aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/create.go8
-rw-r--r--cmd/podman/images.go7
-rw-r--r--cmd/podman/images_prune.go29
-rw-r--r--cmd/podman/info.go2
-rw-r--r--cmd/podman/inspect.go4
-rw-r--r--cmd/podman/pause.go2
-rw-r--r--cmd/podman/ps.go41
-rw-r--r--cmd/podman/rmi.go2
-rw-r--r--cmd/podman/trust.go152
-rw-r--r--cmd/podman/umount.go2
-rw-r--r--cmd/podman/varlink/io.podman.varlink16
-rw-r--r--cmd/podman/version.go2
12 files changed, 198 insertions, 69 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index 065d08df4..c56efa153 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -4,6 +4,7 @@ import (
"context"
"encoding/json"
"fmt"
+ "io"
"io/ioutil"
"os"
"path/filepath"
@@ -128,7 +129,12 @@ func createContainer(c *cli.Context, runtime *libpod.Runtime) (*libpod.Container
var data *inspect.ImageData = nil
if rootfs == "" && !rootless.SkipStorageSetup() {
- newImage, err := runtime.ImageRuntime().New(ctx, c.Args()[0], rtc.SignaturePolicyPath, "", os.Stderr, nil, image.SigningOptions{}, false)
+ var writer io.Writer
+ if !c.Bool("quiet") {
+ writer = os.Stderr
+ }
+
+ newImage, err := runtime.ImageRuntime().New(ctx, c.Args()[0], rtc.SignaturePolicyPath, "", writer, nil, image.SigningOptions{}, false)
if err != nil {
return nil, nil, err
}
diff --git a/cmd/podman/images.go b/cmd/podman/images.go
index 031f06618..d4f405975 100644
--- a/cmd/podman/images.go
+++ b/cmd/podman/images.go
@@ -188,13 +188,6 @@ func imagesCmd(c *cli.Context) error {
}
opts.outputformat = opts.setOutputFormat()
- /*
- podman does not implement --all for images
-
- intermediate images are only generated during the build process. they are
- children to the image once built. until buildah supports caching builds,
- it will not generate these intermediate images.
- */
images, err := runtime.GetImages()
if err != nil {
return errors.Wrapf(err, "unable to get images")
diff --git a/cmd/podman/images_prune.go b/cmd/podman/images_prune.go
index 06879e02d..aef387732 100644
--- a/cmd/podman/images_prune.go
+++ b/cmd/podman/images_prune.go
@@ -2,7 +2,7 @@ package main
import (
"fmt"
- "github.com/containers/libpod/cmd/podman/libpodruntime"
+ "github.com/containers/libpod/libpod/adapter"
"github.com/pkg/errors"
"github.com/urfave/cli"
)
@@ -13,33 +13,36 @@ var (
Removes all unnamed images from local storage
`
-
+ pruneImageFlags = []cli.Flag{
+ cli.BoolFlag{
+ Name: "all, a",
+ Usage: "remove all unused images, not just dangling ones",
+ },
+ }
pruneImagesCommand = cli.Command{
Name: "prune",
Usage: "Remove unused images",
Description: pruneImagesDescription,
Action: pruneImagesCmd,
OnUsageError: usageErrorHandler,
+ Flags: pruneImageFlags,
}
)
func pruneImagesCmd(c *cli.Context) error {
- runtime, err := libpodruntime.GetRuntime(c)
+ runtime, err := adapter.GetRuntime(c)
if err != nil {
return errors.Wrapf(err, "could not get runtime")
}
defer runtime.Shutdown(false)
- pruneImages, err := runtime.ImageRuntime().GetPruneImages()
- if err != nil {
- return err
- }
-
- for _, i := range pruneImages {
- if err := i.Remove(true); err != nil {
- return errors.Wrapf(err, "failed to remove %s", i.ID())
+ // Call prune; if any cids are returned, print them and then
+ // return err in case an error also came up
+ pruneCids, err := runtime.PruneImages(c.Bool("all"))
+ if len(pruneCids) > 0 {
+ for _, cid := range pruneCids {
+ fmt.Println(cid)
}
- fmt.Println(i.ID())
}
- return nil
+ return err
}
diff --git a/cmd/podman/info.go b/cmd/podman/info.go
index 3888829a3..f5f91b603 100644
--- a/cmd/podman/info.go
+++ b/cmd/podman/info.go
@@ -29,7 +29,7 @@ var (
Usage: "display additional debug information",
},
cli.StringFlag{
- Name: "format",
+ Name: "format, f",
Usage: "Change the output format to JSON or a Go template",
},
}
diff --git a/cmd/podman/inspect.go b/cmd/podman/inspect.go
index 3ef740463..1346da9fb 100644
--- a/cmd/podman/inspect.go
+++ b/cmd/podman/inspect.go
@@ -32,7 +32,7 @@ var (
Usage: "Change the output format to a Go template",
},
cli.BoolFlag{
- Name: "size",
+ Name: "size, s",
Usage: "Display total file size if the type is container",
},
LatestFlag,
@@ -40,7 +40,7 @@ var (
inspectDescription = "This displays the low-level information on containers and images identified by name or ID. By default, this will render all results in a JSON array. If the container and image have the same name, this will return container JSON for unspecified type."
