summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/adapter/client.go10
-rw-r--r--pkg/adapter/containers_remote.go28
-rw-r--r--pkg/adapter/pods_remote.go4
-rw-r--r--pkg/adapter/runtime_remote.go17
-rw-r--r--pkg/api/handlers/compat/changes.go20
-rw-r--r--pkg/api/handlers/compat/containers.go1
-rw-r--r--pkg/api/handlers/compat/containers_attach.go35
-rw-r--r--pkg/api/handlers/compat/containers_prune.go29
-rw-r--r--pkg/api/handlers/compat/events.go19
-rw-r--r--pkg/api/handlers/compat/images_search.go1
-rw-r--r--pkg/api/handlers/compat/swagger.go10
-rw-r--r--pkg/api/handlers/libpod/containers.go20
-rw-r--r--pkg/api/handlers/libpod/images.go53
-rw-r--r--pkg/api/handlers/libpod/pods.go3
-rw-r--r--pkg/api/handlers/libpod/volumes.go4
-rw-r--r--pkg/api/handlers/types.go25
-rw-r--r--pkg/api/handlers/utils/containers.go21
-rw-r--r--pkg/api/handlers/utils/pods.go33
-rw-r--r--pkg/api/server/handler_api.go9
-rw-r--r--pkg/api/server/register_containers.go71
-rw-r--r--pkg/api/server/register_images.go33
-rw-r--r--pkg/api/server/server.go175
-rw-r--r--pkg/autoupdate/autoupdate.go25
-rw-r--r--pkg/bindings/containers/containers.go29
-rw-r--r--pkg/bindings/containers/diff.go24
-rw-r--r--pkg/bindings/images/diff.go24
-rw-r--r--pkg/bindings/images/images.go33
-rw-r--r--pkg/bindings/images/search.go41
-rw-r--r--pkg/bindings/system/info.go8
-rw-r--r--pkg/bindings/test/containers_test.go186
-rw-r--r--pkg/bindings/test/images_test.go21
-rw-r--r--pkg/cgroups/pids.go6
-rw-r--r--pkg/domain/entities/container_ps.go4
-rw-r--r--pkg/domain/entities/containers.go98
-rw-r--r--pkg/domain/entities/engine.go319
-rw-r--r--pkg/domain/entities/engine_container.go27
-rw-r--r--pkg/domain/entities/engine_image.go13
-rw-r--r--pkg/domain/entities/images.go44
-rw-r--r--pkg/domain/entities/pods.go5
-rw-r--r--pkg/domain/entities/system.go14
-rw-r--r--pkg/domain/entities/types.go23
-rw-r--r--pkg/domain/infra/abi/containers.go231
-rw-r--r--pkg/domain/infra/abi/events.go18
-rw-r--r--pkg/domain/infra/abi/images.go69
-rw-r--r--pkg/domain/infra/abi/pods.go6
-rw-r--r--pkg/domain/infra/abi/system.go244
-rw-r--r--pkg/domain/infra/runtime_abi.go4
-rw-r--r--pkg/domain/infra/runtime_image_proxy.go2
-rw-r--r--pkg/domain/infra/runtime_libpod.go58
-rw-r--r--pkg/domain/infra/runtime_proxy.go2
-rw-r--r--pkg/domain/infra/runtime_tunnel.go4
-rw-r--r--pkg/domain/infra/tunnel/containers.go47
-rw-r--r--pkg/domain/infra/tunnel/events.go31
-rw-r--r--pkg/domain/infra/tunnel/images.go18
-rw-r--r--pkg/domain/infra/tunnel/system.go21
-rw-r--r--pkg/ps/define/types.go8
-rw-r--r--pkg/ps/ps.go38
-rw-r--r--pkg/rootless/rootless_linux.c5
-rw-r--r--pkg/signal/signal_linux.go7
-rw-r--r--pkg/specgen/config_linux_nocgo.go11
-rw-r--r--pkg/specgen/container_validate.go12
-rw-r--r--pkg/specgen/generate/config_linux_cgo.go (renamed from pkg/specgen/config_linux_cgo.go)5
-rw-r--r--pkg/specgen/generate/config_linux_nocgo.go14
-rw-r--r--pkg/specgen/generate/container.go8
-rw-r--r--pkg/specgen/generate/container_create.go14
-rw-r--r--pkg/specgen/generate/namespaces.go417
-rw-r--r--pkg/specgen/generate/oci.go (renamed from pkg/specgen/oci.go)19
-rw-r--r--pkg/specgen/generate/pod_create.go (renamed from pkg/specgen/pod_create.go)18
-rw-r--r--pkg/specgen/generate/storage.go (renamed from pkg/specgen/storage.go)8
-rw-r--r--pkg/specgen/namespaces.go379
-rw-r--r--pkg/specgen/pod_validate.go5
-rw-r--r--pkg/specgen/security.go46
-rw-r--r--pkg/specgen/specgen.go19
-rw-r--r--pkg/util/utils.go31
-rw-r--r--pkg/varlinkapi/attach.go2
-rw-r--r--pkg/varlinkapi/config.go9
-rw-r--r--pkg/varlinkapi/containers.go72
-rw-r--r--pkg/varlinkapi/containers_create.go2
-rw-r--r--pkg/varlinkapi/events.go7
-rw-r--r--pkg/varlinkapi/generate.go2
-rw-r--r--pkg/varlinkapi/images.go86
-rw-r--r--pkg/varlinkapi/mount.go6
-rw-r--r--pkg/varlinkapi/pods.go32
-rw-r--r--pkg/varlinkapi/system.go6
-rw-r--r--pkg/varlinkapi/transfers.go7
-rw-r--r--pkg/varlinkapi/volumes.go10
86 files changed, 2571 insertions, 1054 deletions
diff --git a/pkg/adapter/client.go b/pkg/adapter/client.go
index 5774ebe72..a1b2bd507 100644
--- a/pkg/adapter/client.go
+++ b/pkg/adapter/client.go
@@ -12,7 +12,7 @@ import (
"github.com/varlink/go/varlink"
)
-var remoteEndpoint *Endpoint
+var remoteEndpoint *Endpoint // nolint: deadcode,unused
func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) {
remoteConfigConnections, err := remoteclientconfig.ReadRemoteConfig(r.config)
@@ -26,8 +26,8 @@ func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) {
remoteEndpoint, err = newBridgeConnection(bridge, nil, r.cmd.LogLevel)
// if an environment variable for podman_varlink_address is defined,
// we used that as passed
- } else if address := os.Getenv("PODMAN_VARLINK_ADDRESS"); address != "" {
- logrus.Debug("creating a varlink address based on env variable: %s", address)
+ } else if address := os.Getenv("PODMAN_VARLINK_ADDRESS"); address != "" { // nolint:gocritic
+ logrus.Debugf("creating a varlink address based on env variable: %s", address)
remoteEndpoint, err = newSocketConnection(address)
// if the user provides a remote host, we use it to configure a bridge connection
} else if len(r.cmd.RemoteHost) > 0 {
@@ -35,7 +35,7 @@ func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) {
if len(r.cmd.RemoteUserName) < 1 {
return nil, errors.New("you must provide a username when providing a remote host name")
}
- rc := remoteclientconfig.RemoteConnection{r.cmd.RemoteHost, r.cmd.RemoteUserName, false, r.cmd.Port, r.cmd.IdentityFile, r.cmd.IgnoreHosts}
+ rc := remoteclientconfig.RemoteConnection{r.cmd.RemoteHost, r.cmd.RemoteUserName, false, r.cmd.Port, r.cmd.IdentityFile, r.cmd.IgnoreHosts} // nolint: govet
remoteEndpoint, err = newBridgeConnection("", &rc, r.cmd.LogLevel)
// if the user has a config file with connections in it
} else if len(remoteConfigConnections.Connections) > 0 {
@@ -59,7 +59,7 @@ func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) {
logrus.Debug("creating a varlink address based default root address")
remoteEndpoint, err = newSocketConnection(DefaultVarlinkAddress)
}
- return
+ return // nolint: nakedret
}
// Connect provides a varlink connection
diff --git a/pkg/adapter/containers_remote.go b/pkg/adapter/containers_remote.go
index fc8b524d6..777605896 100644
--- a/pkg/adapter/containers_remote.go
+++ b/pkg/adapter/containers_remote.go
@@ -341,7 +341,7 @@ func (r *LocalRuntime) RemoveContainers(ctx context.Context, cli *cliconfig.RmVa
failures[ctr] = errors.Wrapf(err, "Failed to evict container: %q", id)
continue
}
- ok = append(ok, string(id))
+ ok = append(ok, id)
}
return ok, failures, nil
}
@@ -432,7 +432,7 @@ func BatchContainerOp(ctr *Container, opts shared.PsOptions) (shared.BatchContai
// Log one or more containers over a varlink connection
func (r *LocalRuntime) Log(c *cliconfig.LogsValues, options *logs.LogOptions) error {
// GetContainersLogs
- reply, err := iopodman.GetContainersLogs().Send(r.Conn, uint64(varlink.More), c.InputArgs, c.Follow, c.Latest, options.Since.Format(time.RFC3339Nano), int64(c.Tail), c.Timestamps)
+ reply, err := iopodman.GetContainersLogs().Send(r.Conn, uint64(varlink.More), c.InputArgs, c.Follow, c.Latest, options.Since.Format(time.RFC3339Nano), c.Tail, c.Timestamps)
if err != nil {
return errors.Wrapf(err, "failed to get container logs")
}
@@ -753,15 +753,15 @@ func (r *LocalRuntime) attach(ctx context.Context, stdin, stdout *os.File, cid s
return nil, nil, err
}
defer cancel()
- defer restoreTerminal(oldTermState)
+ defer restoreTerminal(oldTermState) // nolint: errcheck
logrus.SetFormatter(&RawTtyFormatter{})
- term.SetRawTerminal(os.Stdin.Fd())
+ term.SetRawTerminal(os.Stdin.Fd()) // nolint: errcheck
}
reply, err := iopodman.Attach().Send(r.Conn, varlink.Upgrade, cid, detachKeys, start)
if err != nil {
- restoreTerminal(oldTermState)
+ restoreTerminal(oldTermState) // nolint: errcheck
return nil, nil, err
}
@@ -769,7 +769,7 @@ func (r *LocalRuntime) attach(ctx context.Context, stdin, stdout *os.File, cid s
_, err = reply()
if err != nil {
- restoreTerminal(oldTermState)
+ restoreTerminal(oldTermState) // nolint: errcheck
return nil, nil, err
}
@@ -857,7 +857,7 @@ func (r *LocalRuntime) Restart(ctx context.Context, c *cliconfig.RestartValues)
useTimeout := c.Flag("timeout").Changed || c.Flag("time").Changed
inputTimeout := c.Timeout
- if c.Latest {
+ if c.Latest { // nolint: gocritic
lastCtr, err := r.GetLatestContainer()
if err != nil {
return nil, nil, errors.Wrapf(err, "unable to get latest container")
@@ -1042,10 +1042,10 @@ func (r *LocalRuntime) ExecContainer(ctx context.Context, cli *cliconfig.ExecVal
return ec, err
}
defer cancel()
- defer restoreTerminal(oldTermState)
+ defer restoreTerminal(oldTermState) // nolint: errcheck
logrus.SetFormatter(&RawTtyFormatter{})
- term.SetRawTerminal(os.Stdin.Fd())
+ term.SetRawTerminal(os.Stdin.Fd()) // nolint: errcheck
}
opts := iopodman.ExecOpts{
@@ -1082,7 +1082,7 @@ func (r *LocalRuntime) ExecContainer(ctx context.Context, cli *cliconfig.ExecVal
return ec, err
}
-func configureVarlinkAttachStdio(reader *bufio.Reader, writer *bufio.Writer, stdin *os.File, stdout *os.File, oldTermState *term.State, resize chan remotecommand.TerminalSize, ecChan chan int) chan error {
+func configureVarlinkAttachStdio(reader *bufio.Reader, writer *bufio.Writer, stdin *os.File, stdout *os.File, oldTermState *term.State, resize chan remotecommand.TerminalSize, ecChan chan int) chan error { // nolint: interfacer
errChan := make(chan error, 1)
// These are the special writers that encode input from the client.
varlinkStdinWriter := virtwriter.NewVirtWriteCloser(writer, virtwriter.ToStdin)
@@ -1092,7 +1092,7 @@ func configureVarlinkAttachStdio(reader *bufio.Reader, writer *bufio.Writer, std
go func() {
// Read from the wire and direct to stdout or stderr
err := virtwriter.Reader(reader, stdout, os.Stderr, nil, nil, ecChan)
- defer restoreTerminal(oldTermState)
+ defer restoreTerminal(oldTermState) // nolint: errcheck
sendGenericError(ecChan)
errChan <- err
}()
@@ -1101,13 +1101,13 @@ func configureVarlinkAttachStdio(reader *bufio.Reader, writer *bufio.Writer, std
for termResize := range resize {
b, err := json.Marshal(termResize)
if err != nil {
- defer restoreTerminal(oldTermState)
+ defer restoreTerminal(oldTermState) // nolint: errcheck,staticcheck
sendGenericError(ecChan)
errChan <- err
}
_, err = varlinkResizeWriter.Write(b)
if err != nil {
- defer restoreTerminal(oldTermState)
+ defer restoreTerminal(oldTermState) // nolint: errcheck,staticcheck
sendGenericError(ecChan)
errChan <- err
}
@@ -1117,7 +1117,7 @@ func configureVarlinkAttachStdio(reader *bufio.Reader, writer *bufio.Writer, std
// Takes stdinput and sends it over the wire after being encoded
go func() {
if _, err := io.Copy(varlinkStdinWriter, stdin); err != nil {
- defer restoreTerminal(oldTermState)
+ defer restoreTerminal(oldTermState) // nolint: errcheck
sendGenericError(ecChan)
errChan <- err
}
diff --git a/pkg/adapter/pods_remote.go b/pkg/adapter/pods_remote.go
index ebd10a92a..4c6eea9a7 100644
--- a/pkg/adapter/pods_remote.go
+++ b/pkg/adapter/pods_remote.go
@@ -515,10 +515,10 @@ func (p *Pod) GetPodStats(previousContainerStats map[string]*libpod.ContainerSta
newStats := varlinkapi.ContainerStatsToLibpodContainerStats(stats)
// If the container wasn't running, don't include it
// but also suppress the error
- if err != nil && errors.Cause(err) != define.ErrCtrStateInvalid {
+ if err != nil && errors.Cause(err) != define.ErrCtrStateInvalid { // nolint: govet
return nil, err
}
- if err == nil {
+ if err == nil { // nolint: govet
newContainerStats[c.ID()] = &newStats
}
}
diff --git a/pkg/adapter/runtime_remote.go b/pkg/adapter/runtime_remote.go
index a4ac660ea..c511b70f1 100644
--- a/pkg/adapter/runtime_remote.go
+++ b/pkg/adapter/runtime_remote.go
@@ -180,7 +180,7 @@ type Pod struct {
type remotepod struct {
config *libpod.PodConfig
state *libpod.PodInspectState
- containers []libpod.PodContainerInfo
+ containers []libpod.PodContainerInfo // nolint: structcheck
Runtime *LocalRuntime
}
@@ -627,7 +627,7 @@ func (r *LocalRuntime) SendFileOverVarlink(source string) (string, error) {
return "", err
}
logrus.Debugf("sending %s over varlink connection", source)
- reply, err := iopodman.SendFile().Send(r.Conn, varlink.Upgrade, "", int64(fileInfo.Size()))
+ reply, err := iopodman.SendFile().Send(r.Conn, varlink.Upgrade, "", fileInfo.Size())
if err != nil {
return "", err
}
@@ -754,9 +754,7 @@ func (r *LocalRuntime) InspectVolumes(ctx context.Context, c *cliconfig.VolumeIn
volumes = append(volumes, vol.Name())
}
} else {
- for _, arg := range c.InputArgs {
- volumes = append(volumes, arg)
- }
+ volumes = append(volumes, c.InputArgs...)
}
for _, vol := range volumes {
@@ -855,7 +853,7 @@ func (r *LocalRuntime) SaveImage(ctx context.Context, c *cliconfig.SaveValues) e
}
}
- if err != nil {
+ if err != nil { // nolint: govet
return err
}
@@ -927,7 +925,7 @@ func IsImageNotFound(err error) bool {
if errors.Cause(err) == image.ErrNoSuchImage {
return true
}
- switch err.(type) {
+ switch err.(type) { // nolint: gocritic
case *iopodman.ImageNotFound:
return true
}
@@ -991,7 +989,7 @@ func (r *LocalRuntime) Events(c *cliconfig.EventValues) error {
Time: eTime,
Type: eType,
}
- if c.Format == formats.JSONString {
+ if c.Format == formats.JSONString { // nolint: gocritic
jsonStr, err := event.ToJSONString()
if err != nil {
return errors.Wrapf(err, "unable to format json")
@@ -1008,6 +1006,7 @@ func (r *LocalRuntime) Events(c *cliconfig.EventValues) error {
return err
}
}
+
if _, err := w.Write([]byte("\n")); err != nil {
return err
}
@@ -1040,7 +1039,7 @@ func stringToChangeType(change string) archive.ChangeType {
return archive.ChangeAdd
case "D":
return archive.ChangeDelete
- default:
+ default: // nolint: gocritic,stylecheck
logrus.Errorf("'%s' is unknown archive type", change)
fallthrough
case "C":
diff --git a/pkg/api/handlers/compat/changes.go b/pkg/api/handlers/compat/changes.go
new file mode 100644
index 000000000..6907c487e
--- /dev/null
+++ b/pkg/api/handlers/compat/changes.go
@@ -0,0 +1,20 @@
+package compat
+
+import (
+ "net/http"
+
+ "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/pkg/api/handlers/utils"
+)
+
+func Changes(w http.ResponseWriter, r *http.Request) {
+ runtime := r.Context().Value("runtime").(*libpod.Runtime)
+
+ id := utils.GetName(r)
+ changes, err := runtime.GetDiff("", id)
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ utils.WriteJSON(w, 200, changes)
+}
diff --git a/pkg/api/handlers/compat/containers.go b/pkg/api/handlers/compat/containers.go
index c53af0f26..3f6aca502 100644
--- a/pkg/api/handlers/compat/containers.go
+++ b/pkg/api/handlers/compat/containers.go
@@ -261,6 +261,7 @@ func LogsFromContainer(w http.ResponseWriter, r *http.Request) {
var until time.Time
if _, found := r.URL.Query()["until"]; found {
+ // FIXME: until != since but the logs backend does not yet support until.
since, err = util.ParseInputTime(query.Until)
if err != nil {
utils.BadRequest(w, "until", query.Until, err)
diff --git a/pkg/api/handlers/compat/containers_attach.go b/pkg/api/handlers/compat/containers_attach.go
index da7b5bb0c..80ad52aee 100644
--- a/pkg/api/handlers/compat/containers_attach.go
+++ b/pkg/api/handlers/compat/containers_attach.go
@@ -1,6 +1,7 @@
package compat
import (
+ "fmt"
"net/http"
"github.com/containers/libpod/libpod"
@@ -23,7 +24,9 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) {
Stdin bool `schema:"stdin"`
Stdout bool `schema:"stdout"`
Stderr bool `schema:"stderr"`
- }{}
+ }{
+ Stream: true,
+ }
if err := decoder.Decode(&query, r.URL.Query()); err != nil {
utils.Error(w, "Error parsing parameters", http.StatusBadRequest, err)
return
@@ -61,16 +64,9 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) {
return
}
- // TODO: Investigate supporting these.
- // Logs replays container logs over the attach socket.
- // Stream seems to break things up somehow? Not 100% clear.
- if query.Logs {
- utils.Error(w, "Unsupported parameter", http.StatusBadRequest, errors.Errorf("the logs parameter to attach is not presently supported"))
- return
- }
- // We only support stream=true or unset
- if _, found := r.URL.Query()["stream"]; found && query.Stream {
- utils.Error(w, "Unsupported parameter", http.StatusBadRequest, errors.Errorf("the stream parameter to attach is not presently supported"))
+ // At least one of these must be set
+ if !query.Stream && !query.Logs {
+ utils.Error(w, "Unsupported parameter", http.StatusBadRequest, errors.Errorf("at least one of Logs or Stream must be set"))
return
}
@@ -86,7 +82,13 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) {
utils.InternalServerError(w, err)
return
}
- if !(state == define.ContainerStateCreated || state == define.ContainerStateRunning) {
+ // For Docker compatibility, we need to re-initialize containers in these states.
+ if state == define.ContainerStateConfigured || state == define.ContainerStateExited {
+ if err := ctr.Init(r.Context()); err != nil {
+ utils.InternalServerError(w, errors.Wrapf(err, "error preparing container %s for attach", ctr.ID()))
+ return
+ }
+ } else if !(state == define.ContainerStateCreated || state == define.ContainerStateRunning) {
utils.InternalServerError(w, errors.Wrapf(define.ErrCtrStateInvalid, "can only attach to created or running containers"))
return
}
@@ -98,20 +100,23 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) {
return
}
- w.WriteHeader(http.StatusSwitchingProtocols)
-
connection, buffer, err := hijacker.Hijack()
if err != nil {
utils.InternalServerError(w, errors.Wrapf(err, "error hijacking connection"))
return
}
+ // This header string sourced from Docker:
+ // https://raw.githubusercontent.com/moby/moby/b95fad8e51bd064be4f4e58a996924f343846c85/api/server/router/container/container_routes.go
+ // Using literally to ensure compatability with existing clients.
+ fmt.Fprintf(connection, "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n")
+
logrus.Debugf("Hijack for attach of container %s successful", ctr.ID())
// Perform HTTP attach.
// HTTPAttach will handle everything about the connection from here on
// (including closing it and writing errors to it).
- if err := ctr.HTTPAttach(connection, buffer, streams, detachKeys, nil); err != nil {
+ if err := ctr.HTTPAttach(connection, buffer, streams, detachKeys, nil, query.Stream, query.Logs); err != nil {
// We can't really do anything about errors anymore. HTTPAttach
// should be writing them to the connection.
logrus.Errorf("Error attaching to container %s: %v", ctr.ID(), err)
diff --git a/pkg/api/handlers/compat/containers_prune.go b/pkg/api/handlers/compat/containers_prune.go
index a56c3903d..b4e98ac1f 100644
--- a/pkg/api/handlers/compat/containers_prune.go
+++ b/pkg/api/handlers/compat/containers_prune.go
@@ -4,8 +4,9 @@ import (
"net/http"
"github.com/containers/libpod/libpod"
- "github.com/containers/libpod/pkg/api/handlers"
+ lpfilters "github.com/containers/libpod/libpod/filters"
"github.com/containers/libpod/pkg/api/handlers/utils"
+ "github.com/containers/libpod/pkg/domain/entities"
"github.com/docker/docker/api/types"
"github.com/gorilla/schema"
"github.com/pkg/errors"
@@ -15,6 +16,7 @@ func PruneContainers(w http.ResponseWriter, r *http.Request) {
var (
delContainers []string
space int64
+ filterFuncs []libpod.ContainerFilter
)
runtime := r.Context().Value("runtime").(*libpod.Runtime)
decoder := r.Context().Value("decoder").(*schema.Decoder)
@@ -26,11 +28,15 @@ func PruneContainers(w http.ResponseWriter, r *http.Request) {
utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String()))
return
}
-
- filterFuncs, err := utils.GenerateFilterFuncsFromMap(runtime, query.Filters)
- if err != nil {
- utils.InternalServerError(w, err)
- return
+ for k, v := range query.Filters {
+ for _, val := range v {
+ generatedFunc, err := lpfilters.GenerateContainerFilterFuncs(k, val, runtime)
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ filterFuncs = append(filterFuncs, generatedFunc)
+ }
}
prunedContainers, pruneErrors, err := runtime.PruneContainers(filterFuncs)
if err != nil {
@@ -40,14 +46,11 @@ func PruneContainers(w http.ResponseWriter, r *http.Request) {
// Libpod response differs
if utils.IsLibpodRequest(r) {
- var response []handlers.LibpodContainersPruneReport
- for ctrID, size := range prunedContainers {
- response = append(response, handlers.LibpodContainersPruneReport{ID: ctrID, SpaceReclaimed: size})
- }
- for ctrID, err := range pruneErrors {
- response = append(response, handlers.LibpodContainersPruneReport{ID: ctrID, PruneError: err.Error()})
+ report := &entities.ContainerPruneReport{
+ Err: pruneErrors,
+ ID: prunedContainers,
}
- utils.WriteResponse(w, http.StatusOK, response)
+ utils.WriteResponse(w, http.StatusOK, report)
return
}
for ctrID, size := range prunedContainers {
diff --git a/pkg/api/handlers/compat/events.go b/pkg/api/handlers/compat/events.go
index 0f72ef328..8ef32716d 100644
--- a/pkg/api/handlers/compat/events.go
+++ b/pkg/api/handlers/compat/events.go
@@ -1,7 +1,6 @@
package compat
import (
- "encoding/json"
"fmt"
"net/http"
@@ -10,6 +9,7 @@ import (
"github.com/containers/libpod/pkg/api/handlers"
"github.com/containers/libpod/pkg/api/handlers/utils"
"github.com/gorilla/schema"
+ jsoniter "github.com/json-iterator/go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -48,14 +48,27 @@ func GetEvents(w http.ResponseWriter, r *http.Request) {
}()
if eventsError != nil {
utils.InternalServerError(w, eventsError)
+ close(eventChannel)
return
}
- coder := json.NewEncoder(w)
- coder.SetEscapeHTML(true)
+ // If client disappears we need to stop listening for events
+ go func(done <-chan struct{}) {
+ <-done
+ close(eventChannel)
+ }(r.Context().Done())
+ // Headers need to be written out before turning Writer() over to json encoder
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
+ if flusher, ok := w.(http.Flusher); ok {
+ flusher.Flush()
+ }
+
+ json := jsoniter.ConfigCompatibleWithStandardLibrary
+ coder := json.NewEncoder(w)
+ coder.SetEscapeHTML(true)
+
for event := range eventChannel {
e := handlers.EventToApiEvent(event)
if err := coder.Encode(e); err != nil {
diff --git a/pkg/api/handlers/compat/images_search.go b/pkg/api/handlers/compat/images_search.go
index 7283b22c4..8da685527 100644
--- a/pkg/api/handlers/compat/images_search.go
+++ b/pkg/api/handlers/compat/images_search.go
@@ -57,6 +57,7 @@ func SearchImages(w http.ResponseWriter, r *http.Request) {
Filter: filter,
Limit: query.Limit,
}
+
results, err := image.SearchImages(query.Term, options)
if err != nil {
utils.BadRequest(w, "term", query.Term, err)
diff --git a/pkg/api/handlers/compat/swagger.go b/pkg/api/handlers/compat/swagger.go
index cbd8e61fb..f1aabf987 100644
--- a/pkg/api/handlers/compat/swagger.go
+++ b/pkg/api/handlers/compat/swagger.go
@@ -2,6 +2,7 @@ package compat
import (
"github.com/containers/libpod/pkg/api/handlers/utils"
+ "github.com/containers/storage/pkg/archive"
)
// Create container
@@ -25,3 +26,12 @@ type swagCtrWaitResponse struct {
}
}
}
+
+// Object Changes
+// swagger:response Changes
+type swagChangesResponse struct {
+ // in:body
+ Body struct {
+ Changes []archive.Change
+ }
+}
diff --git a/pkg/api/handlers/libpod/containers.go b/pkg/api/handlers/libpod/containers.go
index 5cbfb11eb..086bef847 100644
--- a/pkg/api/handlers/libpod/containers.go
+++ b/pkg/api/handlers/libpod/containers.go
@@ -285,3 +285,23 @@ func Restore(w http.ResponseWriter, r *http.Request) {
}
utils.WriteResponse(w, http.StatusOK, entities.RestoreReport{Id: ctr.ID()})
}
+
+func InitContainer(w http.ResponseWriter, r *http.Request) {
+ name := utils.GetName(r)
+ runtime := r.Context().Value("runtime").(*libpod.Runtime)
+ ctr, err := runtime.LookupContainer(name)
+ if err != nil {
+ utils.ContainerNotFound(w, name, err)
+ return
+ }
+ err = ctr.Init(r.Context())
+ if errors.Cause(err) == define.ErrCtrStateInvalid {
+ utils.Error(w, "container already initialized", http.StatusNotModified, err)
+ return
+ }
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ utils.WriteResponse(w, http.StatusNoContent, "")
+}
diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go
index 850de4598..a42d06205 100644
--- a/pkg/api/handlers/libpod/images.go
+++ b/pkg/api/handlers/libpod/images.go
@@ -645,3 +645,56 @@ func UntagImage(w http.ResponseWriter, r *http.Request) {
}
utils.WriteResponse(w, http.StatusCreated, "")
}
+
+func SearchImages(w http.ResponseWriter, r *http.Request) {
+ decoder := r.Context().Value("decoder").(*schema.Decoder)
+ query := struct {
+ Term string `json:"term"`
+ Limit int `json:"limit"`
+ Filters []string `json:"filters"`
+ TLSVerify bool `json:"tlsVerify"`
+ }{
+ // This is where you can override the golang default value for one of fields
+ }
+
+ if err := decoder.Decode(&query, r.URL.Query()); err != nil {
+ utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String()))
+ return
+ }
+
+ options := image.SearchOptions{
+ Limit: query.Limit,
+ }
+ if _, found := r.URL.Query()["tlsVerify"]; found {
+ options.InsecureSkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
+ }
+
+ if _, found := r.URL.Query()["filters"]; found {
+ filter, err := image.ParseSearchFilter(query.Filters)
+ if err != nil {
+ utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "Failed to parse filters parameter for %s", r.URL.String()))
+ return
+ }
+ options.Filter = *filter
+ }
+
+ searchResults, err := image.SearchImages(query.Term, options)
+ if err != nil {
+ utils.BadRequest(w, "term", query.Term, err)
+ return
+ }
+ // Convert from image.SearchResults to entities.ImageSearchReport. We don't
+ // want to leak any low-level packages into the remote client, which
+ // requires converting.
