14 files changed, 107 insertions, 22 deletions
diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go
index dcb351e82..d2a7505a8 100644
--- a/pkg/domain/entities/containers.go
+++ b/pkg/domain/entities/containers.go
@@ -165,6 +165,8 @@ type CopyOptions struct {
 	// it will change ownership of files from the source tar archive
 	// to the primary uid/gid of the destination container.
 	Chown bool
+	// Map to translate path names.
+	Rename map[string]string
 }
 
 type CommitReport struct {
@@ -207,6 +209,7 @@ type RestoreOptions struct {
 	TCPEstablished  bool
 	ImportPrevious  string
 	PublishPorts    []specgen.PortMapping
+	Pod             string
 }
 
 type RestoreReport struct {
@@ -242,6 +245,8 @@ type ContainerLogsOptions struct {
 	Names bool
 	// Show logs since this timestamp.
 	Since time.Time
+	// Show logs until this timestamp.
+	Until time.Time
 	// Number of lines to display at the end of the output.
 	Tail int64
 	// Show timestamps in the logs.
diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go
index 62e83fab3..d573e4704 100644
--- a/pkg/domain/entities/engine_container.go
+++ b/pkg/domain/entities/engine_container.go
@@ -8,7 +8,6 @@ import (
 	"github.com/containers/podman/v3/libpod/define"
 	"github.com/containers/podman/v3/pkg/domain/entities/reports"
 	"github.com/containers/podman/v3/pkg/specgen"
-	"github.com/spf13/cobra"
 )
 
 type ContainerCopyFunc func() error
@@ -82,7 +81,7 @@ type ContainerEngine interface {
 	PodStop(ctx context.Context, namesOrIds []string, options PodStopOptions) ([]*PodStopReport, error)
 	PodTop(ctx context.Context, options PodTopOptions) (*StringSliceReport, error)
 	PodUnpause(ctx context.Context, namesOrIds []string, options PodunpauseOptions) ([]*PodUnpauseReport, error)
-	SetupRootless(ctx context.Context, cmd *cobra.Command) error
+	SetupRootless(ctx context.Context, noMoveProcess bool) error
 	SecretCreate(ctx context.Context, name string, reader io.Reader, options SecretCreateOptions) (*SecretCreateReport, error)
 	SecretInspect(ctx context.Context, nameOrIDs []string) ([]*SecretInfoReport, []error, error)
 	SecretList(ctx context.Context) ([]*SecretInfoReport, error)
diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go
index 3140a47c5..262b09cad 100644
--- a/pkg/domain/entities/images.go
+++ b/pkg/domain/entities/images.go
@@ -1,6 +1,7 @@
 package entities
 
 import (
+	"net/url"
 	"time"
 
 	"github.com/containers/common/pkg/config"
@@ -306,6 +307,28 @@ type ImageSaveOptions struct {
 	Quiet bool
 }
 