inspectCommand = cli.Command{
Name: "inspect",
- Usage: "Displays the configuration of a container or image",
+ Usage: "Display the configuration of a container or image",
Description: inspectDescription,
Flags: sortFlags(inspectFlags),
Action: inspectCmd,
diff --git a/cmd/podman/pause.go b/cmd/podman/pause.go
index fcb2f3cb8..9da6abf4b 100644
--- a/cmd/podman/pause.go
+++ b/cmd/podman/pause.go
@@ -25,7 +25,7 @@ var (
`
pauseCommand = cli.Command{
Name: "pause",
- Usage: "Pauses all the processes in one or more containers",
+ Usage: "Pause all the processes in one or more containers",
Description: pauseDescription,
Flags: pauseFlags,
Action: pauseCmd,
diff --git a/cmd/podman/ps.go b/cmd/podman/ps.go
index 0ad3f4c73..1708c671c 100644
--- a/cmd/podman/ps.go
+++ b/cmd/podman/ps.go
@@ -606,19 +606,50 @@ func portsToString(ports []ocicni.PortMapping) string {
}
func printFormat(format string, containers []shared.PsContainerOutput) error {
- out := template.New("output")
- out, err := out.Parse(format + "\n")
+ // return immediately if no containers are present
+ if len(containers) == 0 {
+ return nil
+ }
+
+ // Use a tabwriter to align column format
+ w := tabwriter.NewWriter(os.Stdout, 0, 0, 3, ' ', 0)
+
+ // Make a map of the field names for the headers
+ headerNames := make(map[string]string)
+ v := reflect.ValueOf(containers[0])
+ t := v.Type()
+ for i := 0; i < t.NumField(); i++ {
+ headerNames[t.Field(i).Name] = t.Field(i).Name
+ }
+
+ // Spit out the header if "table" is present in the format
+ if strings.HasPrefix(format, "table") {
+ hformat := strings.Replace(strings.TrimSpace(format[5:]), " ", "\t", -1)
+ format = hformat
+ headerTmpl, err := template.New("header").Parse(hformat)
+ if err != nil {
+ return err
+ }
+ if err := headerTmpl.Execute(w, headerNames); err != nil {
+ return err
+ }
+ fmt.Fprintln(w, "")
+ }
+ // Spit out the data rows now
+ dataTmpl, err := template.New("data").Parse(format)
if err != nil {
return err
}
+
for _, container := range containers {
- if err := out.Execute(os.Stdout, container); err != nil {
+ if err := dataTmpl.Execute(w, container); err != nil {
return err
}
-
+ fmt.Fprintln(w, "")
}
- return nil
+ // Flush the writer
+ return w.Flush()
}
func dumpJSON(containers []shared.PsContainerOutput) error {
diff --git a/cmd/podman/rmi.go b/cmd/podman/rmi.go
index fbf860eb2..c904f2f92 100644
--- a/cmd/podman/rmi.go
+++ b/cmd/podman/rmi.go
@@ -24,7 +24,7 @@ var (
}
rmiCommand = cli.Command{
Name: "rmi",
- Usage: "Removes one or more images from local storage",
+ Usage: "Remove one or more images from local storage",
Description: rmiDescription,
Action: rmiCmd,
ArgsUsage: "IMAGE-NAME-OR-ID [...]",
diff --git a/cmd/podman/trust.go b/cmd/podman/trust.go
index 863f36d09..a99be6ba2 100644
--- a/cmd/podman/trust.go
+++ b/cmd/podman/trust.go
@@ -6,6 +6,7 @@ import (
"io/ioutil"
"os"
"sort"
+ "strings"
"github.com/containers/image/types"
"github.com/containers/libpod/cmd/podman/formats"
@@ -13,6 +14,7 @@ import (
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/pkg/trust"
"github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
"github.com/urfave/cli"
)
@@ -103,6 +105,7 @@ func showTrustCmd(c *cli.Context) error {
var (
policyPath string
systemRegistriesDirPath string
+ outjson interface{}
)
if c.IsSet("policypath") {
policyPath = c.String("policypath")