+ reports := make([]entities.ImageSearchReport, len(searchResults))
+ for i := range searchResults {
+ reports[i].Index = searchResults[i].Index
+ reports[i].Name = searchResults[i].Name
+ reports[i].Description = searchResults[i].Index
+ reports[i].Stars = searchResults[i].Stars
+ reports[i].Official = searchResults[i].Official
+ reports[i].Automated = searchResults[i].Automated
+ }
+
+ utils.WriteResponse(w, http.StatusOK, reports)
+}
diff --git a/pkg/api/handlers/libpod/pods.go b/pkg/api/handlers/libpod/pods.go
index a890169a1..81cab1ede 100644
--- a/pkg/api/handlers/libpod/pods.go
+++ b/pkg/api/handlers/libpod/pods.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/libpod/pkg/api/handlers/utils"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/containers/libpod/pkg/specgen"
+ "github.com/containers/libpod/pkg/specgen/generate"
"github.com/containers/libpod/pkg/util"
"github.com/gorilla/schema"
"github.com/pkg/errors"
@@ -27,7 +28,7 @@ func PodCreate(w http.ResponseWriter, r *http.Request) {
utils.Error(w, "Failed to decode specgen", http.StatusInternalServerError, errors.Wrap(err, "failed to decode specgen"))
return
}
- pod, err := psg.MakePod(runtime)
+ pod, err := generate.MakePod(&psg, runtime)
if err != nil {
http_code := http.StatusInternalServerError
if errors.Cause(err) == define.ErrPodExists {
diff --git a/pkg/api/handlers/libpod/volumes.go b/pkg/api/handlers/libpod/volumes.go
index 5a6fc021e..18c561a0d 100644
--- a/pkg/api/handlers/libpod/volumes.go
+++ b/pkg/api/handlers/libpod/volumes.go
@@ -4,12 +4,12 @@ import (
"encoding/json"
"net/http"
- "github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/api/handlers/utils"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/containers/libpod/pkg/domain/filters"
+ "github.com/containers/libpod/pkg/domain/infra/abi/parse"
"github.com/gorilla/schema"
"github.com/pkg/errors"
)
@@ -46,7 +46,7 @@ func CreateVolume(w http.ResponseWriter, r *http.Request) {
volumeOptions = append(volumeOptions, libpod.WithVolumeLabels(input.Label))
}
if len(input.Options) > 0 {
- parsedOptions, err := shared.ParseVolumeOptions(input.Options)
+ parsedOptions, err := parse.ParseVolumeOptions(input.Options)
if err != nil {
utils.InternalServerError(w, err)
return
diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go
index f1c932ebc..0fe6ae6a7 100644
--- a/pkg/api/handlers/types.go
+++ b/pkg/api/handlers/types.go
@@ -180,6 +180,31 @@ type ExecCreateResponse struct {
docker.IDResponse
}
+func (e *Event) ToLibpodEvent() *events.Event {
+ exitCode, err := strconv.Atoi(e.Actor.Attributes["containerExitCode"])
+ if err != nil {
+ return nil
+ }
+ status, err := events.StringToStatus(e.Action)
+ if err != nil {
+ return nil
+ }
+ t, err := events.StringToType(e.Type)
+ if err != nil {
+ return nil
+ }
+ lp := events.Event{
+ ContainerExitCode: exitCode,
+ ID: e.Actor.ID,
+ Image: e.Actor.Attributes["image"],
+ Name: e.Actor.Attributes["name"],
+ Status: status,
+ Time: time.Unix(e.Time, e.TimeNano),
+ Type: t,
+ }
+ return &lp
+}
+
func EventToApiEvent(e *events.Event) *Event {
return &Event{dockerEvents.Message{
Type: e.Type.String(),
diff --git a/pkg/api/handlers/utils/containers.go b/pkg/api/handlers/utils/containers.go
index bbe4cee3c..d1107f67c 100644
--- a/pkg/api/handlers/utils/containers.go
+++ b/pkg/api/handlers/utils/containers.go
@@ -6,9 +6,10 @@ import (
"time"
"github.com/containers/libpod/cmd/podman/shared"
+ createconfig "github.com/containers/libpod/pkg/spec"
+
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
- createconfig "github.com/containers/libpod/pkg/spec"
"github.com/gorilla/schema"
"github.com/pkg/errors"
)
@@ -68,24 +69,6 @@ func WaitContainer(w http.ResponseWriter, r *http.Request) (int32, error) {
return con.WaitForConditionWithInterval(interval, condition)
}
-// GenerateFilterFuncsFromMap is used to generate un-executed functions that can be used to filter
-// containers. It is specifically designed for the RESTFUL API input.
-func GenerateFilterFuncsFromMap(r *libpod.Runtime, filters map[string][]string) ([]libpod.ContainerFilter, error) {
- var (
- filterFuncs []libpod.ContainerFilter
- )
- for k, v := range filters {
- for _, val := range v {
- f, err := shared.GenerateContainerFilterFuncs(k, val, r)
- if err != nil {
- return filterFuncs, err
- }
- filterFuncs = append(filterFuncs, f)
- }
- }
- return filterFuncs, nil
-}
-
func CreateContainer(ctx context.Context, w http.ResponseWriter, runtime *libpod.Runtime, cc *createconfig.CreateConfig) {
var pod *libpod.Pod
ctr, err := shared.CreateContainerFromCreateConfig(runtime, cc, ctx, pod)
diff --git a/pkg/api/handlers/utils/pods.go b/pkg/api/handlers/utils/pods.go
index d47053eda..fb795fa6a 100644
--- a/pkg/api/handlers/utils/pods.go
+++ b/pkg/api/handlers/utils/pods.go
@@ -1,20 +1,19 @@
package utils
import (
- "fmt"
"net/http"
- "github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
+ lpfilters "github.com/containers/libpod/libpod/filters"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/gorilla/schema"
)
func GetPods(w http.ResponseWriter, r *http.Request) ([]*entities.ListPodsReport, error) {
var (
- lps []*entities.ListPodsReport
- pods []*libpod.Pod
- podErr error
+ lps []*entities.ListPodsReport
+ pods []*libpod.Pod
+ filters []libpod.PodFilter
)
runtime := r.Context().Value("runtime").(*libpod.Runtime)
decoder := r.Context().Value("decoder").(*schema.Decoder)
@@ -28,28 +27,24 @@ func GetPods(w http.ResponseWriter, r *http.Request) ([]*entities.ListPodsReport
if err := decoder.Decode(&query, r.URL.Query()); err != nil {
return nil, err
}
- var filters = []string{}
if _, found := r.URL.Query()["digests"]; found && query.Digests {
UnSupportedParameter("digests")
}
- if len(query.Filters) > 0 {
- for k, v := range query.Filters {
- for _, val := range v {
- filters = append(filters, fmt.Sprintf("%s=%s", k, val))
+ for k, v := range query.Filters {
+ for _, filter := range v {
+ f, err := lpfilters.GeneratePodFilterFunc(k, filter)
+ if err != nil {
+ return nil, err
}
+ filters = append(filters, f)
}
- filterFuncs, err := shared.GenerateFilterFunction(runtime, filters)
- if err != nil {
- return nil, err
- }
- pods, podErr = shared.FilterAllPodsWithFilterFunc(runtime, filterFuncs...)
- } else {
- pods, podErr = runtime.GetAllPods()
}
- if podErr != nil {
- return nil, podErr
+ pods, err := runtime.Pods(filters...)
+ if err != nil {
+ return nil, err
}
+
for _, pod := range pods {
status, err := pod.GetPodStatus()
if err != nil {
diff --git a/pkg/api/server/handler_api.go b/pkg/api/server/handler_api.go
index 30a1680c9..7a7db12f3 100644
--- a/pkg/api/server/handler_api.go
+++ b/pkg/api/server/handler_api.go
@@ -19,7 +19,7 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc {
if err != nil {
buf := make([]byte, 1<<20)
n := runtime.Stack(buf, true)
- log.Warnf("Recovering from podman handler panic: %v, %s", err, buf[:n])
+ log.Warnf("Recovering from API handler panic: %v, %s", err, buf[:n])
// Try to inform client things went south... won't work if handler already started writing response body
utils.InternalServerError(w, fmt.Errorf("%v", err))
}
@@ -27,12 +27,7 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc {
// Wrapper to hide some boiler plate
fn := func(w http.ResponseWriter, r *http.Request) {
- // Connection counting, ugh. Needed to support the sliding window for idle checking.
- s.ConnectionCh <- EnterHandler
- defer func() { s.ConnectionCh <- ExitHandler }()
-
- log.Debugf("APIHandler -- Method: %s URL: %s (conn %d/%d)",
- r.Method, r.URL.String(), s.ActiveConnections, s.TotalConnections)
+ log.Debugf("APIHandler -- Method: %s URL: %s", r.Method, r.URL.String())
if err := r.ParseForm(); err != nil {
log.Infof("Failed Request: unable to parse form: %q", err)
diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go
index f126112d0..378d1e06c 100644
--- a/pkg/api/server/register_containers.go
+++ b/pkg/api/server/register_containers.go
@@ -517,13 +517,13 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// name: logs
// required: false
// type: boolean
- // description: Not yet supported
+ // description: Stream all logs from the container across the connection. Happens before streaming attach (if requested). At least one of logs or stream must be set
// - in: query
// name: stream
// required: false
// type: boolean
// default: true
- // description: If passed, must be set to true; stream=false is not yet supported
+ // description: Attach to the container. If unset, and logs is set, only the container's logs will be sent. At least one of stream or logs must be set
// - in: query
// name: stdout
// required: false
@@ -955,7 +955,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// "$ref": "#/responses/NoSuchContainer"
// 500:
// "$ref": "#/responses/InternalError"
- r.HandleFunc(VersionedPath("/libpod/containers/{name:..*}/pause"), s.APIHandler(compat.PauseContainer)).Methods(http.MethodPost)
+ r.HandleFunc(VersionedPath("/libpod/containers/{name}/pause"), s.APIHandler(compat.PauseContainer)).Methods(http.MethodPost)
// swagger:operation POST /libpod/containers/{name}/restart libpod libpodRestartContainer
// ---
// tags:
@@ -1194,13 +1194,13 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// name: logs
// required: false
// type: boolean
- // description: Not yet supported
+ // description: Stream all logs from the container across the connection. Happens before streaming attach (if requested). At least one of logs or stream must be set
// - in: query
// name: stream
// required: false
// type: boolean
// default: true
- // description: If passed, must be set to true; stream=false is not yet supported
+ // description: Attach to the container. If unset, and logs is set, only the container's logs will be sent. At least one of stream or logs must be set
// - in: query
// name: stdout
// required: false
@@ -1282,7 +1282,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/export"), s.APIHandler(compat.ExportContainer)).Methods(http.MethodGet)
- // swagger:operation GET /libpod/containers/{name}/checkout libpod libpodCheckpointContainer
+ // swagger:operation POST /libpod/containers/{name}/checkpoint libpod libpodCheckpointContainer
// ---
// tags:
// - containers
@@ -1323,7 +1323,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/checkpoint"), s.APIHandler(libpod.Checkpoint)).Methods(http.MethodPost)
- // swagger:operation GET /libpod/containers/{name} restore libpod libpodRestoreContainer
+ // swagger:operation POST /libpod/containers/{name}/restore libpod libpodRestoreContainer
// ---
// tags:
// - containers
@@ -1377,5 +1377,62 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error {
// 500:
// $ref: "#/responses/InternalError"
r.HandleFunc(VersionedPath("/libpod/containers/{name}/restore"), s.APIHandler(libpod.Restore)).Methods(http.MethodPost)
+ // swagger:operation GET /containers/{name}/changes libpod libpodChangesContainer
+ // swagger:operation GET /libpod/containers/{name}/changes compat changesContainer
+ // ---
+ // tags:
+ // - containers
+ // - containers (compat)
+ // summary: Report on changes to container's filesystem; adds, deletes or modifications.
+ // description: |
+ // Returns which files in a container's filesystem have been added, deleted, or modified. The Kind of modification can be one of:
+ //
+ // 0: Modified
+ // 1: Added
+ // 2: Deleted
+ // parameters:
+ // - in: path
+ // name: name
+ // type: string
+ // required: true
+ // description: the name or id of the container
+ // responses:
+ // 200:
+ // description: Array of Changes
+ // content:
+ // application/json:
+ // schema:
+ // $ref: "#/responses/Changes"
+ // 404:
+ // $ref: "#/responses/NoSuchContainer"
+ // 500:
+ // $ref: "#/responses/InternalError"
+ r.HandleFunc(VersionedPath("/containers/{name}/changes"), s.APIHandler(compat.Changes)).Methods(http.MethodGet)
+ r.HandleFunc("/containers/{name}/changes", s.APIHandler(compat.Changes)).Methods(http.MethodGet)
+ r.HandleFunc(VersionedPath("/libpod/containers/{name}/changes"), s.APIHandler(compat.Changes)).Methods(http.MethodGet)
+ // swagger:operation POST /libpod/containers/{name}/init libpod libpodInitContainer
+ // ---
+ // tags:
+ // - containers
+ // summary: Initialize a container
+ // description: Performs all tasks necessary for initializing the container but does not start the container.
+ // parameters:
+ // - in: path
+ // name: name
+ // type: string
+ // required: true
+ // description: the name or ID of the container
+ // produces:
+ // - application/json
+ // responses:
+ // 204:
+ // description: no error
+ // 304:
+ // description: container already initialized
+ // 404:
+ // $ref: "#/responses/NoSuchContainer"
+ // 500:
+ // $ref: "#/responses/InternalError"
+ r.HandleFunc(VersionedPath("/libpod/containers/{name}/init"), s.APIHandler(libpod.InitContainer)).Methods(http.MethodPost)
return nil
}
diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go
index d45423096..6cc6f0cfa 100644
--- a/pkg/api/server/register_images.go
+++ b/pkg/api/server/register_images.go
@@ -919,7 +919,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// $ref: "#/responses/DocsSearchResponse"
// 500:
// $ref: '#/responses/InternalError'
- r.Handle(VersionedPath("/libpod/images/search"), s.APIHandler(compat.SearchImages)).Methods(http.MethodGet)
+ r.Handle(VersionedPath("/libpod/images/search"), s.APIHandler(libpod.SearchImages)).Methods(http.MethodGet)
// swagger:operation DELETE /libpod/images/{name:.*} libpod libpodRemoveImage
// ---
// tags:
@@ -1125,5 +1125,36 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// 500:
// $ref: '#/responses/InternalError'
r.Handle(VersionedPath("/libpod/images/{name:.*}/untag"), s.APIHandler(libpod.UntagImage)).Methods(http.MethodPost)
+
+ // swagger:operation GET /libpod/images/{name}/changes libpod libpodChangesImages
+ // ---
+ // tags:
+ // - images
+ // summary: Report on changes to images's filesystem; adds, deletes or modifications.
+ // description: |
+ // Returns which files in a images's filesystem have been added, deleted, or modified. The Kind of modification can be one of:
+ //
+ // 0: Modified
+ // 1: Added
+ // 2: Deleted
+ // parameters:
+ // - in: path
+ // name: name
+ // type: string
+ // required: true
+ // description: the name or id of the container
+ // responses:
+ // 200:
+ // description: Array of Changes
+ // content:
+ // application/json:
+ // schema:
+ // $ref: "#/responses/Changes"
+ // 404:
+ // $ref: "#/responses/NoSuchContainer"
+ // 500:
+ // $ref: "#/responses/InternalError"
+ r.HandleFunc(VersionedPath("/libpod/images/{name}/changes"), s.APIHandler(compat.Changes)).Methods(http.MethodGet)
+
return nil
}
diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go
index 59f1f95cb..5f1a86183 100644
--- a/pkg/api/server/server.go
+++ b/pkg/api/server/server.go
@@ -2,11 +2,14 @@ package server
import (
"context"
+ "log"
"net"
"net/http"
"os"
"os/signal"
+ "runtime"
"strings"
+ "sync"
"syscall"
"time"
@@ -20,26 +23,19 @@ import (
)
type APIServer struct {
- http.Server // The HTTP work happens here
- *schema.Decoder // Decoder for Query parameters to structs
- context.Context // Context to carry objects to handlers
- *libpod.Runtime // Where the real work happens
- net.Listener // mux for routing HTTP API calls to libpod routines
- context.CancelFunc // Stop APIServer
- *time.Timer // Hold timer for sliding window
- time.Duration // Duration of client access sliding window
- ActiveConnections uint64 // Number of handlers holding a connection
- TotalConnections uint64 // Number of connections handled
- ConnectionCh chan int // Channel for signalling handler enter/exit
+ http.Server // The HTTP work happens here
+ *schema.Decoder // Decoder for Query parameters to structs
+ context.Context // Context to carry objects to handlers
+ *libpod.Runtime // Where the real work happens
+ net.Listener // mux for routing HTTP API calls to libpod routines
+ context.CancelFunc // Stop APIServer
+ idleTracker *IdleTracker // Track connections to support idle shutdown
}
// Number of seconds to wait for next request, if exceeded shutdown server
const (
DefaultServiceDuration = 300 * time.Second
UnlimitedServiceDuration = 0 * time.Second
- EnterHandler = 1
- ExitHandler = -1
- NOOPHandler = 0
)
// NewServer will create and configure a new API server with all defaults
@@ -56,7 +52,7 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
// If listener not provided try socket activation protocol
if listener == nil {
if _, found := os.LookupEnv("LISTEN_FDS"); !found {
- return nil, errors.Errorf("Cannot create Server, no listener provided and socket activation protocol is not active.")
+ return nil, errors.Errorf("Cannot create API Server, no listener provided and socket activation protocol is not active.")
}
listeners, err := activation.Listeners()
@@ -70,17 +66,20 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
}
router := mux.NewRouter().UseEncodedPath()
+ idle := NewIdleTracker(duration)
+
server := APIServer{
Server: http.Server{
Handler: router,
ReadHeaderTimeout: 20 * time.Second,
IdleTimeout: duration,
+ ConnState: idle.ConnState,
+ ErrorLog: log.New(logrus.StandardLogger().Out, "", 0),
},
- Decoder: handlers.NewAPIDecoder(),
- Runtime: runtime,
- Listener: *listener,
- Duration: duration,
- ConnectionCh: make(chan int),
+ Decoder: handlers.NewAPIDecoder(),
+ idleTracker: idle,
+ Listener: *listener,
+ Runtime: runtime,
}
router.NotFoundHandler = http.HandlerFunc(
@@ -120,11 +119,11 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
router.Walk(func(route *mux.Route, r *mux.Router, ancestors []*mux.Route) error { // nolint
path, err := route.GetPathTemplate()
if err != nil {
- path = ""
+ path = "<N/A>"
}
methods, err := route.GetMethods()
if err != nil {
- methods = []string{}
+ methods = []string{"<N/A>"}
}
logrus.Debugf("Methods: %s Path: %s", strings.Join(methods, ", "), path)
return nil
@@ -136,24 +135,20 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
// Serve starts responding to HTTP requests
func (s *APIServer) Serve() error {
- // This is initialized here as Timer is not needed until Serve'ing
- if s.Duration > 0 {
- s.Timer = time.AfterFunc(s.Duration, func() {
- s.ConnectionCh <- NOOPHandler
- })
- go s.ReadChannelWithTimeout()
- } else {
- go s.ReadChannelNoTimeout()
- }
-
sigChan := make(chan os.Signal, 1)
signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
errChan := make(chan error, 1)
go func() {
+ <-s.idleTracker.Done()
+ logrus.Debugf("API Server idle for %v", s.idleTracker.Duration)
+ _ = s.Shutdown()
+ }()
+
+ go func() {
err := s.Server.Serve(s.Listener)
if err != nil && err != http.ErrServerClosed {
- errChan <- errors.Wrap(err, "Failed to start APIServer")
+ errChan <- errors.Wrap(err, "failed to start API server")
return
}
errChan <- nil
@@ -169,72 +164,30 @@ func (s *APIServer) Serve() error {
return nil
}
-func (s *APIServer) ReadChannelWithTimeout() {
- // stalker to count the connections. Should the timer expire it will shutdown the service.
- for delta := range s.ConnectionCh {
- switch delta {
- case EnterHandler:
- s.Timer.Stop()
- s.ActiveConnections += 1
- s.TotalConnections += 1
- case ExitHandler:
- s.Timer.Stop()
- s.ActiveConnections -= 1
- if s.ActiveConnections == 0 {
- // Server will be shutdown iff the timer expires before being reset or stopped
- s.Timer = time.AfterFunc(s.Duration, func() {
- if err := s.Shutdown(); err != nil {
- logrus.Errorf("Failed to shutdown APIServer: %v", err)
- os.Exit(1)
- }
- })
- } else {
- s.Timer.Reset(s.Duration)
- }
- case NOOPHandler:
- // push the check out another duration...
- s.Timer.Reset(s.Duration)
- default:
- logrus.Warnf("ConnectionCh received unsupported input %d", delta)
- }
- }
-}
-
-func (s *APIServer) ReadChannelNoTimeout() {
- // stalker to count the connections.
- for delta := range s.ConnectionCh {
- switch delta {
- case EnterHandler:
- s.ActiveConnections += 1
- s.TotalConnections += 1
- case ExitHandler:
- s.ActiveConnections -= 1
- case NOOPHandler:
- default:
- logrus.Warnf("ConnectionCh received unsupported input %d", delta)
- }
- }
-}
-
// Shutdown is a clean shutdown waiting on existing clients
func (s *APIServer) Shutdown() error {
+ if logrus.IsLevelEnabled(logrus.DebugLevel) {
+ _, file, line, _ := runtime.Caller(1)
+ logrus.Debugf("APIServer.Shutdown by %s:%d, %d/%d connection(s)",
+ file, line, s.idleTracker.ActiveConnections(), s.idleTracker.TotalConnections())
+ }
+
// Duration == 0 flags no auto-shutdown of the server
- if s.Duration == 0 {
+ if s.idleTracker.Duration == 0 {
logrus.Debug("APIServer.Shutdown ignored as Duration == 0")
return nil
}
- logrus.Debugf("APIServer.Shutdown called %v, conn %d/%d", time.Now(), s.ActiveConnections, s.TotalConnections)
- // Gracefully shutdown server
- ctx, cancel := context.WithTimeout(context.Background(), s.Duration)
+ // Gracefully shutdown server, duration of wait same as idle window
+ ctx, cancel := context.WithTimeout(context.Background(), s.idleTracker.Duration)
defer cancel()
-
go func() {
err := s.Server.Shutdown(ctx)
if err != nil && err != context.Canceled && err != http.ErrServerClosed {
logrus.Errorf("Failed to cleanly shutdown APIServer: %s", err.Error())
}
}()
+ <-ctx.Done()
return nil
}
@@ -242,3 +195,55 @@ func (s *APIServer) Shutdown() error {
func (s *APIServer) Close() error {
return s.Server.Close()
}
+
+type IdleTracker struct {
+ active map[net.Conn]struct{}
+ total int
+ mux sync.Mutex
+ timer *time.Timer
+ Duration time.Duration
+}
+
+func NewIdleTracker(idle time.Duration) *IdleTracker {
+ return &IdleTracker{
+ active: make(map[net.Conn]struct{}),
+ Duration: idle,
+ timer: time.NewTimer(idle),
+ }
+}
+
+func (t *IdleTracker) ConnState(conn net.Conn, state http.ConnState) {
+ t.mux.Lock()
+ defer t.mux.Unlock()
+
+ oldActive := len(t.active)
+ logrus.Debugf("IdleTracker %p:%v %d/%d connection(s)", conn, state, t.ActiveConnections(), t.TotalConnections())
+ switch state {
+ case http.StateNew, http.StateActive, http.StateHijacked:
+ t.active[conn] = struct{}{}
+ // stop the timer if we transitioned from idle
+ if oldActive == 0 {
+ t.timer.Stop()
+ }
+ t.total += 1
+ case http.StateIdle, http.StateClosed:
+ delete(t.active, conn)
+ // Restart the timer if we've become idle
+ if oldActive > 0 && len(t.active) == 0 {
+ t.timer.Stop()
+ t.timer.Reset(t.Duration)
+ }
+ }
+}
+
+func (t *IdleTracker) ActiveConnections() int {
+ return len(t.active)
+}
+
+func (t *IdleTracker) TotalConnections() int {
+ return t.total
+}
+
+func (t *IdleTracker) Done() <-chan time.Time {
+ return t.timer.C
+}
diff --git a/pkg/autoupdate/autoupdate.go b/pkg/autoupdate/autoupdate.go
index 7c243eb00..78d5ac474 100644
--- a/pkg/autoupdate/autoupdate.go
+++ b/pkg/autoupdate/autoupdate.go
@@ -201,18 +201,25 @@ func imageContainersMap(runtime *libpod.Runtime) (map[string][]*libpod.Container
if state != define.ContainerStateRunning {
continue
}
+
// Only update containers with the specific label/policy set.
labels := ctr.Labels()
- if value, exists := labels[Label]; exists {
- policy, err := LookupPolicy(value)
- if err != nil {
- errors = append(errors, err)
- continue
- }
- if policy != PolicyNewImage {
- continue
- }
+ value, exists := labels[Label]
+ if !exists {
+ continue
}
+
+ policy, err := LookupPolicy(value)
+ if err != nil {
+ errors = append(errors, err)
+ continue
+ }
+
+ // Skip non-image labels (could be explicitly disabled).
+ if policy != PolicyNewImage {
+ continue
+ }
+
// Now we know that `ctr` is configured for auto updates.
id, _ := ctr.Image()
imageMap[id] = append(imageMap[id], allContainers[i])
diff --git a/pkg/bindings/containers/containers.go b/pkg/bindings/containers/containers.go
index a188d73a0..e74a256c7 100644
--- a/pkg/bindings/containers/containers.go
+++ b/pkg/bindings/containers/containers.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/libpod/pkg/api/handlers"
"github.com/containers/libpod/pkg/bindings"
"github.com/containers/libpod/pkg/domain/entities"
+ "github.com/pkg/errors"
)
// List obtains a list of containers in local storage. All parameters to this method are optional.
@@ -59,10 +60,8 @@ func List(ctx context.Context, filters map[string][]string, all *bool, last *int
// used for more granular selection of containers. The main error returned indicates if there were runtime
// errors like finding containers. Errors specific to the removal of a container are in the PruneContainerResponse
// structure.
