aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/common/completion.go9
-rw-r--r--cmd/podman/common/sign.go4
-rw-r--r--cmd/podman/containers/checkpoint.go15
-rw-r--r--cmd/podman/containers/cleanup.go17
-rw-r--r--cmd/podman/containers/create.go16
-rw-r--r--cmd/podman/containers/init.go9
-rw-r--r--cmd/podman/containers/pause.go9
-rw-r--r--cmd/podman/containers/restore.go15
-rw-r--r--cmd/podman/containers/start.go39
-rw-r--r--cmd/podman/containers/stop.go9
-rw-r--r--cmd/podman/containers/unpause.go9
-rw-r--r--cmd/podman/images/build.go26
-rw-r--r--cmd/podman/images/rm.go1
-rw-r--r--cmd/podman/images/scp.go9
-rw-r--r--cmd/podman/machine/platform.go2
-rw-r--r--cmd/podman/root.go5
-rw-r--r--cmd/podman/system/connection/add.go87
17 files changed, 147 insertions, 134 deletions
diff --git a/cmd/podman/common/completion.go b/cmd/podman/common/completion.go
index 02369c74a..71c62a7af 100644
--- a/cmd/podman/common/completion.go
+++ b/cmd/podman/common/completion.go
@@ -13,6 +13,7 @@ import (
libimageDefine "github.com/containers/common/libimage/define"
"github.com/containers/common/libnetwork/types"
"github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/ssh"
"github.com/containers/image/v5/pkg/sysregistriesv2"
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/containers/podman/v4/libpod/define"
@@ -1628,3 +1629,11 @@ func AutocompleteClone(cmd *cobra.Command, args []string, toComplete string) ([]
}
return nil, cobra.ShellCompDirectiveNoFileComp
}
+
+// AutocompleteSSH - Autocomplete ssh modes
+func AutocompleteSSH(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+ if !validCurrentCmdLine(cmd, args, toComplete) {
+ return nil, cobra.ShellCompDirectiveNoFileComp
+ }
+ return []string{string(ssh.GolangMode), string(ssh.NativeMode)}, cobra.ShellCompDirectiveNoFileComp
+}
diff --git a/cmd/podman/common/sign.go b/cmd/podman/common/sign.go
index e8a90ed57..dc0d3ff5d 100644
--- a/cmd/podman/common/sign.go
+++ b/cmd/podman/common/sign.go
@@ -3,9 +3,9 @@ package common
import (
"fmt"
+ "github.com/containers/common/pkg/ssh"
"github.com/containers/image/v5/pkg/cli"
"github.com/containers/podman/v4/pkg/domain/entities"
- "github.com/containers/podman/v4/pkg/terminal"
)
// PrepareSigningPassphrase updates pushOpts.SignPassphrase and SignSigstorePrivateKeyPassphrase based on a --sign-passphrase-file value signPassphraseFile,
@@ -27,7 +27,7 @@ func PrepareSigningPassphrase(pushOpts *entities.ImagePushOptions, signPassphras
}
passphrase = p
} else if pushOpts.SignBySigstorePrivateKeyFile != "" {
- p := terminal.ReadPassphrase()
+ p := ssh.ReadPassphrase()
passphrase = string(p)
} // pushOpts.SignBy triggers a GPG-agent passphrase prompt, possibly using a more secure channel, so we usually shouldn’t prompt ourselves if no passphrase was explicitly provided.
