aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/common/create.go9
-rw-r--r--cmd/podman/common/create_opts.go1
-rw-r--r--cmd/podman/containers/create.go6
-rw-r--r--cmd/podman/containers/run.go2
-rw-r--r--cmd/podman/root.go12
-rw-r--r--cmd/podman/volumes/export.go96
6 files changed, 123 insertions, 3 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 602ad5d94..401cf2e09 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -544,6 +544,15 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
)
_ = cmd.RegisterFlagCompletionFunc(podIDFileFlagName, completion.AutocompleteDefault)
+ // Flag for TLS verification, so that `run` and `create` commands can make use of it.
+ // Make sure to use `=` while using this flag i.e `--tls-verify=false/true`
+ tlsVerifyFlagName := "tls-verify"
+ createFlags.BoolVar(
+ &cf.TLSVerify,
+ tlsVerifyFlagName, true,
+ "Require HTTPS and verify certificates when contacting registries for pulling images",
+ )
+
createFlags.BoolVar(
&cf.Privileged,
"privileged", false,
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index 0fdf3ce08..e046e5a19 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -112,6 +112,7 @@ type ContainerCLIOpts struct {
Sysctl []string
Systemd string
Timeout uint
+ TLSVerify bool
TmpFS []string
TTY bool
Timezone string
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index a57488af2..7583a024e 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -10,6 +10,7 @@ import (
"github.com/containers/common/pkg/completion"
"github.com/containers/common/pkg/config"
"github.com/containers/image/v5/transports/alltransports"
+ "github.com/containers/image/v5/types"
"github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/cmd/podman/utils"
@@ -96,7 +97,7 @@ func create(cmd *cobra.Command, args []string) error {
var (
err error
)
- cliVals.Net, err = common.NetFlagsToNetOptions(cmd, cliVals.Pod == "")
+ cliVals.Net, err = common.NetFlagsToNetOptions(cmd, cliVals.Pod == "" && cliVals.PodIDFile == "")
if err != nil {
return err
}
@@ -261,7 +262,7 @@ func createInit(c *cobra.Command) error {
}
func pullImage(imageName string) (string, error) {
- pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull)
+ pullPolicy, err := config.ParsePullPolicy(cliVals.Pull)
if err != nil {
return "", err
}
@@ -287,6 +288,7 @@ func pullImage(imageName string) (string, error) {
Variant: cliVals.Variant,
SignaturePolicy: cliVals.SignaturePolicy,
PullPolicy: pullPolicy,
+ SkipTLSVerify: types.NewOptionalBool(!cliVals.TLSVerify), // If Flag changed for TLS Verification
})
if pullErr != nil {
return "", pullErr
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index 579af4eb1..830d1de7f 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -106,7 +106,7 @@ func init() {
func run(cmd *cobra.Command, args []string) error {
var err error
- cliVals.Net, err = common.NetFlagsToNetOptions(cmd, cliVals.Pod == "")
+ cliVals.Net, err = common.NetFlagsToNetOptions(cmd, cliVals.Pod == "" && cliVals.PodIDFile == "")
if err != nil {
return err
}
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index 1275f5631..371ded9a8 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -6,6 +6,7 @@ import (
"path/filepath"
"runtime"
"runtime/pprof"
+ "strconv"
"strings"
"github.com/containers/common/pkg/completion"
@@ -194,6 +195,17 @@ func persistentPreRunE(cmd *cobra.Command, args []string) error {
return err
}
}
+ if cmd.Flag("memory-profile").Changed {
+ // Same value as the default in github.com/pkg/profile.
+ runtime.MemProfileRate = 4096
+ if rate := os.Getenv("MemProfileRate"); rate != "" {
+ r, err := strconv.Atoi(rate)
+ if err != nil {
+ return err
+ }
+ runtime.MemProfileRate = r
+ }
+ }
if cfg.MaxWorks <= 0 {
return errors.Errorf("maximum workers must be set to a positive number (got %d)", cfg.MaxWorks)
diff --git a/cmd/podman/volumes/export.go b/cmd/podman/volumes/export.go
new file mode 100644
index 000000000..9e4fecdfa
--- /dev/null
+++ b/cmd/podman/volumes/export.go
@@ -0,0 +1,96 @@
+package volumes
+
+import (
+ "context"
+ "fmt"
+
+ "github.com/containers/common/pkg/completion"
+ "github.com/containers/podman/v3/cmd/podman/common"
+ "github.com/containers/podman/v3/cmd/podman/inspect"
+ "github.com/containers/podman/v3/cmd/podman/registry"
+ "github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/utils"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+)
+
+var (
+ volumeExportDescription = `
+podman volume export
+
+Allow content of volume to be exported into external tar.`
+ exportCommand = &cobra.Command{
+ Annotations: map[string]string{registry.EngineMode: registry.ABIMode},
+ Use: "export [options] VOLUME",
+ Short: "Export volumes",
+ Args: cobra.ExactArgs(1),
+ Long: volumeExportDescription,
+ RunE: export,
+ ValidArgsFunction: common.AutocompleteVolumes,
+ }
+)
+
+var (
+ // Temporary struct to hold cli values.
+ cliExportOpts = struct {
+ Output string
+ }{}
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Command: exportCommand,
+ Parent: volumeCmd,
+ })
+ flags := exportCommand.Flags()
+
+ outputFlagName := "output"
+ flags.StringVarP(&cliExportOpts.Output, outputFlagName, "o", "/dev/stdout", "Write to a specified file (default: stdout, which must be redirected)")
+ _ = exportCommand.RegisterFlagCompletionFunc(outputFlagName, completion.AutocompleteDefault)
+}
+
+func export(cmd *cobra.Command, args []string) error {
+ var inspectOpts entities.InspectOptions
+ containerEngine := registry.ContainerEngine()
+ ctx := context.Background()
+
+ if cliExportOpts.Output == "" {
+ return errors.New("expects output path, use --output=[path]")
+ }
+ inspectOpts.Type = inspect.VolumeType
+ volumeData, _, err := containerEngine.VolumeInspect(ctx, args, inspectOpts)
+ if err != nil {
+ return err
+ }
+ if len(volumeData) < 1 {
+ return errors.New("no volume data found")
+ }
+ mountPoint := volumeData[0].VolumeConfigResponse.Mountpoint
+ driver := volumeData[0].VolumeConfigResponse.Driver
+ volumeOptions := volumeData[0].VolumeConfigResponse.Options
+ volumeMountStatus, err := containerEngine.VolumeMounted(ctx, args[0])
+ if err != nil {
+ return err
+ }
+ if mountPoint == "" {
+ return errors.New("volume is not mounted anywhere on host")
+ }
+ // Check if volume is using external plugin and export only if volume is mounted
+ if driver != "" && driver != "local" {
+ if !volumeMountStatus.Value {
+ return fmt.Errorf("volume is using a driver %s and volume is not mounted on %s", driver, mountPoint)
+ }
+ }
+ // Check if volume is using `local` driver and has mount options type other than tmpfs
+ if driver == "local" {
+ if mountOptionType, ok := volumeOptions["type"]; ok {
+ if mountOptionType != "tmpfs" && !volumeMountStatus.Value {
+ return fmt.Errorf("volume is using a driver %s and volume is not mounted on %s", driver, mountPoint)
+ }
+ }
+ }
+ logrus.Debugf("Exporting volume data from %s to %s", mountPoint, cliExportOpts.Output)
+ err = utils.CreateTarFromSrc(mountPoint, cliExportOpts.Output)
+ return err
+}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-17 17:23:14 +0000