-func Prune(ctx context.Context, filters map[string][]string) ([]string, error) {
- var (
- pruneResponse []string
- )
+func Prune(ctx context.Context, filters map[string][]string) (*entities.ContainerPruneReport, error) {
+ var reports *entities.ContainerPruneReport
conn, err := bindings.GetClient(ctx)
if err != nil {
return nil, err
@@ -77,9 +76,9 @@ func Prune(ctx context.Context, filters map[string][]string) ([]string, error) {
}
response, err := conn.DoRequest(nil, http.MethodPost, "/containers/prune", params)
if err != nil {
- return pruneResponse, err
+ return nil, err
}
- return pruneResponse, response.Process(pruneResponse)
+ return reports, response.Process(&reports)
}
// Remove removes a container from local storage. The force bool designates
@@ -316,3 +315,21 @@ func Export(ctx context.Context, nameOrID string, w io.Writer) error {
}
return response.Process(nil)
}
+
+// ContainerInit takes a created container and executes all of the
+// preparations to run the container except it will not start
+// or attach to the container
+func ContainerInit(ctx context.Context, nameOrID string) error {
+ conn, err := bindings.GetClient(ctx)
+ if err != nil {
+ return err
+ }
+ response, err := conn.DoRequest(nil, http.MethodPost, "/containers/%s/init", nil, nameOrID)
+ if err != nil {
+ return err
+ }
+ if response.StatusCode == http.StatusNotModified {
+ return errors.Wrapf(define.ErrCtrStateInvalid, "container %s has already been created in runtime", nameOrID)
+ }
+ return response.Process(nil)
+}
diff --git a/pkg/bindings/containers/diff.go b/pkg/bindings/containers/diff.go
new file mode 100644
index 000000000..82070ca9a
--- /dev/null
+++ b/pkg/bindings/containers/diff.go
@@ -0,0 +1,24 @@
+package containers
+
+import (
+ "context"
+ "net/http"
+
+ "github.com/containers/libpod/pkg/bindings"
+ "github.com/containers/storage/pkg/archive"
+)
+
+// Diff provides the changes between two container layers
+func Diff(ctx context.Context, nameOrId string) ([]archive.Change, error) {
+ conn, err := bindings.GetClient(ctx)
+ if err != nil {
+ return nil, err
+ }
+
+ response, err := conn.DoRequest(nil, http.MethodGet, "/containers/%s/changes", nil, nameOrId)
+ if err != nil {
+ return nil, err
+ }
+ var changes []archive.Change
+ return changes, response.Process(&changes)
+}
diff --git a/pkg/bindings/images/diff.go b/pkg/bindings/images/diff.go
new file mode 100644
index 000000000..cfdd06a97
--- /dev/null
+++ b/pkg/bindings/images/diff.go
@@ -0,0 +1,24 @@
+package images
+
+import (
+ "context"
+ "net/http"
+
+ "github.com/containers/libpod/pkg/bindings"
+ "github.com/containers/storage/pkg/archive"
+)
+
+// Diff provides the changes between two container layers
+func Diff(ctx context.Context, nameOrId string) ([]archive.Change, error) {
+ conn, err := bindings.GetClient(ctx)
+ if err != nil {
+ return nil, err
+ }
+
+ response, err := conn.DoRequest(nil, http.MethodGet, "/images/%s/changes", nil, nameOrId)
+ if err != nil {
+ return nil, err
+ }
+ var changes []archive.Change
+ return changes, response.Process(&changes)
+}
diff --git a/pkg/bindings/images/images.go b/pkg/bindings/images/images.go
index 1b3df609b..3550c3968 100644
--- a/pkg/bindings/images/images.go
+++ b/pkg/bindings/images/images.go
@@ -2,7 +2,6 @@ package images
import (
"context"
- "errors"
"fmt"
"io"
"net/http"
@@ -13,6 +12,7 @@ import (
"github.com/containers/libpod/pkg/api/handlers"
"github.com/containers/libpod/pkg/bindings"
"github.com/containers/libpod/pkg/domain/entities"
+ "github.com/pkg/errors"
)
// Exists a lightweight way to determine if an image exists in local storage. It returns a
@@ -308,3 +308,34 @@ func Push(ctx context.Context, source string, destination string, options entiti
_, err = conn.DoRequest(nil, http.MethodPost, path, params)
return err
}
+
+// Search is the binding for libpod's v2 endpoints for Search images.
+func Search(ctx context.Context, term string, opts entities.ImageSearchOptions) ([]entities.ImageSearchReport, error) {
+ conn, err := bindings.GetClient(ctx)
+ if err != nil {
+ return nil, err
+ }
+ params := url.Values{}
+ params.Set("term", term)
+ params.Set("limit", strconv.Itoa(opts.Limit))
+ for _, f := range opts.Filters {
+ params.Set("filters", f)
+ }
+
+ if opts.TLSVerify != types.OptionalBoolUndefined {
+ val := bool(opts.TLSVerify == types.OptionalBoolTrue)
+ params.Set("tlsVerify", strconv.FormatBool(val))
+ }
+
+ response, err := conn.DoRequest(nil, http.MethodGet, "/images/search", params)
+ if err != nil {
+ return nil, err
+ }
+
+ results := []entities.ImageSearchReport{}
+ if err := response.Process(&results); err != nil {
+ return nil, err
+ }
+
+ return results, nil
+}
diff --git a/pkg/bindings/images/search.go b/pkg/bindings/images/search.go
deleted file mode 100644
index 183ff3d77..000000000
--- a/pkg/bindings/images/search.go
+++ /dev/null
@@ -1,41 +0,0 @@
-package images
-
-import (
- "context"
- "net/http"
- "net/url"
- "strconv"
-
- "github.com/containers/libpod/libpod/image"
- "github.com/containers/libpod/pkg/bindings"
-)
-
-// Search looks for the given image (term) in container image registries. The optional limit parameter sets
-// a maximum number of results returned. The optional filters parameter allow for more specific image
-// searches.
-func Search(ctx context.Context, term string, limit *int, filters map[string][]string) ([]image.SearchResult, error) {
- var (
- searchResults []image.SearchResult
- )
- conn, err := bindings.GetClient(ctx)
- if err != nil {
- return nil, err
- }
- params := url.Values{}
- params.Set("term", term)
- if limit != nil {
- params.Set("limit", strconv.Itoa(*limit))
- }
- if filters != nil {
- stringFilter, err := bindings.FiltersToString(filters)
- if err != nil {
- return nil, err
- }
- params.Set("filters", stringFilter)
- }
- response, err := conn.DoRequest(nil, http.MethodGet, "/images/search", params)
- if err != nil {
- return searchResults, nil
- }
- return searchResults, response.Process(&searchResults)
-}
diff --git a/pkg/bindings/system/info.go b/pkg/bindings/system/info.go
index f8269cfd8..13e12645d 100644
--- a/pkg/bindings/system/info.go
+++ b/pkg/bindings/system/info.go
@@ -9,15 +9,15 @@ import (
)
// Info returns information about the libpod environment and its stores
-func Info(ctx context.Context) (define.Info, error) {
+func Info(ctx context.Context) (*define.Info, error) {
info := define.Info{}
conn, err := bindings.GetClient(ctx)
if err != nil {
- return info, err
+ return nil, err
}
response, err := conn.DoRequest(nil, http.MethodGet, "/info", nil)
if err != nil {
- return info, err
+ return nil, err
}
- return info, response.Process(&info)
+ return &info, response.Process(&info)
}
diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go
index a31181958..e288dc368 100644
--- a/pkg/bindings/test/containers_test.go
+++ b/pkg/bindings/test/containers_test.go
@@ -410,4 +410,190 @@ var _ = Describe("Podman containers ", func() {
_, err = containers.Top(bt.conn, cid, []string{"Me,Neither"})
Expect(err).To(BeNil())
})
+
+ It("podman bogus container does not exist in local storage", func() {
+ // Bogus container existence check should fail
+ containerExists, err := containers.Exists(bt.conn, "foobar")
+ Expect(err).To(BeNil())
+ Expect(containerExists).To(BeFalse())
+ })
+
+ It("podman container exists in local storage by name", func() {
+ // Container existence check by name should work
+ var name = "top"
+ _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ containerExists, err := containers.Exists(bt.conn, name)
+ Expect(err).To(BeNil())
+ Expect(containerExists).To(BeTrue())
+ })
+
+ It("podman container exists in local storage by ID", func() {
+ // Container existence check by ID should work
+ var name = "top"
+ cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ containerExists, err := containers.Exists(bt.conn, cid)
+ Expect(err).To(BeNil())
+ Expect(containerExists).To(BeTrue())
+ })
+
+ It("podman container exists in local storage by short ID", func() {
+ // Container existence check by short ID should work
+ var name = "top"
+ cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ containerExists, err := containers.Exists(bt.conn, cid[0:12])
+ Expect(err).To(BeNil())
+ Expect(containerExists).To(BeTrue())
+ })
+
+ It("podman kill bogus container", func() {
+ // Killing bogus container should return 404
+ err := containers.Kill(bt.conn, "foobar", "SIGTERM")
+ Expect(err).ToNot(BeNil())
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusNotFound))
+ })
+
+ It("podman kill a running container by name with SIGINT", func() {
+ // Killing a running container should work
+ var name = "top"
+ _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ err = containers.Kill(bt.conn, name, "SIGINT")
+ Expect(err).To(BeNil())
+ _, err = containers.Exists(bt.conn, name)
+ Expect(err).To(BeNil())
+ })
+
+ It("podman kill a running container by ID with SIGTERM", func() {
+ // Killing a running container by ID should work
+ var name = "top"
+ cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ err = containers.Kill(bt.conn, cid, "SIGTERM")
+ Expect(err).To(BeNil())
+ _, err = containers.Exists(bt.conn, cid)
+ Expect(err).To(BeNil())
+ })
+
+ It("podman kill a running container by ID with SIGKILL", func() {
+ // Killing a running container by ID with TERM should work
+ var name = "top"
+ cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ err = containers.Kill(bt.conn, cid, "SIGKILL")
+ Expect(err).To(BeNil())
+ })
+
+ It("podman kill a running container by bogus signal", func() {
+ //Killing a running container by bogus signal should fail
+ var name = "top"
+ cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ err = containers.Kill(bt.conn, cid, "foobar")
+ Expect(err).ToNot(BeNil())
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusInternalServerError))
+ })
+
+ It("podman kill latest container with SIGTERM", func() {
+ // Killing latest container should work
+ var name1 = "first"
+ var name2 = "second"
+ var latestContainers = 1
+ _, err := bt.RunTopContainer(&name1, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ _, err = bt.RunTopContainer(&name2, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ containerLatestList, err := containers.List(bt.conn, nil, nil, &latestContainers, nil, nil, nil)
+ Expect(err).To(BeNil())
+ err = containers.Kill(bt.conn, containerLatestList[0].Names[0], "SIGTERM")
+ Expect(err).To(BeNil())
+ })
+
+ It("container init on a bogus container", func() {
+ err := containers.ContainerInit(bt.conn, "doesnotexist")
+ Expect(err).ToNot(BeNil())
+ code, _ := bindings.CheckResponseCode(err)
+ Expect(code).To(BeNumerically("==", http.StatusNotFound))
+ })
+
+ It("container init", func() {
+ s := specgen.NewSpecGenerator(alpine.name)
+ ctr, err := containers.CreateWithSpec(bt.conn, s)
+ Expect(err).To(BeNil())
+ err = containers.ContainerInit(bt.conn, ctr.ID)
+ Expect(err).To(BeNil())
+ // trying to init again should be an error
+ err = containers.ContainerInit(bt.conn, ctr.ID)
+ Expect(err).ToNot(BeNil())
+ })
+
+ It("podman prune stoped containers", func() {
+ // Start and stop a container to enter in exited state.
+ var name = "top"
+ _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ err = containers.Stop(bt.conn, name, nil)
+ Expect(err).To(BeNil())
+
+ // Prune container should return no errors and one pruned container ID.
+ pruneResponse, err := containers.Prune(bt.conn, nil)
+ Expect(err).To(BeNil())
+ Expect(len(pruneResponse.Err)).To(Equal(0))
+ Expect(len(pruneResponse.ID)).To(Equal(1))
+ })
+
+ It("podman prune stoped containers with filters", func() {
+ // Start and stop a container to enter in exited state.
+ var name = "top"
+ _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+ err = containers.Stop(bt.conn, name, nil)
+ Expect(err).To(BeNil())
+
+ // Invalid filter keys should return error.
+ filtersIncorrect := map[string][]string{
+ "status": {"dummy"},
+ }
+ pruneResponse, err := containers.Prune(bt.conn, filtersIncorrect)
+ Expect(err).ToNot(BeNil())
+
+ // Mismatched filter params no container should be pruned.
+ filtersIncorrect = map[string][]string{
+ "name": {"r"},
+ }
+ pruneResponse, err = containers.Prune(bt.conn, filtersIncorrect)
+ Expect(err).To(BeNil())
+ Expect(len(pruneResponse.Err)).To(Equal(0))
+ Expect(len(pruneResponse.ID)).To(Equal(0))
+
+ // Valid filter params container should be pruned now.
+ filters := map[string][]string{
+ "name": {"top"},
+ }
+ pruneResponse, err = containers.Prune(bt.conn, filters)
+ Expect(err).To(BeNil())
+ Expect(len(pruneResponse.Err)).To(Equal(0))
+ Expect(len(pruneResponse.ID)).To(Equal(1))
+ })
+
+ It("podman prune running containers", func() {
+ // Start the container.
+ var name = "top"
+ _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil)
+ Expect(err).To(BeNil())
+
+ // Check if the container is running.
+ data, err := containers.Inspect(bt.conn, name, nil)
+ Expect(err).To(BeNil())
+ Expect(data.State.Status).To(Equal("running"))
+
+ // Prune. Should return no error no prune response ID.
+ pruneResponse, err := containers.Prune(bt.conn, nil)
+ Expect(err).To(BeNil())
+ Expect(len(pruneResponse.ID)).To(Equal(0))
+ })
})
diff --git a/pkg/bindings/test/images_test.go b/pkg/bindings/test/images_test.go
index 992720196..58210efd0 100644
--- a/pkg/bindings/test/images_test.go
+++ b/pkg/bindings/test/images_test.go
@@ -314,11 +314,11 @@ var _ = Describe("Podman images", func() {
})
It("Search for an image", func() {
- imgs, err := images.Search(bt.conn, "alpine", nil, nil)
+ reports, err := images.Search(bt.conn, "alpine", entities.ImageSearchOptions{})
Expect(err).To(BeNil())
- Expect(len(imgs)).To(BeNumerically(">", 1))
+ Expect(len(reports)).To(BeNumerically(">", 1))
var foundAlpine bool
- for _, i := range imgs {
+ for _, i := range reports {
if i.Name == "docker.io/library/alpine" {
foundAlpine = true
break
@@ -327,23 +327,20 @@ var _ = Describe("Podman images", func() {
Expect(foundAlpine).To(BeTrue())
// Search for alpine with a limit of 10
- ten := 10
- imgs, err = images.Search(bt.conn, "docker.io/alpine", &ten, nil)
+ reports, err = images.Search(bt.conn, "docker.io/alpine", entities.ImageSearchOptions{Limit: 10})
Expect(err).To(BeNil())
- Expect(len(imgs)).To(BeNumerically("<=", 10))
+ Expect(len(reports)).To(BeNumerically("<=", 10))
// Search for alpine with stars greater than 100
- filters := make(map[string][]string)
- filters["stars"] = []string{"100"}
- imgs, err = images.Search(bt.conn, "docker.io/alpine", nil, filters)
+ reports, err = images.Search(bt.conn, "docker.io/alpine", entities.ImageSearchOptions{Filters: []string{"stars=100"}})
Expect(err).To(BeNil())
- for _, i := range imgs {
+ for _, i := range reports {
Expect(i.Stars).To(BeNumerically(">=", 100))
}
// Search with a fqdn
- imgs, err = images.Search(bt.conn, "quay.io/libpod/alpine_nginx", nil, nil)
- Expect(len(imgs)).To(BeNumerically(">=", 1))
+ reports, err = images.Search(bt.conn, "quay.io/libpod/alpine_nginx", entities.ImageSearchOptions{})
+ Expect(len(reports)).To(BeNumerically(">=", 1))
})
It("Prune images", func() {
diff --git a/pkg/cgroups/pids.go b/pkg/cgroups/pids.go
index 65b9b5b34..b2bfebe4d 100644
--- a/pkg/cgroups/pids.go
+++ b/pkg/cgroups/pids.go
@@ -44,8 +44,12 @@ func (c *pidHandler) Destroy(ctr *CgroupControl) error {
// Stat fills a metrics structure with usage stats for the controller
func (c *pidHandler) Stat(ctr *CgroupControl, m *Metrics) error {
- var PIDRoot string
+ if ctr.path == "" {
+ // nothing we can do to retrieve the pids.current path
+ return nil
+ }
+ var PIDRoot string
if ctr.cgroup2 {
PIDRoot = filepath.Join(cgroupRoot, ctr.path)
} else {
diff --git a/pkg/domain/entities/container_ps.go b/pkg/domain/entities/container_ps.go
index ceafecebc..33f5d0500 100644
--- a/pkg/domain/entities/container_ps.go
+++ b/pkg/domain/entities/container_ps.go
@@ -4,8 +4,8 @@ import (
"sort"
"strings"
- "github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/pkg/ps/define"
"github.com/cri-o/ocicni/pkg/ocicni"
"github.com/pkg/errors"
)
@@ -48,7 +48,7 @@ type ListContainer struct {
// Port mappings
Ports []ocicni.PortMapping
// Size of the container rootfs. Requires the size boolean to be true
- Size *shared.ContainerSize
+ Size *define.ContainerSize
// Time when container started
StartedAt int64
// State of container
diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go
index 5d302058b..52327a905 100644
--- a/pkg/domain/entities/containers.go
+++ b/pkg/domain/entities/containers.go
@@ -2,6 +2,7 @@ package entities
import (
"io"
+ "net/url"
"os"
"time"
@@ -172,6 +173,26 @@ type AttachOptions struct {
Stderr *os.File
}
+// ContainerLogsOptions describes the options to extract container logs.
+type ContainerLogsOptions struct {
+ // Show extra details provided to the logs.
+ Details bool
+ // Follow the log output.
+ Follow bool
+ // Display logs for the latest container only. Ignored on the remote client.
+ Latest bool
+ // Show container names in the output.
+ Names bool
+ // Show logs since this timestamp.
+ Since time.Time
+ // Number of lines to display at the end of the output.
+ Tail int64
+ // Show timestamps in the logs.
+ Timestamps bool
+ // Write the logs to Writer.
+ Writer io.Writer
+}
+
// ExecOptions describes the cli values to exec into
// a container
type ExecOptions struct {
@@ -240,8 +261,83 @@ type ContainerRunOptions struct {
}
// ContainerRunReport describes the results of running
-//a container
+// a container
type ContainerRunReport struct {
ExitCode int
Id string
}
+
+// ContainerCleanupOptions are the CLI values for the
+// cleanup command
+type ContainerCleanupOptions struct {
+ All bool
+ Latest bool
+ Remove bool
+ RemoveImage bool
+}
+
+// ContainerCleanupReport describes the response from a
+// container cleanup
+type ContainerCleanupReport struct {
+ CleanErr error
+ Id string
+ RmErr error
+ RmiErr error
+}
+
+// ContainerInitOptions describes input options
+// for the container init cli
+type ContainerInitOptions struct {
+ All bool
+ Latest bool
+}
+
+// ContainerInitReport describes the results of a
+// container init
+type ContainerInitReport struct {
+ Err error
+ Id string
+}
+
+//ContainerMountOptions describes the input values for mounting containers
+// in the CLI
+type ContainerMountOptions struct {
+ All bool
+ Format string
+ Latest bool
+ NoTruncate bool
+}
+
+// ContainerUnmountOptions are the options from the cli for unmounting
+type ContainerUnmountOptions struct {
+ All bool
+ Force bool
+ Latest bool
+}
+
+// ContainerMountReport describes the response from container mount
+type ContainerMountReport struct {
+ Err error
+ Id string
+ Name string
+ Path string
+}
+
+// ContainerUnmountReport describes the response from umounting a container
+type ContainerUnmountReport struct {
+ Err error
+ Id string
+}
+
+// ContainerPruneOptions describes the options needed
+// to prune a container from the CLI
+type ContainerPruneOptions struct {
+ Filters url.Values `json:"filters" schema:"filters"`
+}
+
+// ContainerPruneReport describes the results after pruning the
+// stopped containers.
+type ContainerPruneReport struct {
+ ID map[string]int64
+ Err map[string]error
+}
diff --git a/pkg/domain/entities/engine.go b/pkg/domain/entities/engine.go
index c14348529..3b971a1e8 100644
--- a/pkg/domain/entities/engine.go
+++ b/pkg/domain/entities/engine.go
@@ -1,13 +1,23 @@
package entities
import (
- "os/user"
- "path/filepath"
+ "context"
+ "fmt"
+ "io"
+ "os"
+ "github.com/containers/buildah/pkg/parse"
"github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/sysinfo"
+ "github.com/containers/libpod/pkg/apparmor"
+ "github.com/containers/libpod/pkg/cgroups"
+ "github.com/containers/libpod/pkg/rootless"
+ "github.com/opencontainers/selinux/go-selinux"
+ "github.com/opentracing/opentracing-go"
"github.com/spf13/pflag"
)
+// EngineMode is the connection type podman is using to access libpod
type EngineMode string
const (
@@ -15,78 +25,243 @@ const (
TunnelMode = EngineMode("tunnel")
)
+// Convert EngineMode to String
func (m EngineMode) String() string {
return string(m)
}
-type EngineOptions struct {
- Uri string
- Identities []string
- FlagSet *pflag.FlagSet
- EngineMode EngineMode
-
- CGroupManager string
- CniConfigDir string
- ConmonPath string
- DefaultMountsFile string
- EventsBackend string
- HooksDir []string
- MaxWorks int
- Namespace string
- Root string
- Runroot string
- Runtime string
- StorageDriver string
- StorageOpts []string
- Syslog bool
- Trace bool
- NetworkCmdPath string
-
- Config string
- CpuProfile string
- LogLevel string
- TmpDir string
-
- RemoteUserName string
- RemoteHost string
- VarlinkAddress string
- ConnectionName string
- RemoteConfigFilePath string
- Port int
- IdentityFile string
- IgnoreHosts bool
-}
-
-func NewEngineOptions() (EngineOptions, error) {
- u, _ := user.Current()
- return EngineOptions{
- CGroupManager: config.SystemdCgroupsManager,
- CniConfigDir: "",
- Config: "",
- ConmonPath: filepath.Join("usr", "bin", "conmon"),
- ConnectionName: "",
- CpuProfile: "",
- DefaultMountsFile: "",
- EventsBackend: "",
- HooksDir: nil,
- IdentityFile: "",
- IgnoreHosts: false,
- LogLevel: "",
- MaxWorks: 0,
- Namespace: "",
- NetworkCmdPath: "",
- Port: 0,
- RemoteConfigFilePath: "",
- RemoteHost: "",
- RemoteUserName: "",
- Root: "",
- Runroot: filepath.Join("run", "user", u.Uid),
- Runtime: "",
- StorageDriver: "overlayfs",
- StorageOpts: nil,
- Syslog: false,
- TmpDir: filepath.Join("run", "user", u.Uid, "libpod", "tmp"),
- Trace: false,
- VarlinkAddress: "",
- }, nil
+// PodmanConfig combines the defaults and settings from the file system with the
+// flags given in os.Args. Some runtime state is also stored here.
+type PodmanConfig struct {
+ *config.Config
+ *pflag.FlagSet
+
+ CGroupUsage string // rootless code determines Usage message
+ ConmonPath string // --conmon flag will set Engine.ConmonPath
+ CpuProfile string // Hidden: Should CPU profile be taken
+ EngineMode EngineMode // ABI or Tunneling mode
+ Identities []string // ssh identities for connecting to server
+ MaxWorks int // maximum number of parallel threads
+ RuntimePath string // --runtime flag will set Engine.RuntimePath
+ SpanCloser io.Closer // Close() for tracing object
+ SpanCtx context.Context // context to use when tracing
+ Span opentracing.Span // tracing object
+ Syslog bool // write to StdOut and Syslog, not supported when tunneling
+ Trace bool // Hidden: Trace execution
+ Uri string // URI to API Service
+
+ Runroot string
+ StorageDriver string
+ StorageOpts []string
+}
+
+// DefaultSecurityOptions: getter for security options from configuration
+func (c PodmanConfig) DefaultSecurityOptions() []string {
+ securityOpts := []string{}
+ if c.Containers.SeccompProfile != "" && c.Containers.SeccompProfile != parse.SeccompDefaultPath {
+ securityOpts = append(securityOpts, fmt.Sprintf("seccomp=%s", c.Containers.SeccompProfile))
+ }
+ if apparmor.IsEnabled() && c.Containers.ApparmorProfile != "" {
+ securityOpts = append(securityOpts, fmt.Sprintf("apparmor=%s", c.Containers.ApparmorProfile))
+ }
+ if selinux.GetEnabled() && !c.Containers.EnableLabeling {
+ securityOpts = append(securityOpts, fmt.Sprintf("label=%s", selinux.DisableSecOpt()[0]))
+ }
+ return securityOpts
+}
+
+// DefaultSysctls
+func (c PodmanConfig) DefaultSysctls() []string {
+ return c.Containers.DefaultSysctls
+}
+
+func (c PodmanConfig) DefaultVolumes() []string {
+ return c.Containers.Volumes
+}
+
+func (c PodmanConfig) DefaultDevices() []string {
+ return c.Containers.Devices
+}
+
+func (c PodmanConfig) DefaultDNSServers() []string {
+ return c.Containers.DNSServers
+}
+
+func (c PodmanConfig) DefaultDNSSearches() []string {
+ return c.Containers.DNSSearches
+}
+
+func (c PodmanConfig) DefaultDNSOptions() []string {
+ return c.Containers.DNSOptions
+}
+
+func (c PodmanConfig) DefaultEnv() []string {
+ return c.Containers.Env
+}
+
+func (c PodmanConfig) DefaultInitPath() string {
+ return c.Containers.InitPath
+}
+
+func (c PodmanConfig) DefaultIPCNS() string {
+ return c.Containers.IPCNS
}
+
+func (c PodmanConfig) DefaultPidNS() string {
+ return c.Containers.PidNS
+}
+
+func (c PodmanConfig) DefaultNetNS() string {
+ if c.Containers.NetNS == "private" && rootless.IsRootless() {
+ return "slirp4netns"
+ }
+ return c.Containers.NetNS
+}
+
+func (c PodmanConfig) DefaultCgroupNS() string {
+ return c.Containers.CgroupNS
+}
+
+func (c PodmanConfig) DefaultUTSNS() string {
+ return c.Containers.UTSNS
+}
+
+func (c PodmanConfig) DefaultShmSize() string {
+ return c.Containers.ShmSize
+}
+
+func (c PodmanConfig) DefaultUlimits() []string {
+ return c.Containers.DefaultUlimits
+}
+
+func (c PodmanConfig) DefaultUserNS() string {
+ if v, found := os.LookupEnv("PODMAN_USERNS"); found {
+ return v
+ }
+ return c.Containers.UserNS
+}
+
+func (c PodmanConfig) DefaultPidsLimit() int64 {
+ if rootless.IsRootless() {
+ cgroup2, _ := cgroups.IsCgroup2UnifiedMode()
+ if cgroup2 {
+ return c.Containers.PidsLimit
+ }
+ }
+ return sysinfo.GetDefaultPidsLimit()
+}
+
+func (c PodmanConfig) DefaultPidsDescription() string {
+ return "Tune container pids limit (set 0 for unlimited)"
+}
+
+func (c PodmanConfig) DefaultDetachKeys() string {
+ return c.Engine.DetachKeys
+}
+
+// TODO: Remove in rootless support PR
+// // EngineOptions holds the environment for running the engines
+// type EngineOptions struct {
+// // Introduced with V2
+// Uri string
+// Identities []string
+// FlagSet *pflag.FlagSet
+// EngineMode EngineMode
+// CGroupUsage string
+//
+// // Introduced with V1
+// CGroupManager string // config.EngineConfig
+// CniConfigDir string // config.NetworkConfig.NetworkConfigDir
+// ConmonPath string // config.EngineConfig
+// DefaultMountsFile string // config.ContainersConfig
+// EventsBackend string // config.EngineConfig.EventsLogger
+// HooksDir []string // config.EngineConfig
+// MaxWorks int
+// Namespace string // config.EngineConfig
+// Root string //
+// Runroot string // config.EngineConfig.StorageConfigRunRootSet??
