18 files changed, 98 insertions, 67 deletions
diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go
index 7cf7ca17f..6b70a3452 100644
--- a/pkg/domain/entities/engine_container.go
+++ b/pkg/domain/entities/engine_container.go
@@ -68,8 +68,8 @@ type ContainerEngine interface {
 	NetworkPrune(ctx context.Context, options NetworkPruneOptions) ([]*NetworkPruneReport, error)
 	NetworkReload(ctx context.Context, names []string, options NetworkReloadOptions) ([]*NetworkReloadReport, error)
 	NetworkRm(ctx context.Context, namesOrIds []string, options NetworkRmOptions) ([]*NetworkRmReport, error)
-	PlayKube(ctx context.Context, path string, opts PlayKubeOptions) (*PlayKubeReport, error)
-	PlayKubeDown(ctx context.Context, path string, opts PlayKubeDownOptions) (*PlayKubeReport, error)
+	PlayKube(ctx context.Context, body io.Reader, opts PlayKubeOptions) (*PlayKubeReport, error)
+	PlayKubeDown(ctx context.Context, body io.Reader, opts PlayKubeDownOptions) (*PlayKubeReport, error)
 	PodCreate(ctx context.Context, specg PodSpec) (*PodCreateReport, error)
 	PodExists(ctx context.Context, nameOrID string) (*BoolReport, error)
 	PodInspect(ctx context.Context, options PodInspectOptions) (*PodInspectReport, error)
diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go
index 2ac21cfeb..7081c5d25 100644
--- a/pkg/domain/entities/images.go
+++ b/pkg/domain/entities/images.go
@@ -90,6 +90,8 @@ type ImageRemoveOptions struct {
 	All bool
 	// Foce will force image removal including containers using the images.
 	Force bool
+	// Ignore if a specified image does not exist and do not throw an error.
+	Ignore bool
 	// Confirms if given name is a manifest list and removes it, otherwise returns error.
 	LookupManifest bool
 }
@@ -277,6 +279,7 @@ type ImageLoadReport struct {
 
 type ImageImportOptions struct {
 	Architecture    string
+	Variant         string
 	Changes         []string
 	Message         string
 	OS              string
diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go
index 4d9ced900..bed3183e9 100644
--- a/pkg/domain/entities/types.go
+++ b/pkg/domain/entities/types.go
@@ -20,7 +20,7 @@ type Volume struct {
 }
 
 type Report struct {
-	Id  []string //nolint
+	Id  []string // nolint
 	Err map[string]error
 }
 
@@ -98,8 +98,10 @@ type EventsOptions struct {
 // ContainerCreateResponse is the response struct for creating a container
 type ContainerCreateResponse struct {
 	// ID of the container created
+	// required: true
 	ID string `json:"Id"`
 	// Warnings during container creation
+	// required: true
 	Warnings []string `json:"Warnings"`
 }
 
diff --git a/pkg/domain/filters/containers.go b/pkg/domain/filters/containers.go
index 85ba4f84f..4c6964a00 100644
--- a/pkg/domain/filters/containers.go
+++ b/pkg/domain/filters/containers.go
@@ -213,8 +213,10 @@ func GenerateContainerFilterFuncs(filter string, filterValues []string, r *libpo
 		for _, val := range filterValues {
 			net, err := r.Network().NetworkInspect(val)
 			if err != nil {
-				// ignore not found errors
-				break
+				if errors.Is(err, define.ErrNoSuchNetwork) {
+					continue
+				}
+				return nil, err
 			}
 			inputNetNames = append(inputNetNames, net.Name)
 		}
diff --git a/pkg/domain/filters/pods.go b/pkg/domain/filters/pods.go
index 2f9442dff..e22480006 100644
--- a/pkg/domain/filters/pods.go
+++ b/pkg/domain/filters/pods.go
@@ -131,8 +131,10 @@ func GeneratePodFilterFunc(filter string, filterValues []string, r *libpod.Runti
 		for _, val := range filterValues {
 			net, err := r.Network().NetworkInspect(val)
 			if err != nil {
-				// ignore not found errors
-				break
+				if errors.Is(err, define.ErrNoSuchNetwork) {
+					continue
+				}
+				return nil, err
 			}
 			inputNetNames = append(inputNetNames, net.Name)
 		}
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index e6feb7c82..f45bdeba5 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -1431,12 +1431,7 @@ func (ic *ContainerEngine) ContainerStats(ctx context.Context, namesOrIds []stri
 
