAuthFile)
+ fmt.Printf("%s\n", authConfig.Username)
return nil
}
@@ -129,16 +131,16 @@ func loginCmd(c *cliconfig.LoginValues) error {
}
// If no username and no password is specified, try to use existing ones.
- if c.Username == "" && password == "" && userFromAuthFile != "" && passFromAuthFile != "" {
+ if c.Username == "" && password == "" && authConfig.Username == "" && authConfig.Password != "" {
fmt.Println("Authenticating with existing credentials...")
- if err := docker.CheckAuth(ctx, sc, userFromAuthFile, passFromAuthFile, server); err == nil {
+ if err := docker.CheckAuth(ctx, sc, authConfig.Username, authConfig.Password, server); err == nil {
fmt.Println("Existing credentials are valid. Already logged in to", server)
return nil
}
fmt.Println("Existing credentials are invalid, please enter valid username and password")
}
- username, password, err := getUserAndPass(c.Username, password, userFromAuthFile)
+ username, password, err := getUserAndPass(c.Username, password, authConfig.Username)
if err != nil {
return errors.Wrapf(err, "error getting username and password")
}
diff --git a/cmd/podman/logout.go b/cmd/podman/logout.go
index dec6822cf..a541438c3 100644
--- a/cmd/podman/logout.go
+++ b/cmd/podman/logout.go
@@ -87,12 +87,12 @@ func logoutCmd(c *cliconfig.LogoutValues) error {
return nil
case config.ErrNotLoggedIn:
// username of user logged in to server (if one exists)
- userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server)
+ authConfig, err := config.GetCredentials(sc, server)
if err != nil {
return errors.Wrapf(err, "error reading auth file")
}
- islogin := docker.CheckAuth(getContext(), sc, userFromAuthFile, passFromAuthFile, server)
- if userFromAuthFile != "" && passFromAuthFile != "" && islogin == nil {
+ islogin := docker.CheckAuth(getContext(), sc, authConfig.Username, authConfig.Password, server)
+ if authConfig.IdentityToken != "" && authConfig.Username != "" && authConfig.Password != "" && islogin == nil {
fmt.Printf("Not logged into %s with podman. Existing credentials were established via docker login. Please use docker logout instead.\n", server)
return nil
}
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index a2acbbf53..5134448da 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -6,6 +6,7 @@ import (
"os"
"path"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
@@ -81,7 +82,10 @@ var rootCmd = &cobra.Command{
SilenceErrors: true,
}
-var MainGlobalOpts cliconfig.MainFlags
+var (
+ MainGlobalOpts cliconfig.MainFlags
+ defaultContainerConfig = getDefaultContainerConfig()
+)
func initCobra() {
cobra.OnInitialize(initConfig)
@@ -175,3 +179,12 @@ func main() {
CheckForRegistries()
os.Exit(exitCode)
}
+
+func getDefaultContainerConfig() *config.Config {
+ defaultContainerConfig, err := config.Default()
+ if err != nil {
+ logrus.Error(err)
+ os.Exit(1)
+ }
+ return defaultContainerConfig
+}
diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go
index 79b5e5af7..23b3f5ae7 100644
--- a/cmd/podman/main_local.go
+++ b/cmd/podman/main_local.go
@@ -14,9 +14,9 @@ import (
"strings"
"syscall"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/cmd/podman/libpodruntime"
- "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/tracing"
@@ -32,9 +32,11 @@ import (
const remote = false
func init() {
- cgroupManager := define.SystemdCgroupsManager
+ cgroupManager := defaultContainerConfig.Engine.CgroupManager
cgroupHelp := `Cgroup manager to use ("cgroupfs"|"systemd")`
cgroupv2, _ := cgroups.IsCgroup2UnifiedMode()
+
+ defaultContainerConfig = cliconfig.GetDefaultConfig()
if rootless.IsRootless() && !cgroupv2 {
cgroupManager = ""
cgroupHelp = "Cgroup manager is not supported in rootless mode"
@@ -42,25 +44,27 @@ func init() {
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CGroupManager, "cgroup-manager", cgroupManager, cgroupHelp)
// -c is deprecated due to conflict with -c on subcommands
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CpuProfile, "cpu-profile", "", "Path for the cpu profiling results")
- rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Config, "config", "", "Path of a libpod config file detailing container server configuration options")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.ConmonPath, "conmon", "", "Path of the conmon binary")
- rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.NetworkCmdPath, "network-cmd-path", "", "Path to the command for configuring the network")
- rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CniConfigDir, "cni-config-dir", "", "Path of the configuration directory for CNI networks")
- rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.DefaultMountsFile, "default-mounts-file", "", "Path to default mounts file")
+ rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.NetworkCmdPath, "network-cmd-path", defaultContainerConfig.Engine.NetworkCmdPath, "Path to the command for configuring the network")
+ rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CniConfigDir, "cni-config-dir", getCNIPluginsDir(), "Path of the configuration directory for CNI networks")
+ rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.DefaultMountsFile, "default-mounts-file", defaultContainerConfig.Containers.DefaultMountsFile, "Path to default mounts file")
+ if err := rootCmd.PersistentFlags().MarkHidden("cpu-profile"); err != nil {
+ logrus.Error("unable to mark default-mounts-file flag as hidden")
+ }
if err := rootCmd.PersistentFlags().MarkHidden("default-mounts-file"); err != nil {
logrus.Error("unable to mark default-mounts-file flag as hidden")
}
- rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.EventsBackend, "events-backend", "", `Events backend to use ("file"|"journald"|"none")`)
+ rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.EventsBackend, "events-backend", defaultContainerConfig.Engine.EventsLogger, `Events backend to use ("file"|"journald"|"none")`)
// Override default --help information of `--help` global flag
var dummyHelp bool
rootCmd.PersistentFlags().BoolVar(&dummyHelp, "help", false, "Help for podman")
- rootCmd.PersistentFlags().StringSliceVar(&MainGlobalOpts.HooksDir, "hooks-dir", []string{}, "Set the OCI hooks directory path (may be set multiple times)")
+ rootCmd.PersistentFlags().StringSliceVar(&MainGlobalOpts.HooksDir, "hooks-dir", defaultContainerConfig.Engine.HooksDir, "Set the OCI hooks directory path (may be set multiple times)")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.LogLevel, "log-level", "error", `Log messages above specified level ("debug"|"info"|"warn"|"error"|"fatal"|"panic")`)
rootCmd.PersistentFlags().IntVar(&MainGlobalOpts.MaxWorks, "max-workers", 0, "The maximum number of workers for parallel operations")
if err := rootCmd.PersistentFlags().MarkHidden("max-workers"); err != nil {
logrus.Error("unable to mark max-workers flag as hidden")
}
- rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Namespace, "namespace", "", "Set the libpod namespace, used to create separate views of the containers and pods on the system")
+ rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Namespace, "namespace", defaultContainerConfig.Engine.Namespace, "Set the libpod namespace, used to create separate views of the containers and pods on the system")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Root, "root", "", "Path to the root directory in which data, including images, is stored")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Runroot, "runroot", "", "Path to the 'run directory' where all state information is stored")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Runtime, "runtime", "", "Path to the OCI-compatible binary used to run containers, default is /usr/bin/runc")
@@ -170,16 +174,16 @@ func setupRootless(cmd *cobra.Command, args []string) error {
if os.Geteuid() == 0 {
ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup()
if err != nil {
- return err
- }
- conf, err := runtime.GetConfig()
- if err != nil {
- return err
+ logrus.Warnf("Failed to detect the owner for the current cgroup: %v", err)
}
if !ownsCgroup {
+ conf, err := runtime.GetConfig()
+ if err != nil {
+ return err
+ }
unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {
- if conf.CgroupManager == define.SystemdCgroupsManager {
+ if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
logrus.Warnf("Failed to add podman to systemd sandbox cgroup: %v", err)
} else {
logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err)
@@ -223,7 +227,7 @@ func setupRootless(cmd *cobra.Command, args []string) error {
if err != nil {
return err
}
- if conf.CgroupManager == define.SystemdCgroupsManager {
+ if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err)
} else {
logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err)
@@ -264,3 +268,10 @@ func setUMask() {
func checkInput() error {
return nil
}
+func getCNIPluginsDir() string {
+ if rootless.IsRootless() {
+ return ""
+ }
+
+ return defaultContainerConfig.Network.CNIPluginDirs[0]
+}
diff --git a/cmd/podman/mount.go b/cmd/podman/mount.go
index 526a236fd..99e185589 100644
--- a/cmd/podman/mount.go
+++ b/cmd/podman/mount.go
@@ -68,11 +68,7 @@ func mountCmd(c *cliconfig.MountValues) error {
defer runtime.DeferredShutdown(false)
if os.Geteuid() != 0 {
- rtc, err := runtime.GetConfig()
- if err != nil {
- return err
- }
- if driver := rtc.StorageConfig.GraphDriverName; driver != "vfs" {
+ if driver := runtime.StorageConfig().GraphDriverName; driver != "vfs" {
// Do not allow to mount a graphdriver that is not vfs if we are creating the userns as part
// of the mount command.
return fmt.Errorf("cannot mount using driver %s in rootless mode", driver)
diff --git a/cmd/podman/pod_stop.go b/cmd/podman/pod_stop.go
index 7d3951ec4..395731551 100644
--- a/cmd/podman/pod_stop.go
+++ b/cmd/podman/pod_stop.go
@@ -31,7 +31,7 @@ var (
},
Example: `podman pod stop mywebserverpod
podman pod stop --latest
- podman pod stop --timeout 0 490eb 3557fb`,
+ podman pod stop --time 0 490eb 3557fb`,
}
)
@@ -43,7 +43,8 @@ func init() {
flags.BoolVarP(&podStopCommand.All, "all", "a", false, "Stop all running pods")
flags.BoolVarP(&podStopCommand.Ignore, "ignore", "i", false, "Ignore errors when a specified pod is missing")
flags.BoolVarP(&podStopCommand.Latest, "latest", "l", false, "Stop the latest pod podman is aware of")
- flags.UintVarP(&podStopCommand.Timeout, "timeout", "t", 0, "Seconds to wait for pod stop before killing the container")
+ flags.UintVarP(&podStopCommand.Timeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "Seconds to wait for pod stop before killing the container")
+ flags.SetNormalizeFunc(aliasFlags)
markFlagHiddenForRemoteClient("ignore", flags)
markFlagHiddenForRemoteClient("latest", flags)
}
diff --git a/cmd/podman/restart.go b/cmd/podman/restart.go
index 996a9f7ce..4ee043442 100644
--- a/cmd/podman/restart.go
+++ b/cmd/podman/restart.go
@@ -1,6 +1,8 @@
package main
import (
+ "fmt"
+
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/adapter"
@@ -10,9 +12,9 @@ import (
var (
restartCommand cliconfig.RestartValues
- restartDescription = `Restarts one or more running containers. The container ID or name can be used.