+// ImageScpOptions provide options for securely copying images to podman remote
+type ImageScpOptions struct {
+	// SoureImageName is the image the user is providing to load on a remote machine
+	SourceImageName string
+	// Tag allows for a new image to be created under the given name
+	Tag string
+	// ToRemote specifies that we are loading to the remote host
+	ToRemote bool
+	// FromRemote specifies that we are loading from the remote host
+	FromRemote bool
+	// Connections holds the raw string values for connections (ssh or unix)
+	Connections []string
+	// URI contains the ssh connection URLs to be used by the client
+	URI []*url.URL
+	// Iden contains ssh identity keys to be used by the client
+	Iden []string
+	// Save Options used for first half of the scp operation
+	Save ImageSaveOptions
+	// Load options used for the second half of the scp operation
+	Load ImageLoadOptions
+}
+
 // ImageTreeOptions provides options for ImageEngine.Tree()
 type ImageTreeOptions struct {
 	WhatRequires bool // Show all child images and layers of the specified image
diff --git a/pkg/domain/filters/containers.go b/pkg/domain/filters/containers.go
index 965a12468..dc9fed2a4 100644
--- a/pkg/domain/filters/containers.go
+++ b/pkg/domain/filters/containers.go
@@ -211,6 +211,36 @@ func GenerateContainerFilterFuncs(filter string, filterValues []string, r *libpo
 		}, nil
 	case "network":
 		return func(c *libpod.Container) bool {
+			networkMode := c.NetworkMode()
+			// support docker like `--filter network=container:<IDorName>`
+			// check if networkMode is configured as `container:<ctr>`
+			// peform a match against filter `container:<IDorName>`
+			// networks is already going to be empty if `container:<ctr>` is configured as Mode
+			if strings.HasPrefix(networkMode, "container:") {
+				networkModeContainerPart := strings.SplitN(networkMode, ":", 2)
+				if len(networkModeContainerPart) < 2 {
+					return false
+				}
+				networkModeContainerID := networkModeContainerPart[1]
+				for _, val := range filterValues {
+					if strings.HasPrefix(val, "container:") {
+						filterNetworkModePart := strings.SplitN(val, ":", 2)
+						if len(filterNetworkModePart) < 2 {
+							return false
+						}
+						filterNetworkModeIDorName := filterNetworkModePart[1]
+						filterID, err := r.LookupContainerID(filterNetworkModeIDorName)
+						if err != nil {
+							return false
+						}
+						if filterID == networkModeContainerID {
+							return true
+						}
+					}
+				}
+				return false
+			}
+
 			networks, _, err := c.Networks()
 			// if err or no networks, quick out
 			if err != nil || len(networks) == 0 {
diff --git a/pkg/domain/filters/volumes.go b/pkg/domain/filters/volumes.go
index df23c31c0..d55c44ef5 100644
--- a/pkg/domain/filters/volumes.go
+++ b/pkg/domain/filters/volumes.go
@@ -51,6 +51,12 @@ func GenerateVolumeFilters(filters url.Values) ([]libpod.VolumeFilter, error) {
 					}
 					return false
 				})
+			case "until":
+				f, err := createUntilFilterVolumeFunction(val)
+				if err != nil {
+					return nil, err
+				}
+				vf = append(vf, f)
 			case "dangling":
 				danglingVal := val
 				invert := false
@@ -93,16 +99,11 @@ func GeneratePruneVolumeFilters(filters url.Values) ([]libpod.VolumeFilter, erro
 					return util.MatchLabelFilters([]string{filterVal}, v.Labels())
 				})
 			case "until":
-				until, err := util.ComputeUntilTimestamp([]string{filterVal})
+				f, err := createUntilFilterVolumeFunction(filterVal)
 				if err != nil {
 					return nil, err
 				}
-				vf = append(vf, func(v *libpod.Volume) bool {
-					if !until.IsZero() && v.CreatedTime().Before(until) {
-						return true
-					}
-					return false
-				})
+				vf = append(vf, f)
 			default:
 				return nil, errors.Errorf("%q is an invalid volume filter", filter)
 			}
@@ -110,3 +111,16 @@ func GeneratePruneVolumeFilters(filters url.Values) ([]libpod.VolumeFilter, erro
 	}
 	return vf, nil
 }
+
+func createUntilFilterVolumeFunction(filter string) (libpod.VolumeFilter, error) {
+	until, err := util.ComputeUntilTimestamp([]string{filter})
+	if err != nil {
+		return nil, err
+	}
+	return func(v *libpod.Volume) bool {
+		if !until.IsZero() && v.CreatedTime().Before(until) {
+			return true
+		}
+		return false
+	}, nil
+}
diff --git a/pkg/domain/infra/abi/archive.go b/pkg/domain/infra/abi/archive.go
index 1a5bb6dc4..b60baa935 100644
--- a/pkg/domain/infra/abi/archive.go
+++ b/pkg/domain/infra/abi/archive.go
@@ -12,7 +12,7 @@ func (ic *ContainerEngine) ContainerCopyFromArchive(ctx context.Context, nameOrI
 	if err != nil {
 		return nil, err
 	}
-	return container.CopyFromArchive(ctx, containerPath, options.Chown, reader)
+	return container.CopyFromArchive(ctx, containerPath, options.Chown, options.Rename, reader)
 }
 
 func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID string, containerPath string, writer io.Writer) (entities.ContainerCopyFunc, error) {
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index 6eeef870f..ddd768328 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -529,6 +529,7 @@ func (ic *ContainerEngine) ContainerRestore(ctx context.Context, namesOrIds []st
 		IgnoreStaticIP:  options.IgnoreStaticIP,
 		IgnoreStaticMAC: options.IgnoreStaticMAC,
 		ImportPrevious:  options.ImportPrevious,
+		Pod:             options.Pod,
 	}
 