 			reportStats := []define.ContainerStats{}
 			for _, ctr := range containers {
-				prev, ok := containerStats[ctr.ID()]
-				if !ok {
-					prev = &define.ContainerStats{}
-				}
-
-				stats, err := ctr.GetContainerStats(prev)
+				stats, err := ctr.GetContainerStats(containerStats[ctr.ID()])
 				if err != nil {
 					cause := errors.Cause(err)
 					if queryAll && (cause == define.ErrCtrRemoved || cause == define.ErrNoSuchCtr || cause == define.ErrCtrStateInvalid) {
@@ -1501,6 +1496,35 @@ func (ic *ContainerEngine) ContainerClone(ctx context.Context, ctrCloneOpts enti
 		return nil, err
 	}
 
+	if ctrCloneOpts.CreateOpts.Pod != "" {
+		pod, err := ic.Libpod.LookupPod(ctrCloneOpts.CreateOpts.Pod)
+		if err != nil {
+			return nil, err
+		}
+
+		allNamespaces := []struct {
+			isShared bool
+			value    *specgen.Namespace
+		}{
+			{pod.SharesPID(), &spec.PidNS},
+			{pod.SharesNet(), &spec.NetNS},
+			{pod.SharesCgroup(), &spec.CgroupNS},
+			{pod.SharesIPC(), &spec.IpcNS},
+			{pod.SharesUTS(), &spec.UtsNS},
+		}
+
+		printWarning := false
+		for _, n := range allNamespaces {
+			if n.isShared && !n.value.IsDefault() {
+				*n.value = specgen.Namespace{NSMode: specgen.Default}
+				printWarning = true
+			}
+		}
+		if printWarning {
+			logrus.Warning("At least one namespace was reset to the default configuration")
+		}
+	}
+
 	err = specgenutil.FillOutSpecGen(spec, &ctrCloneOpts.CreateOpts, []string{})
 	if err != nil {
 		return nil, err
diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go
index 0b1281aac..74478b26d 100644
--- a/pkg/domain/infra/abi/images.go
+++ b/pkg/domain/infra/abi/images.go
@@ -445,7 +445,8 @@ func (ir *ImageEngine) Import(ctx context.Context, options entities.ImageImportO
 	importOptions.Tag = options.Reference
 	importOptions.SignaturePolicyPath = options.SignaturePolicy
 	importOptions.OS = options.OS
-	importOptions.Architecture = options.Architecture
+	importOptions.Arch = options.Architecture
+	importOptions.Variant = options.Variant
 