+ restartDescription = fmt.Sprintf(`Restarts one or more running containers. The container ID or name can be used.
- A timeout before forcibly stopping can be set, but defaults to 10 seconds.`
+ A timeout before forcibly stopping can be set, but defaults to %d seconds.`, defaultContainerConfig.Engine.StopTimeout)
_restartCommand = &cobra.Command{
Use: "restart [flags] CONTAINER [CONTAINER...]",
Short: "Restart one or more containers",
@@ -39,10 +41,10 @@ func init() {
flags.BoolVarP(&restartCommand.All, "all", "a", false, "Restart all non-running containers")
flags.BoolVarP(&restartCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of")
flags.BoolVar(&restartCommand.Running, "running", false, "Restart only running containers when --all is used")
- flags.UintVarP(&restartCommand.Timeout, "timeout", "t", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container")
- flags.UintVar(&restartCommand.Timeout, "time", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container")
+ flags.UintVarP(&restartCommand.Timeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "Seconds to wait for stop before killing the container")
markFlagHiddenForRemoteClient("latest", flags)
+ flags.SetNormalizeFunc(aliasFlags)
}
func restartCmd(c *cliconfig.RestartValues) error {
diff --git a/cmd/podman/service.go b/cmd/podman/service.go
index 7606e3009..bcb37eac5 100644
--- a/cmd/podman/service.go
+++ b/cmd/podman/service.go
@@ -12,13 +12,13 @@ import (
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/cmd/podman/libpodruntime"
- iopodman "github.com/containers/libpod/cmd/podman/varlink"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/pkg/adapter"
api "github.com/containers/libpod/pkg/api/server"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/systemd"
"github.com/containers/libpod/pkg/util"
+ iopodman "github.com/containers/libpod/pkg/varlink"
"github.com/containers/libpod/pkg/varlinkapi"
"github.com/containers/libpod/version"
"github.com/pkg/errors"
diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go
index cec837af6..68a36d967 100644
--- a/cmd/podman/shared/create.go
+++ b/cmd/podman/shared/create.go
@@ -99,7 +99,7 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.
ArchitectureChoice: overrideArch,
}
- newImage, err := runtime.ImageRuntime().New(ctx, rawImageName, rtc.SignaturePolicyPath, c.String("authfile"), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType)
+ newImage, err := runtime.ImageRuntime().New(ctx, rawImageName, rtc.Engine.SignaturePolicyPath, c.String("authfile"), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType)
if err != nil {
return nil, nil, err
}
@@ -512,6 +512,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
}
// Start with env-host
+
if c.Bool("env-host") {
env = envLib.Join(env, osEnv)
}
@@ -537,14 +538,16 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
}
}
- // env overrides any previous variables
- cmdlineEnv := c.StringSlice("env")
- if len(cmdlineEnv) > 0 {
- parsedEnv, err := envLib.ParseSlice(cmdlineEnv)
- if err != nil {
- return nil, err
+ if c.IsSet("env") {
+ // env overrides any previous variables
+ cmdlineEnv := c.StringSlice("env")
+ if len(cmdlineEnv) > 0 {
+ parsedEnv, err := envLib.ParseSlice(cmdlineEnv)
+ if err != nil {
+ return nil, err
+ }
+ env = envLib.Join(env, parsedEnv)
}
- env = envLib.Join(env, parsedEnv)
}
// LABEL VARIABLES
@@ -636,31 +639,44 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
return nil, errors.Wrapf(err, "unable to translate --shm-size")
}
- // Verify the additional hosts are in correct format
- for _, host := range c.StringSlice("add-host") {
- if _, err := parse.ValidateExtraHost(host); err != nil {
- return nil, err
+ if c.IsSet("add-host") {
+ // Verify the additional hosts are in correct format
+ for _, host := range c.StringSlice("add-host") {
+ if _, err := parse.ValidateExtraHost(host); err != nil {
+ return nil, err
+ }
}
}
- // Check for . and dns-search domains
- if util.StringInSlice(".", c.StringSlice("dns-search")) && len(c.StringSlice("dns-search")) > 1 {
- return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'")
+ var (
+ dnsSearches []string
+ dnsServers []string
+ dnsOptions []string
+ )
+ if c.Changed("dns-search") {
+ dnsSearches = c.StringSlice("dns-search")
+ // Check for explicit dns-search domain of ''
+ if len(dnsSearches) == 0 {
+ return nil, errors.Errorf("'' is not a valid domain")
+ }
+ // Validate domains are good
+ for _, dom := range dnsSearches {
+ if dom == "." {
+ if len(dnsSearches) > 1 {
+ return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'")
+ }
+ continue
+ }
+ if _, err := parse.ValidateDomain(dom); err != nil {
+ return nil, err
+ }
+ }
}
-
- // Check for explicit dns-search domain of ''
- if c.Changed("dns-search") && len(c.StringSlice("dns-search")) == 0 {
- return nil, errors.Errorf("'' is not a valid domain")
+ if c.IsSet("dns") {
+ dnsServers = append(dnsServers, c.StringSlice("dns")...)
}
-
- // Validate domains are good
- for _, dom := range c.StringSlice("dns-search") {
- if dom == "." {
- continue
- }
- if _, err := parse.ValidateDomain(dom); err != nil {
- return nil, err
- }
+ if c.IsSet("dns-opt") {
+ dnsOptions = c.StringSlice("dns-opt")
}
var ImageVolumes map[string]struct{}
@@ -706,7 +722,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
pidsLimit := c.Int64("pids-limit")
if c.String("cgroups") == "disabled" && !c.Changed("pids-limit") {
- pidsLimit = 0
+ pidsLimit = -1
}
pid := &cc.PidConfig{
@@ -736,11 +752,10 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
HostAdd: c.StringSlice("add-host"),
Hostname: c.String("hostname"),
}
-
net := &cc.NetworkConfig{
- DNSOpt: c.StringSlice("dns-opt"),
- DNSSearch: c.StringSlice("dns-search"),
- DNSServers: c.StringSlice("dns"),
+ DNSOpt: dnsOptions,
+ DNSSearch: dnsSearches,
+ DNSServers: dnsServers,
HTTPProxy: c.Bool("http-proxy"),
MacAddress: c.String("mac-address"),
Network: c.String("network"),
@@ -751,9 +766,12 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
PortBindings: portBindings,
}
- sysctl, err := validateSysctl(c.StringSlice("sysctl"))
- if err != nil {
- return nil, errors.Wrapf(err, "invalid value for sysctl")
+ sysctl := map[string]string{}
+ if c.Changed("sysctl") {
+ sysctl, err = util.ValidateSysctls(c.StringSlice("sysctl"))
+ if err != nil {
+ return nil, errors.Wrapf(err, "invalid value for sysctl")
+ }
}
secConfig := &cc.SecurityConfig{
@@ -765,8 +783,10 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
Sysctl: sysctl,
}
- if err := secConfig.SetSecurityOpts(runtime, c.StringArray("security-opt")); err != nil {
- return nil, err
+ if c.Changed("security-opt") {
+ if err := secConfig.SetSecurityOpts(runtime, c.StringArray("security-opt")); err != nil {
+ return nil, err
+ }
}
// SECCOMP
@@ -780,6 +800,19 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
} else {
secConfig.SeccompPolicy = policy
}
+ rtc, err := runtime.GetConfig()
+ if err != nil {
+ return nil, err
+ }
+ volumes := rtc.Containers.Volumes
+ if c.Changed("volume") {
+ volumes = append(volumes, c.StringSlice("volume")...)
+ }
+
+ devices := rtc.Containers.Devices
+ if c.Changed("device") {
+ devices = append(devices, c.StringSlice("device")...)
+ }
config := &cc.CreateConfig{
Annotations: annotations,
@@ -790,7 +823,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
Command: command,
UserCommand: userCommand,
Detach: c.Bool("detach"),
- Devices: c.StringSlice("device"),
+ Devices: devices,
Entrypoint: entrypoint,
Env: env,
// ExposedPorts: ports,
@@ -845,7 +878,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod.
Tmpfs: c.StringArray("tmpfs"),
Tty: tty,
MountsFlag: c.StringArray("mount"),
- Volumes: c.StringArray("volume"),
+ Volumes: volumes,
WorkDir: workDir,
Rootfs: rootfs,
VolumesFrom: c.StringSlice("volumes-from"),
diff --git a/cmd/podman/shared/intermediate_varlink.go b/cmd/podman/shared/intermediate_varlink.go
index 691c4f92d..82594fb40 100644
--- a/cmd/podman/shared/intermediate_varlink.go
+++ b/cmd/podman/shared/intermediate_varlink.go
@@ -4,8 +4,8 @@ package shared
import (
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/cmd/podman/varlink"
"github.com/containers/libpod/pkg/rootless"
+ iopodman "github.com/containers/libpod/pkg/varlink"
"github.com/pkg/errors"
)
@@ -316,6 +316,7 @@ func intFromVarlink(v *int64, flagName string, defaultValue *int) CRInt {
// structure.
func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults {
+ defaultContainerConfig := cliconfig.GetDefaultConfig()
// TODO | WARN
// We do not get a default network over varlink. Unlike the other default values for some cli
// elements, it seems it gets set to the default anyway.