+// Runtime string // config.EngineConfig.OCIRuntime
+// StorageDriver string // config.EngineConfig.StorageConfigGraphDriverNameSet??
+// StorageOpts []string
+// Syslog bool
+// Trace bool
+// NetworkCmdPath string // config.EngineConfig
+//
+// Config string
+// CpuProfile string
+// LogLevel string
+// TmpDir string // config.EngineConfig
+//
+// RemoteUserName string // deprecated
+// RemoteHost string // deprecated
+// VarlinkAddress string // deprecated
+// ConnectionName string
+// RemoteConfigFilePath string
+// Port int // deprecated
+// IdentityFile string // deprecated
+// IgnoreHosts bool
+// }
+//
+// func NewEngineOptions(opts EngineOptions) (EngineOptions, error) {
+// ctnrCfg, err := config.Default()
+// if err != nil {
+// logrus.Error(err)
+// os.Exit(1)
+// }
+//
+// cgroupManager := ctnrCfg.Engine.CgroupManager
+// cgroupUsage := `Cgroup manager to use ("cgroupfs"|"systemd")`
+// cgroupv2, _ := cgroups.IsCgroup2UnifiedMode()
+// cniPluginDir := ctnrCfg.Network.CNIPluginDirs[0]
+//
+// cfg, err := config.NewConfig("")
+// if err != nil {
+// logrus.Errorf("Error loading container config %v\n", err)
+// os.Exit(1)
+// }
+// cfg.CheckCgroupsAndAdjustConfig()
+//
+// if rootless.IsRootless() {
+// if !cgroupv2 {
+// cgroupManager = ""
+// cgroupUsage = "Cgroup manager is not supported in rootless mode"
+// }
+// cniPluginDir = ""
+// }
+//
+// return EngineOptions{
+// CGroupManager: cgroupManager,
+// CGroupUsage: cgroupUsage,
+// CniConfigDir: cniPluginDir,
+// Config: opts.Config, // TODO: deprecate
+// ConmonPath: opts.ConmonPath,
+// ConnectionName: opts.ConnectionName,
+// CpuProfile: opts.CpuProfile,
+// DefaultMountsFile: ctnrCfg.Containers.DefaultMountsFile,
+// EngineMode: opts.EngineMode,
+// EventsBackend: ctnrCfg.Engine.EventsLogger,
+// FlagSet: opts.FlagSet, // TODO: deprecate
+// HooksDir: append(ctnrCfg.Engine.HooksDir[:0:0], ctnrCfg.Engine.HooksDir...),
+// Identities: append(opts.Identities[:0:0], opts.Identities...),
+// IdentityFile: opts.IdentityFile, // TODO: deprecate
+// IgnoreHosts: opts.IgnoreHosts,
+// LogLevel: opts.LogLevel,
+// MaxWorks: opts.MaxWorks,
+// Namespace: ctnrCfg.Engine.Namespace,
+// NetworkCmdPath: ctnrCfg.Engine.NetworkCmdPath,
+// Port: opts.Port,
+// RemoteConfigFilePath: opts.RemoteConfigFilePath,
+// RemoteHost: opts.RemoteHost, // TODO: deprecate
+// RemoteUserName: opts.RemoteUserName, // TODO: deprecate
+// Root: opts.Root,
+// Runroot: opts.Runroot,
+// Runtime: opts.Runtime,
+// StorageDriver: opts.StorageDriver,
+// StorageOpts: append(opts.StorageOpts[:0:0], opts.StorageOpts...),
+// Syslog: opts.Syslog,
+// TmpDir: opts.TmpDir,
+// Trace: opts.Trace,
+// Uri: opts.Uri,
+// VarlinkAddress: opts.VarlinkAddress,
+// }, nil
+// }
diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go
index 576ce1658..c3092a98a 100644
--- a/pkg/domain/entities/engine_container.go
+++ b/pkg/domain/entities/engine_container.go
@@ -3,35 +3,46 @@ package entities
import (
"context"
+ "github.com/containers/common/pkg/config"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/specgen"
)
type ContainerEngine interface {
+ Config(ctx context.Context) (*config.Config, error)
ContainerAttach(ctx context.Context, nameOrId string, options AttachOptions) error
- ContainerCommit(ctx context.Context, nameOrId string, options CommitOptions) (*CommitReport, error)
ContainerCheckpoint(ctx context.Context, namesOrIds []string, options CheckpointOptions) ([]*CheckpointReport, error)
- ContainerRestore(ctx context.Context, namesOrIds []string, options RestoreOptions) ([]*RestoreReport, error)
+ ContainerCleanup(ctx context.Context, namesOrIds []string, options ContainerCleanupOptions) ([]*ContainerCleanupReport, error)
+ ContainerPrune(ctx context.Context, options ContainerPruneOptions) (*ContainerPruneReport, error)
+ ContainerCommit(ctx context.Context, nameOrId string, options CommitOptions) (*CommitReport, error)
ContainerCreate(ctx context.Context, s *specgen.SpecGenerator) (*ContainerCreateReport, error)
+ ContainerDiff(ctx context.Context, nameOrId string, options DiffOptions) (*DiffReport, error)
ContainerExec(ctx context.Context, nameOrId string, options ExecOptions) (int, error)
ContainerExists(ctx context.Context, nameOrId string) (*BoolReport, error)
- ContainerInspect(ctx context.Context, namesOrIds []string, options InspectOptions) ([]*ContainerInspectReport, error)
ContainerExport(ctx context.Context, nameOrId string, options ContainerExportOptions) error
+ ContainerInit(ctx context.Context, namesOrIds []string, options ContainerInitOptions) ([]*ContainerInitReport, error)
+ ContainerInspect(ctx context.Context, namesOrIds []string, options InspectOptions) ([]*ContainerInspectReport, error)
ContainerKill(ctx context.Context, namesOrIds []string, options KillOptions) ([]*KillReport, error)
- ContainerPause(ctx context.Context, namesOrIds []string, options PauseUnPauseOptions) ([]*PauseUnpauseReport, error)
ContainerList(ctx context.Context, options ContainerListOptions) ([]ListContainer, error)
+ ContainerMount(ctx context.Context, nameOrIds []string, options ContainerMountOptions) ([]*ContainerMountReport, error)
+ ContainerPause(ctx context.Context, namesOrIds []string, options PauseUnPauseOptions) ([]*PauseUnpauseReport, error)
+ ContainerLogs(ctx context.Context, containers []string, options ContainerLogsOptions) error
ContainerRestart(ctx context.Context, namesOrIds []string, options RestartOptions) ([]*RestartReport, error)
+ ContainerRestore(ctx context.Context, namesOrIds []string, options RestoreOptions) ([]*RestoreReport, error)
ContainerRm(ctx context.Context, namesOrIds []string, options RmOptions) ([]*RmReport, error)
- ContainerStart(ctx context.Context, namesOrIds []string, options ContainerStartOptions) ([]*ContainerStartReport, error)
ContainerRun(ctx context.Context, opts ContainerRunOptions) (*ContainerRunReport, error)
+ ContainerStart(ctx context.Context, namesOrIds []string, options ContainerStartOptions) ([]*ContainerStartReport, error)
ContainerStop(ctx context.Context, namesOrIds []string, options StopOptions) ([]*StopReport, error)
ContainerTop(ctx context.Context, options TopOptions) (*StringSliceReport, error)
+ ContainerUnmount(ctx context.Context, nameOrIds []string, options ContainerUnmountOptions) ([]*ContainerUnmountReport, error)
ContainerUnpause(ctx context.Context, namesOrIds []string, options PauseUnPauseOptions) ([]*PauseUnpauseReport, error)
ContainerWait(ctx context.Context, namesOrIds []string, options WaitOptions) ([]WaitReport, error)
+ Events(ctx context.Context, opts EventsOptions) error
HealthCheckRun(ctx context.Context, nameOrId string, options HealthCheckOptions) (*define.HealthCheckResults, error)
-
+ Info(ctx context.Context) (*define.Info, error)
PodCreate(ctx context.Context, opts PodCreateOptions) (*PodCreateReport, error)
PodExists(ctx context.Context, nameOrId string) (*BoolReport, error)
+ PodInspect(ctx context.Context, options PodInspectOptions) (*PodInspectReport, error)
PodKill(ctx context.Context, namesOrIds []string, options PodKillOptions) ([]*PodKillReport, error)
PodPause(ctx context.Context, namesOrIds []string, options PodPauseOptions) ([]*PodPauseReport, error)
PodPs(ctx context.Context, options PodPSOptions) ([]*ListPodsReport, error)
@@ -41,8 +52,8 @@ type ContainerEngine interface {
PodStop(ctx context.Context, namesOrIds []string, options PodStopOptions) ([]*PodStopReport, error)
PodTop(ctx context.Context, options PodTopOptions) (*StringSliceReport, error)
PodUnpause(ctx context.Context, namesOrIds []string, options PodunpauseOptions) ([]*PodUnpauseReport, error)
- PodInspect(ctx context.Context, options PodInspectOptions) (*PodInspectReport, error)
-
+ RestService(ctx context.Context, opts ServiceOptions) error
+ VarlinkService(ctx context.Context, opts ServiceOptions) error
VolumeCreate(ctx context.Context, opts VolumeCreateOptions) (*IdOrNameResponse, error)
VolumeInspect(ctx context.Context, namesOrIds []string, opts VolumeInspectOptions) ([]*VolumeInspectReport, error)
VolumeList(ctx context.Context, opts VolumeListOptions) ([]*VolumeListReport, error)
diff --git a/pkg/domain/entities/engine_image.go b/pkg/domain/entities/engine_image.go
index a28bfc548..3a051ab9b 100644
--- a/pkg/domain/entities/engine_image.go
+++ b/pkg/domain/entities/engine_image.go
@@ -2,20 +2,25 @@ package entities
import (
"context"
+
+ "github.com/containers/common/pkg/config"
)
type ImageEngine interface {
+ Config(ctx context.Context) (*config.Config, error)
Delete(ctx context.Context, nameOrId []string, opts ImageDeleteOptions) (*ImageDeleteReport, error)
+ Diff(ctx context.Context, nameOrId string, options DiffOptions) (*DiffReport, error)
Exists(ctx context.Context, nameOrId string) (*BoolReport, error)
History(ctx context.Context, nameOrId string, opts ImageHistoryOptions) (*ImageHistoryReport, error)
+ Import(ctx context.Context, opts ImageImportOptions) (*ImageImportReport, error)
Inspect(ctx context.Context, names []string, opts InspectOptions) (*ImageInspectReport, error)
List(ctx context.Context, opts ImageListOptions) ([]*ImageSummary, error)
+ Load(ctx context.Context, opts ImageLoadOptions) (*ImageLoadReport, error)
Prune(ctx context.Context, opts ImagePruneOptions) (*ImagePruneReport, error)
Pull(ctx context.Context, rawImage string, opts ImagePullOptions) (*ImagePullReport, error)
- Tag(ctx context.Context, nameOrId string, tags []string, options ImageTagOptions) error
- Untag(ctx context.Context, nameOrId string, tags []string, options ImageUntagOptions) error
- Load(ctx context.Context, opts ImageLoadOptions) (*ImageLoadReport, error)
- Import(ctx context.Context, opts ImageImportOptions) (*ImageImportReport, error)
Push(ctx context.Context, source string, destination string, opts ImagePushOptions) error
Save(ctx context.Context, nameOrId string, tags []string, options ImageSaveOptions) error
+ Tag(ctx context.Context, nameOrId string, tags []string, options ImageTagOptions) error
+ Untag(ctx context.Context, nameOrId string, tags []string, options ImageUntagOptions) error
+ Search(ctx context.Context, term string, opts ImageSearchOptions) ([]ImageSearchReport, error)
}
diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go
index bc8a34c13..78ebb8805 100644
--- a/pkg/domain/entities/images.go
+++ b/pkg/domain/entities/images.go
@@ -2,6 +2,7 @@ package entities
import (
"net/url"
+ "time"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/types"
@@ -99,12 +100,12 @@ type ImageDeleteReport struct {
type ImageHistoryOptions struct{}
type ImageHistoryLayer struct {
- ID string `json:"Id"`
- Created int64 `json:",omitempty"`
- CreatedBy string `json:",omitempty"`
- Tags []string `json:",omitempty"`
- Size int64 `json:",omitempty"`
- Comment string `json:",omitempty"`
+ ID string `json:"id"`
+ Created time.Time `json:"created,omitempty"`
+ CreatedBy string `json:",omitempty"`
+ Tags []string `json:"tags,omitempty"`
+ Size int64 `json:"size"`
+ Comment string `json:"comment,omitempty"`
}
type ImageHistoryReport struct {
@@ -181,6 +182,37 @@ type ImagePushOptions struct {
TLSVerify types.OptionalBool
}
+// ImageSearchOptions are the arguments for searching images.
+type ImageSearchOptions struct {
+ // Authfile is the path to the authentication file. Ignored for remote
+ // calls.
+ Authfile string
+ // Filters for the search results.
+ Filters []string
+ // Limit the number of results.
+ Limit int
+ // NoTrunc will not truncate the output.
+ NoTrunc bool
+ // TLSVerify to enable/disable HTTPS and certificate verification.
+ TLSVerify types.OptionalBool
+}
+
+// ImageSearchReport is the response from searching images.
+type ImageSearchReport struct {
+ // Index is the image index (e.g., "docker.io" or "quay.io")
+ Index string
+ // Name is the canoncical name of the image (e.g., "docker.io/library/alpine").
+ Name string
+ // Description of the image.
+ Description string
+ // Stars is the number of stars of the image.
+ Stars int
+ // Official indicates if it's an official image.
+ Official string
+ // Automated indicates if the image was created by an automated build.
+ Automated string
+}
+
type ImageListOptions struct {
All bool `json:"all" schema:"all"`
Filter []string `json:"Filter,omitempty"`
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go
index cd2e79961..9ca8ff43c 100644
--- a/pkg/domain/entities/pods.go
+++ b/pkg/domain/entities/pods.go
@@ -1,6 +1,7 @@
package entities
import (
+ "strings"
"time"
"github.com/containers/libpod/libpod"
@@ -121,7 +122,9 @@ func (p PodCreateOptions) ToPodSpecGen(s *specgen.PodSpecGenerator) {
s.Hostname = p.Hostname
s.Labels = p.Labels
s.NoInfra = !p.Infra
- s.InfraCommand = []string{p.InfraCommand}
+ if len(p.InfraCommand) > 0 {
+ s.InfraCommand = strings.Split(p.InfraCommand, " ")
+ }
s.InfraImage = p.InfraImage
s.SharedNamespaces = p.Share
diff --git a/pkg/domain/entities/system.go b/pkg/domain/entities/system.go
new file mode 100644
index 000000000..3ddc04293
--- /dev/null
+++ b/pkg/domain/entities/system.go
@@ -0,0 +1,14 @@
+package entities
+
+import (
+ "time"
+
+ "github.com/spf13/cobra"
+)
+
+// ServiceOptions provides the input for starting an API Service
+type ServiceOptions struct {
+ URI string // Path to unix domain socket service should listen on
+ Timeout time.Duration // duration of inactivity the service should wait before shutting down
+ Command *cobra.Command // CLI command provided. Used in V1 code
+}
diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go
index dd7aaa07f..91ae00764 100644
--- a/pkg/domain/entities/types.go
+++ b/pkg/domain/entities/types.go
@@ -3,7 +3,9 @@ package entities
import (
"net"
+ "github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/pkg/specgen"
+ "github.com/containers/storage/pkg/archive"
"github.com/cri-o/ocicni/pkg/ocicni"
)
@@ -49,3 +51,24 @@ type InspectOptions struct {
Latest bool `json:",omitempty"`
Size bool `json:",omitempty"`
}
+
+// All API and CLI diff commands and diff sub-commands use the same options
+type DiffOptions struct {
+ Format string `json:",omitempty"` // CLI only
+ Latest bool `json:",omitempty"` // API and CLI, only supported by containers
+ Archive bool `json:",omitempty"` // CLI only
+}
+
+// DiffReport provides changes for object
+type DiffReport struct {
+ Changes []archive.Change
+}
+
+type EventsOptions struct {
+ FromStart bool
+ EventChan chan *events.Event
+ Filter []string
+ Stream bool
+ Since string
+ Until string
+}
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index 828ee56f0..4279fb756 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -4,23 +4,32 @@ package abi
import (
"context"
+ "fmt"
"io/ioutil"
+ "os"
"strconv"
"strings"
+ "sync"
+
+ lpfilters "github.com/containers/libpod/libpod/filters"
"github.com/containers/buildah"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/manifest"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/libpod/image"
+ "github.com/containers/libpod/libpod/logs"
"github.com/containers/libpod/pkg/checkpoint"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/containers/libpod/pkg/domain/infra/abi/terminal"
"github.com/containers/libpod/pkg/ps"
+ "github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/signal"
"github.com/containers/libpod/pkg/specgen"
"github.com/containers/libpod/pkg/specgen/generate"
+ "github.com/containers/storage"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -166,6 +175,28 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin
return reports, nil
}
+func (ic *ContainerEngine) ContainerPrune(ctx context.Context, options entities.ContainerPruneOptions) (*entities.ContainerPruneReport, error) {
+ var filterFuncs []libpod.ContainerFilter
+ for k, v := range options.Filters {
+ for _, val := range v {
+ generatedFunc, err := lpfilters.GenerateContainerFilterFuncs(k, val, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+ filterFuncs = append(filterFuncs, generatedFunc)
+ }
+ }
+ prunedContainers, pruneErrors, err := ic.Libpod.PruneContainers(filterFuncs)
+ if err != nil {
+ return nil, err
+ }
+ report := entities.ContainerPruneReport{
+ ID: prunedContainers,
+ Err: pruneErrors,
+ }
+ return &report, nil
+}
+
func (ic *ContainerEngine) ContainerKill(ctx context.Context, namesOrIds []string, options entities.KillOptions) ([]*entities.KillReport, error) {
var (
reports []*entities.KillReport
@@ -599,9 +630,9 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri
ExitCode: 125,
}
if err := ctr.Start(ctx, ctr.PodID() != ""); err != nil {
- //if lastError != nil {
+ // if lastError != nil {
// fmt.Fprintln(os.Stderr, lastError)
- //}
+ // }
report.Err = err
if errors.Cause(err) == define.ErrWillDeadlock {
report.Err = errors.Wrapf(err, "please run 'podman system renumber' to resolve deadlocks")
@@ -623,6 +654,19 @@ func (ic *ContainerEngine) ContainerList(ctx context.Context, options entities.C
return ps.GetContainerLists(ic.Libpod, options)
}
+// ContainerDiff provides changes to given container
+func (ic *ContainerEngine) ContainerDiff(ctx context.Context, nameOrId string, opts entities.DiffOptions) (*entities.DiffReport, error) {
+ if opts.Latest {
+ ctnr, err := ic.Libpod.GetLatestContainer()
+ if err != nil {
+ return nil, errors.Wrap(err, "unable to get latest container")
+ }
+ nameOrId = ctnr.ID()
+ }
+ changes, err := ic.Libpod.GetDiff("", nameOrId)
+ return &entities.DiffReport{Changes: changes}, err
+}
+
func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) {
var (
joinPod bool
@@ -696,3 +740,186 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
}
return &report, nil
}
+
+func (ic *ContainerEngine) ContainerLogs(ctx context.Context, containers []string, options entities.ContainerLogsOptions) error {
+ if options.Writer == nil {
+ return errors.New("no io.Writer set for container logs")
+ }
+
+ var wg sync.WaitGroup
+
+ ctrs, err := getContainersByContext(false, options.Latest, containers, ic.Libpod)
+ if err != nil {
+ return err
+ }
+
+ logOpts := &logs.LogOptions{
+ Multi: len(ctrs) > 1,
+ Details: options.Details,
+ Follow: options.Follow,
+ Since: options.Since,
+ Tail: options.Tail,
+ Timestamps: options.Timestamps,
+ UseName: options.Names,
+ WaitGroup: &wg,
+ }
+
+ chSize := len(ctrs) * int(options.Tail)
+ if chSize <= 0 {
+ chSize = 1
+ }
+ logChannel := make(chan *logs.LogLine, chSize)
+
+ if err := ic.Libpod.Log(ctrs, logOpts, logChannel); err != nil {
+ return err
+ }
+
+ go func() {
+ wg.Wait()
+ close(logChannel)
+ }()
+
+ for line := range logChannel {
+ fmt.Fprintln(options.Writer, line.String(logOpts))
+ }
+
+ return nil
+}
+
+func (ic *ContainerEngine) ContainerCleanup(ctx context.Context, namesOrIds []string, options entities.ContainerCleanupOptions) ([]*entities.ContainerCleanupReport, error) {
+ var reports []*entities.ContainerCleanupReport
+ ctrs, err := getContainersByContext(options.All, options.Latest, namesOrIds, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+ for _, ctr := range ctrs {
+ var err error
+ report := entities.ContainerCleanupReport{Id: ctr.ID()}
+ if options.Remove {
+ err = ic.Libpod.RemoveContainer(ctx, ctr, false, true)
+ if err != nil {
+ report.RmErr = errors.Wrapf(err, "failed to cleanup and remove container %v", ctr.ID())
+ }
+ } else {
+ err := ctr.Cleanup(ctx)
+ if err != nil {
+ report.CleanErr = errors.Wrapf(err, "failed to cleanup container %v", ctr.ID())
+ }
+ }
+
+ if options.RemoveImage {
+ _, imageName := ctr.Image()
+ ctrImage, err := ic.Libpod.ImageRuntime().NewFromLocal(imageName)
+ if err != nil {
+ report.RmiErr = err
+ reports = append(reports, &report)
+ continue
+ }
+ _, err = ic.Libpod.RemoveImage(ctx, ctrImage, false)
+ report.RmiErr = err
+ }
+ reports = append(reports, &report)
+ }
+ return reports, nil
+}
+
+func (ic *ContainerEngine) ContainerInit(ctx context.Context, namesOrIds []string, options entities.ContainerInitOptions) ([]*entities.ContainerInitReport, error) {
+ var reports []*entities.ContainerInitReport
+ ctrs, err := getContainersByContext(options.All, options.Latest, namesOrIds, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+ for _, ctr := range ctrs {
+ report := entities.ContainerInitReport{Id: ctr.ID()}
+ report.Err = ctr.Init(ctx)
+ reports = append(reports, &report)
+ }
+ return reports, nil
+}
+
+func (ic *ContainerEngine) ContainerMount(ctx context.Context, nameOrIds []string, options entities.ContainerMountOptions) ([]*entities.ContainerMountReport, error) {
+ if os.Geteuid() != 0 {
+ if driver := ic.Libpod.StorageConfig().GraphDriverName; driver != "vfs" {
+ // Do not allow to mount a graphdriver that is not vfs if we are creating the userns as part
+ // of the mount command.
+ return nil, fmt.Errorf("cannot mount using driver %s in rootless mode", driver)
+ }
+
+ became, ret, err := rootless.BecomeRootInUserNS("")
+ if err != nil {
+ return nil, err
+ }
+ if became {
+ os.Exit(ret)
+ }
+ }
+ var reports []*entities.ContainerMountReport
+ ctrs, err := getContainersByContext(options.All, options.Latest, nameOrIds, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+ for _, ctr := range ctrs {
+ report := entities.ContainerMountReport{Id: ctr.ID()}
+ report.Path, report.Err = ctr.Mount()
+ reports = append(reports, &report)
+ }
+ if len(reports) > 0 {
+ return reports, nil
+ }
+
+ // No containers were passed, so we send back what is mounted
+ ctrs, err = getContainersByContext(true, false, []string{}, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+ for _, ctr := range ctrs {
+ mounted, path, err := ctr.Mounted()
+ if err != nil {
+ return nil, err
+ }
+
+ if mounted {
+ reports = append(reports, &entities.ContainerMountReport{
+ Id: ctr.ID(),
+ Name: ctr.Name(),
+ Path: path,
+ })
+ }
+ }
+ return reports, nil
+}
+
+func (ic *ContainerEngine) ContainerUnmount(ctx context.Context, nameOrIds []string, options entities.ContainerUnmountOptions) ([]*entities.ContainerUnmountReport, error) {
+ var reports []*entities.ContainerUnmountReport
+ ctrs, err := getContainersByContext(options.All, options.Latest, nameOrIds, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+ for _, ctr := range ctrs {
+ state, err := ctr.State()
+ if err != nil {
+ logrus.Debugf("Error umounting container %s state: %s", ctr.ID(), err.Error())
+ continue
+ }
+ if state == define.ContainerStateRunning {
+ logrus.Debugf("Error umounting container %s, is running", ctr.ID())
+ continue
+ }
+
+ report := entities.ContainerUnmountReport{Id: ctr.ID()}
+ if err := ctr.Unmount(options.Force); err != nil {
+ if options.All && errors.Cause(err) == storage.ErrLayerNotMounted {
+ logrus.Debugf("Error umounting container %s, storage.ErrLayerNotMounted", ctr.ID())
+ continue
+ }
+ report.Err = errors.Wrapf(err, "error unmounting container %s", ctr.ID())
+ }
+ reports = append(reports, &report)
+ }
+ return reports, nil
+}
+
+// GetConfig returns a copy of the configuration used by the runtime
+func (ic *ContainerEngine) Config(_ context.Context) (*config.Config, error) {
+ return ic.Libpod.GetConfig()
+}
diff --git a/pkg/domain/infra/abi/events.go b/pkg/domain/infra/abi/events.go
new file mode 100644
index 000000000..9540a5b96
--- /dev/null
+++ b/pkg/domain/infra/abi/events.go
@@ -0,0 +1,18 @@
+//+build ABISupport
+
+package abi
+
+import (
+ "context"
+
+ "github.com/containers/libpod/libpod/events"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/sirupsen/logrus"
+)
+
+func (ic *ContainerEngine) Events(ctx context.Context, opts entities.EventsOptions) error {
+ readOpts := events.ReadOptions{FromStart: opts.FromStart, Stream: opts.Stream, Filters: opts.Filter, EventChannel: opts.EventChan, Since: opts.Since, Until: opts.Until}
+ err := ic.Libpod.Events(readOpts)
+ logrus.Error(err)
+ return err
+}
diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go
index 9d706a112..9467c14d4 100644
--- a/pkg/domain/infra/abi/images.go
+++ b/pkg/domain/infra/abi/images.go
@@ -9,12 +9,14 @@ import (
"os"
"strings"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/docker"
dockerarchive "github.com/containers/image/v5/docker/archive"
"github.com/containers/image/v5/docker/reference"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/transports/alltransports"
"github.com/containers/image/v5/types"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/image"
libpodImage "github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/pkg/domain/entities"
@@ -27,10 +29,11 @@ import (
)
func (ir *ImageEngine) Exists(_ context.Context, nameOrId string) (*entities.BoolReport, error) {
- if _, err := ir.Libpod.ImageRuntime().NewFromLocal(nameOrId); err != nil {
- return &entities.BoolReport{}, nil
+ _, err := ir.Libpod.ImageRuntime().NewFromLocal(nameOrId)
+ if err != nil && errors.Cause(err) != define.ErrNoSuchImage {
+ return nil, err
}
- return &entities.BoolReport{Value: true}, nil
+ return &entities.BoolReport{Value: err == nil}, nil
}
func (ir *ImageEngine) Delete(ctx context.Context, nameOrId []string, opts entities.ImageDeleteOptions) (*entities.ImageDeleteReport, error) {
@@ -43,7 +46,9 @@ func (ir *ImageEngine) Delete(ctx context.Context, nameOrId []string, opts entit
if err != nil {
return &report, errors.Wrapf(err, "unable to query local images")
}
-
+ if len(targets) == 0 {
+ return &report, nil
+ }
if len(targets) > 0 && len(targets) == len(previousTargets) {
return &report, errors.New("unable to delete all images; re-run the rmi command again.")