@@ -127,30 +130,26 @@ func showTrustCmd(c *cli.Context) error {
return nil
}
- var policyContentStruct trust.PolicyContent
- if err := json.Unmarshal(policyContent, &policyContentStruct); err != nil {
- return errors.Errorf("could not read trust policies")
- }
- policyJSON, showOutputMap, err := trust.GetPolicy(policyContentStruct, systemRegistriesDirPath)
+ policyContentStruct, err := trust.GetPolicy(policyPath)
if err != nil {
- return errors.Wrapf(err, "error reading registry config file")
+ return errors.Wrapf(err, "could not read trust policies")
}
+
if c.Bool("json") {
- var outjson interface{}
+ policyJSON, err := getPolicyJSON(policyContentStruct, systemRegistriesDirPath)
+ if err != nil {
+ return errors.Wrapf(err, "could not show trust policies in JSON format")
+ }
outjson = policyJSON
out := formats.JSONStruct{Output: outjson}
return formats.Writer(out).Out()
}
- sortedRepos := sortPolicyJSONKey(policyJSON)
- var output []interface{}
- for _, reponame := range sortedRepos {
- showOutput, exists := showOutputMap[reponame]
- if exists {
- output = append(output, interface{}(showOutput))
- }
+ showOutputMap, err := getPolicyShowOutput(policyContentStruct, systemRegistriesDirPath)
+ if err != nil {
+ return errors.Wrapf(err, "could not show trust policies")
}
- out := formats.StdoutTemplateArray{Output: output, Template: "{{.Repo}}\t{{.Trusttype}}\t{{.GPGid}}\t{{.Sigstore}}"}
+ out := formats.StdoutTemplateArray{Output: showOutputMap, Template: "{{.Repo}}\t{{.Trusttype}}\t{{.GPGid}}\t{{.Sigstore}}"}
return formats.Writer(out).Out()
}
@@ -159,7 +158,11 @@ func setTrustCmd(c *cli.Context) error {
if err != nil {
return errors.Wrapf(err, "could not create runtime")
}
-
+ var (
+ policyPath string
+ policyContentStruct trust.PolicyContent
+ newReposContent []trust.RepoContent
+ )
args := c.Args()
if len(args) != 1 {
return errors.Errorf("default or a registry name must be specified")
@@ -182,17 +185,13 @@ func setTrustCmd(c *cli.Context) error {
return errors.Errorf("At least one public key must be defined for type 'signedBy'")
}
- var policyPath string
if c.IsSet("policypath") {
policyPath = c.String("policypath")
} else {
policyPath = trust.DefaultPolicyPath(runtime.SystemContext())
}
- var policyContentStruct trust.PolicyContent
- policyFileExists := false
_, err = os.Stat(policyPath)
if !os.IsNotExist(err) {
- policyFileExists = true
policyContent, err := ioutil.ReadFile(policyPath)
if err != nil {
return errors.Wrapf(err, "unable to read %s", policyPath)
@@ -200,11 +199,7 @@ func setTrustCmd(c *cli.Context) error {
if err := json.Unmarshal(policyContent, &policyContentStruct); err != nil {
return errors.Errorf("could not read trust policies")
}
- if args[0] != "default" && len(policyContentStruct.Default) == 0 {
- return errors.Errorf("Default trust policy must be set.")
- }
}
- var newReposContent []trust.RepoContent
if len(pubkeysfile) != 0 {
for _, filepath := range pubkeysfile {
newReposContent = append(newReposContent, trust.RepoContent{Type: trusttype, KeyType: "GPGKeys", KeyPath: filepath})
@@ -215,8 +210,8 @@ func setTrustCmd(c *cli.Context) error {
if args[0] == "default" {
policyContentStruct.Default = newReposContent
} else {
- if policyFileExists == false && len(policyContentStruct.Default) == 0 {
- return errors.Errorf("Default trust policy must be set to create the policy file.")