@@ -405,7 +406,7 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults {
m["rm"] = boolFromVarlink(opts.Rm, "rm", false)
m["rootfs"] = boolFromVarlink(opts.Rootfs, "rootfs", false)
m["security-opt"] = stringArrayFromVarlink(opts.SecurityOpt, "security-opt", nil)
- m["shm-size"] = stringFromVarlink(opts.ShmSize, "shm-size", &cliconfig.DefaultShmSize)
+ m["shm-size"] = stringFromVarlink(opts.ShmSize, "shm-size", &defaultContainerConfig.Containers.ShmSize)
m["stop-signal"] = stringFromVarlink(opts.StopSignal, "stop-signal", nil)
m["stop-timeout"] = uintFromVarlink(opts.StopTimeout, "stop-timeout", nil)
m["storage-opt"] = stringSliceFromVarlink(opts.StorageOpt, "storage-opt", nil)
diff --git a/cmd/podman/shared/pod.go b/cmd/podman/shared/pod.go
index 3046953b5..50bd88e08 100644
--- a/cmd/podman/shared/pod.go
+++ b/cmd/podman/shared/pod.go
@@ -162,7 +162,7 @@ func FilterAllPodsWithFilterFunc(r *libpod.Runtime, filters ...libpod.PodFilter)
func GenerateFilterFunction(r *libpod.Runtime, filters []string) ([]libpod.PodFilter, error) {
var filterFuncs []libpod.PodFilter
for _, f := range filters {
- filterSplit := strings.Split(f, "=")
+ filterSplit := strings.SplitN(f, "=", 2)
if len(filterSplit) < 2 {
return nil, errors.Errorf("filter input must be in the form of filter=value: %s is invalid", f)
}
@@ -256,6 +256,22 @@ func generatePodFilterFuncs(filter, filterValue string) (
}
return false
}, nil
+ case "label":
+ var filterArray = strings.SplitN(filterValue, "=", 2)
+ var filterKey = filterArray[0]
+ if len(filterArray) > 1 {
+ filterValue = filterArray[1]
+ } else {
+ filterValue = ""
+ }
+ return func(p *libpod.Pod) bool {
+ for labelKey, labelValue := range p.Labels() {
+ if labelKey == filterKey && ("" == filterValue || labelValue == filterValue) {
+ return true
+ }
+ }
+ return false
+ }, nil
}
return nil, errors.Errorf("%s is an invalid filter", filter)
}
diff --git a/cmd/podman/sign.go b/cmd/podman/sign.go
index 8ac59b33b..7da3459cf 100644
--- a/cmd/podman/sign.go
+++ b/cmd/podman/sign.go
@@ -126,19 +126,14 @@ func signCmd(c *cliconfig.SignValues) error {
if err != nil {
return err
}
- newImage, err := runtime.ImageRuntime().New(getContext(), signimage, rtc.SignaturePolicyPath, "", os.Stderr, &dockerRegistryOptions, image.SigningOptions{SignBy: signby}, nil, util.PullImageMissing)
+ newImage, err := runtime.ImageRuntime().New(getContext(), signimage, rtc.Engine.SignaturePolicyPath, "", os.Stderr, &dockerRegistryOptions, image.SigningOptions{SignBy: signby}, nil, util.PullImageMissing)
if err != nil {
return errors.Wrapf(err, "error pulling image %s", signimage)
}
if rootless.IsRootless() {
if sigStoreDir == "" {
- runtimeConfig, err := runtime.GetConfig()
- if err != nil {
- return err
- }
-
- sigStoreDir = filepath.Join(filepath.Dir(runtimeConfig.StorageConfig.GraphRoot), "sigstore")
+ sigStoreDir = filepath.Join(filepath.Dir(runtime.StorageConfig().GraphRoot), "sigstore")
}
} else {
registryInfo := trust.HaveMatchRegistry(rawSource.Reference().DockerReference().String(), registryConfigs)
diff --git a/cmd/podman/start.go b/cmd/podman/start.go
index a070cd18d..ee700032f 100644
--- a/cmd/podman/start.go
+++ b/cmd/podman/start.go
@@ -35,10 +35,7 @@ func init() {
startCommand.SetUsageTemplate(UsageTemplate())
flags := startCommand.Flags()
flags.BoolVarP(&startCommand.Attach, "attach", "a", false, "Attach container's STDOUT and STDERR")
- // Clear the default, the value specified in the config file should have the
- // priority
- startCommand.DetachKeys = ""
- flags.StringVar(&startCommand.DetachKeys, "detach-keys", define.DefaultDetachKeys, "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`")
+ flags.StringVar(&startCommand.DetachKeys, "detach-keys", getDefaultDetachKeys(), "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`")
flags.BoolVarP(&startCommand.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached")
flags.BoolVarP(&startCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of")
flags.BoolVar(&startCommand.SigProxy, "sig-proxy", false, "Proxy received signals to the process (default true if attaching, false otherwise)")
diff --git a/cmd/podman/stop.go b/cmd/podman/stop.go
index c62da80df..5033218e4 100644
--- a/cmd/podman/stop.go
+++ b/cmd/podman/stop.go
@@ -1,8 +1,9 @@
package main
import (
+ "fmt"
+
"github.com/containers/libpod/cmd/podman/cliconfig"
- "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/adapter"
"github.com/opentracing/opentracing-go"
"github.com/pkg/errors"
@@ -11,9 +12,9 @@ import (
var (
stopCommand cliconfig.StopValues
- stopDescription = `Stops one or more running containers. The container name or ID can be used.
+ stopDescription = fmt.Sprintf(`Stops one or more running containers. The container name or ID can be used.
- A timeout to forcibly stop the container can also be set but defaults to 10 seconds otherwise.`
+ A timeout to forcibly stop the container can also be set but defaults to %d seconds otherwise.`, defaultContainerConfig.Engine.StopTimeout)
_stopCommand = &cobra.Command{
Use: "stop [flags] CONTAINER [CONTAINER...]",
Short: "Stop one or more containers",
@@ -29,7 +30,7 @@ var (
},
Example: `podman stop ctrID
podman stop --latest
- podman stop --timeout 2 mywebserver 6e534f14da9d`,
+ podman stop --time 2 mywebserver 6e534f14da9d`,
}
)
@@ -42,19 +43,15 @@ func init() {
flags.BoolVarP(&stopCommand.Ignore, "ignore", "i", false, "Ignore errors when a specified container is missing")
flags.StringArrayVarP(&stopCommand.CIDFiles, "cidfile", "", nil, "Read the container ID from the file")
flags.BoolVarP(&stopCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of")
- flags.UintVar(&stopCommand.Timeout, "time", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container")
- flags.UintVarP(&stopCommand.Timeout, "timeout", "t", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container")
+ flags.UintVarP(&stopCommand.Timeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "Seconds to wait for stop before killing the container")
markFlagHiddenForRemoteClient("latest", flags)
markFlagHiddenForRemoteClient("cidfile", flags)
markFlagHiddenForRemoteClient("ignore", flags)
+ flags.SetNormalizeFunc(aliasFlags)
}
// stopCmd stops a container or containers
func stopCmd(c *cliconfig.StopValues) error {
- if c.Flag("timeout").Changed && c.Flag("time").Changed {
- return errors.New("the --timeout and --time flags are mutually exclusive")
- }
-
if c.Bool("trace") {
span, _ := opentracing.StartSpanFromContext(Ctx, "stopCmd")
defer span.Finish()
diff --git a/cmd/podman/unshare.go b/cmd/podman/unshare.go
index 31ce441f4..28d17a319 100644
--- a/cmd/podman/unshare.go
+++ b/cmd/podman/unshare.go
@@ -66,13 +66,8 @@ func unshareCmd(c *cliconfig.PodmanCommand) error {
if err != nil {
return err
}
- runtimeConfig, err := runtime.GetConfig()
- if err != nil {
- return err
- }
-
cmd := exec.Command(c.InputArgs[0], c.InputArgs[1:]...)
- cmd.Env = unshareEnv(runtimeConfig.StorageConfig.GraphRoot, runtimeConfig.StorageConfig.RunRoot)
+ cmd.Env = unshareEnv(runtime.StorageConfig().GraphRoot, runtime.StorageConfig().RunRoot)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
diff --git a/cmd/podman/utils.go b/cmd/podman/utils.go
index 44e65b223..938a3f41e 100644
--- a/cmd/podman/utils.go
+++ b/cmd/podman/utils.go
@@ -63,6 +63,8 @@ func aliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName {
name = "health-timeout"
case "net":
name = "network"
+ case "timeout":
+ name = "time"
}
return pflag.NormalizedName(name)
}
diff --git a/cmd/podman/varlink.go b/cmd/podman/varlink.go
index 047d94fc2..20334ec96 100644
--- a/cmd/podman/varlink.go
+++ b/cmd/podman/varlink.go
@@ -10,10 +10,10 @@ import (
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/cmd/podman/libpodruntime"
- iopodman "github.com/containers/libpod/cmd/podman/varlink"
"github.com/containers/libpod/pkg/adapter"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/util"
+ iopodman "github.com/containers/libpod/pkg/varlink"
"github.com/containers/libpod/pkg/varlinkapi"
"github.com/containers/libpod/version"
"github.com/pkg/errors"
diff --git a/cmd/podman/varlink/generate.go b/cmd/podman/varlink/generate.go
deleted file mode 100644
index 2fa2d8e23..000000000
--- a/cmd/podman/varlink/generate.go
+++ /dev/null
@@ -1,3 +0,0 @@
-package iopodman
-
-//go:generate go run ../../../vendor/github.com/varlink/go/cmd/varlink-go-interface-generator/main.go io.podman.varlink
diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink
deleted file mode 100644
index 0ef350fc2..000000000
--- a/cmd/podman/varlink/io.podman.varlink
+++ /dev/null
@@ -1,1390 +0,0 @@
-# Podman Service Interface and API description. The master version of this document can be found
-# in the [API.md](https://github.com/containers/libpod/blob/master/API.md) file in the upstream libpod repository.