}
@@ -140,7 +145,7 @@ func (ir *ImageEngine) History(ctx context.Context, nameOrId string, opts entiti
func ToDomainHistoryLayer(layer *libpodImage.History) entities.ImageHistoryLayer {
l := entities.ImageHistoryLayer{}
l.ID = layer.ID
- l.Created = layer.Created.Unix()
+ l.Created = *layer.Created
l.CreatedBy = layer.CreatedBy
copy(l.Tags, layer.Tags)
l.Size = layer.Size
@@ -392,8 +397,10 @@ func (ir *ImageEngine) Load(ctx context.Context, opts entities.ImageLoadOptions)
if err != nil {
return nil, errors.Wrap(err, "image loaded but no additional tags were created")
}
- if err := newImage.TagImage(opts.Name); err != nil {
- return nil, errors.Wrapf(err, "error adding %q to image %q", opts.Name, newImage.InputName)
+ if len(opts.Name) > 0 {
+ if err := newImage.TagImage(fmt.Sprintf("%s:%s", opts.Name, opts.Tag)); err != nil {
+ return nil, errors.Wrapf(err, "error adding %q to image %q", opts.Name, newImage.InputName)
+ }
}
return &entities.ImageLoadReport{Name: name}, nil
}
@@ -413,3 +420,51 @@ func (ir *ImageEngine) Save(ctx context.Context, nameOrId string, tags []string,
}
return newImage.Save(ctx, nameOrId, options.Format, options.Output, tags, options.Quiet, options.Compress)
}
+
+func (ir *ImageEngine) Diff(_ context.Context, nameOrId string, _ entities.DiffOptions) (*entities.DiffReport, error) {
+ changes, err := ir.Libpod.GetDiff("", nameOrId)
+ if err != nil {
+ return nil, err
+ }
+ return &entities.DiffReport{Changes: changes}, nil
+}
+
+func (ir *ImageEngine) Search(ctx context.Context, term string, opts entities.ImageSearchOptions) ([]entities.ImageSearchReport, error) {
+ filter, err := image.ParseSearchFilter(opts.Filters)
+ if err != nil {
+ return nil, err
+ }
+
+ searchOpts := image.SearchOptions{
+ Authfile: opts.Authfile,
+ Filter: *filter,
+ Limit: opts.Limit,
+ NoTrunc: opts.NoTrunc,
+ InsecureSkipTLSVerify: opts.TLSVerify,
+ }
+
+ searchResults, err := image.SearchImages(term, searchOpts)
+ if err != nil {
+ return nil, err
+ }
+
+ // Convert from image.SearchResults to entities.ImageSearchReport. We don't
+ // want to leak any low-level packages into the remote client, which
+ // requires converting.
+ reports := make([]entities.ImageSearchReport, len(searchResults))
+ for i := range searchResults {
+ reports[i].Index = searchResults[i].Index
+ reports[i].Name = searchResults[i].Name
+ reports[i].Description = searchResults[i].Index
+ reports[i].Stars = searchResults[i].Stars
+ reports[i].Official = searchResults[i].Official
+ reports[i].Automated = searchResults[i].Automated
+ }
+
+ return reports, nil
+}
+
+// GetConfig returns a copy of the configuration used by the runtime
+func (ir *ImageEngine) Config(_ context.Context) (*config.Config, error) {
+ return ir.Libpod.GetConfig()
+}
diff --git a/pkg/domain/infra/abi/pods.go b/pkg/domain/infra/abi/pods.go
index c3e5d59bc..bb637de3e 100644
--- a/pkg/domain/infra/abi/pods.go
+++ b/pkg/domain/infra/abi/pods.go
@@ -5,13 +5,13 @@ package abi
import (
"context"
- lpfilters "github.com/containers/libpod/libpod/filters"
-
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
+ lpfilters "github.com/containers/libpod/libpod/filters"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/containers/libpod/pkg/signal"
"github.com/containers/libpod/pkg/specgen"
+ "github.com/containers/libpod/pkg/specgen/generate"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -246,7 +246,7 @@ func (ic *ContainerEngine) PodRm(ctx context.Context, namesOrIds []string, optio
func (ic *ContainerEngine) PodCreate(ctx context.Context, opts entities.PodCreateOptions) (*entities.PodCreateReport, error) {
podSpec := specgen.NewPodSpecGenerator()
opts.ToPodSpecGen(podSpec)
- pod, err := podSpec.MakePod(ic.Libpod)
+ pod, err := generate.MakePod(podSpec, ic.Libpod)
if err != nil {
return nil, err
}
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go
new file mode 100644
index 000000000..10872144b
--- /dev/null
+++ b/pkg/domain/infra/abi/system.go
@@ -0,0 +1,244 @@
+// +build ABISupport
+
+package abi
+
+import (
+ "context"
+ "fmt"
+ "io/ioutil"
+ "net"
+ "os"
+ "strconv"
+ "strings"
+ "syscall"
+
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/libpod/libpod/define"
+ api "github.com/containers/libpod/pkg/api/server"
+ "github.com/containers/libpod/pkg/cgroups"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/containers/libpod/pkg/rootless"
+ "github.com/containers/libpod/pkg/util"
+ iopodman "github.com/containers/libpod/pkg/varlink"
+ iopodmanAPI "github.com/containers/libpod/pkg/varlinkapi"
+ "github.com/containers/libpod/utils"
+ "github.com/containers/libpod/version"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+ "github.com/varlink/go/varlink"
+)
+
+func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
+ return ic.Libpod.Info()
+}
+
+func (ic *ContainerEngine) RestService(_ context.Context, opts entities.ServiceOptions) error {
+ var (
+ listener net.Listener
+ err error
+ )
+
+ if opts.URI != "" {
+ fields := strings.Split(opts.URI, ":")
+ if len(fields) == 1 {
+ return errors.Errorf("%s is an invalid socket destination", opts.URI)
+ }
+ address := strings.Join(fields[1:], ":")
+ listener, err = net.Listen(fields[0], address)
+ if err != nil {
+ return errors.Wrapf(err, "unable to create socket %s", opts.URI)
+ }
+ }
+
+ server, err := api.NewServerWithSettings(ic.Libpod, opts.Timeout, &listener)
+ if err != nil {
+ return err
+ }
+ defer func() {
+ if err := server.Shutdown(); err != nil {
+ logrus.Warnf("Error when stopping API service: %s", err)
+ }
+ }()
+
+ err = server.Serve()
+ _ = listener.Close()
+ return err
+}
+
+func (ic *ContainerEngine) VarlinkService(_ context.Context, opts entities.ServiceOptions) error {
+ var varlinkInterfaces = []*iopodman.VarlinkInterface{
+ iopodmanAPI.New(opts.Command, ic.Libpod),
+ }
+
+ service, err := varlink.NewService(
+ "Atomic",
+ "podman",
+ version.Version,
+ "https://github.com/containers/libpod",
+ )
+ if err != nil {
+ return errors.Wrapf(err, "unable to create new varlink service")
+ }
+
+ for _, i := range varlinkInterfaces {
+ if err := service.RegisterInterface(i); err != nil {
+ return errors.Errorf("unable to register varlink interface %v", i)
+ }
+ }
+
+ // Run the varlink server at the given address
+ if err = service.Listen(opts.URI, opts.Timeout); err != nil {
+ switch err.(type) {
+ case varlink.ServiceTimeoutError:
+ logrus.Infof("varlink service expired (use --timeout to increase session time beyond %s ms, 0 means never timeout)", opts.Timeout.String())
+ return nil
+ default:
+ return errors.Wrapf(err, "unable to start varlink service")
+ }
+ }
+ return nil
+}
+
+func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error {
+ // do it only after podman has already re-execed and running with uid==0.
+ if os.Geteuid() == 0 {
+ ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup()
+ if err != nil {
+ logrus.Warnf("Failed to detect the owner for the current cgroup: %v", err)
+ }
+ if !ownsCgroup {
+ conf, err := ic.Config(context.Background())
+ if err != nil {
+ return err
+ }
+ unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
+ if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {
+ if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
+ logrus.Warnf("Failed to add podman to systemd sandbox cgroup: %v", err)
+ } else {
+ logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err)
+ }
+ }
+ }
+ }
+
+ if !executeCommandInUserNS(cmd) {
+ return nil
+ }
+
+ pausePidPath, err := util.GetRootlessPauseProcessPidPath()
+ if err != nil {
+ return errors.Wrapf(err, "could not get pause process pid file path")
+ }
+
+ became, ret, err := rootless.TryJoinPauseProcess(pausePidPath)
+ if err != nil {
+ return err
+ }
+ if became {
+ os.Exit(ret)
+ }
+
+ // if there is no pid file, try to join existing containers, and create a pause process.
+ ctrs, err := ic.Libpod.GetRunningContainers()
+ if err != nil {
+ logrus.WithError(err).Fatal("")
+ }
+
+ paths := []string{}
+ for _, ctr := range ctrs {
+ paths = append(paths, ctr.Config().ConmonPidFile)
+ }
+
+ became, ret, err = rootless.TryJoinFromFilePaths(pausePidPath, true, paths)
+ if err := movePauseProcessToScope(); err != nil {
+ conf, err := ic.Config(context.Background())
+ if err != nil {
+ return err
+ }
+ if conf.Engine.CgroupManager == config.SystemdCgroupsManager {
+ logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err)
+ } else {
+ logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err)
+ }
+ }
+ if err != nil {
+ logrus.WithError(err).Fatal("")
+ }
+ if became {
+ os.Exit(ret)
+ }
+ return nil
+}
+
+// Most podman commands when run in rootless mode, need to be executed in the
+// users usernamespace. This function is updated with a list of commands that
+// should NOT be run within the user namespace.
+func executeCommandInUserNS(cmd *cobra.Command) bool {
+ return os.Geteuid() == 0
+ // if os.Geteuid() == 0 {
+ // return false
+ // }
+ // switch cmd {
+ // case _migrateCommand,
+ // _mountCommand,
+ // _renumberCommand,
+ // _searchCommand,
+ // _versionCommand:
+ // return false
+ // }
+ // return true
+}
+
+func movePauseProcessToScope() error {
+ pausePidPath, err := util.GetRootlessPauseProcessPidPath()
+ if err != nil {
+ return errors.Wrapf(err, "could not get pause process pid file path")
+ }
+
+ data, err := ioutil.ReadFile(pausePidPath)
+ if err != nil {
+ return errors.Wrapf(err, "cannot read pause pid file")
+ }
+ pid, err := strconv.ParseUint(string(data), 10, 0)
+ if err != nil {
+ return errors.Wrapf(err, "cannot parse pid file %s", pausePidPath)
+ }
+
+ return utils.RunUnderSystemdScope(int(pid), "user.slice", "podman-pause.scope")
+}
+
+func setRLimits() error { // nolint:deadcode,unused
+ rlimits := new(syscall.Rlimit)
+ rlimits.Cur = 1048576
+ rlimits.Max = 1048576
+ if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ return errors.Wrapf(err, "error getting rlimits")
+ }
+ rlimits.Cur = rlimits.Max
+ if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ return errors.Wrapf(err, "error setting new rlimits")
+ }
+ }
+ return nil
+}
+
+func setUMask() { // nolint:deadcode,unused
+ // Be sure we can create directories with 0755 mode.
+ syscall.Umask(0022)
+}
+
+// checkInput can be used to verify any of the globalopt values
+func checkInput() error { // nolint:deadcode,unused
+ return nil
+}
+
+// func getCNIPluginsDir() string {
+// if rootless.IsRootless() {
+// return ""
+// }
+//
+// return registry.PodmanOptions.Network.CNIPluginDirs[0]
+// }
diff --git a/pkg/domain/infra/runtime_abi.go b/pkg/domain/infra/runtime_abi.go
index f11026571..0dbcf2ad2 100644
--- a/pkg/domain/infra/runtime_abi.go
+++ b/pkg/domain/infra/runtime_abi.go
@@ -12,7 +12,7 @@ import (
)
// NewContainerEngine factory provides a libpod runtime for container-related operations
-func NewContainerEngine(facts entities.EngineOptions) (entities.ContainerEngine, error) {
+func NewContainerEngine(facts entities.PodmanConfig) (entities.ContainerEngine, error) {
switch facts.EngineMode {
case entities.ABIMode:
r, err := NewLibpodRuntime(facts.FlagSet, facts)
@@ -25,7 +25,7 @@ func NewContainerEngine(facts entities.EngineOptions) (entities.ContainerEngine,
}
// NewContainerEngine factory provides a libpod runtime for image-related operations
-func NewImageEngine(facts entities.EngineOptions) (entities.ImageEngine, error) {
+func NewImageEngine(facts entities.PodmanConfig) (entities.ImageEngine, error) {
switch facts.EngineMode {
case entities.ABIMode:
r, err := NewLibpodImageRuntime(facts.FlagSet, facts)
diff --git a/pkg/domain/infra/runtime_image_proxy.go b/pkg/domain/infra/runtime_image_proxy.go
index befc66b9a..45c5425a3 100644
--- a/pkg/domain/infra/runtime_image_proxy.go
+++ b/pkg/domain/infra/runtime_image_proxy.go
@@ -12,7 +12,7 @@ import (
// ContainerEngine Image Proxy will be EOL'ed after podmanV2 is separated from libpod repo
-func NewLibpodImageRuntime(flags *pflag.FlagSet, opts entities.EngineOptions) (entities.ImageEngine, error) {
+func NewLibpodImageRuntime(flags *pflag.FlagSet, opts entities.PodmanConfig) (entities.ImageEngine, error) {
r, err := GetRuntime(context.Background(), flags, opts)
if err != nil {
return nil, err
diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go
index d59759707..6b0ac4852 100644
--- a/pkg/domain/infra/runtime_libpod.go
+++ b/pkg/domain/infra/runtime_libpod.go
@@ -1,3 +1,5 @@
+// build: ABISupport
+
package infra
import (
@@ -22,68 +24,70 @@ type engineOpts struct {
migrate bool
noStore bool
withFDS bool
- flags entities.EngineOptions
+ config entities.PodmanConfig
}
// GetRuntimeMigrate gets a libpod runtime that will perform a migration of existing containers
-func GetRuntimeMigrate(ctx context.Context, fs *flag.FlagSet, ef entities.EngineOptions, newRuntime string) (*libpod.Runtime, error) {
+func GetRuntimeMigrate(ctx context.Context, fs *flag.FlagSet, cfg entities.PodmanConfig, newRuntime string) (*libpod.Runtime, error) {
return getRuntime(ctx, fs, &engineOpts{
name: newRuntime,
renumber: false,
migrate: true,
noStore: false,
withFDS: true,
- flags: ef,
+ config: cfg,
})
}
// GetRuntimeDisableFDs gets a libpod runtime that will disable sd notify
-func GetRuntimeDisableFDs(ctx context.Context, fs *flag.FlagSet, ef entities.EngineOptions) (*libpod.Runtime, error) {
+func GetRuntimeDisableFDs(ctx context.Context, fs *flag.FlagSet, cfg entities.PodmanConfig) (*libpod.Runtime, error) {
return getRuntime(ctx, fs, &engineOpts{
renumber: false,
migrate: false,
noStore: false,
withFDS: false,
- flags: ef,
+ config: cfg,
})
}
// GetRuntimeRenumber gets a libpod runtime that will perform a lock renumber
-func GetRuntimeRenumber(ctx context.Context, fs *flag.FlagSet, ef entities.EngineOptions) (*libpod.Runtime, error) {
+func GetRuntimeRenumber(ctx context.Context, fs *flag.FlagSet, cfg entities.PodmanConfig) (*libpod.Runtime, error) {
return getRuntime(ctx, fs, &engineOpts{
renumber: true,
migrate: false,
noStore: false,
withFDS: true,
- flags: ef,
+ config: cfg,
})
}
// GetRuntime generates a new libpod runtime configured by command line options
-func GetRuntime(ctx context.Context, flags *flag.FlagSet, ef entities.EngineOptions) (*libpod.Runtime, error) {
+func GetRuntime(ctx context.Context, flags *flag.FlagSet, cfg entities.PodmanConfig) (*libpod.Runtime, error) {
return getRuntime(ctx, flags, &engineOpts{
renumber: false,
migrate: false,
noStore: false,
withFDS: true,
- flags: ef,
+ config: cfg,
})
}
// GetRuntimeNoStore generates a new libpod runtime configured by command line options
-func GetRuntimeNoStore(ctx context.Context, fs *flag.FlagSet, ef entities.EngineOptions) (*libpod.Runtime, error) {
+func GetRuntimeNoStore(ctx context.Context, fs *flag.FlagSet, cfg entities.PodmanConfig) (*libpod.Runtime, error) {
return getRuntime(ctx, fs, &engineOpts{
renumber: false,
migrate: false,
noStore: true,
withFDS: true,
- flags: ef,
+ config: cfg,
})
}
func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpod.Runtime, error) {
options := []libpod.RuntimeOption{}
storageOpts := storage.StoreOptions{}
+ cfg := opts.config
+
storageSet := false
uidmapFlag := fs.Lookup("uidmap")
@@ -109,25 +113,25 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo
if fs.Changed("root") {
storageSet = true
- storageOpts.GraphRoot = opts.flags.Root
+ storageOpts.GraphRoot = cfg.Engine.StaticDir
}
if fs.Changed("runroot") {
storageSet = true
- storageOpts.RunRoot = opts.flags.Runroot
+ storageOpts.RunRoot = cfg.Runroot
}
if len(storageOpts.RunRoot) > 50 {
return nil, errors.New("the specified runroot is longer than 50 characters")
}
if fs.Changed("storage-driver") {
storageSet = true
- storageOpts.GraphDriverName = opts.flags.StorageDriver
+ storageOpts.GraphDriverName = cfg.StorageDriver
// Overriding the default storage driver caused GraphDriverOptions from storage.conf to be ignored
storageOpts.GraphDriverOptions = []string{}
}
// This should always be checked after storage-driver is checked
- if len(opts.flags.StorageOpts) > 0 {
+ if len(cfg.StorageOpts) > 0 {
storageSet = true
- storageOpts.GraphDriverOptions = opts.flags.StorageOpts
+ storageOpts.GraphDriverOptions = cfg.StorageOpts
}
if opts.migrate {
options = append(options, libpod.WithMigrate())
@@ -151,30 +155,30 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo
// TODO CLI flags for image config?
// TODO CLI flag for signature policy?
- if len(opts.flags.Namespace) > 0 {
- options = append(options, libpod.WithNamespace(opts.flags.Namespace))
+ if len(cfg.Engine.Namespace) > 0 {
+ options = append(options, libpod.WithNamespace(cfg.Engine.Namespace))
}
if fs.Changed("runtime") {
- options = append(options, libpod.WithOCIRuntime(opts.flags.Runtime))
+ options = append(options, libpod.WithOCIRuntime(cfg.Engine.OCIRuntime))
}
if fs.Changed("conmon") {
- options = append(options, libpod.WithConmonPath(opts.flags.ConmonPath))
+ options = append(options, libpod.WithConmonPath(cfg.ConmonPath))
}
if fs.Changed("tmpdir") {
- options = append(options, libpod.WithTmpDir(opts.flags.TmpDir))
+ options = append(options, libpod.WithTmpDir(cfg.Engine.TmpDir))
}
if fs.Changed("network-cmd-path") {
- options = append(options, libpod.WithNetworkCmdPath(opts.flags.NetworkCmdPath))
+ options = append(options, libpod.WithNetworkCmdPath(cfg.Engine.NetworkCmdPath))
}
if fs.Changed("events-backend") {
- options = append(options, libpod.WithEventsLogger(opts.flags.EventsBackend))
+ options = append(options, libpod.WithEventsLogger(cfg.Engine.EventsLogger))
}
if fs.Changed("cgroup-manager") {
- options = append(options, libpod.WithCgroupManager(opts.flags.CGroupManager))
+ options = append(options, libpod.WithCgroupManager(cfg.Engine.CgroupManager))
} else {
unified, err := cgroups.IsCgroup2UnifiedMode()
if err != nil {
@@ -189,13 +193,13 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo
// TODO flag to set libpod tmp dir?
if fs.Changed("cni-config-dir") {
- options = append(options, libpod.WithCNIConfigDir(opts.flags.CniConfigDir))
+ options = append(options, libpod.WithCNIConfigDir(cfg.Network.NetworkConfigDir))
}
if fs.Changed("default-mounts-file") {
- options = append(options, libpod.WithDefaultMountsFile(opts.flags.DefaultMountsFile))
+ options = append(options, libpod.WithDefaultMountsFile(cfg.Containers.DefaultMountsFile))
}
if fs.Changed("hooks-dir") {
- options = append(options, libpod.WithHooksDir(opts.flags.HooksDir...))
+ options = append(options, libpod.WithHooksDir(cfg.Engine.HooksDir...))
}
// TODO flag to set CNI plugins dir?
diff --git a/pkg/domain/infra/runtime_proxy.go b/pkg/domain/infra/runtime_proxy.go
index 2e38c74b9..18f716ea0 100644
--- a/pkg/domain/infra/runtime_proxy.go
+++ b/pkg/domain/infra/runtime_proxy.go
@@ -12,7 +12,7 @@ import (
// ContainerEngine Proxy will be EOL'ed after podmanV2 is separated from libpod repo
-func NewLibpodRuntime(flags *flag.FlagSet, opts entities.EngineOptions) (entities.ContainerEngine, error) {
+func NewLibpodRuntime(flags *flag.FlagSet, opts entities.PodmanConfig) (entities.ContainerEngine, error) {
r, err := GetRuntime(context.Background(), flags, opts)
if err != nil {
return nil, err
diff --git a/pkg/domain/infra/runtime_tunnel.go b/pkg/domain/infra/runtime_tunnel.go
index dc04b4e53..129fdeb2c 100644
--- a/pkg/domain/infra/runtime_tunnel.go
+++ b/pkg/domain/infra/runtime_tunnel.go
@@ -11,7 +11,7 @@ import (
"github.com/containers/libpod/pkg/domain/infra/tunnel"
)
-func NewContainerEngine(facts entities.EngineOptions) (entities.ContainerEngine, error) {
+func NewContainerEngine(facts entities.PodmanConfig) (entities.ContainerEngine, error) {
switch facts.EngineMode {
case entities.ABIMode:
return nil, fmt.Errorf("direct runtime not supported")
@@ -23,7 +23,7 @@ func NewContainerEngine(facts entities.EngineOptions) (entities.ContainerEngine,
}
// NewImageEngine factory provides a libpod runtime for image-related operations
-func NewImageEngine(facts entities.EngineOptions) (entities.ImageEngine, error) {
+func NewImageEngine(facts entities.PodmanConfig) (entities.ImageEngine, error) {
switch facts.EngineMode {
case entities.ABIMode:
return nil, fmt.Errorf("direct image runtime not supported")
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
index e96200c5b..679bb371b 100644
--- a/pkg/domain/infra/tunnel/containers.go
+++ b/pkg/domain/infra/tunnel/containers.go
@@ -5,6 +5,7 @@ import (
"io"
"os"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/docker/reference"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/bindings/containers"
@@ -145,6 +146,10 @@ func (ic *ContainerEngine) ContainerRm(ctx context.Context, namesOrIds []string,
return reports, nil
}
+func (ic *ContainerEngine) ContainerPrune(ctx context.Context, options entities.ContainerPruneOptions) (*entities.ContainerPruneReport, error) {
+ return containers.Prune(ic.ClientCxt, options.Filters)
+}
+
func (ic *ContainerEngine) ContainerInspect(ctx context.Context, namesOrIds []string, options entities.InspectOptions) ([]*entities.ContainerInspectReport, error) {
var (
reports []*entities.ContainerInspectReport
@@ -305,6 +310,11 @@ func (ic *ContainerEngine) ContainerCreate(ctx context.Context, s *specgen.SpecG
return &entities.ContainerCreateReport{Id: response.ID}, nil
}
+func (ic *ContainerEngine) ContainerLogs(ctx context.Context, containers []string, options entities.ContainerLogsOptions) error {
+ // The endpoint is not ready yet and requires some more work.
+ return errors.New("not implemented yet")
+}
+
func (ic *ContainerEngine) ContainerAttach(ctx context.Context, nameOrId string, options entities.AttachOptions) error {
return errors.New("not implemented")
}
@@ -324,3 +334,40 @@ func (ic *ContainerEngine) ContainerList(ctx context.Context, options entities.C
func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) {
return nil, errors.New("not implemented")
}
+
+func (ic *ContainerEngine) ContainerDiff(ctx context.Context, nameOrId string, _ entities.DiffOptions) (*entities.DiffReport, error) {
+ changes, err := containers.Diff(ic.ClientCxt, nameOrId)
+ return &entities.DiffReport{Changes: changes}, err
+}
+
+func (ic *ContainerEngine) ContainerCleanup(ctx context.Context, namesOrIds []string, options entities.ContainerCleanupOptions) ([]*entities.ContainerCleanupReport, error) {
+ return nil, errors.New("not implemented")
+}
+
+func (ic *ContainerEngine) ContainerInit(ctx context.Context, namesOrIds []string, options entities.ContainerInitOptions) ([]*entities.ContainerInitReport, error) {
+ var reports []*entities.ContainerInitReport
+ ctrs, err := getContainersByContext(ic.ClientCxt, options.All, namesOrIds)
+ if err != nil {
+ return nil, err
+ }
+ for _, ctr := range ctrs {
+ err := containers.ContainerInit(ic.ClientCxt, ctr.ID)
+ reports = append(reports, &entities.ContainerInitReport{
+ Err: err,
+ Id: ctr.ID,
+ })
+ }
+ return reports, nil
+}
+
+func (ic *ContainerEngine) ContainerMount(ctx context.Context, nameOrIds []string, options entities.ContainerMountOptions) ([]*entities.ContainerMountReport, error) {
+ return nil, errors.New("mounting containers is not supported for remote clients")
+}
+
+func (ic *ContainerEngine) ContainerUnmount(ctx context.Context, nameOrIds []string, options entities.ContainerUnmountOptions) ([]*entities.ContainerUnmountReport, error) {
+ return nil, errors.New("unmounting containers is not supported for remote clients")
+}
+
+func (ic *ContainerEngine) Config(_ context.Context) (*config.Config, error) {
+ return config.Default()
+}
diff --git a/pkg/domain/infra/tunnel/events.go b/pkg/domain/infra/tunnel/events.go
new file mode 100644
index 000000000..46d88341a
--- /dev/null
+++ b/pkg/domain/infra/tunnel/events.go
@@ -0,0 +1,31 @@
+package tunnel
+
+import (
+ "context"
+ "strings"
+
+ "github.com/containers/libpod/pkg/api/handlers"
+ "github.com/containers/libpod/pkg/bindings/system"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/pkg/errors"
+)
+
+func (ic *ContainerEngine) Events(ctx context.Context, opts entities.EventsOptions) error {
+ filters := make(map[string][]string)
+ if len(opts.Filter) > 0 {
+ for _, filter := range opts.Filter {
+ split := strings.Split(filter, "=")
+ if len(split) < 2 {
+ return errors.Errorf("invalid filter %q", filter)
+ }
+ filters[split[0]] = append(filters[split[0]], strings.Join(split[1:], "="))
+ }
+ }
+ binChan := make(chan handlers.Event)
+ go func() {
+ for e := range binChan {
+ opts.EventChan <- e.ToLibpodEvent()
+ }
+ }()
+ return system.Events(ic.ClientCxt, binChan, nil, &opts.Since, &opts.Until, filters)
+}
diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go
index 516914a68..7d40e0327 100644
--- a/pkg/domain/infra/tunnel/images.go
+++ b/pkg/domain/infra/tunnel/images.go
@@ -5,6 +5,7 @@ import (
"io/ioutil"
"os"
+ "github.com/containers/common/pkg/config"
"github.com/containers/image/v5/docker/reference"
images "github.com/containers/libpod/pkg/bindings/images"
"github.com/containers/libpod/pkg/domain/entities"
@@ -241,3 +242,20 @@ func (ir *ImageEngine) Save(ctx context.Context, nameOrId string, tags []string,
}
return utils2.UntarToFileSystem(options.Output, f, nil)
}
+
+// Diff reports the changes to the given image
+func (ir *ImageEngine) Diff(ctx context.Context, nameOrId string, _ entities.DiffOptions) (*entities.DiffReport, error) {
+ changes, err := images.Diff(ir.ClientCxt, nameOrId)
+ if err != nil {
+ return nil, err
+ }
+ return &entities.DiffReport{Changes: changes}, nil
+}
+
+func (ir *ImageEngine) Search(ctx context.Context, term string, opts entities.ImageSearchOptions) ([]entities.ImageSearchReport, error) {
+ return images.Search(ir.ClientCxt, term, opts)
+}
+
+func (ir *ImageEngine) Config(_ context.Context) (*config.Config, error) {
+ return config.Default()
+}
diff --git a/pkg/domain/infra/tunnel/system.go b/pkg/domain/infra/tunnel/system.go
index 5bafef1fe..7c7a55c05 100644
--- a/pkg/domain/infra/tunnel/system.go
+++ b/pkg/domain/infra/tunnel/system.go
@@ -1 +1,22 @@
package tunnel
+
+import (
+ "context"
+ "errors"
+
+ "github.com/containers/libpod/libpod/define"
+ "github.com/containers/libpod/pkg/bindings/system"
+ "github.com/containers/libpod/pkg/domain/entities"
+)
+
+func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
+ return system.Info(ic.ClientCxt)
+}
+
+func (ic *ContainerEngine) RestService(_ context.Context, _ entities.ServiceOptions) error {
+ panic(errors.New("rest service is not supported when tunneling"))
+}
+
+func (ic *ContainerEngine) VarlinkService(_ context.Context, _ entities.ServiceOptions) error {
+ panic(errors.New("varlink service is not supported when tunneling"))
+}
diff --git a/pkg/ps/define/types.go b/pkg/ps/define/types.go
new file mode 100644
index 000000000..878653c3a
--- /dev/null
+++ b/pkg/ps/define/types.go
@@ -0,0 +1,8 @@
+package define
+
+// ContainerSize holds the size of the container's root filesystem and top
+// read-write layer.