 	if !options.Quiet {
 		importOptions.Writer = os.Stderr
@@ -578,6 +579,7 @@ func (ir *ImageEngine) Remove(ctx context.Context, images []string, opts entitie
 	libimageOptions := &libimage.RemoveImagesOptions{}
 	libimageOptions.Filters = []string{"readonly=false"}
 	libimageOptions.Force = opts.Force
+	libimageOptions.Ignore = opts.Ignore
 	libimageOptions.LookupManifest = opts.LookupManifest
 	if !opts.All {
 		libimageOptions.Filters = append(libimageOptions.Filters, "intermediate=false")
@@ -847,13 +849,12 @@ func execPodman(execUser *user.User, command []string) error {
 	if err != nil {
 		return err
 	}
-	defer func() error {
-		err := cmdLogin.Process.Kill()
-		if err != nil {
-			return err
-		}
-		return cmdLogin.Wait()
+
+	defer func() {
+		_ = cmdLogin.Process.Kill()
+		_ = cmdLogin.Wait()
 	}()
+
 	cmd := exec.Command(command[0], command[1:]...)
 	cmd.Env = []string{"PATH=" + os.Getenv("PATH"), "TERM=" + os.Getenv("TERM")}
 	cmd.Stderr = os.Stderr
diff --git a/pkg/domain/infra/abi/images_test.go b/pkg/domain/infra/abi/images_test.go
index e38b9390d..311ab3ed7 100644
--- a/pkg/domain/infra/abi/images_test.go
+++ b/pkg/domain/infra/abi/images_test.go
@@ -48,7 +48,7 @@ func TestToDomainHistoryLayer(t *testing.T) {
 // 	r := DirectImageRuntime{m}
 // 	err := r.Delete(context.TODO(), actual, "fedora")
 // 	if err != nil {
-// 		t.Errorf("error should be nil, got: %v", err)
+// 		t.Errorf("should be nil, got: %v", err)
 // 	}
 // 	m.AssertExpectations(t)
 // }
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index 4d8c5a381..1423ab06e 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -33,12 +33,12 @@ import (
 	yamlv2 "gopkg.in/yaml.v2"
 )
 
-func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options entities.PlayKubeOptions) (*entities.PlayKubeReport, error) {
+func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, options entities.PlayKubeOptions) (*entities.PlayKubeReport, error) {
 	report := &entities.PlayKubeReport{}
 	validKinds := 0
 
 	// read yaml document
-	content, err := ioutil.ReadFile(path)
+	content, err := ioutil.ReadAll(body)
 	if err != nil {
 		return nil, err
 	}
@@ -52,7 +52,7 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options en
 	// sort kube kinds
 	documentList, err = sortKubeKinds(documentList)
 	if err != nil {
-		return nil, errors.Wrapf(err, "unable to sort kube kinds in %q", path)
+		return nil, errors.Wrap(err, "unable to sort kube kinds")
 	}
 
 	ipIndex := 0
@@ -64,7 +64,7 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options en
 	for _, document := range documentList {
 		kind, err := getKubeKind(document)
 		if err != nil {
-			return nil, errors.Wrapf(err, "unable to read %q as kube YAML", path)
+			return nil, errors.Wrap(err, "unable to read kube YAML")
 		}
 
 		switch kind {
@@ -73,7 +73,7 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options en
 			var podTemplateSpec v1.PodTemplateSpec
 
 			if err := yaml.Unmarshal(document, &podYAML); err != nil {
-				return nil, errors.Wrapf(err, "unable to read YAML %q as Kube Pod", path)
+				return nil, errors.Wrap(err, "unable to read YAML as Kube Pod")
 			}
 
 			podTemplateSpec.ObjectMeta = podYAML.ObjectMeta
@@ -97,7 +97,7 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options en
 			var deploymentYAML v1apps.Deployment
 
 			if err := yaml.Unmarshal(document, &deploymentYAML); err != nil {
-				return nil, errors.Wrapf(err, "unable to read YAML %q as Kube Deployment", path)
+				return nil, errors.Wrap(err, "unable to read YAML as Kube Deployment")
 			}
 
 			r, err := ic.playKubeDeployment(ctx, &deploymentYAML, options, &ipIndex, configMaps)
@@ -111,7 +111,7 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options en
 			var pvcYAML v1.PersistentVolumeClaim
 
 			if err := yaml.Unmarshal(document, &pvcYAML); err != nil {
-				return nil, errors.Wrapf(err, "unable to read YAML %q as Kube PersistentVolumeClaim", path)
+				return nil, errors.Wrap(err, "unable to read YAML as Kube PersistentVolumeClaim")
 			}
 
 			r, err := ic.playKubePVC(ctx, &pvcYAML, options)
@@ -125,7 +125,7 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, options en
 			var configMap v1.ConfigMap
 