-interface io.podman
-
-type Volume (
- name: string,
- labels: [string]string,
- mountPoint: string,
- driver: string,
- options: [string]string
-)
-
-type NotImplemented (
- comment: string
-)
-
-type StringResponse (
- message: string
-)
-
-type RemoveImageResponse (
- untagged: []string,
- deleted: string
-)
-
-type LogLine (
- device: string,
- parseLogType : string,
- time: string,
- msg: string,
- cid: string
-)
-
-# ContainerChanges describes the return struct for ListContainerChanges
-type ContainerChanges (
- changed: []string,
- added: []string,
- deleted: []string
-)
-
-type ImageSaveOptions (
- name: string,
- format: string,
- output: string,
- outputType: string,
- moreTags: []string,
- quiet: bool,
- compress: bool
-)
-
-type VolumeCreateOpts (
- volumeName: string,
- driver: string,
- labels: [string]string,
- options: [string]string
-)
-
-type VolumeRemoveOpts (
- volumes: []string,
- all: bool,
- force: bool
-)
-
-type Image (
- id: string,
- digest: string,
- digests: []string,
- parentId: string,
- repoTags: []string,
- repoDigests: []string,
- created: string, # as RFC3339
- size: int,
- virtualSize: int,
- containers: int,
- labels: [string]string,
- isParent: bool,
- topLayer: string,
- readOnly: bool,
- history: []string
-)
-
-# ImageHistory describes the returned structure from ImageHistory.
-type ImageHistory (
- id: string,
- created: string, # as RFC3339
- createdBy: string,
- tags: []string,
- size: int,
- comment: string
-)
-
-# Represents a single search result from SearchImages
-type ImageSearchResult (
- description: string,
- is_official: bool,
- is_automated: bool,
- registry: string,
- name: string,
- star_count: int
-)
-
-type ImageSearchFilter (
- is_official: ?bool,
- is_automated: ?bool,
- star_count: int
-)
-
-type AuthConfig (
- username: string,
- password: string
-)
-
-type KubePodService (
- pod: string,
- service: string
-)
-
-type Container (
- id: string,
- image: string,
- imageid: string,
- command: []string,
- createdat: string, # as RFC3339
- runningfor: string,
- status: string,
- ports: []ContainerPortMappings,
- rootfssize: int,
- rwsize: int,
- names: string,
- labels: [string]string,
- mounts: []ContainerMount,
- containerrunning: bool,
- namespaces: ContainerNameSpace
-)
-
-# ContainerStats is the return struct for the stats of a container
-type ContainerStats (
- id: string,
- name: string,
- cpu: float,
- cpu_nano: int,
- system_nano: int,
- mem_usage: int,
- mem_limit: int,
- mem_perc: float,
- net_input: int,
- net_output: int,
- block_output: int,
- block_input: int,
- pids: int
-)
-
-type PsOpts (
- all: bool,
- filters: ?[]string,
- last: ?int,
- latest: ?bool,
- noTrunc: ?bool,
- pod: ?bool,
- quiet: ?bool,
- size: ?bool,
- sort: ?string,
- sync: ?bool
-)
-
-type PsContainer (
- id: string,
- image: string,
- command: string,
- created: string,
- ports: string,
- names: string,
- isInfra: bool,
- status: string,
- state: string,
- pidNum: int,
- rootFsSize: int,
- rwSize: int,
- pod: string,
- createdAt: string,
- exitedAt: string,
- startedAt: string,
- labels: [string]string,
- nsPid: string,
- cgroup: string,
- ipc: string,
- mnt: string,
- net: string,
- pidNs: string,
- user: string,
- uts: string,
- mounts: string
-)
-
-# ContainerMount describes the struct for mounts in a container
-type ContainerMount (
- destination: string,
- type: string,
- source: string,
- options: []string
-)
-
-# ContainerPortMappings describes the struct for portmappings in an existing container
-type ContainerPortMappings (
- host_port: string,
- host_ip: string,
- protocol: string,
- container_port: string
-)
-
-# ContainerNamespace describes the namespace structure for an existing container
-type ContainerNameSpace (
- user: string,
- uts: string,
- pidns: string,
- pid: string,
- cgroup: string,
- net: string,
- mnt: string,
- ipc: string
-)
-
-# InfoDistribution describes the host's distribution
-type InfoDistribution (
- distribution: string,
- version: string
-)
-
-# InfoHost describes the host stats portion of PodmanInfo
-type InfoHost (
- buildah_version: string,
- distribution: InfoDistribution,
- mem_free: int,
- mem_total: int,
- swap_free: int,
- swap_total: int,
- arch: string,
- cpus: int,
- hostname: string,
- kernel: string,
- os: string,
- uptime: string,
- eventlogger: string
-)
-
-# InfoGraphStatus describes the detailed status of the storage driver
-type InfoGraphStatus (
- backing_filesystem: string,
- native_overlay_diff: string,
- supports_d_type: string
-)
-
-# InfoRegistry describes the host's registry information
-type InfoRegistry (
- search: []string,
- insecure: []string,
- blocked: []string
-)
-
-# InfoStore describes the host's storage informatoin
-type InfoStore (
- containers: int,
- images: int,
- graph_driver_name: string,
- graph_driver_options: string,
- graph_root: string,
- graph_status: InfoGraphStatus,
- run_root: string
-)
-
-# InfoPodman provides details on the Podman binary
-type InfoPodmanBinary (
- compiler: string,
- go_version: string,
- podman_version: string,
- git_commit: string
-)
-
-# PodmanInfo describes the Podman host and build
-type PodmanInfo (
- host: InfoHost,
- registries: InfoRegistry,
- store: InfoStore,
- podman: InfoPodmanBinary
-)
-
-# Sockets describes sockets location for a container
-type Sockets(
- container_id: string,
- io_socket: string,
- control_socket: string
-)
-
-# Create is an input structure for creating containers.
-# args[0] is the image name or id
-# args[1-] are the new commands if changed
-type Create (
- args: []string,
- addHost: ?[]string,
- annotation: ?[]string,
- attach: ?[]string,
- blkioWeight: ?string,
- blkioWeightDevice: ?[]string,
- capAdd: ?[]string,
- capDrop: ?[]string,
- cgroupParent: ?string,
- cidFile: ?string,
- conmonPidfile: ?string,
- command: ?[]string,
- cpuPeriod: ?int,
- cpuQuota: ?int,
- cpuRtPeriod: ?int,
- cpuRtRuntime: ?int,
- cpuShares: ?int,
- cpus: ?float,
- cpuSetCpus: ?string,
- cpuSetMems: ?string,
- detach: ?bool,
- detachKeys: ?string,
- device: ?[]string,
- deviceReadBps: ?[]string,
- deviceReadIops: ?[]string,
- deviceWriteBps: ?[]string,
- deviceWriteIops: ?[]string,
- dns: ?[]string,
- dnsOpt: ?[]string,
- dnsSearch: ?[]string,
- dnsServers: ?[]string,
- entrypoint: ?string,
- env: ?[]string,
- envFile: ?[]string,
- expose: ?[]string,
- gidmap: ?[]string,
- groupadd: ?[]string,
- healthcheckCommand: ?string,
- healthcheckInterval: ?string,
- healthcheckRetries: ?int,
- healthcheckStartPeriod: ?string,
- healthcheckTimeout:?string,
- hostname: ?string,
- imageVolume: ?string,
- init: ?bool,
- initPath: ?string,
- interactive: ?bool,
- ip: ?string,
- ipc: ?string,
- kernelMemory: ?string,
- label: ?[]string,
- labelFile: ?[]string,
- logDriver: ?string,
- logOpt: ?[]string,
- macAddress: ?string,
- memory: ?string,
- memoryReservation: ?string,
- memorySwap: ?string,
- memorySwappiness: ?int,
- name: ?string,
- network: ?string,
- noHosts: ?bool,
- oomKillDisable: ?bool,
- oomScoreAdj: ?int,
- overrideArch: ?string,
- overrideOS: ?string,
- pid: ?string,
- pidsLimit: ?int,
- pod: ?string,
- privileged: ?bool,
- publish: ?[]string,
- publishAll: ?bool,
- pull: ?string,
- quiet: ?bool,
- readonly: ?bool,
- readonlytmpfs: ?bool,
- restart: ?string,
- rm: ?bool,
- rootfs: ?bool,
- securityOpt: ?[]string,
- shmSize: ?string,
- stopSignal: ?string,
- stopTimeout: ?int,
- storageOpt: ?[]string,
- subuidname: ?string,
- subgidname: ?string,
- sysctl: ?[]string,
- systemd: ?string,
- tmpfs: ?[]string,
- tty: ?bool,
- uidmap: ?[]string,
- ulimit: ?[]string,
- user: ?string,
- userns: ?string,
- uts: ?string,
- mount: ?[]string,
- volume: ?[]string,
- volumesFrom: ?[]string,
- workDir: ?string
-)
-
-# BuildOptions are are used to describe describe physical attributes of the build
-type BuildOptions (
- addHosts: []string,
- cgroupParent: string,
- cpuPeriod: int,
- cpuQuota: int,
- cpuShares: int,
- cpusetCpus: string,
- cpusetMems: string,
- memory: int,
- memorySwap: int,
- shmSize: string,
- ulimit: []string,
- volume: []string
-)
-
-# BuildInfo is used to describe user input for building images
-type BuildInfo (
- additionalTags: []string,
- annotations: []string,
- buildArgs: [string]string,
- buildOptions: BuildOptions,
- cniConfigDir: string,
- cniPluginDir: string,
- compression: string,
- contextDir: string,
- defaultsMountFilePath: string,
- dockerfiles: []string,
- err: string,
- forceRmIntermediateCtrs: bool,
- iidfile: string,
- label: []string,
- layers: bool,
- nocache: bool,
- out: string,
- output: string,
- outputFormat: string,
- pullPolicy: string,
- quiet: bool,
- remoteIntermediateCtrs: bool,
- reportWriter: string,
- runtimeArgs: []string,
- squash: bool
-)
-
-# MoreResponse is a struct for when responses from varlink requires longer output
-type MoreResponse (
- logs: []string,
- id: string
-)
-
-# ListPodContainerInfo is a returned struct for describing containers
-# in a pod.