 	filterFuncs := []libpod.ContainerFilter{
@@ -618,7 +619,7 @@ func makeExecConfig(options entities.ExecOptions, rt *libpod.Runtime) (*libpod.E
 		return nil, errors.Wrapf(err, "error retrieving Libpod configuration to build exec exit command")
 	}
 	// TODO: Add some ability to toggle syslog
-	exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, false, true, true)
+	exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, false, false, true)
 	if err != nil {
 		return nil, errors.Wrapf(err, "error constructing exit command for exec session")
 	}
@@ -998,6 +999,7 @@ func (ic *ContainerEngine) ContainerLogs(ctx context.Context, containers []strin
 		Details:    options.Details,
 		Follow:     options.Follow,
 		Since:      options.Since,
+		Until:      options.Until,
 		Tail:       options.Tail,
 		Timestamps: options.Timestamps,
 		UseName:    options.Names,
diff --git a/pkg/domain/infra/abi/images_list.go b/pkg/domain/infra/abi/images_list.go
index b0e947991..2ec4ad244 100644
--- a/pkg/domain/infra/abi/images_list.go
+++ b/pkg/domain/infra/abi/images_list.go
@@ -30,12 +30,16 @@ func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions)
 		for j, d := range img.Digests() {
 			digests[j] = string(d)
 		}
+		isDangling, err := img.IsDangling(ctx)
+		if err != nil {
+			return nil, errors.Wrapf(err, "error checking if image %q is dangling", img.ID())
+		}
 
 		e := entities.ImageSummary{
 			ID: img.ID(),
 			//			ConfigDigest: string(img.ConfigDigest),
 			Created:     img.Created().Unix(),
-			Dangling:    img.IsDangling(),
+			Dangling:    isDangling,
 			Digest:      string(img.Digest()),
 			RepoDigests: digests,
 			History:     img.NamesHistory(),
diff --git a/pkg/domain/infra/abi/manifest.go b/pkg/domain/infra/abi/manifest.go
index 68e29f006..666bc997d 100644
--- a/pkg/domain/infra/abi/manifest.go
+++ b/pkg/domain/infra/abi/manifest.go
@@ -337,6 +337,7 @@ func (ir *ImageEngine) ManifestPush(ctx context.Context, name, destination strin
 	pushOptions.ManifestMIMEType = manifestType
 	pushOptions.RemoveSignatures = opts.RemoveSignatures
 	pushOptions.SignBy = opts.SignBy
+	pushOptions.InsecureSkipTLSVerify = opts.SkipTLSVerify
 
 	if opts.All {
 		pushOptions.ImageListSelection = cp.CopyAllImages
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index 4782f0d01..d257bad18 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -277,7 +277,10 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
 		// registry on localhost.
 		pullPolicy := config.PullPolicyNewer
 		if len(container.ImagePullPolicy) > 0 {
-			pullPolicy, err = config.ParsePullPolicy(string(container.ImagePullPolicy))
+			// Make sure to lower the strings since K8s pull policy
+			// may be capitalized (see bugzilla.redhat.com/show_bug.cgi?id=1985905).
+			rawPolicy := string(container.ImagePullPolicy)
+			pullPolicy, err = config.ParsePullPolicy(strings.ToLower(rawPolicy))
 			if err != nil {
 				return nil, err
 			}
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go
index 155cda21d..bc98edd06 100644
--- a/pkg/domain/infra/abi/system.go
+++ b/pkg/domain/infra/abi/system.go
@@ -24,7 +24,6 @@ import (
 	"github.com/containers/storage/pkg/unshare"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 )
 
@@ -57,7 +56,7 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
 	return info, err
 }
 
-func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error {
+func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error {
 	// do it only after podman has already re-execed and running with uid==0.
 	hasCapSysAdmin, err := unshare.HasCapSysAdmin()
 	if err != nil {
@@ -104,6 +103,9 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command)
 	if became {
 		os.Exit(ret)
 	}
+	if noMoveProcess {
+		return nil
+	}
 