+type ContainerSize struct {
+ RootFsSize int64 `json:"rootFsSize"`
+ RwSize int64 `json:"rwSize"`
+}
diff --git a/pkg/ps/ps.go b/pkg/ps/ps.go
index 58fcc2c21..8b62fc307 100644
--- a/pkg/ps/ps.go
+++ b/pkg/ps/ps.go
@@ -1,16 +1,19 @@
package ps
import (
+ "os"
"path/filepath"
+ "regexp"
"sort"
"strconv"
+ "strings"
"time"
- "github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/libpod/define"
lpfilters "github.com/containers/libpod/libpod/filters"
"github.com/containers/libpod/pkg/domain/entities"
+ psdefine "github.com/containers/libpod/pkg/ps/define"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -80,7 +83,7 @@ func ListContainerBatch(rt *libpod.Runtime, ctr *libpod.Container, opts entities
exitCode int32
exited bool
pid int
- size *shared.ContainerSize
+ size *psdefine.ContainerSize
startedTime time.Time
exitedTime time.Time
cgroup, ipc, mnt, net, pidns, user, uts string
@@ -116,16 +119,16 @@ func ListContainerBatch(rt *libpod.Runtime, ctr *libpod.Container, opts entities
return errors.Wrapf(err, "unable to obtain container pid")
}
ctrPID := strconv.Itoa(pid)
- cgroup, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "cgroup"))
- ipc, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "ipc"))
- mnt, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "mnt"))
- net, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "net"))
- pidns, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "pid"))
- user, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "user"))
- uts, _ = shared.GetNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "uts"))
+ cgroup, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "cgroup"))
+ ipc, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "ipc"))
+ mnt, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "mnt"))
+ net, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "net"))
+ pidns, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "pid"))
+ user, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "user"))
+ uts, _ = getNamespaceInfo(filepath.Join("/proc", ctrPID, "ns", "uts"))
}
if opts.Size {
- size = new(shared.ContainerSize)
+ size = new(psdefine.ContainerSize)
rootFsSize, err := c.RootFsSize()
if err != nil {
@@ -187,3 +190,18 @@ func ListContainerBatch(rt *libpod.Runtime, ctr *libpod.Container, opts entities
}
return ps, nil
}
+
+func getNamespaceInfo(path string) (string, error) {
+ val, err := os.Readlink(path)
+ if err != nil {
+ return "", errors.Wrapf(err, "error getting info from %q", path)
+ }
+ return getStrFromSquareBrackets(val), nil
+}
+
+// getStrFromSquareBrackets gets the string inside [] from a string.
+func getStrFromSquareBrackets(cmd string) string {
+ reg := regexp.MustCompile(`.*\[|\].*`)
+ arr := strings.Split(reg.ReplaceAllLiteralString(cmd, ""), ",")
+ return strings.Join(arr, ",")
+}
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
index 6643bfbbf..da52a7217 100644
--- a/pkg/rootless/rootless_linux.c
+++ b/pkg/rootless/rootless_linux.c
@@ -288,6 +288,7 @@ static void __attribute__((constructor)) init()
char *cwd = getcwd (NULL, 0);
char uid_fmt[16];
char gid_fmt[16];
+ size_t len;
if (cwd == NULL)
{
@@ -295,13 +296,13 @@ static void __attribute__((constructor)) init()
_exit (EXIT_FAILURE);
}
- if (strlen (xdg_runtime_dir) >= PATH_MAX - strlen (suffix))
+ len = snprintf (path, PATH_MAX, "%s%s", xdg_runtime_dir, suffix);
+ if (len >= PATH_MAX)
{
fprintf (stderr, "invalid value for XDG_RUNTIME_DIR: %s", strerror (ENAMETOOLONG));
exit (EXIT_FAILURE);
}
- sprintf (path, "%s%s", xdg_runtime_dir, suffix);
fd = open (path, O_RDONLY);
if (fd < 0)
{
diff --git a/pkg/signal/signal_linux.go b/pkg/signal/signal_linux.go
index 76ab16ec7..e6e0f1ca1 100644
--- a/pkg/signal/signal_linux.go
+++ b/pkg/signal/signal_linux.go
@@ -129,14 +129,15 @@ func StopCatch(sigc chan os.Signal) {
// ParseSignalNameOrNumber translates a string to a valid syscall signal. Input
// can be a name or number representation i.e. "KILL" "9"
func ParseSignalNameOrNumber(rawSignal string) (syscall.Signal, error) {
- s, err := ParseSignal(rawSignal)
+ basename := strings.TrimPrefix(rawSignal, "-")
+ s, err := ParseSignal(basename)
if err == nil {
return s, nil
}
for k, v := range signalMap {
- if k == strings.ToUpper(rawSignal) {
+ if k == strings.ToUpper(basename) {
return v, nil
}
}
- return -1, fmt.Errorf("invalid signal: %s", rawSignal)
+ return -1, fmt.Errorf("invalid signal: %s", basename)
}
diff --git a/pkg/specgen/config_linux_nocgo.go b/pkg/specgen/config_linux_nocgo.go
deleted file mode 100644
index fc0c58c37..000000000
--- a/pkg/specgen/config_linux_nocgo.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// +build linux,!cgo
-
-package specgen
-
-import (
- spec "github.com/opencontainers/runtime-spec/specs-go"
-)
-
-func (s *SpecGenerator) getSeccompConfig(configSpec *spec.Spec) (*spec.LinuxSeccomp, error) {
- return nil, nil
-}
diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go
index aad14ddcb..9152e7ee7 100644
--- a/pkg/specgen/container_validate.go
+++ b/pkg/specgen/container_validate.go
@@ -68,18 +68,6 @@ func (s *SpecGenerator) Validate() error {
if len(s.CapAdd) > 0 && s.Privileged {
return exclusiveOptions("CapAdd", "privileged")
}
- // selinuxprocesslabel and privileged are exclusive
- if len(s.SelinuxProcessLabel) > 0 && s.Privileged {
- return exclusiveOptions("SelinuxProcessLabel", "privileged")
- }
- // selinuxmounmtlabel and privileged are exclusive
- if len(s.SelinuxMountLabel) > 0 && s.Privileged {
- return exclusiveOptions("SelinuxMountLabel", "privileged")
- }
- // selinuxopts and privileged are exclusive
- if len(s.SelinuxOpts) > 0 && s.Privileged {
- return exclusiveOptions("SelinuxOpts", "privileged")
- }
// apparmor and privileged are exclusive
if len(s.ApparmorProfile) > 0 && s.Privileged {
return exclusiveOptions("AppArmorProfile", "privileged")
diff --git a/pkg/specgen/config_linux_cgo.go b/pkg/specgen/generate/config_linux_cgo.go
index ef6c6e951..b06ef5c9a 100644
--- a/pkg/specgen/config_linux_cgo.go
+++ b/pkg/specgen/generate/config_linux_cgo.go
@@ -1,6 +1,6 @@
// +build linux,cgo
-package specgen
+package generate
import (
"context"
@@ -8,13 +8,14 @@ import (
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/pkg/seccomp"
+ "github.com/containers/libpod/pkg/specgen"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
goSeccomp "github.com/seccomp/containers-golang"
"github.com/sirupsen/logrus"
)
-func (s *SpecGenerator) getSeccompConfig(configSpec *spec.Spec, img *image.Image) (*spec.LinuxSeccomp, error) {
+func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *image.Image) (*spec.LinuxSeccomp, error) {
var seccompConfig *spec.LinuxSeccomp
var err error
scp, err := seccomp.LookupPolicy(s.SeccompPolicy)
diff --git a/pkg/specgen/generate/config_linux_nocgo.go b/pkg/specgen/generate/config_linux_nocgo.go
new file mode 100644
index 000000000..fc8ed206d
--- /dev/null
+++ b/pkg/specgen/generate/config_linux_nocgo.go
@@ -0,0 +1,14 @@
+// +build linux,!cgo
+
+package generate
+
+import (
+ "errors"
+
+ "github.com/containers/libpod/pkg/specgen"
+ spec "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+func (s *specgen.SpecGenerator) getSeccompConfig(configSpec *spec.Spec) (*spec.LinuxSeccomp, error) {
+ return nil, errors.New("not implemented")
+}
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go
index 78c77fec1..edd54847d 100644
--- a/pkg/specgen/generate/container.go
+++ b/pkg/specgen/generate/container.go
@@ -113,6 +113,14 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat
if err := finishThrottleDevices(s); err != nil {
return err
}
+ // Unless already set via the CLI, check if we need to disable process
+ // labels or set the defaults.
+ if len(s.SelinuxOpts) == 0 {
+ if err := s.SetLabelOpts(r, s.PidNS, s.IpcNS); err != nil {
+ return err
+ }
+ }
+
return nil
}
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index aad59a861..264e0ff8e 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -40,7 +40,7 @@ func MakeContainer(rt *libpod.Runtime, s *specgen.SpecGenerator) (*libpod.Contai
options = append(options, libpod.WithRootFSFromImage(newImage.ID(), s.Image, s.RawImageName))
- runtimeSpec, err := s.ToOCISpec(rt, newImage)
+ runtimeSpec, err := SpecGenToOCI(s, rt, newImage)
if err != nil {
return nil, err
}
@@ -80,7 +80,15 @@ func createContainerOptions(rt *libpod.Runtime, s *specgen.SpecGenerator) ([]lib
options = append(options, libpod.WithUserVolumes(destinations))
if len(s.Volumes) != 0 {
- options = append(options, libpod.WithNamedVolumes(s.Volumes))
+ var volumes []*libpod.ContainerNamedVolume
+ for _, v := range s.Volumes {
+ volumes = append(volumes, &libpod.ContainerNamedVolume{
+ Name: v.Name,
+ Dest: v.Dest,
+ Options: v.Options,
+ })
+ }
+ options = append(options, libpod.WithNamedVolumes(volumes))
}
if len(s.Command) != 0 {
@@ -115,7 +123,7 @@ func createContainerOptions(rt *libpod.Runtime, s *specgen.SpecGenerator) ([]lib
options = append(options, libpod.WithPrivileged(s.Privileged))
// Get namespace related options
- namespaceOptions, err := s.GenerateNamespaceContainerOpts(rt)
+ namespaceOptions, err := GenerateNamespaceContainerOpts(s, rt)
if err != nil {
return nil, err
}
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go
new file mode 100644
index 000000000..cdd7d86da
--- /dev/null
+++ b/pkg/specgen/generate/namespaces.go
@@ -0,0 +1,417 @@
+package generate
+
+import (
+ "os"
+
+ "github.com/containers/common/pkg/capabilities"
+ "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/libpod/image"
+ "github.com/containers/libpod/pkg/specgen"
+ "github.com/cri-o/ocicni/pkg/ocicni"
+ spec "github.com/opencontainers/runtime-spec/specs-go"
+ "github.com/opencontainers/runtime-tools/generate"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+)
+
+func GenerateNamespaceContainerOpts(s *specgen.SpecGenerator, rt *libpod.Runtime) ([]libpod.CtrCreateOption, error) {
+ var portBindings []ocicni.PortMapping
+ options := make([]libpod.CtrCreateOption, 0)
+
+ // Cgroups
+ switch {
+ case s.CgroupNS.IsPrivate():
+ ns := s.CgroupNS.Value
+ if _, err := os.Stat(ns); err != nil {
+ return nil, err
+ }
+ case s.CgroupNS.IsContainer():
+ connectedCtr, err := rt.LookupContainer(s.CgroupNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "container %q not found", s.CgroupNS.Value)
+ }
+ options = append(options, libpod.WithCgroupNSFrom(connectedCtr))
+ // TODO
+ //default:
+ // return nil, errors.New("cgroup name only supports private and container")
+ }
+
+ if s.CgroupParent != "" {
+ options = append(options, libpod.WithCgroupParent(s.CgroupParent))
+ }
+
+ if s.CgroupsMode != "" {
+ options = append(options, libpod.WithCgroupsMode(s.CgroupsMode))
+ }
+
+ // ipc
+ switch {
+ case s.IpcNS.IsHost():
+ options = append(options, libpod.WithShmDir("/dev/shm"))
+ case s.IpcNS.IsContainer():
+ connectedCtr, err := rt.LookupContainer(s.IpcNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "container %q not found", s.IpcNS.Value)
+ }
+ options = append(options, libpod.WithIPCNSFrom(connectedCtr))
+ options = append(options, libpod.WithShmDir(connectedCtr.ShmDir()))
+ }
+
+ // pid
+ if s.PidNS.IsContainer() {
+ connectedCtr, err := rt.LookupContainer(s.PidNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "container %q not found", s.PidNS.Value)
+ }
+ options = append(options, libpod.WithPIDNSFrom(connectedCtr))
+ }
+
+ // uts
+ switch {
+ case s.UtsNS.IsPod():
+ connectedPod, err := rt.LookupPod(s.UtsNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "pod %q not found", s.UtsNS.Value)
+ }
+ options = append(options, libpod.WithUTSNSFromPod(connectedPod))
+ case s.UtsNS.IsContainer():
+ connectedCtr, err := rt.LookupContainer(s.UtsNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "container %q not found", s.UtsNS.Value)
+ }
+
+ options = append(options, libpod.WithUTSNSFrom(connectedCtr))
+ }
+
+ if s.UseImageHosts {
+ options = append(options, libpod.WithUseImageHosts())
+ } else if len(s.HostAdd) > 0 {
+ options = append(options, libpod.WithHosts(s.HostAdd))
+ }
+
+ // User
+
+ switch {
+ case s.UserNS.IsPath():
+ ns := s.UserNS.Value
+ if ns == "" {
+ return nil, errors.Errorf("invalid empty user-defined user namespace")
+ }
+ _, err := os.Stat(ns)
+ if err != nil {
+ return nil, err
+ }
+ if s.IDMappings != nil {
+ options = append(options, libpod.WithIDMappings(*s.IDMappings))
+ }
+ case s.UserNS.IsContainer():
+ connectedCtr, err := rt.LookupContainer(s.UserNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "container %q not found", s.UserNS.Value)
+ }
+ options = append(options, libpod.WithUserNSFrom(connectedCtr))
+ default:
+ if s.IDMappings != nil {
+ options = append(options, libpod.WithIDMappings(*s.IDMappings))
+ }
+ }
+
+ options = append(options, libpod.WithUser(s.User))
+ options = append(options, libpod.WithGroups(s.Groups))
+
+ if len(s.PortMappings) > 0 {
+ portBindings = s.PortMappings
+ }
+
+ switch {
+ case s.NetNS.IsPath():
+ ns := s.NetNS.Value
+ if ns == "" {
+ return nil, errors.Errorf("invalid empty user-defined network namespace")
+ }
+ _, err := os.Stat(ns)
+ if err != nil {
+ return nil, err
+ }
+ case s.NetNS.IsContainer():
+ connectedCtr, err := rt.LookupContainer(s.NetNS.Value)
+ if err != nil {
+ return nil, errors.Wrapf(err, "container %q not found", s.NetNS.Value)
+ }
+ options = append(options, libpod.WithNetNSFrom(connectedCtr))
+ case !s.NetNS.IsHost() && s.NetNS.NSMode != specgen.NoNetwork:
+ postConfigureNetNS := !s.UserNS.IsHost()
+ options = append(options, libpod.WithNetNS(portBindings, postConfigureNetNS, string(s.NetNS.NSMode), s.CNINetworks))
+ }
+
+ if len(s.DNSSearch) > 0 {
+ options = append(options, libpod.WithDNSSearch(s.DNSSearch))
+ }
+ if len(s.DNSServer) > 0 {
+ // TODO I'm not sure how we are going to handle this given the input
+ if len(s.DNSServer) == 1 { //&& strings.ToLower(s.DNSServer[0].) == "none" {
+ options = append(options, libpod.WithUseImageResolvConf())
+ } else {
+ var dnsServers []string
+ for _, d := range s.DNSServer {
+ dnsServers = append(dnsServers, d.String())
+ }
+ options = append(options, libpod.WithDNS(dnsServers))
+ }
+ }
+ if len(s.DNSOption) > 0 {
+ options = append(options, libpod.WithDNSOption(s.DNSOption))
+ }
+ if s.StaticIP != nil {
+ options = append(options, libpod.WithStaticIP(*s.StaticIP))
+ }
+
+ if s.StaticMAC != nil {
+ options = append(options, libpod.WithStaticMAC(*s.StaticMAC))
+ }
+ return options, nil
+}
+
+func pidConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator) error {
+ if s.PidNS.IsPath() {
+ return g.AddOrReplaceLinuxNamespace(string(spec.PIDNamespace), s.PidNS.Value)
+ }
+ if s.PidNS.IsHost() {
+ return g.RemoveLinuxNamespace(string(spec.PIDNamespace))
+ }
+ if s.PidNS.IsContainer() {
+ logrus.Debugf("using container %s pidmode", s.PidNS.Value)
+ }
+ if s.PidNS.IsPod() {
+ logrus.Debug("using pod pidmode")
+ }
+ return nil
+}
+
+func utsConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator, runtime *libpod.Runtime) error {
+ hostname := s.Hostname
+ var err error
+ if hostname == "" {
+ switch {
+ case s.UtsNS.IsContainer():
+ utsCtr, err := runtime.LookupContainer(s.UtsNS.Value)
+ if err != nil {
+ return errors.Wrapf(err, "unable to retrieve hostname from dependency container %s", s.UtsNS.Value)
+ }
+ hostname = utsCtr.Hostname()
+ case s.NetNS.IsHost() || s.UtsNS.IsHost():
+ hostname, err = os.Hostname()
+ if err != nil {
+ return errors.Wrap(err, "unable to retrieve hostname of the host")
+ }
+ default:
+ logrus.Debug("No hostname set; container's hostname will default to runtime default")
+ }
+ }
+ g.RemoveHostname()
+ if s.Hostname != "" || !s.UtsNS.IsHost() {
+ // Set the hostname in the OCI configuration only
+ // if specified by the user or if we are creating
+ // a new UTS namespace.
+ g.SetHostname(hostname)
+ }
+ g.AddProcessEnv("HOSTNAME", hostname)
+
+ if s.UtsNS.IsPath() {
+ return g.AddOrReplaceLinuxNamespace(string(spec.UTSNamespace), s.UtsNS.Value)
+ }
+ if s.UtsNS.IsHost() {
+ return g.RemoveLinuxNamespace(string(spec.UTSNamespace))
+ }
+ if s.UtsNS.IsContainer() {
+ logrus.Debugf("using container %s utsmode", s.UtsNS.Value)
+ }
+ return nil
+}
+
+func ipcConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator) error {
+ if s.IpcNS.IsPath() {
+ return g.AddOrReplaceLinuxNamespace(string(spec.IPCNamespace), s.IpcNS.Value)
+ }
+ if s.IpcNS.IsHost() {
+ return g.RemoveLinuxNamespace(s.IpcNS.Value)
+ }
+ if s.IpcNS.IsContainer() {
+ logrus.Debugf("Using container %s ipcmode", s.IpcNS.Value)
+ }
+ return nil
+}
+
+func cgroupConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator) error {
+ if s.CgroupNS.IsPath() {
+ return g.AddOrReplaceLinuxNamespace(string(spec.CgroupNamespace), s.CgroupNS.Value)
+ }
+ if s.CgroupNS.IsHost() {
+ return g.RemoveLinuxNamespace(s.CgroupNS.Value)
+ }
+ if s.CgroupNS.IsPrivate() {
+ return g.AddOrReplaceLinuxNamespace(string(spec.CgroupNamespace), "")
+ }
+ if s.CgroupNS.IsContainer() {
+ logrus.Debugf("Using container %s cgroup mode", s.CgroupNS.Value)
+ }
+ return nil
+}
+
+func networkConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator) error {
+ switch {
+ case s.NetNS.IsHost():
+ logrus.Debug("Using host netmode")
+ if err := g.RemoveLinuxNamespace(string(spec.NetworkNamespace)); err != nil {
+ return err
+ }
+
+ case s.NetNS.NSMode == specgen.NoNetwork:
+ logrus.Debug("Using none netmode")
+ case s.NetNS.NSMode == specgen.Bridge:
+ logrus.Debug("Using bridge netmode")
+ case s.NetNS.IsContainer():
+ logrus.Debugf("using container %s netmode", s.NetNS.Value)
+ case s.NetNS.IsPath():
+ logrus.Debug("Using ns netmode")
+ if err := g.AddOrReplaceLinuxNamespace(string(spec.NetworkNamespace), s.NetNS.Value); err != nil {
+ return err
+ }
+ case s.NetNS.IsPod():
+ logrus.Debug("Using pod netmode, unless pod is not sharing")
+ case s.NetNS.NSMode == specgen.Slirp:
+ logrus.Debug("Using slirp4netns netmode")
+ default:
+ return errors.Errorf("unknown network mode")
+ }
+
+ if g.Config.Annotations == nil {
+ g.Config.Annotations = make(map[string]string)
+ }
+
+ if s.PublishImagePorts {
+ g.Config.Annotations[libpod.InspectAnnotationPublishAll] = libpod.InspectResponseTrue
+ } else {
+ g.Config.Annotations[libpod.InspectAnnotationPublishAll] = libpod.InspectResponseFalse
+ }
+
+ return nil
+}
+
+func userConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator) error {
+ if s.UserNS.IsPath() {
+ if err := g.AddOrReplaceLinuxNamespace(string(spec.UserNamespace), s.UserNS.Value); err != nil {
+ return err
+ }
+ // runc complains if no mapping is specified, even if we join another ns. So provide a dummy mapping
+ g.AddLinuxUIDMapping(uint32(0), uint32(0), uint32(1))
+ g.AddLinuxGIDMapping(uint32(0), uint32(0), uint32(1))
+ }
+
+ if s.IDMappings != nil {
+ if (len(s.IDMappings.UIDMap) > 0 || len(s.IDMappings.GIDMap) > 0) && !s.UserNS.IsHost() {
+ if err := g.AddOrReplaceLinuxNamespace(string(spec.UserNamespace), ""); err != nil {
+ return err
+ }
+ }
+ for _, uidmap := range s.IDMappings.UIDMap {
+ g.AddLinuxUIDMapping(uint32(uidmap.HostID), uint32(uidmap.ContainerID), uint32(uidmap.Size))
+ }
+ for _, gidmap := range s.IDMappings.GIDMap {
+ g.AddLinuxGIDMapping(uint32(gidmap.HostID), uint32(gidmap.ContainerID), uint32(gidmap.Size))
+ }
+ }
+ return nil
+}
+
+func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator, newImage *image.Image) error {
+ // HANDLE CAPABILITIES
+ // NOTE: Must happen before SECCOMP
+ if s.Privileged {
+ g.SetupPrivileged(true)
+ }
+
+ useNotRoot := func(user string) bool {
+ if user == "" || user == "root" || user == "0" {
+ return false
+ }
+ return true
+ }
+ configSpec := g.Config
+ var err error
+ var caplist []string
+ bounding := configSpec.Process.Capabilities.Bounding
+ if useNotRoot(s.User) {
+ configSpec.Process.Capabilities.Bounding = caplist
+ }
+ caplist, err = capabilities.MergeCapabilities(configSpec.Process.Capabilities.Bounding, s.CapAdd, s.CapDrop)
+ if err != nil {
+ return err
+ }
+
+ configSpec.Process.Capabilities.Bounding = caplist
+ configSpec.Process.Capabilities.Permitted = caplist
+ configSpec.Process.Capabilities.Inheritable = caplist
+ configSpec.Process.Capabilities.Effective = caplist
+ configSpec.Process.Capabilities.Ambient = caplist
+ if useNotRoot(s.User) {
+ caplist, err = capabilities.MergeCapabilities(bounding, s.CapAdd, s.CapDrop)
+ if err != nil {
+ return err
+ }
+ }
+ configSpec.Process.Capabilities.Bounding = caplist
+
+ // HANDLE SECCOMP
+ if s.SeccompProfilePath != "unconfined" {
+ seccompConfig, err := getSeccompConfig(s, configSpec, newImage)
+ if err != nil {
+ return err
+ }
+ configSpec.Linux.Seccomp = seccompConfig
+ }
+
+ // Clear default Seccomp profile from Generator for privileged containers
+ if s.SeccompProfilePath == "unconfined" || s.Privileged {
+ configSpec.Linux.Seccomp = nil
+ }
+
+ g.SetRootReadonly(s.ReadOnlyFilesystem)
+ for sysctlKey, sysctlVal := range s.Sysctl {
+ g.AddLinuxSysctl(sysctlKey, sysctlVal)
+ }
+
+ return nil
+}
+
+// GetNamespaceOptions transforms a slice of kernel namespaces
+// into a slice of pod create options. Currently, not all
+// kernel namespaces are supported, and they will be returned in an error
+func GetNamespaceOptions(ns []string) ([]libpod.PodCreateOption, error) {
+ var options []libpod.PodCreateOption
+ var erroredOptions []libpod.PodCreateOption
+ for _, toShare := range ns {
+ switch toShare {
+ case "cgroup":
+ options = append(options, libpod.WithPodCgroups())
+ case "net":
+ options = append(options, libpod.WithPodNet())
+ case "mnt":
+ return erroredOptions, errors.Errorf("Mount sharing functionality not supported on pod level")
+ case "pid":
+ options = append(options, libpod.WithPodPID())
+ case "user":
+ return erroredOptions, errors.Errorf("User sharing functionality not supported on pod level")
+ case "ipc":
+ options = append(options, libpod.WithPodIPC())
+ case "uts":
+ options = append(options, libpod.WithPodUTS())
+ case "":
+ case "none":
+ return erroredOptions, nil
+ default:
+ return erroredOptions, errors.Errorf("Invalid kernel namespace to share: %s. Options are: net, pid, ipc, uts or none", toShare)
+ }
+ }
+ return options, nil
+}
diff --git a/pkg/specgen/oci.go b/pkg/specgen/generate/oci.go
index 0756782b4..4bc4d2327 100644
--- a/pkg/specgen/oci.go
+++ b/pkg/specgen/generate/oci.go
@@ -1,4 +1,4 @@
-package specgen
+package generate
import (
"strings"
@@ -7,11 +7,12 @@ import (
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/pkg/rootless"
createconfig "github.com/containers/libpod/pkg/spec"
+ "github.com/containers/libpod/pkg/specgen"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
)
-func (s *SpecGenerator) ToOCISpec(rt *libpod.Runtime, newImage *image.Image) (*spec.Spec, error) {
+func SpecGenToOCI(s *specgen.SpecGenerator, rt *libpod.Runtime, newImage *image.Image) (*spec.Spec, error) {
var (
inUserNS bool
)
@@ -183,32 +184,32 @@ func (s *SpecGenerator) ToOCISpec(rt *libpod.Runtime, newImage *image.Image) (*s
// NAMESPACES
- if err := s.pidConfigureGenerator(&g); err != nil {
+ if err := pidConfigureGenerator(s, &g); err != nil {
return nil, err
}
- if err := s.userConfigureGenerator(&g); err != nil {
+ if err := userConfigureGenerator(s, &g); err != nil {
return nil, err
}
- if err := s.networkConfigureGenerator(&g); err != nil {
+ if err := networkConfigureGenerator(s, &g); err != nil {
return nil, err
}
- if err := s.utsConfigureGenerator(&g, rt); err != nil {
+ if err := utsConfigureGenerator(s, &g, rt); err != nil {
return nil, err
}
- if err := s.ipcConfigureGenerator(&g); err != nil {
+ if err := ipcConfigureGenerator(s, &g); err != nil {
return nil, err
}
- if err := s.cgroupConfigureGenerator(&g); err != nil {
+ if err := cgroupConfigureGenerator(s, &g); err != nil {
return nil, err
}
configSpec := g.Config
- if err := s.securityConfigureGenerator(&g, newImage); err != nil {
+ if err := securityConfigureGenerator(s, &g, newImage); err != nil {
return nil, err
}
diff --git a/pkg/specgen/pod_create.go b/pkg/specgen/generate/pod_create.go
index 06aa24e22..292f9b155 100644
--- a/pkg/specgen/pod_create.go
+++ b/pkg/specgen/generate/pod_create.go
@@ -1,31 +1,31 @@
-package specgen
+package generate
import (
"context"
- "github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/pkg/specgen"
"github.com/sirupsen/logrus"
)
-func (p *PodSpecGenerator) MakePod(rt *libpod.Runtime) (*libpod.Pod, error) {
- if err := p.validate(); err != nil {
+func MakePod(p *specgen.PodSpecGenerator, rt *libpod.Runtime) (*libpod.Pod, error) {
+ if err := p.Validate(); err != nil {
return nil, err
}
- options, err := p.createPodOptions()
+ options, err := createPodOptions(p)
if err != nil {
return nil, err
}
return rt.NewPod(context.Background(), options...)