pushOpts.SignPassphrase = passphrase
diff --git a/cmd/podman/containers/checkpoint.go b/cmd/podman/containers/checkpoint.go
index 0eb0db394..4350e5586 100644
--- a/cmd/podman/containers/checkpoint.go
+++ b/cmd/podman/containers/checkpoint.go
@@ -130,14 +130,15 @@ func checkpoint(cmd *cobra.Command, args []string) error {
var statistics checkpointStatistics
for _, r := range responses {
- if r.Err == nil {
- if checkpointOptions.PrintStats {
- statistics.ContainerStatistics = append(statistics.ContainerStatistics, r)
- } else {
- fmt.Println(r.Id)
- }
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case checkpointOptions.PrintStats:
+ statistics.ContainerStatistics = append(statistics.ContainerStatistics, r)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
diff --git a/cmd/podman/containers/cleanup.go b/cmd/podman/containers/cleanup.go
index c9a5cb28b..6abc5df19 100644
--- a/cmd/podman/containers/cleanup.go
+++ b/cmd/podman/containers/cleanup.go
@@ -84,21 +84,20 @@ func cleanup(cmd *cobra.Command, args []string) error {
return err
}
for _, r := range responses {
- if r.CleanErr == nil && r.RmErr == nil && r.RmiErr == nil {
- fmt.Println(r.Id)
- continue
- }
- if r.RmErr != nil {
+ switch {
+ case r.RmErr != nil:
logrus.Errorf("Removing container: %v", r.RmErr)
errs = append(errs, r.RmErr)
- }
- if r.RmiErr != nil {
+ case r.RmiErr != nil:
logrus.Errorf("Removing image: %v", r.RmiErr)
errs = append(errs, r.RmiErr)
- }
- if r.CleanErr != nil {
+ case r.CleanErr != nil:
logrus.Errorf("Cleaning up container: %v", r.CleanErr)
errs = append(errs, r.CleanErr)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
return errs.PrintErrors()
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 7d0f4d9ae..455127fd7 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -192,16 +192,14 @@ func replaceContainer(name string) error {
}
func CreateInit(c *cobra.Command, vals entities.ContainerCreateOptions, isInfra bool) (entities.ContainerCreateOptions, error) {
- vals.UserNS = c.Flag("userns").Value.String()
- // if user did not modify --userns flag and did turn on
- // uid/gid mappings, set userns flag to "private"
- if !c.Flag("userns").Changed && vals.UserNS == "host" {
- if len(vals.UIDMap) > 0 ||
- len(vals.GIDMap) > 0 ||
- vals.SubUIDName != "" ||
- vals.SubGIDName != "" {
- vals.UserNS = "private"
+ if len(vals.UIDMap) > 0 || len(vals.GIDMap) > 0 || vals.SubUIDName != "" || vals.SubGIDName != "" {
+ if c.Flag("userns").Changed {
+ return vals, errors.New("--userns and --uidmap/--gidmap/--subuidname/--subgidname are mutually exclusive")
}
+ // force userns flag to "private"
+ vals.UserNS = "private"
+ } else {
+ vals.UserNS = c.Flag("userns").Value.String()
}
if c.Flag("kernel-memory") != nil && c.Flag("kernel-memory").Changed {
logrus.Warnf("The --kernel-memory flag is no longer supported. This flag is a noop.")
diff --git a/cmd/podman/containers/init.go b/cmd/podman/containers/init.go
index 649cdf1c9..8f53dca45 100644
--- a/cmd/podman/containers/init.go
+++ b/cmd/podman/containers/init.go
@@ -74,10 +74,13 @@ func initContainer(cmd *cobra.Command, args []string) error {
return err
}
for _, r := range report {
- if r.Err == nil {
- fmt.Println(r.Id)
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
return errs.PrintErrors()
diff --git a/cmd/podman/containers/pause.go b/cmd/podman/containers/pause.go
index 53aa423ac..38c4f45aa 100644
--- a/cmd/podman/containers/pause.go
+++ b/cmd/podman/containers/pause.go
@@ -113,10 +113,13 @@ func pause(cmd *cobra.Command, args []string) error {
return err
}
for _, r := range responses {
- if r.Err == nil {
- fmt.Println(r.RawInput)
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
return errs.PrintErrors()
diff --git a/cmd/podman/containers/restore.go b/cmd/podman/containers/restore.go
index 6106f2bed..ee01e19b8 100644
--- a/cmd/podman/containers/restore.go
+++ b/cmd/podman/containers/restore.go
@@ -193,14 +193,15 @@ func restore(cmd *cobra.Command, args []string) error {
var statistics restoreStatistics
for _, r := range responses {
- if r.Err == nil {