 			if err := yaml.Unmarshal(document, &configMap); err != nil {
-				return nil, errors.Wrapf(err, "unable to read YAML %q as Kube ConfigMap", path)
+				return nil, errors.Wrap(err, "unable to read YAML as Kube ConfigMap")
 			}
 			configMaps = append(configMaps, configMap)
 		default:
@@ -215,7 +215,7 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
 	// FIXME This is very hard to support properly with a good ux
 	if len(options.StaticIPs) > *ipIndex {
 		if !podOpt.Net.Network.IsBridge() {
-			errors.Wrap(define.ErrInvalidArg, "static ip addresses can only be set when the network mode is bridge")
+			return nil, errors.Wrap(define.ErrInvalidArg, "static ip addresses can only be set when the network mode is bridge")
 		}
 		if len(podOpt.Net.Networks) != 1 {
 			return nil, errors.Wrap(define.ErrInvalidArg, "cannot set static ip addresses for more than network, use netname:ip=<ip> syntax to specify ips for more than network")
@@ -230,7 +230,7 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
 	}
 	if len(options.StaticMACs) > *ipIndex {
 		if !podOpt.Net.Network.IsBridge() {
-			errors.Wrap(define.ErrInvalidArg, "static mac address can only be set when the network mode is bridge")
+			return nil, errors.Wrap(define.ErrInvalidArg, "static mac address can only be set when the network mode is bridge")
 		}
 		if len(podOpt.Net.Networks) != 1 {
 			return nil, errors.Wrap(define.ErrInvalidArg, "cannot set static mac address for more than network, use netname:mac=<mac> syntax to specify mac for more than network")
@@ -773,14 +773,14 @@ func getBuildFile(imageName string, cwd string) (string, error) {
 	return "", err
 }
 
-func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, path string, _ entities.PlayKubeDownOptions) (*entities.PlayKubeReport, error) {
+func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, body io.Reader, _ entities.PlayKubeDownOptions) (*entities.PlayKubeReport, error) {
 	var (
 		podNames []string
 	)
 	reports := new(entities.PlayKubeReport)
 
 	// read yaml document
-	content, err := ioutil.ReadFile(path)
+	content, err := ioutil.ReadAll(body)
 	if err != nil {
 		return nil, err
 	}
@@ -794,27 +794,27 @@ func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, path string, _ enti
 	// sort kube kinds
 	documentList, err = sortKubeKinds(documentList)
 	if err != nil {
-		return nil, errors.Wrapf(err, "unable to sort kube kinds in %q", path)
+		return nil, errors.Wrap(err, "unable to sort kube kinds")
 	}
 
 	for _, document := range documentList {
 		kind, err := getKubeKind(document)
 		if err != nil {
-			return nil, errors.Wrapf(err, "unable to read %q as kube YAML", path)
+			return nil, errors.Wrap(err, "unable to read as kube YAML")
 		}
 
 		switch kind {
 		case "Pod":
 			var podYAML v1.Pod
 			if err := yaml.Unmarshal(document, &podYAML); err != nil {
-				return nil, errors.Wrapf(err, "unable to read YAML %q as Kube Pod", path)
+				return nil, errors.Wrap(err, "unable to read YAML as Kube Pod")
 			}
 			podNames = append(podNames, podYAML.ObjectMeta.Name)
 		case "Deployment":
 			var deploymentYAML v1apps.Deployment
 
 			if err := yaml.Unmarshal(document, &deploymentYAML); err != nil {
-				return nil, errors.Wrapf(err, "unable to read YAML %q as Kube Deployment", path)
+				return nil, errors.Wrap(err, "unable to read YAML as Kube Deployment")
 			}
 			var numReplicas int32 = 1
 			deploymentName := deploymentYAML.ObjectMeta.Name
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go
index d12d14c1f..4361821d5 100644
--- a/pkg/domain/infra/abi/system.go
+++ b/pkg/domain/infra/abi/system.go
@@ -6,7 +6,6 @@ import (
 	"net/url"
 	"os"
 	"os/exec"
-	"path/filepath"
 
