3 files changed, 133 insertions, 3 deletions

diff --git a/cmd/podman/common/netflags.go b/cmd/podman/common/netflags.go
index 1a47733e7..a439eb792 100644
--- a/cmd/podman/common/netflags.go
+++ b/cmd/podman/common/netflags.go
@@ -5,6 +5,7 @@ import (
 
 	"github.com/containers/libpod/cmd/podman/parse"
 	"github.com/containers/libpod/pkg/domain/entities"
+	"github.com/containers/libpod/pkg/specgen"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
@@ -159,9 +160,13 @@ func NetFlagsToNetOptions(cmd *cobra.Command) (*entities.NetOptions, error) {
 			return nil, err
 		}
 
-		return nil, errors.Errorf("network %s is not yet supported", network)
-		// TODO How do I convert a string network to a Specgen.Namespace?
-		//		opts.Network = specgen.Namespace{NSMode: network}
+		ns, cniNets, err := specgen.ParseNetworkNamespace(network)
+		if err != nil {
+			return nil, err
+		}
+
+		opts.Network = ns
+		opts.CNINetworks = cniNets
 	}
 
 	return &opts, err
diff --git a/cmd/podman/login.go b/cmd/podman/login.go
new file mode 100644
index 000000000..1843a764d
--- /dev/null
+++ b/cmd/podman/login.go
@@ -0,0 +1,68 @@
+package main
+
+import (
+	"context"
+	"os"
+
+	"github.com/containers/common/pkg/auth"
+	"github.com/containers/image/v5/types"
+	"github.com/containers/libpod/cmd/podman/registry"
+	"github.com/containers/libpod/pkg/domain/entities"
+	"github.com/spf13/cobra"
+)
+
+type loginOptionsWrapper struct {
+	auth.LoginOptions
+	tlsVerify bool
+}
+
+var (
+	loginOptions = loginOptionsWrapper{}
+	loginCommand = &cobra.Command{
+		Use:   "login [flags] REGISTRY",
+		Short: "Login to a container registry",
+		Long:  "Login to a container registry on a specified server.",
+		RunE:  login,
+		Args:  cobra.ExactArgs(1),
+		Example: `podman login quay.io
+  podman login --username ... --password ... quay.io
+  podman login --authfile dir/auth.json quay.io`,
+	}
+)
+
+func init() {
+	// Note that the local and the remote client behave the same: both
+	// store credentials locally while the remote client will pass them
+	// over the wire to the endpoint.
+	registry.Commands = append(registry.Commands, registry.CliCommand{
+		Mode:    []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+		Command: loginCommand,
+	})
+	flags := loginCommand.Flags()
+
+	// Flags from the auth package.
+	flags.AddFlagSet(auth.GetLoginFlags(&loginOptions.LoginOptions))
+
+	// Podman flags.
+	flags.BoolVarP(&loginOptions.tlsVerify, "tls-verify", "", false, "Require HTTPS and verify certificates when contacting registries")
+	flags.BoolVarP(&loginOptions.GetLoginSet, "get-login", "", false, "Return the current login user for the registry")
+	loginOptions.Stdin = os.Stdin
+	loginOptions.Stdout = os.Stdout
+}
+
+// Implementation of podman-login.
+func login(cmd *cobra.Command, args []string) error {
+	var skipTLS types.OptionalBool
+
+	if cmd.Flags().Changed("tls-verify") {
+		skipTLS = types.NewOptionalBool(!loginOptions.tlsVerify)
+	}
+
+	sysCtx := types.SystemContext{
+		AuthFilePath:                loginOptions.AuthFile,
+		DockerCertPath:              loginOptions.CertDir,
+		DockerInsecureSkipTLSVerify: skipTLS,
+	}
+
+	return auth.Login(context.Background(), &sysCtx, &loginOptions.LoginOptions, args[0])
+}
diff --git a/cmd/podman/logout.go b/cmd/podman/logout.go
new file mode 100644
index 000000000..77bdc92b4
--- /dev/null
+++ b/cmd/podman/logout.go
@@ -0,0 +1,57 @@
+package main
+
+import (
+	"os"
+
+	"github.com/containers/common/pkg/auth"
+	"github.com/containers/image/v5/types"
+	"github.com/containers/libpod/cmd/podman/registry"
+	"github.com/containers/libpod/pkg/domain/entities"
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+)
+
+var (
+	logoutOptions = auth.LogoutOptions{}
+	logoutCommand = &cobra.Command{
+		Use:   "logout [flags] REGISTRY",
+		Short: "Logout of a container registry",
+		Long:  "Remove the cached username and password for the registry.",
+		RunE:  logout,
+		Args:  cobra.MaximumNArgs(1),
+		Example: `podman logout quay.io
+  podman logout --authfile dir/auth.json quay.io
+  podman logout --all`,
+	}
+)
+
+func init() {
+	// Note that the local and the remote client behave the same: both
+	// store credentials locally while the remote client will pass them
+	// over the wire to the endpoint.
+	registry.Commands = append(registry.Commands, registry.CliCommand{
+		Mode:    []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+		Command: logoutCommand,
+	})
+	flags := logoutCommand.Flags()
+
+	// Flags from the auth package.
+	flags.AddFlagSet(auth.GetLogoutFlags(&logoutOptions))
+	logoutOptions.Stdin = os.Stdin
+	logoutOptions.Stdout = os.Stdout
+}
+
+// Implementation of podman-logout.
+func logout(cmd *cobra.Command, args []string) error {
+	sysCtx := types.SystemContext{AuthFilePath: logoutOptions.AuthFile}
+
+	registry := ""
+	if len(args) > 0 {
+		if logoutOptions.All {
+			return errors.New("--all takes no arguments")
+		}
+		registry = args[0]
+	}
+
+	return auth.Logout(&sysCtx, &logoutOptions, registry)
+}