}
-func (p *PodSpecGenerator) createPodOptions() ([]libpod.PodCreateOption, error) {
+func createPodOptions(p *specgen.PodSpecGenerator) ([]libpod.PodCreateOption, error) {
var (
options []libpod.PodCreateOption
)
if !p.NoInfra {
options = append(options, libpod.WithInfraContainer())
- nsOptions, err := shared.GetNamespaceOptions(p.SharedNamespaces)
+ nsOptions, err := GetNamespaceOptions(p.SharedNamespaces)
if err != nil {
return nil, err
}
@@ -62,9 +62,9 @@ func (p *PodSpecGenerator) createPodOptions() ([]libpod.PodCreateOption, error)
options = append(options, libpod.WithPodUseImageResolvConf())
}
switch p.NetNS.NSMode {
- case Bridge:
+ case specgen.Bridge:
logrus.Debugf("Pod using default network mode")
- case Host:
+ case specgen.Host:
logrus.Debugf("Pod will use host networking")
options = append(options, libpod.WithPodHostNetwork())
default:
diff --git a/pkg/specgen/storage.go b/pkg/specgen/generate/storage.go
index 1b903f608..c9a36ed46 100644
--- a/pkg/specgen/storage.go
+++ b/pkg/specgen/generate/storage.go
@@ -1,4 +1,4 @@
-package specgen
+package generate
//nolint
@@ -8,9 +8,9 @@ import (
"path/filepath"
"strings"
- "github.com/containers/libpod/libpod"
-
"github.com/containers/buildah/pkg/parse"
+ "github.com/containers/libpod/libpod"
+ "github.com/containers/libpod/pkg/specgen"
"github.com/containers/libpod/pkg/util"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
@@ -38,7 +38,7 @@ var (
// TODO: Named volume options - should we default to rprivate? It bakes into a
// bind mount under the hood...
// TODO: handle options parsing/processing via containers/storage/pkg/mount
-func (s *SpecGenerator) parseVolumes(mounts, volMounts, tmpMounts []string) error { //nolint
+func parseVolumes(s *specgen.SpecGenerator, mounts, volMounts, tmpMounts []string) error { //nolint
// TODO this needs to come from the image and erquires a runtime
diff --git a/pkg/specgen/namespaces.go b/pkg/specgen/namespaces.go
index 2a7bb3495..2ef5bc229 100644
--- a/pkg/specgen/namespaces.go
+++ b/pkg/specgen/namespaces.go
@@ -1,16 +1,7 @@
package specgen
import (
- "os"
-
- "github.com/containers/common/pkg/capabilities"
- "github.com/containers/libpod/libpod"
- "github.com/containers/libpod/libpod/image"
- "github.com/cri-o/ocicni/pkg/ocicni"
- spec "github.com/opencontainers/runtime-spec/specs-go"
- "github.com/opencontainers/runtime-tools/generate"
"github.com/pkg/errors"
- "github.com/sirupsen/logrus"
)
type NamespaceMode string
@@ -105,373 +96,3 @@ func (n *Namespace) validate() error {
}
return nil
}
-
-func (s *SpecGenerator) GenerateNamespaceContainerOpts(rt *libpod.Runtime) ([]libpod.CtrCreateOption, error) {
- var portBindings []ocicni.PortMapping
- options := make([]libpod.CtrCreateOption, 0)
-
- // Cgroups
- switch {
- case s.CgroupNS.IsPrivate():
- ns := s.CgroupNS.Value
- if _, err := os.Stat(ns); err != nil {
- return nil, err
- }
- case s.CgroupNS.IsContainer():
- connectedCtr, err := rt.LookupContainer(s.CgroupNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "container %q not found", s.CgroupNS.Value)
- }
- options = append(options, libpod.WithCgroupNSFrom(connectedCtr))
- // TODO
- //default:
- // return nil, errors.New("cgroup name only supports private and container")
- }
-
- if s.CgroupParent != "" {
- options = append(options, libpod.WithCgroupParent(s.CgroupParent))
- }
-
- if s.CgroupsMode != "" {
- options = append(options, libpod.WithCgroupsMode(s.CgroupsMode))
- }
-
- // ipc
- switch {
- case s.IpcNS.IsHost():
- options = append(options, libpod.WithShmDir("/dev/shm"))
- case s.IpcNS.IsContainer():
- connectedCtr, err := rt.LookupContainer(s.IpcNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "container %q not found", s.IpcNS.Value)
- }
- options = append(options, libpod.WithIPCNSFrom(connectedCtr))
- options = append(options, libpod.WithShmDir(connectedCtr.ShmDir()))
- }
-
- // pid
- if s.PidNS.IsContainer() {
- connectedCtr, err := rt.LookupContainer(s.PidNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "container %q not found", s.PidNS.Value)
- }
- options = append(options, libpod.WithPIDNSFrom(connectedCtr))
- }
-
- // uts
- switch {
- case s.UtsNS.IsPod():
- connectedPod, err := rt.LookupPod(s.UtsNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "pod %q not found", s.UtsNS.Value)
- }
- options = append(options, libpod.WithUTSNSFromPod(connectedPod))
- case s.UtsNS.IsContainer():
- connectedCtr, err := rt.LookupContainer(s.UtsNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "container %q not found", s.UtsNS.Value)
- }
-
- options = append(options, libpod.WithUTSNSFrom(connectedCtr))
- }
-
- if s.UseImageHosts {
- options = append(options, libpod.WithUseImageHosts())
- } else if len(s.HostAdd) > 0 {
- options = append(options, libpod.WithHosts(s.HostAdd))
- }
-
- // User
-
- switch {
- case s.UserNS.IsPath():
- ns := s.UserNS.Value
- if ns == "" {
- return nil, errors.Errorf("invalid empty user-defined user namespace")
- }
- _, err := os.Stat(ns)
- if err != nil {
- return nil, err
- }
- if s.IDMappings != nil {
- options = append(options, libpod.WithIDMappings(*s.IDMappings))
- }
- case s.UserNS.IsContainer():
- connectedCtr, err := rt.LookupContainer(s.UserNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "container %q not found", s.UserNS.Value)
- }
- options = append(options, libpod.WithUserNSFrom(connectedCtr))
- default:
- if s.IDMappings != nil {
- options = append(options, libpod.WithIDMappings(*s.IDMappings))
- }
- }
-
- options = append(options, libpod.WithUser(s.User))
- options = append(options, libpod.WithGroups(s.Groups))
-
- if len(s.PortMappings) > 0 {
- portBindings = s.PortMappings
- }
-
- switch {
- case s.NetNS.IsPath():
- ns := s.NetNS.Value
- if ns == "" {
- return nil, errors.Errorf("invalid empty user-defined network namespace")
- }
- _, err := os.Stat(ns)
- if err != nil {
- return nil, err
- }
- case s.NetNS.IsContainer():
- connectedCtr, err := rt.LookupContainer(s.NetNS.Value)
- if err != nil {
- return nil, errors.Wrapf(err, "container %q not found", s.NetNS.Value)
- }
- options = append(options, libpod.WithNetNSFrom(connectedCtr))
- case !s.NetNS.IsHost() && s.NetNS.NSMode != NoNetwork:
- postConfigureNetNS := !s.UserNS.IsHost()
- options = append(options, libpod.WithNetNS(portBindings, postConfigureNetNS, string(s.NetNS.NSMode), s.CNINetworks))
- }
-
- if len(s.DNSSearch) > 0 {
- options = append(options, libpod.WithDNSSearch(s.DNSSearch))
- }
- if len(s.DNSServer) > 0 {
- // TODO I'm not sure how we are going to handle this given the input
- if len(s.DNSServer) == 1 { //&& strings.ToLower(s.DNSServer[0].) == "none" {
- options = append(options, libpod.WithUseImageResolvConf())
- } else {
- var dnsServers []string
- for _, d := range s.DNSServer {
- dnsServers = append(dnsServers, d.String())
- }
- options = append(options, libpod.WithDNS(dnsServers))
- }
- }
- if len(s.DNSOption) > 0 {
- options = append(options, libpod.WithDNSOption(s.DNSOption))
- }
- if s.StaticIP != nil {
- options = append(options, libpod.WithStaticIP(*s.StaticIP))
- }
-
- if s.StaticMAC != nil {
- options = append(options, libpod.WithStaticMAC(*s.StaticMAC))
- }
- return options, nil
-}
-
-func (s *SpecGenerator) pidConfigureGenerator(g *generate.Generator) error {
- if s.PidNS.IsPath() {
- return g.AddOrReplaceLinuxNamespace(string(spec.PIDNamespace), s.PidNS.Value)
- }
- if s.PidNS.IsHost() {
- return g.RemoveLinuxNamespace(string(spec.PIDNamespace))
- }
- if s.PidNS.IsContainer() {
- logrus.Debugf("using container %s pidmode", s.PidNS.Value)
- }
- if s.PidNS.IsPod() {
- logrus.Debug("using pod pidmode")
- }
- return nil
-}
-
-func (s *SpecGenerator) utsConfigureGenerator(g *generate.Generator, runtime *libpod.Runtime) error {
- hostname := s.Hostname
- var err error
- if hostname == "" {
- switch {
- case s.UtsNS.IsContainer():
- utsCtr, err := runtime.LookupContainer(s.UtsNS.Value)
- if err != nil {
- return errors.Wrapf(err, "unable to retrieve hostname from dependency container %s", s.UtsNS.Value)
- }
- hostname = utsCtr.Hostname()
- case s.NetNS.IsHost() || s.UtsNS.IsHost():
- hostname, err = os.Hostname()
- if err != nil {
- return errors.Wrap(err, "unable to retrieve hostname of the host")
- }
- default:
- logrus.Debug("No hostname set; container's hostname will default to runtime default")
- }
- }
- g.RemoveHostname()
- if s.Hostname != "" || !s.UtsNS.IsHost() {
- // Set the hostname in the OCI configuration only
- // if specified by the user or if we are creating
- // a new UTS namespace.
- g.SetHostname(hostname)
- }
- g.AddProcessEnv("HOSTNAME", hostname)
-
- if s.UtsNS.IsPath() {
- return g.AddOrReplaceLinuxNamespace(string(spec.UTSNamespace), s.UtsNS.Value)
- }
- if s.UtsNS.IsHost() {
- return g.RemoveLinuxNamespace(string(spec.UTSNamespace))
- }
- if s.UtsNS.IsContainer() {
- logrus.Debugf("using container %s utsmode", s.UtsNS.Value)
- }
- return nil
-}
-
-func (s *SpecGenerator) ipcConfigureGenerator(g *generate.Generator) error {
- if s.IpcNS.IsPath() {
- return g.AddOrReplaceLinuxNamespace(string(spec.IPCNamespace), s.IpcNS.Value)
- }
- if s.IpcNS.IsHost() {
- return g.RemoveLinuxNamespace(s.IpcNS.Value)
- }
- if s.IpcNS.IsContainer() {
- logrus.Debugf("Using container %s ipcmode", s.IpcNS.Value)
- }
- return nil
-}
-
-func (s *SpecGenerator) cgroupConfigureGenerator(g *generate.Generator) error {
- if s.CgroupNS.IsPath() {
- return g.AddOrReplaceLinuxNamespace(string(spec.CgroupNamespace), s.CgroupNS.Value)
- }
- if s.CgroupNS.IsHost() {
- return g.RemoveLinuxNamespace(s.CgroupNS.Value)
- }
- if s.CgroupNS.IsPrivate() {
- return g.AddOrReplaceLinuxNamespace(string(spec.CgroupNamespace), "")
- }
- if s.CgroupNS.IsContainer() {
- logrus.Debugf("Using container %s cgroup mode", s.CgroupNS.Value)
- }
- return nil
-}
-
-func (s *SpecGenerator) networkConfigureGenerator(g *generate.Generator) error {
- switch {
- case s.NetNS.IsHost():
- logrus.Debug("Using host netmode")
- if err := g.RemoveLinuxNamespace(string(spec.NetworkNamespace)); err != nil {
- return err
- }
-
- case s.NetNS.NSMode == NoNetwork:
- logrus.Debug("Using none netmode")
- case s.NetNS.NSMode == Bridge:
- logrus.Debug("Using bridge netmode")
- case s.NetNS.IsContainer():
- logrus.Debugf("using container %s netmode", s.NetNS.Value)
- case s.NetNS.IsPath():
- logrus.Debug("Using ns netmode")
- if err := g.AddOrReplaceLinuxNamespace(string(spec.NetworkNamespace), s.NetNS.Value); err != nil {
- return err
- }
- case s.NetNS.IsPod():
- logrus.Debug("Using pod netmode, unless pod is not sharing")
- case s.NetNS.NSMode == Slirp:
- logrus.Debug("Using slirp4netns netmode")
- default:
- return errors.Errorf("unknown network mode")
- }
-
- if g.Config.Annotations == nil {
- g.Config.Annotations = make(map[string]string)
- }
-
- if s.PublishImagePorts {
- g.Config.Annotations[libpod.InspectAnnotationPublishAll] = libpod.InspectResponseTrue
- } else {
- g.Config.Annotations[libpod.InspectAnnotationPublishAll] = libpod.InspectResponseFalse
- }
-
- return nil
-}
-
-func (s *SpecGenerator) userConfigureGenerator(g *generate.Generator) error {
- if s.UserNS.IsPath() {
- if err := g.AddOrReplaceLinuxNamespace(string(spec.UserNamespace), s.UserNS.Value); err != nil {
- return err
- }
- // runc complains if no mapping is specified, even if we join another ns. So provide a dummy mapping
- g.AddLinuxUIDMapping(uint32(0), uint32(0), uint32(1))
- g.AddLinuxGIDMapping(uint32(0), uint32(0), uint32(1))
- }
-
- if s.IDMappings != nil {
- if (len(s.IDMappings.UIDMap) > 0 || len(s.IDMappings.GIDMap) > 0) && !s.UserNS.IsHost() {
- if err := g.AddOrReplaceLinuxNamespace(string(spec.UserNamespace), ""); err != nil {
- return err
- }
- }
- for _, uidmap := range s.IDMappings.UIDMap {
- g.AddLinuxUIDMapping(uint32(uidmap.HostID), uint32(uidmap.ContainerID), uint32(uidmap.Size))
- }
- for _, gidmap := range s.IDMappings.GIDMap {
- g.AddLinuxGIDMapping(uint32(gidmap.HostID), uint32(gidmap.ContainerID), uint32(gidmap.Size))
- }
- }
- return nil
-}
-
-func (s *SpecGenerator) securityConfigureGenerator(g *generate.Generator, newImage *image.Image) error {
- // HANDLE CAPABILITIES
- // NOTE: Must happen before SECCOMP
- if s.Privileged {
- g.SetupPrivileged(true)
- }
-
- useNotRoot := func(user string) bool {
- if user == "" || user == "root" || user == "0" {
- return false
- }
- return true
- }
- configSpec := g.Config
- var err error
- var caplist []string
- bounding := configSpec.Process.Capabilities.Bounding
- if useNotRoot(s.User) {
- configSpec.Process.Capabilities.Bounding = caplist
- }
- caplist, err = capabilities.MergeCapabilities(configSpec.Process.Capabilities.Bounding, s.CapAdd, s.CapDrop)
- if err != nil {
- return err
- }
-
- configSpec.Process.Capabilities.Bounding = caplist
- configSpec.Process.Capabilities.Permitted = caplist
- configSpec.Process.Capabilities.Inheritable = caplist
- configSpec.Process.Capabilities.Effective = caplist
- configSpec.Process.Capabilities.Ambient = caplist
- if useNotRoot(s.User) {
- caplist, err = capabilities.MergeCapabilities(bounding, s.CapAdd, s.CapDrop)
- if err != nil {
- return err
- }
- }
- configSpec.Process.Capabilities.Bounding = caplist
-
- // HANDLE SECCOMP
- if s.SeccompProfilePath != "unconfined" {
- seccompConfig, err := s.getSeccompConfig(configSpec, newImage)
- if err != nil {
- return err
- }
- configSpec.Linux.Seccomp = seccompConfig
- }
-
- // Clear default Seccomp profile from Generator for privileged containers
- if s.SeccompProfilePath == "unconfined" || s.Privileged {
- configSpec.Linux.Seccomp = nil
- }
-
- g.SetRootReadonly(s.ReadOnlyFilesystem)
- for sysctlKey, sysctlVal := range s.Sysctl {
- g.AddLinuxSysctl(sysctlKey, sysctlVal)
- }
-
- return nil
-}
diff --git a/pkg/specgen/pod_validate.go b/pkg/specgen/pod_validate.go
index 50309f096..9e9659fa9 100644
--- a/pkg/specgen/pod_validate.go
+++ b/pkg/specgen/pod_validate.go
@@ -15,7 +15,8 @@ func exclusivePodOptions(opt1, opt2 string) error {
return errors.Wrapf(ErrInvalidPodSpecConfig, "%s and %s are mutually exclusive pod options", opt1, opt2)
}
-func (p *PodSpecGenerator) validate() error {
+// Validate verifies the input is valid
+func (p *PodSpecGenerator) Validate() error {
// PodBasicConfig
if p.NoInfra {
if len(p.InfraCommand) > 0 {
@@ -25,7 +26,7 @@ func (p *PodSpecGenerator) validate() error {
return exclusivePodOptions("NoInfra", "InfraImage")
}
if len(p.SharedNamespaces) > 0 {
- return exclusivePodOptions("NoInfo", "SharedNamespaces")
+ return exclusivePodOptions("NoInfra", "SharedNamespaces")
}
}
diff --git a/pkg/specgen/security.go b/pkg/specgen/security.go
index 158e4a7b3..6f835eae4 100644
--- a/pkg/specgen/security.go
+++ b/pkg/specgen/security.go
@@ -1,32 +1,26 @@
package specgen
-// ToCreateOptions convert the SecurityConfig to a slice of container create
-// options.
-/*
-func (c *SecurityConfig) ToCreateOptions() ([]libpod.CtrCreateOption, error) {
- options := make([]libpod.CtrCreateOption, 0)
- options = append(options, libpod.WithSecLabels(c.LabelOpts))
- options = append(options, libpod.WithPrivileged(c.Privileged))
- return options, nil
-}
-*/
+import (
+ "github.com/containers/libpod/libpod"
+ "github.com/opencontainers/selinux/go-selinux/label"
+ "github.com/pkg/errors"
+)
// SetLabelOpts sets the label options of the SecurityConfig according to the
// input.
-/*
-func (c *SecurityConfig) SetLabelOpts(runtime *libpod.Runtime, pidConfig *PidConfig, ipcConfig *IpcConfig) error {
- if c.Privileged {
- c.LabelOpts = label.DisableSecOpt()
+func (s *SpecGenerator) SetLabelOpts(runtime *libpod.Runtime, pidConfig Namespace, ipcConfig Namespace) error {
+ if !runtime.EnableLabeling() || s.Privileged {
+ s.SelinuxOpts = label.DisableSecOpt()
return nil
}
var labelOpts []string
- if pidConfig.PidMode.IsHost() {
+ if pidConfig.IsHost() {
labelOpts = append(labelOpts, label.DisableSecOpt()...)
- } else if pidConfig.PidMode.IsContainer() {
- ctr, err := runtime.LookupContainer(pidConfig.PidMode.Container())
+ } else if pidConfig.IsContainer() {
+ ctr, err := runtime.LookupContainer(pidConfig.Value)
if err != nil {
- return errors.Wrapf(err, "container %q not found", pidConfig.PidMode.Container())
+ return errors.Wrapf(err, "container %q not found", pidConfig.Value)
}
secopts, err := label.DupSecOpt(ctr.ProcessLabel())
if err != nil {
@@ -35,12 +29,12 @@ func (c *SecurityConfig) SetLabelOpts(runtime *libpod.Runtime, pidConfig *PidCon
labelOpts = append(labelOpts, secopts...)
}
- if ipcConfig.IpcMode.IsHost() {
+ if ipcConfig.IsHost() {
labelOpts = append(labelOpts, label.DisableSecOpt()...)
- } else if ipcConfig.IpcMode.IsContainer() {
- ctr, err := runtime.LookupContainer(ipcConfig.IpcMode.Container())
+ } else if ipcConfig.IsContainer() {
+ ctr, err := runtime.LookupContainer(ipcConfig.Value)
if err != nil {
- return errors.Wrapf(err, "container %q not found", ipcConfig.IpcMode.Container())
+ return errors.Wrapf(err, "container %q not found", ipcConfig.Value)
}
secopts, err := label.DupSecOpt(ctr.ProcessLabel())
if err != nil {
@@ -49,13 +43,7 @@ func (c *SecurityConfig) SetLabelOpts(runtime *libpod.Runtime, pidConfig *PidCon
labelOpts = append(labelOpts, secopts...)
}
- c.LabelOpts = append(c.LabelOpts, labelOpts...)
- return nil
-}
-*/
-
-// SetSecurityOpts the the security options (labels, apparmor, seccomp, etc.).
-func SetSecurityOpts(securityOpts []string) error {
+ s.SelinuxOpts = append(s.SelinuxOpts, labelOpts...)
return nil
}
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index 2e6dd9c1d..1a05733f9 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -4,8 +4,6 @@ import (
"net"
"syscall"
- "github.com/containers/libpod/libpod"
-
"github.com/containers/image/v5/manifest"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/storage"
@@ -174,7 +172,7 @@ type ContainerStorageConfig struct {
// These will supersede Image Volumes and VolumesFrom volumes where
// there are conflicts.
// Optional.
- Volumes []*libpod.ContainerNamedVolume `json:"volumes,omitempty"`
+ Volumes []*Volumes `json:"volumes,omitempty"`
// Devices are devices that will be added to the container.
// Optional.
Devices []spec.LinuxDevice `json:"devices,omitempty"`
@@ -230,14 +228,6 @@ type ContainerSecurityConfig struct {
// If SELinux is enabled and this is not specified, a label will be
// automatically generated if not specified.
// Optional.
- SelinuxProcessLabel string `json:"selinux_process_label,omitempty"`
- // SelinuxMountLabel is the mount label the container will use.
- // If SELinux is enabled and this is not specified, a label will be
- // automatically generated if not specified.
- // Optional.
- SelinuxMountLabel string `json:"selinux_mount_label,omitempty"`
- // SelinuxOpts are options for configuring SELinux.
- // Optional.
SelinuxOpts []string `json:"selinux_opts,omitempty"`
// ApparmorProfile is the name of the Apparmor profile the container
// will use.
@@ -403,6 +393,13 @@ type SpecGenerator struct {
ContainerHealthCheckConfig
}
+// Volumes is a temporary struct to hold input from the User
+type Volumes struct {
+ Name string
+ Dest string
+ Options []string
+}
+
// NewSpecGenerator returns a SpecGenerator struct given one of two mandatory inputs
func NewSpecGenerator(image string) *SpecGenerator {
networkConfig := ContainerNetworkConfig{
diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index 372c7c53b..3906ed19f 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -14,7 +14,6 @@ import (
"github.com/BurntSushi/toml"
"github.com/containers/image/v5/types"
- "github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/pkg/errorhandling"
"github.com/containers/libpod/pkg/namespaces"
"github.com/containers/libpod/pkg/rootless"
@@ -24,7 +23,6 @@ import (
v1 "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
- "github.com/spf13/pflag"
"golang.org/x/crypto/ssh/terminal"
)
@@ -515,35 +513,6 @@ func ParseInputTime(inputTime string) (time.Time, error) {
return time.Now().Add(-duration), nil
}
-// GetGlobalOpts checks all global flags and generates the command string
-func GetGlobalOpts(c *cliconfig.RunlabelValues) string {
- globalFlags := map[string]bool{
- "cgroup-manager": true, "cni-config-dir": true, "conmon": true, "default-mounts-file": true,
- "hooks-dir": true, "namespace": true, "root": true, "runroot": true,
- "runtime": true, "storage-driver": true, "storage-opt": true, "syslog": true,
- "trace": true, "network-cmd-path": true, "config": true, "cpu-profile": true,
- "log-level": true, "tmpdir": true}
- const stringSliceType string = "stringSlice"
-
- var optsCommand []string
- c.PodmanCommand.Command.Flags().VisitAll(func(f *pflag.Flag) {
- if !f.Changed {
- return
- }
- if _, exist := globalFlags[f.Name]; exist {
- if f.Value.Type() == stringSliceType {
- flagValue := strings.TrimSuffix(strings.TrimPrefix(f.Value.String(), "["), "]")
- for _, value := range strings.Split(flagValue, ",") {
- optsCommand = append(optsCommand, fmt.Sprintf("--%s %s", f.Name, value))
- }
- } else {
- optsCommand = append(optsCommand, fmt.Sprintf("--%s %s", f.Name, f.Value.String()))
- }
- }
- })
- return strings.Join(optsCommand, " ")
-}
-
// OpenExclusiveFile opens a file for writing and ensure it doesn't already exist
func OpenExclusiveFile(path string) (*os.File, error) {
baseDir := filepath.Dir(path)
diff --git a/pkg/varlinkapi/attach.go b/pkg/varlinkapi/attach.go
index 34f351669..db977ee5c 100644
--- a/pkg/varlinkapi/attach.go
+++ b/pkg/varlinkapi/attach.go
@@ -44,7 +44,7 @@ func setupStreams(call iopodman.VarlinkCall) (*bufio.Reader, *bufio.Writer, *io.