-type ListPodContainerInfo (
- name: string,
- id: string,
- status: string
-)
-
-# PodCreate is an input structure for creating pods.
-# It emulates options to podman pod create. The infraCommand and
-# infraImage options are currently NotSupported.
-type PodCreate (
- name: string,
- cgroupParent: string,
- labels: [string]string,
- share: []string,
- infra: bool,
- infraCommand: string,
- infraImage: string,
- publish: []string
-)
-
-# ListPodData is the returned struct for an individual pod
-type ListPodData (
- id: string,
- name: string,
- createdat: string,
- cgroup: string,
- status: string,
- labels: [string]string,
- numberofcontainers: string,
- containersinfo: []ListPodContainerInfo
-)
-
-type PodContainerErrorData (
- containerid: string,
- reason: string
-)
-
-# Runlabel describes the required input for container runlabel
-type Runlabel(
- image: string,
- authfile: string,
- display: bool,
- name: string,
- pull: bool,
- label: string,
- extraArgs: []string,
- opts: [string]string
-)
-
-# Event describes a libpod struct
-type Event(
- # TODO: make status and type a enum at some point?
- # id is the container, volume, pod, image ID
- id: string,
- # image is the image name where applicable
- image: string,
- # name is the name of the pod, container, image
- name: string,
- # status describes the event that happened (i.e. create, remove, ...)
- status: string,
- # time the event happened
- time: string,
- # type describes object the event happened with (image, container...)
- type: string
-)
-
-type DiffInfo(
- # path that is different
- path: string,
- # Add, Delete, Modify
- changeType: string
-)
-
-type ExecOpts(
- # container name or id
- name: string,
- # Create pseudo tty
- tty: bool,
- # privileged access in container
- privileged: bool,
- # command to execute in container
- cmd: []string,
- # user to use in container
- user: ?string,
- # workdir to run command in container
- workdir: ?string,
- # slice of keyword=value environment variables
- env: ?[]string,
- # string of detach keys
- detachKeys: ?string
-)
-
-# GetVersion returns version and build information of the podman service
-method GetVersion() -> (
- version: string,
- go_version: string,
- git_commit: string,
- built: string, # as RFC3339
- os_arch: string,
- remote_api_version: int
-)
-
-# Reset resets Podman back to its initial state.
-# Removes all Pods, Containers, Images and Volumes
-method Reset() -> ()
-
-# GetInfo returns a [PodmanInfo](#PodmanInfo) struct that describes podman and its host such as storage stats,
-# build information of Podman, and system-wide registries.
-method GetInfo() -> (info: PodmanInfo)
-
-# ListContainers returns information about all containers.
-# See also [GetContainer](#GetContainer).
-method ListContainers() -> (containers: []Container)
-
-method Ps(opts: PsOpts) -> (containers: []PsContainer)
-
-method GetContainersByStatus(status: []string) -> (containerS: []Container)
-
-method Top (nameOrID: string, descriptors: []string) -> (top: []string)
-
-# HealthCheckRun executes defined container's healthcheck command
-# and returns the container's health status.
-method HealthCheckRun (nameOrID: string) -> (healthCheckStatus: string)
-
-# GetContainer returns information about a single container. If a container
-# with the given id doesn't exist, a [ContainerNotFound](#ContainerNotFound)
-# error will be returned. See also [ListContainers](ListContainers) and
-# [InspectContainer](#InspectContainer).
-method GetContainer(id: string) -> (container: Container)
-
-# GetContainersByContext allows you to get a list of container ids depending on all, latest, or a list of
-# container names. The definition of latest container means the latest by creation date. In a multi-
-# user environment, results might differ from what you expect.
-method GetContainersByContext(all: bool, latest: bool, args: []string) -> (containers: []string)
-
-# CreateContainer creates a new container from an image. It uses a [Create](#Create) type for input.
-method CreateContainer(create: Create) -> (container: string)
-
-# InspectContainer data takes a name or ID of a container returns the inspection
-# data in string format. You can then serialize the string into JSON. A [ContainerNotFound](#ContainerNotFound)
-# error will be returned if the container cannot be found. See also [InspectImage](#InspectImage).
-method InspectContainer(name: string) -> (container: string)
-
-# ListContainerProcesses takes a name or ID of a container and returns the processes
-# running inside the container as array of strings. It will accept an array of string
-# arguments that represent ps options. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound)
-# error will be returned.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ListContainerProcesses '{"name": "135d71b9495f", "opts": []}'
-# {
-# "container": [
-# " UID PID PPID C STIME TTY TIME CMD",
-# " 0 21220 21210 0 09:05 pts/0 00:00:00 /bin/sh",
-# " 0 21232 21220 0 09:05 pts/0 00:00:00 top",
-# " 0 21284 21220 0 09:05 pts/0 00:00:00 vi /etc/hosts"
-# ]
-# }
-# ~~~
-method ListContainerProcesses(name: string, opts: []string) -> (container: []string)
-
-# GetContainerLogs takes a name or ID of a container and returns the logs of that container.
-# If the container cannot be found, a [ContainerNotFound](#ContainerNotFound) error will be returned.
-# The container logs are returned as an array of strings. GetContainerLogs will honor the streaming
-# capability of varlink if the client invokes it.
-method GetContainerLogs(name: string) -> (container: []string)
-
-method GetContainersLogs(names: []string, follow: bool, latest: bool, since: string, tail: int, timestamps: bool) -> (log: LogLine)
-
-# ListContainerChanges takes a name or ID of a container and returns changes between the container and
-# its base image. It returns a struct of changed, deleted, and added path names.
-method ListContainerChanges(name: string) -> (container: ContainerChanges)
-
-# ExportContainer creates an image from a container. It takes the name or ID of a container and a
-# path representing the target tarfile. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound)
-# error will be returned.
-# The return value is the written tarfile.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ExportContainer '{"name": "flamboyant_payne", "path": "/tmp/payne.tar" }'
-# {
-# "tarfile": "/tmp/payne.tar"
-# }
-# ~~~
-method ExportContainer(name: string, path: string) -> (tarfile: string)
-
-# GetContainerStats takes the name or ID of a container and returns a single ContainerStats structure which
-# contains attributes like memory and cpu usage. If the container cannot be found, a
-# [ContainerNotFound](#ContainerNotFound) error will be returned. If the container is not running, a [NoContainerRunning](#NoContainerRunning)
-# error will be returned
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.GetContainerStats '{"name": "c33e4164f384"}'
-# {
-# "container": {
-# "block_input": 0,
-# "block_output": 0,
-# "cpu": 2.571123918839990154678e-08,
-# "cpu_nano": 49037378,
-# "id": "c33e4164f384aa9d979072a63319d66b74fd7a128be71fa68ede24f33ec6cfee",
-# "mem_limit": 33080606720,
-# "mem_perc": 2.166828456524753747370e-03,
-# "mem_usage": 716800,
-# "name": "competent_wozniak",
-# "net_input": 768,
-# "net_output": 5910,
-# "pids": 1,
-# "system_nano": 10000000
-# }
-# }
-# ~~~
-method GetContainerStats(name: string) -> (container: ContainerStats)
-
-# GetContainerStatsWithHistory takes a previous set of container statistics and uses libpod functions
-# to calculate the containers statistics based on current and previous measurements.
-method GetContainerStatsWithHistory(previousStats: ContainerStats) -> (container: ContainerStats)
-
-# This method has not be implemented yet.
-# method ResizeContainerTty() -> (notimplemented: NotImplemented)
-
-# StartContainer starts a created or stopped container. It takes the name or ID of container. It returns
-# the container ID once started. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound)
-# error will be returned. See also [CreateContainer](#CreateContainer).
-method StartContainer(name: string) -> (container: string)
-
-# StopContainer stops a container given a timeout. It takes the name or ID of a container as well as a
-# timeout value. The timeout value the time before a forcible stop to the container is applied. It
-# returns the container ID once stopped. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound)
-# error will be returned instead. See also [KillContainer](KillContainer).
-# #### Error
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.StopContainer '{"name": "135d71b9495f", "timeout": 5}'
-# {
-# "container": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6"
-# }
-# ~~~
-method StopContainer(name: string, timeout: int) -> (container: string)
-
-# InitContainer initializes the given container. It accepts a container name or
-# ID, and will initialize the container matching that ID if possible, and error
-# if not. Containers can only be initialized when they are in the Created or
-# Exited states. Initialization prepares a container to be started, but does not
-# start the container. It is intended to be used to debug a container's state
-# prior to starting it.
-method InitContainer(name: string) -> (container: string)
-
-# RestartContainer will restart a running container given a container name or ID and timeout value. The timeout
-# value is the time before a forcible stop is used to stop the container. If the container cannot be found by
-# name or ID, a [ContainerNotFound](#ContainerNotFound) error will be returned; otherwise, the ID of the
-# container will be returned.
-method RestartContainer(name: string, timeout: int) -> (container: string)
-
-# KillContainer takes the name or ID of a container as well as a signal to be applied to the container. Once the
-# container has been killed, the container's ID is returned. If the container cannot be found, a
-# [ContainerNotFound](#ContainerNotFound) error is returned. See also [StopContainer](StopContainer).
-method KillContainer(name: string, signal: int) -> (container: string)
-
-# This method has not be implemented yet.
-# method UpdateContainer() -> (notimplemented: NotImplemented)
-
-# This method has not be implemented yet.
-# method RenameContainer() -> (notimplemented: NotImplemented)
-
-# PauseContainer takes the name or ID of container and pauses it. If the container cannot be found,
-# a [ContainerNotFound](#ContainerNotFound) error will be returned; otherwise the ID of the container is returned.