 	"github.com/containers/common/pkg/cgroups"
 	"github.com/containers/common/pkg/config"
@@ -269,7 +268,7 @@ func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.System
 	}
 
 	dfVolumes := make([]*entities.SystemDfVolumeReport, 0, len(vols))
-	var reclaimableSize int64
+	var reclaimableSize uint64
 	for _, v := range vols {
 		var consInUse int
 		mountPoint, err := v.MountPoint()
@@ -282,7 +281,7 @@ func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.System
 			// TODO: fix this.
 			continue
 		}
-		volSize, err := sizeOfPath(mountPoint)
+		volSize, err := util.SizeOfPath(mountPoint)
 		if err != nil {
 			return nil, err
 		}
@@ -301,8 +300,8 @@ func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.System
 		report := entities.SystemDfVolumeReport{
 			VolumeName:      v.Name(),
 			Links:           consInUse,
-			Size:            volSize,
-			ReclaimableSize: reclaimableSize,
+			Size:            int64(volSize),
+			ReclaimableSize: int64(reclaimableSize),
 		}
 		dfVolumes = append(dfVolumes, &report)
 	}
@@ -313,19 +312,6 @@ func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.System
 	}, nil
 }
 
-// sizeOfPath determines the file usage of a given path. it was called volumeSize in v1
-// and now is made to be generic and take a path instead of a libpod volume
-func sizeOfPath(path string) (int64, error) {
-	var size int64
-	err := filepath.Walk(path, func(path string, info os.FileInfo, err error) error {
-		if err == nil && !info.IsDir() {
-			size += info.Size()
-		}
-		return err
-	})
-	return size, err
-}
-
 func (se *SystemEngine) Reset(ctx context.Context) error {
 	return se.Libpod.Reset(ctx)
 }
diff --git a/pkg/domain/infra/abi/terminal/sigproxy_linux.go b/pkg/domain/infra/abi/terminal/sigproxy_linux.go
index 206ded091..fe2c268c0 100644
--- a/pkg/domain/infra/abi/terminal/sigproxy_linux.go
+++ b/pkg/domain/infra/abi/terminal/sigproxy_linux.go
@@ -20,7 +20,7 @@ const signalBufferSize = 2048
 func ProxySignals(ctr *libpod.Container) {
 	// Stop catching the shutdown signals (SIGINT, SIGTERM) - they're going
 	// to the container now.
-	shutdown.Stop()
+	shutdown.Stop() // nolint: errcheck
 
 	sigBuffer := make(chan os.Signal, signalBufferSize)
 	signal.CatchAll(sigBuffer)
diff --git a/pkg/domain/infra/abi/terminal/terminal_linux.go b/pkg/domain/infra/abi/terminal/terminal_linux.go
index 78c792d2b..153b19fdb 100644
--- a/pkg/domain/infra/abi/terminal/terminal_linux.go
+++ b/pkg/domain/infra/abi/terminal/terminal_linux.go
@@ -39,7 +39,7 @@ func ExecAttachCtr(ctx context.Context, ctr *libpod.Container, execConfig *libpo
 // StartAttachCtr starts and (if required) attaches to a container
 // if you change the signature of this function from os.File to io.Writer, it will trigger a downstream
 // error. we may need to just lint disable this one.
-func StartAttachCtr(ctx context.Context, ctr *libpod.Container, stdout, stderr, stdin *os.File, detachKeys string, sigProxy bool, startContainer bool) error { //nolint-interfacer
+func StartAttachCtr(ctx context.Context, ctr *libpod.Container, stdout, stderr, stdin *os.File, detachKeys string, sigProxy bool, startContainer bool) error { //nolint: interfacer
 	resize := make(chan define.TerminalSize)
 