- if restoreOptions.PrintStats {
- statistics.ContainerStatistics = append(statistics.ContainerStatistics, r)
- } else {
- fmt.Println(r.Id)
- }
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case restoreOptions.PrintStats:
+ statistics.ContainerStatistics = append(statistics.ContainerStatistics, r)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go
index cd4fa17b8..061f0953d 100644
--- a/cmd/podman/containers/start.go
+++ b/cmd/podman/containers/start.go
@@ -59,8 +59,10 @@ func startFlags(cmd *cobra.Command) {
flags.BoolVarP(&startOptions.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached")
flags.BoolVar(&startOptions.SigProxy, "sig-proxy", false, "Proxy received signals to the process (default true if attaching, false otherwise)")
- flags.StringSliceVarP(&filters, "filter", "f", []string{}, "Filter output based on conditions given")
- _ = cmd.RegisterFlagCompletionFunc("filter", common.AutocompletePsFilters)
+
+ filterFlagName := "filter"
+ flags.StringSliceVarP(&filters, filterFlagName, "f", []string{}, "Filter output based on conditions given")
+ _ = cmd.RegisterFlagCompletionFunc(filterFlagName, common.AutocompletePsFilters)
flags.BoolVar(&startOptions.All, "all", false, "Start all containers regardless of their state or configuration")
@@ -84,7 +86,7 @@ func init() {
}
func validateStart(cmd *cobra.Command, args []string) error {
- if len(args) == 0 && !startOptions.Latest && !startOptions.All {
+ if len(args) == 0 && !startOptions.Latest && !startOptions.All && len(filters) < 1 {
return errors.New("start requires at least one argument")
}
if startOptions.All && startOptions.Latest {
@@ -123,33 +125,30 @@ func start(cmd *cobra.Command, args []string) error {
}
containers := args
- if len(filters) > 0 {
- for _, f := range filters {
- split := strings.SplitN(f, "=", 2)
- if len(split) == 1 {
- return fmt.Errorf("invalid filter %q", f)
- }
- startOptions.Filters[split[0]] = append(startOptions.Filters[split[0]], split[1])
+ for _, f := range filters {
+ split := strings.SplitN(f, "=", 2)
+ if len(split) < 2 {
+ return fmt.Errorf("invalid filter %q", f)
}
+ startOptions.Filters[split[0]] = append(startOptions.Filters[split[0]], split[1])
}
responses, err := registry.ContainerEngine().ContainerStart(registry.GetContext(), containers, startOptions)
if err != nil {
return err
}
-
for _, r := range responses {
- if r.Err == nil {
- if startOptions.Attach {
- // Implement the exitcode when the only one container is enabled attach
- registry.SetExitCode(r.ExitCode)
- } else {
- fmt.Println(r.RawInput)
- }
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case startOptions.Attach:
+ // Implement the exitcode when the only one container is enabled attach
+ registry.SetExitCode(r.ExitCode)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
-
return errs.PrintErrors()
}
diff --git a/cmd/podman/containers/stop.go b/cmd/podman/containers/stop.go
index b0f449266..7e31aa7d5 100644
--- a/cmd/podman/containers/stop.go
+++ b/cmd/podman/containers/stop.go
@@ -126,10 +126,13 @@ func stop(cmd *cobra.Command, args []string) error {
return err
}
for _, r := range responses {
- if r.Err == nil {
- fmt.Println(r.RawInput)
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
return errs.PrintErrors()
diff --git a/cmd/podman/containers/unpause.go b/cmd/podman/containers/unpause.go
index 4282e490e..617c0e3a4 100644
--- a/cmd/podman/containers/unpause.go
+++ b/cmd/podman/containers/unpause.go
@@ -121,10 +121,13 @@ func unpause(cmd *cobra.Command, args []string) error {
}
for _, r := range responses {
- if r.Err == nil {
- fmt.Println(r.RawInput)
- } else {
+ switch {
+ case r.Err != nil:
errs = append(errs, r.Err)
+ case r.RawInput != "":
+ fmt.Println(r.RawInput)
+ default:
+ fmt.Println(r.Id)
}
}
return errs.PrintErrors()
diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go
index 9f1b86eb4..837b233f4 100644
--- a/cmd/podman/images/build.go
+++ b/cmd/podman/images/build.go
@@ -18,6 +18,7 @@ import (
"github.com/containers/common/pkg/auth"
"github.com/containers/common/pkg/completion"
"github.com/containers/common/pkg/config"