-# See also [UnpauseContainer](#UnpauseContainer).
-method PauseContainer(name: string) -> (container: string)
-
-# UnpauseContainer takes the name or ID of container and unpauses a paused container. If the container cannot be
-# found, a [ContainerNotFound](#ContainerNotFound) error will be returned; otherwise the ID of the container is returned.
-# See also [PauseContainer](#PauseContainer).
-method UnpauseContainer(name: string) -> (container: string)
-
-# Attach takes the name or ID of a container and sets up the ability to remotely attach to its console. The start
-# bool is whether you wish to start the container in question first.
-method Attach(name: string, detachKeys: string, start: bool) -> ()
-
-method AttachControl(name: string) -> ()
-
-# GetAttachSockets takes the name or ID of an existing container. It returns file paths for two sockets needed
-# to properly communicate with a container. The first is the actual I/O socket that the container uses. The
-# second is a "control" socket where things like resizing the TTY events are sent. If the container cannot be
-# found, a [ContainerNotFound](#ContainerNotFound) error will be returned.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/io.podman/io.podman.GetAttachSockets '{"name": "b7624e775431219161"}'
-# {
-# "sockets": {
-# "container_id": "b7624e7754312191613245ce1a46844abee60025818fe3c3f3203435623a1eca",
-# "control_socket": "/var/lib/containers/storage/overlay-containers/b7624e7754312191613245ce1a46844abee60025818fe3c3f3203435623a1eca/userdata/ctl",
-# "io_socket": "/var/run/libpod/socket/b7624e7754312191613245ce1a46844abee60025818fe3c3f3203435623a1eca/attach"
-# }
-# }
-# ~~~
-method GetAttachSockets(name: string) -> (sockets: Sockets)
-
-# WaitContainer takes the name or ID of a container and waits the given interval in milliseconds until the container
-# stops. Upon stopping, the return code of the container is returned. If the container container cannot be found by ID
-# or name, a [ContainerNotFound](#ContainerNotFound) error is returned.
-method WaitContainer(name: string, interval: int) -> (exitcode: int)
-
-# RemoveContainer requires the name or ID of a container as well as a boolean that
-# indicates whether a container should be forcefully removed (e.g., by stopping it), and a boolean
-# indicating whether to remove builtin volumes. Upon successful removal of the
-# container, its ID is returned. If the
-# container cannot be found by name or ID, a [ContainerNotFound](#ContainerNotFound) error will be returned.
-# See also [EvictContainer](EvictContainer).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.RemoveContainer '{"name": "62f4fd98cb57"}'
-# {
-# "container": "62f4fd98cb57f529831e8f90610e54bba74bd6f02920ffb485e15376ed365c20"
-# }
-# ~~~
-method RemoveContainer(name: string, force: bool, removeVolumes: bool) -> (container: string)
-
-# EvictContainer requires the name or ID of a container as well as a boolean that
-# indicates to remove builtin volumes. Upon successful eviction of the container,
-# its ID is returned. If the container cannot be found by name or ID,
-# a [ContainerNotFound](#ContainerNotFound) error will be returned.
-# See also [RemoveContainer](RemoveContainer).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.EvictContainer '{"name": "62f4fd98cb57"}'
-# {
-# "container": "62f4fd98cb57f529831e8f90610e54bba74bd6f02920ffb485e15376ed365c20"
-# }
-# ~~~
-method EvictContainer(name: string, removeVolumes: bool) -> (container: string)
-
-# DeleteStoppedContainers will delete all containers that are not running. It will return a list the deleted
-# container IDs. See also [RemoveContainer](RemoveContainer).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.DeleteStoppedContainers
-# {
-# "containers": [
-# "451410b931d00def8aa9b4f8084e4d4a39e5e04ea61f358cf53a5cf95afcdcee",
-# "8b60f754a3e01389494a9581ade97d35c2765b6e2f19acd2d3040c82a32d1bc0",
-# "cf2e99d4d3cad6073df199ed32bbe64b124f3e1aba6d78821aa8460e70d30084",
-# "db901a329587312366e5ecff583d08f0875b4b79294322df67d90fc6eed08fc1"
-# ]
-# }
-# ~~~
-method DeleteStoppedContainers() -> (containers: []string)
-
-# ListImages returns information about the images that are currently in storage.
-# See also [InspectImage](#InspectImage).
-method ListImages() -> (images: []Image)
-
-# ListImagesWithFilters returns information about the images that are currently in storage
-# after one or more filters has been applied.
-# See also [InspectImage](#InspectImage).
-method ListImagesWithFilters(filters: []string) -> (images: []Image)
-
-# GetImage returns information about a single image in storage.
-# If the image caGetImage returns be found, [ImageNotFound](#ImageNotFound) will be returned.
-method GetImage(id: string) -> (image: Image)
-
-# BuildImage takes a [BuildInfo](#BuildInfo) structure and builds an image. At a minimum, you must provide the
-# contextDir tarball path, the 'dockerfiles' path, and 'output' option in the BuildInfo structure. The 'output'
-# options is the name of the of the resulting build. It will return a [MoreResponse](#MoreResponse) structure
-# that contains the build logs and resulting image ID.
-# #### Example
-# ~~~
-# $ sudo varlink call -m unix:///run/podman/io.podman/io.podman.BuildImage '{"build":{"contextDir":"/tmp/t/context.tar","dockerfiles":["Dockerfile"], "output":"foobar"}}'
-# {
-# "image": {
-# "id": "",
-# "logs": [
-# "STEP 1: FROM alpine\n"
-# ]
-# }
-# }
-# {
-# "image": {
-# "id": "",
-# "logs": [
-# "STEP 2: COMMIT foobar\n"
-# ]
-# }
-# }
-# {
-# "image": {
-# "id": "",
-# "logs": [
-# "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9\n"
-# ]
-# }
-# }
-# {
-# "image": {
-# "id": "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9",
-# "logs": []
-# }
-# }
-# ~~~
-method BuildImage(build: BuildInfo) -> (image: MoreResponse)
-
-# This function is not implemented yet.
-# method CreateImage() -> (notimplemented: NotImplemented)
-
-# InspectImage takes the name or ID of an image and returns a string representation of data associated with the
-#image. You must serialize the string into JSON to use it further. An [ImageNotFound](#ImageNotFound) error will
-# be returned if the image cannot be found.
-method InspectImage(name: string) -> (image: string)
-
-# HistoryImage takes the name or ID of an image and returns information about its history and layers. The returned
-# history is in the form of an array of ImageHistory structures. If the image cannot be found, an
-# [ImageNotFound](#ImageNotFound) error is returned.
-method HistoryImage(name: string) -> (history: []ImageHistory)
-
-# PushImage takes two input arguments: the name or ID of an image, the fully-qualified destination name of the image,
-# It will return an [ImageNotFound](#ImageNotFound) error if
-# the image cannot be found in local storage; otherwise it will return a [MoreResponse](#MoreResponse)
-method PushImage(name: string, tag: string, compress: bool, format: string, removeSignatures: bool, signBy: string) -> (reply: MoreResponse)
-
-# TagImage takes the name or ID of an image in local storage as well as the desired tag name. If the image cannot
-# be found, an [ImageNotFound](#ImageNotFound) error will be returned; otherwise, the ID of the image is returned on success.
-method TagImage(name: string, tagged: string) -> (image: string)
-
-# UntagImage takes the name or ID of an image in local storage as well as the
-# tag name to be removed. If the image cannot be found, an
-# [ImageNotFound](#ImageNotFound) error will be returned; otherwise, the ID of
-# the image is returned on success.
-method UntagImage(name: string, tag: string) -> (image: string)
-
-# RemoveImage takes the name or ID of an image as well as a boolean that determines if containers using that image
-# should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The
-# ID of the removed image is returned when complete. See also [DeleteUnusedImages](DeleteUnusedImages).
-# #### Example
-# ~~~
-# varlink call -m unix:/run/podman/io.podman/io.podman.RemoveImage '{"name": "registry.fedoraproject.org/fedora", "force": true}'
-# {
-# "image": "426866d6fa419873f97e5cbd320eeb22778244c1dfffa01c944db3114f55772e"
-# }
-# ~~~
-method RemoveImage(name: string, force: bool) -> (image: string)
-
-# RemoveImageWithResponse takes the name or ID of an image as well as a boolean that determines if containers using that image
-# should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The response is
-# in the form of a RemoveImageResponse .
-method RemoveImageWithResponse(name: string, force: bool) -> (response: RemoveImageResponse)
-
-# SearchImages searches available registries for images that contain the
-# contents of "query" in their name. If "limit" is given, limits the amount of
-# search results per registry.
-method SearchImages(query: string, limit: ?int, filter: ImageSearchFilter) -> (results: []ImageSearchResult)
-
-# DeleteUnusedImages deletes any images not associated with a container. The IDs of the deleted images are returned
-# in a string array.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.DeleteUnusedImages
-# {
-# "images": [
-# "166ea6588079559c724c15223f52927f514f73dd5c5cf2ae2d143e3b2e6e9b52",
-# "da86e6ba6ca197bf6bc5e9d900febd906b133eaa4750e6bed647b0fbe50ed43e",
-# "3ef70f7291f47dfe2b82931a993e16f5a44a0e7a68034c3e0e086d77f5829adc",
-# "59788edf1f3e78cd0ebe6ce1446e9d10788225db3dedcfd1a59f764bad2b2690"
-# ]
-# }
-# ~~~
-method DeleteUnusedImages() -> (images: []string)
-
-# Commit, creates an image from an existing container. It requires the name or
-# ID of the container as well as the resulting image name. Optionally, you can define an author and message
-# to be added to the resulting image. You can also define changes to the resulting image for the following
-# attributes: _CMD, ENTRYPOINT, ENV, EXPOSE, LABEL, ONBUILD, STOPSIGNAL, USER, VOLUME, and WORKDIR_. To pause the
-# container while it is being committed, pass a _true_ bool for the pause argument. If the container cannot
-# be found by the ID or name provided, a (ContainerNotFound)[#ContainerNotFound] error will be returned; otherwise,
-# the resulting image's ID will be returned as a string inside a MoreResponse.