 	haveTerminal := terminal.IsTerminal(int(os.Stdin.Fd()))
diff --git a/pkg/domain/infra/abi/volumes.go b/pkg/domain/infra/abi/volumes.go
index 19fc6d2d3..f59f11e20 100644
--- a/pkg/domain/infra/abi/volumes.go
+++ b/pkg/domain/infra/abi/volumes.go
@@ -171,7 +171,8 @@ func (ic *ContainerEngine) VolumeMounted(ctx context.Context, nameOrID string) (
 	}
 	mountCount, err := vol.MountCount()
 	if err != nil {
-		return &entities.BoolReport{Value: false}, nil
+		// FIXME: this error should probably be returned
+		return &entities.BoolReport{Value: false}, nil // nolint: nilerr
 	}
 	if mountCount > 0 {
 		return &entities.BoolReport{Value: true}, nil
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
index 046c2509d..10bfb3984 100644
--- a/pkg/domain/infra/tunnel/containers.go
+++ b/pkg/domain/infra/tunnel/containers.go
@@ -840,7 +840,7 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
 	if eventsErr != nil || lastEvent == nil {
 		logrus.Errorf("Cannot get exit code: %v", err)
 		report.ExitCode = define.ExecErrorCodeNotFound
-		return &report, nil // compat with local client
+		return &report, nil // nolint: nilerr
 	}
 
 	report.ExitCode = lastEvent.ContainerExitCode
@@ -938,7 +938,7 @@ func (ic *ContainerEngine) ContainerStat(ctx context.Context, nameOrID string, p
 	return containers.Stat(ic.ClientCtx, nameOrID, path)
 }
 
-// Shutdown Libpod engine
+// Shutdown Libpod engine.
 func (ic *ContainerEngine) Shutdown(_ context.Context) {
 }
 
@@ -949,7 +949,7 @@ func (ic *ContainerEngine) ContainerStats(ctx context.Context, namesOrIds []stri
 	return containers.Stats(ic.ClientCtx, namesOrIds, new(containers.StatsOptions).WithStream(options.Stream).WithInterval(options.Interval))
 }
 
-// ShouldRestart reports back whether the container will restart
+// ShouldRestart reports back whether the container will restart.
 func (ic *ContainerEngine) ShouldRestart(_ context.Context, id string) (bool, error) {
 	return containers.ShouldRestart(ic.ClientCtx, id, nil)
 }
diff --git a/pkg/domain/infra/tunnel/events.go b/pkg/domain/infra/tunnel/events.go
index 1f27cdff8..b472ad03a 100644
--- a/pkg/domain/infra/tunnel/events.go
+++ b/pkg/domain/infra/tunnel/events.go
@@ -34,7 +34,7 @@ func (ic *ContainerEngine) Events(ctx context.Context, opts entities.EventsOptio
 }
 
 // GetLastContainerEvent takes a container name or ID and an event status and returns
-// the last occurrence of the container event
+// the last occurrence of the container event.
 func (ic *ContainerEngine) GetLastContainerEvent(ctx context.Context, nameOrID string, containerEvent events.Status) (*events.Event, error) {
 	// check to make sure the event.Status is valid
 	if _, err := events.StringToStatus(containerEvent.String()); err != nil {
diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go
index 3ee97d94c..18e10e8dd 100644
--- a/pkg/domain/infra/tunnel/images.go
+++ b/pkg/domain/infra/tunnel/images.go
@@ -28,7 +28,7 @@ func (ir *ImageEngine) Exists(_ context.Context, nameOrID string) (*entities.Boo
 }
 
 func (ir *ImageEngine) Remove(ctx context.Context, imagesArg []string, opts entities.ImageRemoveOptions) (*entities.ImageRemoveReport, []error) {
-	options := new(images.RemoveOptions).WithForce(opts.Force).WithAll(opts.All)
+	options := new(images.RemoveOptions).WithForce(opts.Force).WithIgnore(opts.Ignore).WithAll(opts.All)
 	return images.Remove(ir.ClientCtx, imagesArg, options)
 }
 