+ "github.com/containers/image/v5/docker/reference"
encconfig "github.com/containers/ocicrypt/config"
enchelpers "github.com/containers/ocicrypt/helpers"
"github.com/containers/podman/v4/cmd/podman/common"
@@ -184,7 +185,6 @@ func buildFlags(cmd *cobra.Command) {
flags.SetNormalizeFunc(buildahCLI.AliasFlags)
if registry.IsRemote() {
_ = flags.MarkHidden("disable-content-trust")
- _ = flags.MarkHidden("cache-from")
_ = flags.MarkHidden("sign-by")
_ = flags.MarkHidden("signature-policy")
_ = flags.MarkHidden("tls-verify")
@@ -519,6 +519,27 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
}
}
}
+ var cacheTo reference.Named
+ var cacheFrom reference.Named
+ if c.Flag("cache-to").Changed {
+ cacheTo, err = parse.RepoNameToNamedReference(flags.CacheTo)
+ if err != nil {
+ return nil, fmt.Errorf("unable to parse value provided `%s` to --cache-to: %w", flags.CacheTo, err)
+ }
+ }
+ if c.Flag("cache-from").Changed {
+ cacheFrom, err = parse.RepoNameToNamedReference(flags.CacheFrom)
+ if err != nil {
+ return nil, fmt.Errorf("unable to parse value provided `%s` to --cache-from: %w", flags.CacheTo, err)
+ }
+ }
+ var cacheTTL time.Duration
+ if c.Flag("cache-ttl").Changed {
+ cacheTTL, err = time.ParseDuration(flags.CacheTTL)
+ if err != nil {
+ return nil, fmt.Errorf("unable to parse value provided %q as --cache-ttl: %w", flags.CacheTTL, err)
+ }
+ }
opts := buildahDefine.BuildOptions{
AddCapabilities: flags.CapAdd,
@@ -529,6 +550,9 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
Args: args,
BlobDirectory: flags.BlobCache,
BuildOutput: flags.BuildOutput,
+ CacheFrom: cacheFrom,
+ CacheTo: cacheTo,
+ CacheTTL: cacheTTL,
CommonBuildOpts: commonOpts,
Compression: compression,
ConfigureNetwork: networkPolicy,
diff --git a/cmd/podman/images/rm.go b/cmd/podman/images/rm.go
index d3fd17440..4e4b001ad 100644
--- a/cmd/podman/images/rm.go
+++ b/cmd/podman/images/rm.go
@@ -61,6 +61,7 @@ func imageRemoveFlagSet(flags *pflag.FlagSet) {
flags.BoolVarP(&imageOpts.All, "all", "a", false, "Remove all images")
flags.BoolVarP(&imageOpts.Ignore, "ignore", "i", false, "Ignore errors if a specified image does not exist")
flags.BoolVarP(&imageOpts.Force, "force", "f", false, "Force Removal of the image")
+ flags.BoolVar(&imageOpts.NoPrune, "no-prune", false, "Do not remove dangling images")
}
func rm(cmd *cobra.Command, args []string) error {
diff --git a/cmd/podman/images/scp.go b/cmd/podman/images/scp.go
index a7aa43e61..18899d251 100644
--- a/cmd/podman/images/scp.go
+++ b/cmd/podman/images/scp.go
@@ -4,6 +4,7 @@ import (
"os"
"strings"
+ "github.com/containers/common/pkg/ssh"
"github.com/containers/podman/v4/cmd/podman/common"
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/spf13/cobra"
@@ -48,6 +49,11 @@ func scp(cmd *cobra.Command, args []string) (finalErr error) {
var (
err error
)
+
+ containerConfig := registry.PodmanConfig()
+
+ sshType := containerConfig.SSHMode
+
for i, val := range os.Args {
if val == "image" {
break
@@ -67,7 +73,8 @@ func scp(cmd *cobra.Command, args []string) (finalErr error) {
dst = args[1]
}
- err = registry.ImageEngine().Scp(registry.Context(), src, dst, parentFlags, quiet)
+ sshEngine := ssh.DefineMode(sshType)
+ err = registry.ImageEngine().Scp(registry.Context(), src, dst, parentFlags, quiet, sshEngine)
if err != nil {
return err
}
diff --git a/cmd/podman/machine/platform.go b/cmd/podman/machine/platform.go
index 5ba649a48..3a7e56ac7 100644
--- a/cmd/podman/machine/platform.go
+++ b/cmd/podman/machine/platform.go
@@ -9,5 +9,5 @@ import (
)
func GetSystemDefaultProvider() machine.Provider {
- return qemu.GetQemuProvider()
+ return qemu.GetVirtualizationProvider()
}
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index 48f8470be..3637b2674 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/common/pkg/completion"
"github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/ssh"
"github.com/containers/podman/v4/cmd/podman/common"
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/containers/podman/v4/cmd/podman/validate"
@@ -338,6 +339,10 @@ func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