-method Commit(name: string, image_name: string, changes: []string, author: string, message: string, pause: bool, manifestType: string) -> (reply: MoreResponse)
-
-# ImportImage imports an image from a source (like tarball) into local storage. The image can have additional
-# descriptions added to it using the message and changes options. See also [ExportImage](ExportImage).
-method ImportImage(source: string, reference: string, message: string, changes: []string, delete: bool) -> (image: string)
-
-# ExportImage takes the name or ID of an image and exports it to a destination like a tarball. There is also
-# a boolean option to force compression. It also takes in a string array of tags to be able to save multiple
-# tags of the same image to a tarball (each tag should be of the form <image>:<tag>). Upon completion, the ID
-# of the image is returned. If the image cannot be found in local storage, an [ImageNotFound](#ImageNotFound)
-# error will be returned. See also [ImportImage](ImportImage).
-method ExportImage(name: string, destination: string, compress: bool, tags: []string) -> (image: string)
-
-# PullImage pulls an image from a repository to local storage. After a successful pull, the image id and logs
-# are returned as a [MoreResponse](#MoreResponse). This connection also will handle a WantsMores request to send
-# status as it occurs.
-method PullImage(name: string, creds: AuthConfig) -> (reply: MoreResponse)
-
-# CreatePod creates a new empty pod. It uses a [PodCreate](#PodCreate) type for input.
-# On success, the ID of the newly created pod will be returned.
-# #### Example
-# ~~~
-# $ varlink call unix:/run/podman/io.podman/io.podman.CreatePod '{"create": {"name": "test"}}'
-# {
-# "pod": "b05dee7bd4ccfee688099fe1588a7a898d6ddd6897de9251d4671c9b0feacb2a"
-# }
-#
-# $ varlink call unix:/run/podman/io.podman/io.podman.CreatePod '{"create": {"infra": true, "share": ["ipc", "net", "uts"]}}'
-# {
-# "pod": "d7697449a8035f613c1a8891286502aca68fff7d5d49a85279b3bda229af3b28"
-# }
-# ~~~
-method CreatePod(create: PodCreate) -> (pod: string)
-
-# ListPods returns a list of pods in no particular order. They are
-# returned as an array of ListPodData structs. See also [GetPod](#GetPod).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ListPods
-# {
-# "pods": [
-# {
-# "cgroup": "machine.slice",
-# "containersinfo": [
-# {
-# "id": "00c130a45de0411f109f1a0cfea2e298df71db20fa939de5cab8b2160a36be45",
-# "name": "1840835294cf-infra",
-# "status": "running"
-# },
-# {
-# "id": "49a5cce72093a5ca47c6de86f10ad7bb36391e2d89cef765f807e460865a0ec6",
-# "name": "upbeat_murdock",
-# "status": "running"
-# }
-# ],
-# "createdat": "2018-12-07 13:10:15.014139258 -0600 CST",
-# "id": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f",
-# "name": "foobar",
-# "numberofcontainers": "2",
-# "status": "Running"
-# },
-# {
-# "cgroup": "machine.slice",
-# "containersinfo": [
-# {
-# "id": "1ca4b7bbba14a75ba00072d4b705c77f3df87db0109afaa44d50cb37c04a477e",
-# "name": "784306f655c6-infra",
-# "status": "running"
-# }
-# ],
-# "createdat": "2018-12-07 13:09:57.105112457 -0600 CST",
-# "id": "784306f655c6200aea321dd430ba685e9b2cc1f7d7528a72f3ff74ffb29485a2",
-# "name": "nostalgic_pike",
-# "numberofcontainers": "1",
-# "status": "Running"
-# }
-# ]
-# }
-# ~~~
-method ListPods() -> (pods: []ListPodData)
-
-# GetPod takes a name or ID of a pod and returns single [ListPodData](#ListPodData)
-# structure. A [PodNotFound](#PodNotFound) error will be returned if the pod cannot be found.
-# See also [ListPods](ListPods).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.GetPod '{"name": "foobar"}'
-# {
-# "pod": {
-# "cgroup": "machine.slice",
-# "containersinfo": [
-# {
-# "id": "00c130a45de0411f109f1a0cfea2e298df71db20fa939de5cab8b2160a36be45",
-# "name": "1840835294cf-infra",
-# "status": "running"
-# },
-# {
-# "id": "49a5cce72093a5ca47c6de86f10ad7bb36391e2d89cef765f807e460865a0ec6",
-# "name": "upbeat_murdock",
-# "status": "running"
-# }
-# ],
-# "createdat": "2018-12-07 13:10:15.014139258 -0600 CST",
-# "id": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f",
-# "name": "foobar",
-# "numberofcontainers": "2",
-# "status": "Running"
-# }
-# }
-# ~~~
-method GetPod(name: string) -> (pod: ListPodData)
-
-# InspectPod takes the name or ID of an image and returns a string representation of data associated with the
-# pod. You must serialize the string into JSON to use it further. A [PodNotFound](#PodNotFound) error will
-# be returned if the pod cannot be found.
-method InspectPod(name: string) -> (pod: string)
-
-# StartPod starts containers in a pod. It takes the name or ID of pod. If the pod cannot be found, a [PodNotFound](#PodNotFound)
-# error will be returned. Containers in a pod are started independently. If there is an error starting one container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was started with no errors, the pod ID is returned.
-# See also [CreatePod](#CreatePod).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.StartPod '{"name": "135d71b9495f"}'
-# {
-# "pod": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6",
-# }
-# ~~~
-method StartPod(name: string) -> (pod: string)
-
-# StopPod stops containers in a pod. It takes the name or ID of a pod and a timeout.
-# If the pod cannot be found, a [PodNotFound](#PodNotFound) error will be returned instead.
-# Containers in a pod are stopped independently. If there is an error stopping one container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was stopped with no errors, the pod ID is returned.
-# See also [KillPod](KillPod).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.StopPod '{"name": "135d71b9495f"}'
-# {
-# "pod": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6"
-# }
-# ~~~
-method StopPod(name: string, timeout: int) -> (pod: string)
-
-# RestartPod will restart containers in a pod given a pod name or ID. Containers in
-# the pod that are running will be stopped, then all stopped containers will be run.
-# If the pod cannot be found by name or ID, a [PodNotFound](#PodNotFound) error will be returned.
-# Containers in a pod are restarted independently. If there is an error restarting one container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was restarted with no errors, the pod ID is returned.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.RestartPod '{"name": "135d71b9495f"}'
-# {
-# "pod": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6"
-# }
-# ~~~
-method RestartPod(name: string) -> (pod: string)
-
-# KillPod takes the name or ID of a pod as well as a signal to be applied to the pod. If the pod cannot be found, a
-# [PodNotFound](#PodNotFound) error is returned.
-# Containers in a pod are killed independently. If there is an error killing one container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was killed with no errors, the pod ID is returned.
-# See also [StopPod](StopPod).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.KillPod '{"name": "foobar", "signal": 15}'
-# {
-# "pod": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f"
-# }
-# ~~~
-method KillPod(name: string, signal: int) -> (pod: string)
-
-# PausePod takes the name or ID of a pod and pauses the running containers associated with it. If the pod cannot be found,
-# a [PodNotFound](#PodNotFound) error will be returned.
-# Containers in a pod are paused independently. If there is an error pausing one container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was paused with no errors, the pod ID is returned.
-# See also [UnpausePod](#UnpausePod).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.PausePod '{"name": "foobar"}'
-# {
-# "pod": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f"
-# }
-# ~~~
-method PausePod(name: string) -> (pod: string)
-
-# UnpausePod takes the name or ID of a pod and unpauses the paused containers associated with it. If the pod cannot be
-# found, a [PodNotFound](#PodNotFound) error will be returned.
-# Containers in a pod are unpaused independently. If there is an error unpausing one container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was unpaused with no errors, the pod ID is returned.
-# See also [PausePod](#PausePod).
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.UnpausePod '{"name": "foobar"}'
-# {
-# "pod": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f"
-# }
-# ~~~
-method UnpausePod(name: string) -> (pod: string)
-
-# RemovePod takes the name or ID of a pod as well a boolean representing whether a running
-# container in the pod can be stopped and removed. If a pod has containers associated with it, and force is not true,
-# an error will occur.
-# If the pod cannot be found by name or ID, a [PodNotFound](#PodNotFound) error will be returned.
-# Containers in a pod are removed independently. If there is an error removing any container, the ID of those containers
-# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError).
-# If the pod was removed with no errors, the pod ID is returned.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.RemovePod '{"name": "62f4fd98cb57", "force": "true"}'
-# {
-# "pod": "62f4fd98cb57f529831e8f90610e54bba74bd6f02920ffb485e15376ed365c20"
-# }
-# ~~~
-method RemovePod(name: string, force: bool) -> (pod: string)
-
-# This method has not be implemented yet.
-# method WaitPod() -> (notimplemented: NotImplemented)
-
-method TopPod(pod: string, latest: bool, descriptors: []string) -> (stats: []string)
-
-# GetPodStats takes the name or ID of a pod and returns a pod name and slice of ContainerStats structure which
-# contains attributes like memory and cpu usage. If the pod cannot be found, a [PodNotFound](#PodNotFound)
-# error will be returned. If the pod has no running containers associated with it, a [NoContainerRunning](#NoContainerRunning)
-# error will be returned.