@@ -230,6 +230,7 @@ func (ir *ImageEngine) Import(ctx context.Context, opts entities.ImageImportOpti
 		f   *os.File
 	)
 	options := new(images.ImportOptions).WithChanges(opts.Changes).WithMessage(opts.Message).WithReference(opts.Reference)
+	options.WithOS(opts.OS).WithArchitecture(opts.Architecture).WithVariant(opts.Variant)
 	if opts.SourceIsURL {
 		options.WithURL(opts.Source)
 	} else {
diff --git a/pkg/domain/infra/tunnel/manifest.go b/pkg/domain/infra/tunnel/manifest.go
index d2efed8d3..9ac3fdb83 100644
--- a/pkg/domain/infra/tunnel/manifest.go
+++ b/pkg/domain/infra/tunnel/manifest.go
@@ -50,6 +50,7 @@ func (ir *ImageEngine) ManifestInspect(_ context.Context, name string) ([]byte,
 func (ir *ImageEngine) ManifestAdd(_ context.Context, name string, imageNames []string, opts entities.ManifestAddOptions) (string, error) {
 	options := new(manifests.AddOptions).WithAll(opts.All).WithArch(opts.Arch).WithVariant(opts.Variant)
 	options.WithFeatures(opts.Features).WithImages(imageNames).WithOS(opts.OS).WithOSVersion(opts.OSVersion)
+	options.WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile)
 	if len(opts.Annotation) != 0 {
 		annotations := make(map[string]string)
 		for _, annotationSpec := range opts.Annotation {
@@ -61,6 +62,13 @@ func (ir *ImageEngine) ManifestAdd(_ context.Context, name string, imageNames []
 		}
 		options.WithAnnotation(annotations)
 	}
+	if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined {
+		if s == types.OptionalBoolTrue {
+			options.WithSkipTLSVerify(true)
+		} else {
+			options.WithSkipTLSVerify(false)
+		}
+	}
 
 	id, err := manifests.Add(ir.ClientCtx, name, options)
 	if err != nil {
diff --git a/pkg/domain/infra/tunnel/play.go b/pkg/domain/infra/tunnel/play.go
index cd51262d0..d9637254a 100644
--- a/pkg/domain/infra/tunnel/play.go
+++ b/pkg/domain/infra/tunnel/play.go
@@ -2,13 +2,14 @@ package tunnel
 
 import (
 	"context"
+	"io"
 
 	"github.com/containers/image/v5/types"
 	"github.com/containers/podman/v4/pkg/bindings/play"
 	"github.com/containers/podman/v4/pkg/domain/entities"
 )
 
-func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, opts entities.PlayKubeOptions) (*entities.PlayKubeReport, error) {
+func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, opts entities.PlayKubeOptions) (*entities.PlayKubeReport, error) {
 	options := new(play.KubeOptions).WithAuthfile(opts.Authfile).WithUsername(opts.Username).WithPassword(opts.Password)
 	options.WithCertDir(opts.CertDir).WithQuiet(opts.Quiet).WithSignaturePolicy(opts.SignaturePolicy).WithConfigMaps(opts.ConfigMaps)
 	options.WithLogDriver(opts.LogDriver).WithNetwork(opts.Networks).WithSeccompProfileRoot(opts.SeccompProfileRoot)
@@ -26,9 +27,9 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, path string, opts entit
 	if start := opts.Start; start != types.OptionalBoolUndefined {
 		options.WithStart(start == types.OptionalBoolTrue)
 	}
-	return play.Kube(ic.ClientCtx, path, options)
+	return play.KubeWithBody(ic.ClientCtx, body, options)
 }
 
-func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, path string, _ entities.PlayKubeDownOptions) (*entities.PlayKubeReport, error) {
-	return play.KubeDown(ic.ClientCtx, path)
+func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, body io.Reader, _ entities.PlayKubeDownOptions) (*entities.PlayKubeReport, error) {
+	return play.KubeDownWithBody(ic.ClientCtx, body)
 }