lFlags := cmd.Flags()
+ sshFlagName := "ssh"
+ lFlags.StringVar(&opts.SSHMode, sshFlagName, string(ssh.GolangMode), "define the ssh mode")
+ _ = cmd.RegisterFlagCompletionFunc(sshFlagName, common.AutocompleteSSH)
+
connectionFlagName := "connection"
lFlags.StringVarP(&opts.Engine.ActiveService, connectionFlagName, "c", srv, "Connection to use for remote Podman service")
_ = cmd.RegisterFlagCompletionFunc(connectionFlagName, common.AutocompleteSystemConnections)
diff --git a/cmd/podman/system/connection/add.go b/cmd/podman/system/connection/add.go
index 191603718..f3b61b254 100644
--- a/cmd/podman/system/connection/add.go
+++ b/cmd/podman/system/connection/add.go
@@ -1,23 +1,19 @@
package connection
import (
- "encoding/json"
"errors"
"fmt"
- "net"
"net/url"
"os"
"regexp"
"github.com/containers/common/pkg/completion"
"github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/ssh"
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/containers/podman/v4/cmd/podman/system"
- "github.com/containers/podman/v4/libpod/define"
- "github.com/containers/podman/v4/pkg/domain/utils"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
- "golang.org/x/crypto/ssh"
)
var (
@@ -74,6 +70,15 @@ func init() {
func add(cmd *cobra.Command, args []string) error {
// Default to ssh schema if none given
+
+ entities := &ssh.ConnectionCreateOptions{
+ Port: cOpts.Port,
+ Path: args[1],
+ Identity: cOpts.Identity,
+ Name: args[0],
+ Socket: cOpts.UDSPath,
+ Default: cOpts.Default,
+ }
dest := args[1]
if match, err := regexp.Match("^[A-Za-z][A-Za-z0-9+.-]*://", []byte(dest)); err != nil {
return fmt.Errorf("invalid destination: %w", err)
@@ -89,30 +94,20 @@ func add(cmd *cobra.Command, args []string) error {
uri.Path = cmd.Flag("socket-path").Value.String()
}
- switch uri.Scheme {
- case "ssh":
- if uri.User.Username() == "" {
- if uri.User, err = utils.GetUserInfo(uri); err != nil {
- return err
- }
- }
+ var sshMode ssh.EngineMode
+ containerConfig := registry.PodmanConfig()
- if cmd.Flags().Changed("port") {
- uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").Value.String())
- }
+ flag := containerConfig.SSHMode
- if uri.Port() == "" {
- uri.Host = net.JoinHostPort(uri.Hostname(), cmd.Flag("port").DefValue)
- }
- iden := ""
- if cmd.Flags().Changed("identity") {
- iden = cOpts.Identity
- }
- if uri.Path == "" || uri.Path == "/" {
- if uri.Path, err = getUDS(uri, iden); err != nil {
- return err
- }
- }
+ sshMode = ssh.DefineMode(flag)
+
+ if sshMode == ssh.InvalidMode {
+ return fmt.Errorf("invalid ssh mode")
+ }
+
+ switch uri.Scheme {
+ case "ssh":
+ return ssh.Create(entities, sshMode)
case "unix":
if cmd.Flags().Changed("identity") {
return errors.New("--identity option not supported for unix scheme")
@@ -176,41 +171,3 @@ func add(cmd *cobra.Command, args []string) error {
}
return cfg.Write()
}
-
-func getUDS(uri *url.URL, iden string) (string, error) {
- cfg, err := utils.ValidateAndConfigure(uri, iden)
- if err != nil {
- return "", fmt.Errorf("failed to validate: %w", err)
- }
- dial, err := ssh.Dial("tcp", uri.Host, cfg)
- if err != nil {
- return "", fmt.Errorf("failed to connect: %w", err)
- }
- defer dial.Close()
-
- session, err := dial.NewSession()
- if err != nil {
- return "", fmt.Errorf("failed to create new ssh session on %q: %w", uri.Host, err)
- }
- defer session.Close()
-
- // Override podman binary for testing etc
- podman := "podman"
- if v, found := os.LookupEnv("PODMAN_BINARY"); found {
- podman = v
- }
- infoJSON, err := utils.ExecRemoteCommand(dial, podman+" info --format=json")
- if err != nil {
- return "", err
- }
-
- var info define.Info
- if err := json.Unmarshal(infoJSON, &info); err != nil {
- return "", fmt.Errorf("failed to parse 'podman info' results: %w", err)
- }
-
- if info.Host.RemoteSocket == nil || len(info.Host.RemoteSocket.Path) == 0 {
- return "", fmt.Errorf("remote podman %q failed to report its UDS socket", uri.Host)
- }
- return info.Host.RemoteSocket.Path, nil
-}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-04 12:02:20 +0000