-# #### Example
-# ~~~
-# $ varlink call unix:/run/podman/io.podman/io.podman.GetPodStats '{"name": "7f62b508b6f12b11d8fe02e"}'
-# {
-# "containers": [
-# {
-# "block_input": 0,
-# "block_output": 0,
-# "cpu": 2.833470544016107524276e-08,
-# "cpu_nano": 54363072,
-# "id": "a64b51f805121fe2c5a3dc5112eb61d6ed139e3d1c99110360d08b58d48e4a93",
-# "mem_limit": 12276146176,
-# "mem_perc": 7.974359265237864966003e-03,
-# "mem_usage": 978944,
-# "name": "quirky_heisenberg",
-# "net_input": 866,
-# "net_output": 7388,
-# "pids": 1,
-# "system_nano": 20000000
-# }
-# ],
-# "pod": "7f62b508b6f12b11d8fe02e0db4de6b9e43a7d7699b33a4fc0d574f6e82b4ebd"
-# }
-# ~~~
-method GetPodStats(name: string) -> (pod: string, containers: []ContainerStats)
-
-# GetPodsByStatus searches for pods whose status is included in statuses
-method GetPodsByStatus(statuses: []string) -> (pods: []string)
-
-# ImageExists talks a full or partial image ID or name and returns an int as to whether
-# the image exists in local storage. An int result of 0 means the image does exist in
-# local storage; whereas 1 indicates the image does not exists in local storage.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ImageExists '{"name": "imageddoesntexist"}'
-# {
-# "exists": 1
-# }
-# ~~~
-method ImageExists(name: string) -> (exists: int)
-
-# ImageTree returns the image tree for the provided image name or ID
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ImageTree '{"name": "alpine"}'
-# {
-# "tree": "Image ID: e7d92cdc71fe\nTags: [docker.io/library/alpine:latest]\nSize: 5.861MB\nImage Layers\nā””ā”€ā”€ ID: 5216338b40a7 Size: 5.857MB Top Layer of: [docker.io/library/alpine:latest]\n"
-# }
-# ~~~
-method ImageTree(name: string, whatRequires: bool) -> (tree: string)
-
-# ContainerExists takes a full or partial container ID or name and returns an int as to
-# whether the container exists in local storage. A result of 0 means the container does
-# exists; whereas a result of 1 means it could not be found.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ContainerExists '{"name": "flamboyant_payne"}'{
-# "exists": 0
-# }
-# ~~~
-method ContainerExists(name: string) -> (exists: int)
-
-# ContainerCheckPoint performs a checkpopint on a container by its name or full/partial container
-# ID. On successful checkpoint, the id of the checkpointed container is returned.
-method ContainerCheckpoint(name: string, keep: bool, leaveRunning: bool, tcpEstablished: bool) -> (id: string)
-
-# ContainerRestore restores a container that has been checkpointed. The container to be restored can
-# be identified by its name or full/partial container ID. A successful restore will result in the return
-# of the container's ID.
-method ContainerRestore(name: string, keep: bool, tcpEstablished: bool) -> (id: string)
-
-# ContainerRunlabel runs executes a command as described by a given container image label.
-method ContainerRunlabel(runlabel: Runlabel) -> ()
-
-# ExecContainer executes a command in the given container.
-method ExecContainer(opts: ExecOpts) -> ()
-
-# ListContainerMounts gathers all the mounted container mount points and returns them as an array
-# of strings
-# #### Example
-# ~~~
-# $ varlink call unix:/run/podman/io.podman/io.podman.ListContainerMounts
-# {
-# "mounts": {
-# "04e4c255269ed2545e7f8bd1395a75f7949c50c223415c00c1d54bfa20f3b3d9": "/var/lib/containers/storage/overlay/a078925828f57e20467ca31cfca8a849210d21ec7e5757332b72b6924f441c17/merged",
-# "1d58c319f9e881a644a5122ff84419dccf6d138f744469281446ab243ef38924": "/var/lib/containers/storage/overlay/948fcf93f8cb932f0f03fd52e3180a58627d547192ffe3b88e0013b98ddcd0d2/merged"
-# }
-# }
-# ~~~
-method ListContainerMounts() -> (mounts: [string]string)
-
-# MountContainer mounts a container by name or full/partial ID. Upon a successful mount, the destination
-# mount is returned as a string.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.MountContainer '{"name": "jolly_shannon"}'{
-# "path": "/var/lib/containers/storage/overlay/419eeb04e783ea159149ced67d9fcfc15211084d65e894792a96bedfae0470ca/merged"
-# }
-# ~~~
-method MountContainer(name: string) -> (path: string)
-
-# UnmountContainer umounts a container by its name or full/partial container ID.
-# #### Example
-# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.UnmountContainer '{"name": "jolly_shannon", "force": false}'
-# {}
-# ~~~
-method UnmountContainer(name: string, force: bool) -> ()
-
-# ImagesPrune removes all unused images from the local store. Upon successful pruning,
-# the IDs of the removed images are returned.
-method ImagesPrune(all: bool, filter: []string) -> (pruned: []string)
-
-# This function is not implemented yet.
-# method ListContainerPorts(name: string) -> (notimplemented: NotImplemented)
-
-# GenerateKube generates a Kubernetes v1 Pod description of a Podman container or pod
-# and its containers. The description is in YAML. See also [ReplayKube](ReplayKube).
-method GenerateKube(name: string, service: bool) -> (pod: KubePodService)
-
-# ReplayKube recreates a pod and its containers based on a Kubernetes v1 Pod description (in YAML)
-# like that created by GenerateKube. See also [GenerateKube](GenerateKube).
-# method ReplayKube() -> (notimplemented: NotImplemented)
-
-# ContainerConfig returns a container's config in string form. This call is for
-# development of Podman only and generally should not be used.
-method ContainerConfig(name: string) -> (config: string)
-
-# ContainerArtifacts returns a container's artifacts in string form. This call is for
-# development of Podman only and generally should not be used.
-method ContainerArtifacts(name: string, artifactName: string) -> (config: string)
-
-# ContainerInspectData returns a container's inspect data in string form. This call is for
-# development of Podman only and generally should not be used.
-method ContainerInspectData(name: string, size: bool) -> (config: string)
-
-# ContainerStateData returns a container's state config in string form. This call is for
-# development of Podman only and generally should not be used.
-method ContainerStateData(name: string) -> (config: string)
-
-# PodStateData returns inspectr level information of a given pod in string form. This call is for
-# development of Podman only and generally should not be used.
-method PodStateData(name: string) -> (config: string)
-
-# This call is for the development of Podman only and should not be used.
-method CreateFromCC(in: []string) -> (id: string)
-
-# Spec returns the oci spec for a container. This call is for development of Podman only and generally should not be used.
-method Spec(name: string) -> (config: string)
-
-# Sendfile allows a remote client to send a file to the host
-method SendFile(type: string, length: int) -> (file_handle: string)
-
-# ReceiveFile allows the host to send a remote client a file
-method ReceiveFile(path: string, delete: bool) -> (len: int)
-
-# VolumeCreate creates a volume on a remote host
-method VolumeCreate(options: VolumeCreateOpts) -> (volumeName: string)
-
-# VolumeRemove removes a volume on a remote host
-method VolumeRemove(options: VolumeRemoveOpts) -> (successes: []string, failures: [string]string)
-
-# GetVolumes gets slice of the volumes on a remote host
-method GetVolumes(args: []string, all: bool) -> (volumes: []Volume)
-
-# InspectVolume inspects a single volume. Returns inspect JSON in the form of a
-# string.
-method InspectVolume(name: string) -> (volume: string)
-
-# VolumesPrune removes unused volumes on the host
-method VolumesPrune() -> (prunedNames: []string, prunedErrors: []string)
-
-# ImageSave allows you to save an image from the local image storage to a tarball
-method ImageSave(options: ImageSaveOptions) -> (reply: MoreResponse)
-
-# GetPodsByContext allows you to get a list pod ids depending on all, latest, or a list of
-# pod names. The definition of latest pod means the latest by creation date. In a multi-
-# user environment, results might differ from what you expect.
-method GetPodsByContext(all: bool, latest: bool, args: []string) -> (pods: []string)
-
-# LoadImage allows you to load an image into local storage from a tarball.
-method LoadImage(name: string, inputFile: string, quiet: bool, deleteFile: bool) -> (reply: MoreResponse)
-
-# GetEvents returns known libpod events filtered by the options provided.
-method GetEvents(filter: []string, since: string, until: string) -> (events: Event)
-
-# Diff returns a diff between libpod objects
-method Diff(name: string) -> (diffs: []DiffInfo)
-
-# GetLayersMapWithImageInfo is for the development of Podman and should not be used.
-method GetLayersMapWithImageInfo() -> (layerMap: string)
-
-# BuildImageHierarchyMap is for the development of Podman and should not be used.
-method BuildImageHierarchyMap(name: string) -> (imageInfo: string)
-
-# ImageNotFound means the image could not be found by the provided name or ID in local storage.
-error ImageNotFound (id: string, reason: string)
-
-# ContainerNotFound means the container could not be found by the provided name or ID in local storage.
-error ContainerNotFound (id: string, reason: string)
-
-# NoContainerRunning means none of the containers requested are running in a command that requires a running container.
-error NoContainerRunning ()
-
-# PodNotFound means the pod could not be found by the provided name or ID in local storage.
-error PodNotFound (name: string, reason: string)
-
-# VolumeNotFound means the volume could not be found by the name or ID in local storage.
-error VolumeNotFound (id: string, reason: string)
-
-# PodContainerError means a container associated with a pod failed to perform an operation. It contains
-# a container ID of the container that failed.
-error PodContainerError (podname: string, errors: []PodContainerErrorData)
-
-# NoContainersInPod means a pod has no containers on which to perform the operation. It contains
-# the pod ID.
-error NoContainersInPod (name: string)
-
-# InvalidState indicates that a container or pod was in an improper state for the requested operation
-error InvalidState (id: string, reason: string)
-
-# ErrorOccurred is a generic error for an error that occurs during the execution. The actual error message
-# is includes as part of the error's text.
-error ErrorOccurred (reason: string)
-
-# RuntimeErrors generally means a runtime could not be found or gotten.
-error RuntimeError (reason: string)
-
-# The Podman endpoint requires that you use a streaming connection.
-error WantsMoreRequired (reason: string)
-
-# Container is already stopped
-error ErrCtrStopped (id: string)
-
-# This function requires CGroupsV2 to run in rootless mode.
-error ErrRequiresCgroupsV2ForRootless(reason: string)