 	// if there is no pid file, try to join existing containers, and create a pause process.
 	ctrs, err := ic.Libpod.GetRunningContainers()
@@ -118,9 +120,10 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command)
 	}
 
 	became, ret, err = rootless.TryJoinFromFilePaths(pausePidPath, true, paths)
+
 	if err := movePauseProcessToScope(ic.Libpod); err != nil {
-		conf, err := ic.Config(context.Background())
-		if err != nil {
+		conf, err2 := ic.Config(context.Background())
+		if err2 != nil {
 			return err
 		}
 		if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
@@ -148,7 +151,6 @@ func movePauseProcessToScope(r *libpod.Runtime) error {
 	if err != nil {
 		return errors.Wrapf(err, "could not get pause process pid file path")
 	}
-
 	data, err := ioutil.ReadFile(pausePidPath)
 	if err != nil {
 		return errors.Wrapf(err, "cannot read pause pid file")
diff --git a/pkg/domain/infra/runtime_abi.go b/pkg/domain/infra/runtime_abi.go
index ca201b5ae..177e9cff4 100644
--- a/pkg/domain/infra/runtime_abi.go
+++ b/pkg/domain/infra/runtime_abi.go
@@ -33,6 +33,7 @@ func NewImageEngine(facts *entities.PodmanConfig) (entities.ImageEngine, error)
 		r, err := NewLibpodImageRuntime(facts.FlagSet, facts)
 		return r, err
 	case entities.TunnelMode:
+		// TODO: look at me!
 		ctx, err := bindings.NewConnectionWithIdentity(context.Background(), facts.URI, facts.Identity)
 		return &tunnel.ImageEngine{ClientCtx: ctx}, err
 	}
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
index 1df79c373..3c2802165 100644
--- a/pkg/domain/infra/tunnel/containers.go
+++ b/pkg/domain/infra/tunnel/containers.go
@@ -369,10 +369,11 @@ func (ic *ContainerEngine) ContainerCreate(ctx context.Context, s *specgen.SpecG
 
 func (ic *ContainerEngine) ContainerLogs(_ context.Context, nameOrIDs []string, opts entities.ContainerLogsOptions) error {
 	since := opts.Since.Format(time.RFC3339)
+	until := opts.Until.Format(time.RFC3339)
 	tail := strconv.FormatInt(opts.Tail, 10)
 	stdout := opts.StdoutWriter != nil
 	stderr := opts.StderrWriter != nil
-	options := new(containers.LogOptions).WithFollow(opts.Follow).WithSince(since).WithStderr(stderr)
+	options := new(containers.LogOptions).WithFollow(opts.Follow).WithSince(since).WithUntil(until).WithStderr(stderr)
 	options.WithStdout(stdout).WithTail(tail)
 
 	var err error
@@ -852,7 +853,8 @@ func (ic *ContainerEngine) ContainerPort(ctx context.Context, nameOrID string, o
 }
 
 func (ic *ContainerEngine) ContainerCopyFromArchive(ctx context.Context, nameOrID, path string, reader io.Reader, options entities.CopyOptions) (entities.ContainerCopyFunc, error) {
-	return containers.CopyFromArchiveWithOptions(ic.ClientCtx, nameOrID, path, reader, new(containers.CopyOptions).WithChown(options.Chown))
+	copyOptions := new(containers.CopyOptions).WithChown(options.Chown).WithRename(options.Rename)
+	return containers.CopyFromArchiveWithOptions(ic.ClientCtx, nameOrID, path, reader, copyOptions)
 }
 
 func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID string, path string, writer io.Writer) (entities.ContainerCopyFunc, error) {
diff --git a/pkg/domain/infra/tunnel/system.go b/pkg/domain/infra/tunnel/system.go
index 7400d3771..6b43cf038 100644
--- a/pkg/domain/infra/tunnel/system.go
+++ b/pkg/domain/infra/tunnel/system.go
@@ -7,14 +7,13 @@ import (
 	"github.com/containers/podman/v3/libpod/define"
 	"github.com/containers/podman/v3/pkg/bindings/system"
 	"github.com/containers/podman/v3/pkg/domain/entities"
-	"github.com/spf13/cobra"
 )
 
 func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
 	return system.Info(ic.ClientCtx, nil)
 }
 
-func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error {
+func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error {
 	panic(errors.New("rootless engine mode is not supported when tunneling"))
 }