+ if len(policyContentStruct.Default) == 0 {
+ return errors.Errorf("Default trust policy must be set.")
}
registryExists := false
for transport, transportval := range policyContentStruct.Transports {
@@ -248,7 +243,7 @@ func setTrustCmd(c *cli.Context) error {
return nil
}
-func sortPolicyJSONKey(m map[string]map[string]interface{}) []string {
+func sortShowOutputMapKey(m map[string]trust.ShowOutput) []string {
keys := make([]string, len(m))
i := 0
for k := range m {
@@ -269,3 +264,106 @@ func isValidTrustType(t string) bool {
func getDefaultPolicyPath() string {
return trust.DefaultPolicyPath(&types.SystemContext{})
}
+
+func getPolicyJSON(policyContentStruct trust.PolicyContent, systemRegistriesDirPath string) (map[string]map[string]interface{}, error) {
+ registryConfigs, err := trust.LoadAndMergeConfig(systemRegistriesDirPath)
+ if err != nil {
+ return nil, err
+ }
+
+ policyJSON := make(map[string]map[string]interface{})
+ if len(policyContentStruct.Default) > 0 {
+ policyJSON["* (default)"] = make(map[string]interface{})
+ policyJSON["* (default)"]["type"] = policyContentStruct.Default[0].Type
+ }
+ for transname, transval := range policyContentStruct.Transports {
+ for repo, repoval := range transval {
+ policyJSON[repo] = make(map[string]interface{})
+ policyJSON[repo]["type"] = repoval[0].Type
+ policyJSON[repo]["transport"] = transname
+ keyarr := []string{}
+ uids := []string{}
+ for _, repoele := range repoval {
+ if len(repoele.KeyPath) > 0 {
+ keyarr = append(keyarr, repoele.KeyPath)
+ uids = append(uids, trust.GetGPGIdFromKeyPath(repoele.KeyPath)...)
+ }
+ if len(repoele.KeyData) > 0 {
+ keyarr = append(keyarr, string(repoele.KeyData))
+ uids = append(uids, trust.GetGPGIdFromKeyData(string(repoele.KeyData))...)
+ }
+ }
+ policyJSON[repo]["keys"] = keyarr
+ policyJSON[repo]["sigstore"] = ""
+ registryNamespace := trust.HaveMatchRegistry(repo, registryConfigs)
+ if registryNamespace != nil {
+ policyJSON[repo]["sigstore"] = registryNamespace.SigStore
+ }
+ }
+ }
+ return policyJSON, nil
+}
+
+var typeDescription = map[string]string{"insecureAcceptAnything": "accept", "signedBy": "signed", "reject": "reject"}
+
+func trustTypeDescription(trustType string) string {
+ trustDescription, exist := typeDescription[trustType]
+ if !exist {
+ logrus.Warnf("invalid trust type %s", trustType)
+ }
+ return trustDescription
+}
+
+func getPolicyShowOutput(policyContentStruct trust.PolicyContent, systemRegistriesDirPath string) ([]interface{}, error) {
+ var output []interface{}
+
+ registryConfigs, err := trust.LoadAndMergeConfig(systemRegistriesDirPath)
+ if err != nil {
+ return nil, err
+ }
+
+ trustShowOutputMap := make(map[string]trust.ShowOutput)
+ if len(policyContentStruct.Default) > 0 {
+ defaultPolicyStruct := trust.ShowOutput{
+ Repo: "default",
+ Trusttype: trustTypeDescription(policyContentStruct.Default[0].Type),
+ }
+ trustShowOutputMap["* (default)"] = defaultPolicyStruct
+ }
+ for _, transval := range policyContentStruct.Transports {
+ for repo, repoval := range transval {
+ tempTrustShowOutput := trust.ShowOutput{
+ Repo: repo,
+ Trusttype: repoval[0].Type,
+ }
+ keyarr := []string{}
+ uids := []string{}
+ for _, repoele := range repoval {
+ if len(repoele.KeyPath) > 0 {
+ keyarr = append(keyarr, repoele.KeyPath)
+ uids = append(uids, trust.GetGPGIdFromKeyPath(repoele.KeyPath)...)
+ }
+ if len(repoele.KeyData) > 0 {
+ keyarr = append(keyarr, string(repoele.KeyData))
+ uids = append(uids, trust.GetGPGIdFromKeyData(string(repoele.KeyData))...)
+ }
+ }
+ tempTrustShowOutput.GPGid = strings.Join(uids, ", ")
+
+ registryNamespace := trust.HaveMatchRegistry(repo, registryConfigs)
+ if registryNamespace != nil {
+ tempTrustShowOutput.Sigstore = registryNamespace.SigStore
+ }
+ trustShowOutputMap[repo] = tempTrustShowOutput
+ }
+ }
+
+ sortedRepos := sortShowOutputMapKey(trustShowOutputMap)
+ for _, reponame := range sortedRepos {
+ showOutput, exists := trustShowOutputMap[reponame]
+ if exists {
+ output = append(output, interface{}(showOutput))
+ }
+ }
+ return output, nil
+}
diff --git a/cmd/podman/umount.go b/cmd/podman/umount.go
index 7c9b5897b..42f169228 100644
--- a/cmd/podman/umount.go
+++ b/cmd/podman/umount.go
@@ -34,7 +34,7 @@ An unmount can be forced with the --force flag.
umountCommand = cli.Command{
Name: "umount",
Aliases: []string{"unmount"},
- Usage: "Unmounts working container's root filesystem",
+ Usage: "Unmount working container's root filesystem",
Description: description,
Flags: sortFlags(umountFlags),
Action: umountCmd,
diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink
index 86c3eb7ff..8b02057a1 100644
--- a/cmd/podman/varlink/io.podman.varlink
+++ b/cmd/podman/varlink/io.podman.varlink
@@ -987,17 +987,15 @@ method ContainerRunlabel(runlabel: Runlabel) -> ()
# of strings
# #### Example
# ~~~
-# $ varlink call -m unix:/run/podman/io.podman/io.podman.ListContainerMounts
+# $ varlink call unix:/run/podman/io.podman/io.podman.ListContainerMounts
# {
-# "mounts": [
-# "/var/lib/containers/storage/overlay/b215fb622c65ba3b06c6d2341be80b76a9de7ae415ce419e65228873d4f0dcc8/merged",
-# "/var/lib/containers/storage/overlay/5eaf806073f79c0ed9a695180ad598e34f963f7407da1d2ccf3560bdab49b26f/merged",
-# "/var/lib/containers/storage/overlay/1ecb6b1dbb251737c7a24a31869096839c3719d8b250bf075f75172ddcc701e1/merged",
-# "/var/lib/containers/storage/overlay/7137b28a3c422165fe920cba851f2f8da271c6b5908672c451ebda03ad3919e2/merged"
-# ]
+# "mounts": {
+# "04e4c255269ed2545e7f8bd1395a75f7949c50c223415c00c1d54bfa20f3b3d9": "/var/lib/containers/storage/overlay/a078925828f57e20467ca31cfca8a849210d21ec7e5757332b72b6924f441c17/merged",
+# "1d58c319f9e881a644a5122ff84419dccf6d138f744469281446ab243ef38924": "/var/lib/containers/storage/overlay/948fcf93f8cb932f0f03fd52e3180a58627d547192ffe3b88e0013b98ddcd0d2/merged"
+# }
# }
# ~~~
-method ListContainerMounts() -> (mounts: []string)
+method ListContainerMounts() -> (mounts: [string]string)
# MountContainer mounts a container by name or full/partial ID. Upon a successful mount, the destination
# mount is returned as a string.
@@ -1019,7 +1017,7 @@ method UnmountContainer(name: string, force: bool) -> ()
# ImagesPrune removes all unused images from the local store. Upon successful pruning,
# the IDs of the removed images are returned.
-method ImagesPrune() -> (pruned: []string)
+method ImagesPrune(all: bool) -> (pruned: []string)
# This function is not implemented yet.
method ListContainerPorts(name: string) -> (notimplemented: NotImplemented)
diff --git a/cmd/podman/version.go b/cmd/podman/version.go
index fd7f06b7c..ce773ee2e 100644
--- a/cmd/podman/version.go
+++ b/cmd/podman/version.go
@@ -57,7 +57,7 @@ var (
}
versionFlags = []cli.Flag{
cli.StringFlag{
- Name: "format",
+ Name: "format, f",
Usage: "Change the output format to JSON or a Go template",
},
}