}
// Attach connects to a containers console
-func (i *LibpodAPI) Attach(call iopodman.VarlinkCall, name string, detachKeys string, start bool) error {
+func (i *VarlinkAPI) Attach(call iopodman.VarlinkCall, name string, detachKeys string, start bool) error {
var finalErr error
resize := make(chan remotecommand.TerminalSize)
errChan := make(chan error)
diff --git a/pkg/varlinkapi/config.go b/pkg/varlinkapi/config.go
index c69dc794a..cc787eca2 100644
--- a/pkg/varlinkapi/config.go
+++ b/pkg/varlinkapi/config.go
@@ -3,21 +3,20 @@
package varlinkapi
import (
- "github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/libpod"
iopodman "github.com/containers/libpod/pkg/varlink"
"github.com/spf13/cobra"
)
-// LibpodAPI is the basic varlink struct for libpod
-type LibpodAPI struct {
+// VarlinkAPI is the basic varlink struct for libpod
+type VarlinkAPI struct {
Cli *cobra.Command
iopodman.VarlinkInterface
Runtime *libpod.Runtime
}
// New creates a new varlink client
-func New(cli *cliconfig.PodmanCommand, runtime *libpod.Runtime) *iopodman.VarlinkInterface {
- lp := LibpodAPI{Cli: cli.Command, Runtime: runtime}
+func New(cli *cobra.Command, runtime *libpod.Runtime) *iopodman.VarlinkInterface {
+ lp := VarlinkAPI{Cli: cli, Runtime: runtime}
return iopodman.VarlinkNew(&lp)
}
diff --git a/pkg/varlinkapi/containers.go b/pkg/varlinkapi/containers.go
index 2d051470f..66b3e4095 100644
--- a/pkg/varlinkapi/containers.go
+++ b/pkg/varlinkapi/containers.go
@@ -30,7 +30,7 @@ import (
)
// ListContainers ...
-func (i *LibpodAPI) ListContainers(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) ListContainers(call iopodman.VarlinkCall) error {
var (
listContainers []iopodman.Container
)
@@ -54,7 +54,7 @@ func (i *LibpodAPI) ListContainers(call iopodman.VarlinkCall) error {
return call.ReplyListContainers(listContainers)
}
-func (i *LibpodAPI) Ps(call iopodman.VarlinkCall, opts iopodman.PsOpts) error {
+func (i *VarlinkAPI) Ps(call iopodman.VarlinkCall, opts iopodman.PsOpts) error {
var (
containers []iopodman.PsContainer
)
@@ -106,7 +106,7 @@ func (i *LibpodAPI) Ps(call iopodman.VarlinkCall, opts iopodman.PsOpts) error {
}
// GetContainer ...
-func (i *LibpodAPI) GetContainer(call iopodman.VarlinkCall, id string) error {
+func (i *VarlinkAPI) GetContainer(call iopodman.VarlinkCall, id string) error {
ctr, err := i.Runtime.LookupContainer(id)
if err != nil {
return call.ReplyContainerNotFound(id, err.Error())
@@ -123,7 +123,7 @@ func (i *LibpodAPI) GetContainer(call iopodman.VarlinkCall, id string) error {
}
// GetContainersByContext returns a slice of container ids based on all, latest, or a list
-func (i *LibpodAPI) GetContainersByContext(call iopodman.VarlinkCall, all, latest bool, input []string) error {
+func (i *VarlinkAPI) GetContainersByContext(call iopodman.VarlinkCall, all, latest bool, input []string) error {
var ids []string
ctrs, err := shortcuts.GetContainersByContext(all, latest, input, i.Runtime)
@@ -141,7 +141,7 @@ func (i *LibpodAPI) GetContainersByContext(call iopodman.VarlinkCall, all, lates
}
// GetContainersByStatus returns a slice of containers filtered by a libpod status
-func (i *LibpodAPI) GetContainersByStatus(call iopodman.VarlinkCall, statuses []string) error {
+func (i *VarlinkAPI) GetContainersByStatus(call iopodman.VarlinkCall, statuses []string) error {
var (
filterFuncs []libpod.ContainerFilter
containers []iopodman.Container
@@ -172,7 +172,7 @@ func (i *LibpodAPI) GetContainersByStatus(call iopodman.VarlinkCall, statuses []
}
// InspectContainer ...
-func (i *LibpodAPI) InspectContainer(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) InspectContainer(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -189,7 +189,7 @@ func (i *LibpodAPI) InspectContainer(call iopodman.VarlinkCall, name string) err
}
// ListContainerProcesses ...
-func (i *LibpodAPI) ListContainerProcesses(call iopodman.VarlinkCall, name string, opts []string) error {
+func (i *VarlinkAPI) ListContainerProcesses(call iopodman.VarlinkCall, name string, opts []string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -216,7 +216,7 @@ func (i *LibpodAPI) ListContainerProcesses(call iopodman.VarlinkCall, name strin
}
// GetContainerLogs ...
-func (i *LibpodAPI) GetContainerLogs(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) GetContainerLogs(call iopodman.VarlinkCall, name string) error {
var logs []string
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
@@ -277,7 +277,7 @@ func (i *LibpodAPI) GetContainerLogs(call iopodman.VarlinkCall, name string) err
}
// ListContainerChanges ...
-func (i *LibpodAPI) ListContainerChanges(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) ListContainerChanges(call iopodman.VarlinkCall, name string) error {
changes, err := i.Runtime.GetDiff("", name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -297,7 +297,7 @@ func (i *LibpodAPI) ListContainerChanges(call iopodman.VarlinkCall, name string)
}
// ExportContainer ...
-func (i *LibpodAPI) ExportContainer(call iopodman.VarlinkCall, name, outPath string) error {
+func (i *VarlinkAPI) ExportContainer(call iopodman.VarlinkCall, name, outPath string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -319,7 +319,7 @@ func (i *LibpodAPI) ExportContainer(call iopodman.VarlinkCall, name, outPath str
}
// GetContainerStats ...
-func (i *LibpodAPI) GetContainerStats(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) GetContainerStats(call iopodman.VarlinkCall, name string) error {
if rootless.IsRootless() {
cgroupv2, err := cgroups.IsCgroup2UnifiedMode()
if err != nil {
@@ -359,7 +359,7 @@ func (i *LibpodAPI) GetContainerStats(call iopodman.VarlinkCall, name string) er
}
// StartContainer ...
-func (i *LibpodAPI) StartContainer(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) StartContainer(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -382,7 +382,7 @@ func (i *LibpodAPI) StartContainer(call iopodman.VarlinkCall, name string) error
}
// InitContainer initializes the container given by Varlink.
-func (i *LibpodAPI) InitContainer(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) InitContainer(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -397,7 +397,7 @@ func (i *LibpodAPI) InitContainer(call iopodman.VarlinkCall, name string) error
}
// StopContainer ...
-func (i *LibpodAPI) StopContainer(call iopodman.VarlinkCall, name string, timeout int64) error {
+func (i *VarlinkAPI) StopContainer(call iopodman.VarlinkCall, name string, timeout int64) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -415,7 +415,7 @@ func (i *LibpodAPI) StopContainer(call iopodman.VarlinkCall, name string, timeou
}
// RestartContainer ...
-func (i *LibpodAPI) RestartContainer(call iopodman.VarlinkCall, name string, timeout int64) error {
+func (i *VarlinkAPI) RestartContainer(call iopodman.VarlinkCall, name string, timeout int64) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -427,7 +427,7 @@ func (i *LibpodAPI) RestartContainer(call iopodman.VarlinkCall, name string, tim
}
// ContainerExists looks in local storage for the existence of a container
-func (i *LibpodAPI) ContainerExists(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) ContainerExists(call iopodman.VarlinkCall, name string) error {
_, err := i.Runtime.LookupContainer(name)
if errors.Cause(err) == define.ErrNoSuchCtr {
return call.ReplyContainerExists(1)
@@ -440,7 +440,7 @@ func (i *LibpodAPI) ContainerExists(call iopodman.VarlinkCall, name string) erro
// KillContainer kills a running container. If you want to use the default SIGTERM signal, just send a -1
// for the signal arg.
-func (i *LibpodAPI) KillContainer(call iopodman.VarlinkCall, name string, signal int64) error {
+func (i *VarlinkAPI) KillContainer(call iopodman.VarlinkCall, name string, signal int64) error {
killSignal := uint(syscall.SIGTERM)
if signal != -1 {
killSignal = uint(signal)
@@ -456,7 +456,7 @@ func (i *LibpodAPI) KillContainer(call iopodman.VarlinkCall, name string, signal
}
// PauseContainer ...
-func (i *LibpodAPI) PauseContainer(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) PauseContainer(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -468,7 +468,7 @@ func (i *LibpodAPI) PauseContainer(call iopodman.VarlinkCall, name string) error
}
// UnpauseContainer ...
-func (i *LibpodAPI) UnpauseContainer(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) UnpauseContainer(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -480,7 +480,7 @@ func (i *LibpodAPI) UnpauseContainer(call iopodman.VarlinkCall, name string) err
}
// WaitContainer ...
-func (i *LibpodAPI) WaitContainer(call iopodman.VarlinkCall, name string, interval int64) error {
+func (i *VarlinkAPI) WaitContainer(call iopodman.VarlinkCall, name string, interval int64) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -493,7 +493,7 @@ func (i *LibpodAPI) WaitContainer(call iopodman.VarlinkCall, name string, interv
}
// RemoveContainer ...
-func (i *LibpodAPI) RemoveContainer(call iopodman.VarlinkCall, name string, force bool, removeVolumes bool) error {
+func (i *VarlinkAPI) RemoveContainer(call iopodman.VarlinkCall, name string, force bool, removeVolumes bool) error {
ctx := getContext()
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
@@ -512,7 +512,7 @@ func (i *LibpodAPI) RemoveContainer(call iopodman.VarlinkCall, name string, forc
}
// EvictContainer ...
-func (i *LibpodAPI) EvictContainer(call iopodman.VarlinkCall, name string, removeVolumes bool) error {
+func (i *VarlinkAPI) EvictContainer(call iopodman.VarlinkCall, name string, removeVolumes bool) error {
ctx := getContext()
id, err := i.Runtime.EvictContainer(ctx, name, removeVolumes)
if err != nil {
@@ -522,7 +522,7 @@ func (i *LibpodAPI) EvictContainer(call iopodman.VarlinkCall, name string, remov
}
// DeleteStoppedContainers ...
-func (i *LibpodAPI) DeleteStoppedContainers(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) DeleteStoppedContainers(call iopodman.VarlinkCall) error {
ctx := getContext()
var deletedContainers []string
containers, err := i.Runtime.GetAllContainers()
@@ -545,7 +545,7 @@ func (i *LibpodAPI) DeleteStoppedContainers(call iopodman.VarlinkCall) error {
}
// GetAttachSockets ...
-func (i *LibpodAPI) GetAttachSockets(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) GetAttachSockets(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -578,7 +578,7 @@ func (i *LibpodAPI) GetAttachSockets(call iopodman.VarlinkCall, name string) err
}
// ContainerCheckpoint ...
-func (i *LibpodAPI) ContainerCheckpoint(call iopodman.VarlinkCall, name string, keep, leaveRunning, tcpEstablished bool) error {
+func (i *VarlinkAPI) ContainerCheckpoint(call iopodman.VarlinkCall, name string, keep, leaveRunning, tcpEstablished bool) error {
ctx := getContext()
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
@@ -597,7 +597,7 @@ func (i *LibpodAPI) ContainerCheckpoint(call iopodman.VarlinkCall, name string,
}
// ContainerRestore ...
-func (i *LibpodAPI) ContainerRestore(call iopodman.VarlinkCall, name string, keep, tcpEstablished bool) error {
+func (i *VarlinkAPI) ContainerRestore(call iopodman.VarlinkCall, name string, keep, tcpEstablished bool) error {
ctx := getContext()
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
@@ -615,7 +615,7 @@ func (i *LibpodAPI) ContainerRestore(call iopodman.VarlinkCall, name string, kee
}
// ContainerConfig returns just the container.config struct
-func (i *LibpodAPI) ContainerConfig(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) ContainerConfig(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -629,7 +629,7 @@ func (i *LibpodAPI) ContainerConfig(call iopodman.VarlinkCall, name string) erro
}
// ContainerArtifacts returns an untouched container's artifact in string format
-func (i *LibpodAPI) ContainerArtifacts(call iopodman.VarlinkCall, name, artifactName string) error {
+func (i *VarlinkAPI) ContainerArtifacts(call iopodman.VarlinkCall, name, artifactName string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -646,7 +646,7 @@ func (i *LibpodAPI) ContainerArtifacts(call iopodman.VarlinkCall, name, artifact
}
// ContainerInspectData returns the inspect data of a container in string format
-func (i *LibpodAPI) ContainerInspectData(call iopodman.VarlinkCall, name string, size bool) error {
+func (i *VarlinkAPI) ContainerInspectData(call iopodman.VarlinkCall, name string, size bool) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -664,7 +664,7 @@ func (i *LibpodAPI) ContainerInspectData(call iopodman.VarlinkCall, name string,
}
// ContainerStateData returns a container's state data in string format
-func (i *LibpodAPI) ContainerStateData(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) ContainerStateData(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyContainerNotFound(name, err.Error())
@@ -682,7 +682,7 @@ func (i *LibpodAPI) ContainerStateData(call iopodman.VarlinkCall, name string) e
// GetContainerStatsWithHistory is a varlink endpoint that returns container stats based on current and
// previous statistics
-func (i *LibpodAPI) GetContainerStatsWithHistory(call iopodman.VarlinkCall, prevStats iopodman.ContainerStats) error {
+func (i *VarlinkAPI) GetContainerStatsWithHistory(call iopodman.VarlinkCall, prevStats iopodman.ContainerStats) error {
con, err := i.Runtime.LookupContainer(prevStats.Id)
if err != nil {
return call.ReplyContainerNotFound(prevStats.Id, err.Error())
@@ -711,7 +711,7 @@ func (i *LibpodAPI) GetContainerStatsWithHistory(call iopodman.VarlinkCall, prev
}
// Spec ...
-func (i *LibpodAPI) Spec(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) Spec(call iopodman.VarlinkCall, name string) error {
ctr, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -727,7 +727,7 @@ func (i *LibpodAPI) Spec(call iopodman.VarlinkCall, name string) error {
}
// GetContainersLogs is the varlink endpoint to obtain one or more container logs
-func (i *LibpodAPI) GetContainersLogs(call iopodman.VarlinkCall, names []string, follow, latest bool, since string, tail int64, timestamps bool) error {
+func (i *VarlinkAPI) GetContainersLogs(call iopodman.VarlinkCall, names []string, follow, latest bool, since string, tail int64, timestamps bool) error {
var wg sync.WaitGroup
if call.WantsMore() {
call.Continues = true
@@ -784,7 +784,7 @@ func newPodmanLogLine(line *logs.LogLine) iopodman.LogLine {
}
// Top displays information about a container's running processes
-func (i *LibpodAPI) Top(call iopodman.VarlinkCall, nameOrID string, descriptors []string) error {
+func (i *VarlinkAPI) Top(call iopodman.VarlinkCall, nameOrID string, descriptors []string) error {
ctr, err := i.Runtime.LookupContainer(nameOrID)
if err != nil {
return call.ReplyContainerNotFound(ctr.ID(), err.Error())
@@ -797,7 +797,7 @@ func (i *LibpodAPI) Top(call iopodman.VarlinkCall, nameOrID string, descriptors
}
// ExecContainer is the varlink endpoint to execute a command in a container
-func (i *LibpodAPI) ExecContainer(call iopodman.VarlinkCall, opts iopodman.ExecOpts) error {
+func (i *VarlinkAPI) ExecContainer(call iopodman.VarlinkCall, opts iopodman.ExecOpts) error {
if !call.WantsUpgrade() {
return call.ReplyErrorOccurred("client must use upgraded connection to exec")
}
@@ -901,7 +901,7 @@ func (i *LibpodAPI) ExecContainer(call iopodman.VarlinkCall, opts iopodman.ExecO
}
// HealthCheckRun executes defined container's healthcheck command and returns the container's health status.
-func (i *LibpodAPI) HealthCheckRun(call iopodman.VarlinkCall, nameOrID string) error {
+func (i *VarlinkAPI) HealthCheckRun(call iopodman.VarlinkCall, nameOrID string) error {
hcStatus, err := i.Runtime.HealthCheck(nameOrID)
if err != nil && hcStatus != libpod.HealthCheckFailure {
return call.ReplyErrorOccurred(err.Error())
diff --git a/pkg/varlinkapi/containers_create.go b/pkg/varlinkapi/containers_create.go
index bbd4d59f1..c1c1f6674 100644
--- a/pkg/varlinkapi/containers_create.go
+++ b/pkg/varlinkapi/containers_create.go
@@ -8,7 +8,7 @@ import (
)
// CreateContainer ...
-func (i *LibpodAPI) CreateContainer(call iopodman.VarlinkCall, config iopodman.Create) error {
+func (i *VarlinkAPI) CreateContainer(call iopodman.VarlinkCall, config iopodman.Create) error {
generic := shared.VarlinkCreateToGeneric(config)
ctr, _, err := shared.CreateContainer(getContext(), &generic, i.Runtime)
if err != nil {
diff --git a/pkg/varlinkapi/events.go b/pkg/varlinkapi/events.go
index 4ae2d1cb2..33938f08b 100644
--- a/pkg/varlinkapi/events.go
+++ b/pkg/varlinkapi/events.go
@@ -3,7 +3,6 @@
package varlinkapi
import (
- "fmt"
"time"
"github.com/containers/libpod/libpod/events"
@@ -11,7 +10,7 @@ import (
)
// GetEvents is a remote endpoint to get events from the event log
-func (i *LibpodAPI) GetEvents(call iopodman.VarlinkCall, filter []string, since string, until string) error {
+func (i *VarlinkAPI) GetEvents(call iopodman.VarlinkCall, filter []string, since string, until string) error {
var (
fromStart bool
eventsError error
@@ -43,9 +42,9 @@ func (i *LibpodAPI) GetEvents(call iopodman.VarlinkCall, filter []string, since
Id: event.ID,
Image: event.Image,
Name: event.Name,
- Status: fmt.Sprintf("%s", event.Status),
+ Status: string(event.Status),
Time: event.Time.Format(time.RFC3339Nano),
- Type: fmt.Sprintf("%s", event.Type),
+ Type: string(event.Type),
})
if !call.Continues {
// For a one-shot on events, we break out here
diff --git a/pkg/varlinkapi/generate.go b/pkg/varlinkapi/generate.go
index c19c8dede..81a0df68e 100644
--- a/pkg/varlinkapi/generate.go
+++ b/pkg/varlinkapi/generate.go
@@ -10,7 +10,7 @@ import (
)
// GenerateKube ...
-func (i *LibpodAPI) GenerateKube(call iopodman.VarlinkCall, name string, service bool) error {
+func (i *VarlinkAPI) GenerateKube(call iopodman.VarlinkCall, name string, service bool) error {
pod, serv, err := shared.GenerateKube(name, service, i.Runtime)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go
index c3b4bd9ae..49bd0b0cb 100644
--- a/pkg/varlinkapi/images.go
+++ b/pkg/varlinkapi/images.go
@@ -35,14 +35,14 @@ import (
)
// ListImagesWithFilters returns a list of images that have been filtered
-func (i *LibpodAPI) ListImagesWithFilters(call iopodman.VarlinkCall, filters []string) error {
+func (i *VarlinkAPI) ListImagesWithFilters(call iopodman.VarlinkCall, filters []string) error {
images, err := i.Runtime.ImageRuntime().GetImagesWithFilters(filters)
if err != nil {
return call.ReplyErrorOccurred(fmt.Sprintf("unable to get list of images %q", err))
}
imageList, err := imagesToImageList(images)
if err != nil {
- return call.ReplyErrorOccurred(fmt.Sprintf("unable to parse response", err))
+ return call.ReplyErrorOccurred("unable to parse response " + err.Error())
}
return call.ReplyListImagesWithFilters(imageList)
}
@@ -50,34 +50,34 @@ func (i *LibpodAPI) ListImagesWithFilters(call iopodman.VarlinkCall, filters []s
// imagesToImageList converts a slice of Images to an imagelist for varlink responses
func imagesToImageList(images []*image.Image) ([]iopodman.Image, error) {
var imageList []iopodman.Image
- for _, image := range images {
- labels, _ := image.Labels(getContext())
- containers, _ := image.Containers()
- repoDigests, err := image.RepoDigests()
+ for _, img := range images {
+ labels, _ := img.Labels(getContext())
+ containers, _ := img.Containers()
+ repoDigests, err := img.RepoDigests()
if err != nil {
return nil, err
}
- size, _ := image.Size(getContext())
- isParent, err := image.IsParent(context.TODO())
+ size, _ := img.Size(getContext())
+ isParent, err := img.IsParent(context.TODO())
if err != nil {
return nil, err
}
i := iopodman.Image{
- Id: image.ID(),
- Digest: string(image.Digest()),
- ParentId: image.Parent,
- RepoTags: image.Names(),
+ Id: img.ID(),
+ Digest: string(img.Digest()),
+ ParentId: img.Parent,
+ RepoTags: img.Names(),
RepoDigests: repoDigests,
- Created: image.Created().Format(time.RFC3339),
+ Created: img.Created().Format(time.RFC3339),
Size: int64(*size),
- VirtualSize: image.VirtualSize,
+ VirtualSize: img.VirtualSize,
Containers: int64(len(containers)),
Labels: labels,
IsParent: isParent,
- ReadOnly: image.IsReadOnly(),
- History: image.NamesHistory(),
+ ReadOnly: img.IsReadOnly(),
+ History: img.NamesHistory(),
}
imageList = append(imageList, i)
}
@@ -86,20 +86,20 @@ func imagesToImageList(images []*image.Image) ([]iopodman.Image, error) {
// ListImages lists all the images in the store
// It requires no inputs.
-func (i *LibpodAPI) ListImages(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) ListImages(call iopodman.VarlinkCall) error {
images, err := i.Runtime.ImageRuntime().GetImages()
if err != nil {
- return call.ReplyErrorOccurred(fmt.Sprintf("unable to get list of images %q", err))
+ return call.ReplyErrorOccurred("unable to get list of images " + err.Error())
}
imageList, err := imagesToImageList(images)
if err != nil {
- return call.ReplyErrorOccurred(fmt.Sprintf("unable to parse response", err))
+ return call.ReplyErrorOccurred("unable to parse response " + err.Error())
}
return call.ReplyListImages(imageList)
}
// GetImage returns a single image in the form of a Image
-func (i *LibpodAPI) GetImage(call iopodman.VarlinkCall, id string) error {
+func (i *VarlinkAPI) GetImage(call iopodman.VarlinkCall, id string) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(id)
if err != nil {
return call.ReplyImageNotFound(id, err.Error())
@@ -139,7 +139,7 @@ func (i *LibpodAPI) GetImage(call iopodman.VarlinkCall, id string) error {
}
// BuildImage ...
-func (i *LibpodAPI) BuildImage(call iopodman.VarlinkCall, config iopodman.BuildInfo) error {
+func (i *VarlinkAPI) BuildImage(call iopodman.VarlinkCall, config iopodman.BuildInfo) error {
var (
namespace []buildah.NamespaceOption
imageID string
@@ -302,7 +302,7 @@ func (i *LibpodAPI) BuildImage(call iopodman.VarlinkCall, config iopodman.BuildI
// InspectImage returns an image's inspect information as a string that can be serialized.
// Requires an image ID or name
-func (i *LibpodAPI) InspectImage(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) InspectImage(call iopodman.VarlinkCall, name string) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
return call.ReplyImageNotFound(name, err.Error())
@@ -320,7 +320,7 @@ func (i *LibpodAPI) InspectImage(call iopodman.VarlinkCall, name string) error {
// HistoryImage returns the history of the image's layers
// Requires an image or name
-func (i *LibpodAPI) HistoryImage(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) HistoryImage(call iopodman.VarlinkCall, name string) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
return call.ReplyImageNotFound(name, err.Error())
@@ -345,7 +345,7 @@ func (i *LibpodAPI) HistoryImage(call iopodman.VarlinkCall, name string) error {
}
// PushImage pushes an local image to registry
-func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compress bool, format string, removeSignatures bool, signBy string) error {
+func (i *VarlinkAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compress bool, format string, removeSignatures bool, signBy string) error {
var (
manifestType string
)
@@ -437,7 +437,7 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compr
}
// TagImage accepts an image name and tag as strings and tags an image in the local store.
-func (i *LibpodAPI) TagImage(call iopodman.VarlinkCall, name, tag string) error {
+func (i *VarlinkAPI) TagImage(call iopodman.VarlinkCall, name, tag string) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
return call.ReplyImageNotFound(name, err.Error())
@@ -449,7 +449,7 @@ func (i *LibpodAPI) TagImage(call iopodman.VarlinkCall, name, tag string) error
}
// UntagImage accepts an image name and tag as strings and removes the tag from the local store.
-func (i *LibpodAPI) UntagImage(call iopodman.VarlinkCall, name, tag string) error {
+func (i *VarlinkAPI) UntagImage(call iopodman.VarlinkCall, name, tag string) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
return call.ReplyImageNotFound(name, err.Error())
@@ -462,7 +462,7 @@ func (i *LibpodAPI) UntagImage(call iopodman.VarlinkCall, name, tag string) erro
// RemoveImage accepts a image name or ID as a string and force bool to determine if it should
// remove the image even if being used by stopped containers
-func (i *LibpodAPI) RemoveImage(call iopodman.VarlinkCall, name string, force bool) error {
+func (i *VarlinkAPI) RemoveImage(call iopodman.VarlinkCall, name string, force bool) error {
ctx := getContext()
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
@@ -477,7 +477,7 @@ func (i *LibpodAPI) RemoveImage(call iopodman.VarlinkCall, name string, force bo
// RemoveImageWithResponse accepts an image name and force bool. It returns details about what
// was done in removeimageresponse struct.
-func (i *LibpodAPI) RemoveImageWithResponse(call iopodman.VarlinkCall, name string, force bool) error {
+func (i *VarlinkAPI) RemoveImageWithResponse(call iopodman.VarlinkCall, name string, force bool) error {
ir := iopodman.RemoveImageResponse{}
ctx := getContext()
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
@@ -495,7 +495,7 @@ func (i *LibpodAPI) RemoveImageWithResponse(call iopodman.VarlinkCall, name stri
// SearchImages searches all registries configured in /etc/containers/registries.conf for an image
// Requires an image name and a search limit as int
-func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, filter iopodman.ImageSearchFilter) error {
+func (i *VarlinkAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, filter iopodman.ImageSearchFilter) error {
// Transform all arguments to proper types first
argLimit := 0
argIsOfficial := types.OptionalBoolUndefined
@@ -543,7 +543,7 @@ func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit
// DeleteUnusedImages deletes any images that do not have containers associated with it.
// TODO Filters are not implemented
-func (i *LibpodAPI) DeleteUnusedImages(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) DeleteUnusedImages(call iopodman.VarlinkCall) error {
images, err := i.Runtime.ImageRuntime().GetImages()
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -565,7 +565,7 @@ func (i *LibpodAPI) DeleteUnusedImages(call iopodman.VarlinkCall) error {
}
// Commit ...
-func (i *LibpodAPI) Commit(call iopodman.VarlinkCall, name, imageName string, changes []string, author, message string, pause bool, manifestType string) error {
+func (i *VarlinkAPI) Commit(call iopodman.VarlinkCall, name, imageName string, changes []string, author, message string, pause bool, manifestType string) error {
var (
newImage *image.Image
log []string
@@ -643,7 +643,7 @@ func (i *LibpodAPI) Commit(call iopodman.VarlinkCall, name, imageName string, ch
}
// ImportImage imports an image from a tarball to the image store
-func (i *LibpodAPI) ImportImage(call iopodman.VarlinkCall, source, reference, message string, changes []string, delete bool) error {
+func (i *VarlinkAPI) ImportImage(call iopodman.VarlinkCall, source, reference, message string, changes []string, delete bool) error {
configChanges, err := util.GetImageConfig(changes)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -670,7 +670,7 @@ func (i *LibpodAPI) ImportImage(call iopodman.VarlinkCall, source, reference, me
// ExportImage exports an image to the provided destination
// destination must have the transport type!!
-func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination string, compress bool, tags []string) error {
+func (i *VarlinkAPI) ExportImage(call iopodman.VarlinkCall, name, destination string, compress bool, tags []string) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
return call.ReplyImageNotFound(name, err.Error())
@@ -688,7 +688,7 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str
}
// PullImage pulls an image from a registry to the image store.
-func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, creds iopodman.AuthConfig) error {
+func (i *VarlinkAPI) PullImage(call iopodman.VarlinkCall, name string, creds iopodman.AuthConfig) error {
var (
imageID string
err error
@@ -760,7 +760,7 @@ func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, creds iopo
}
// ImageExists returns bool as to whether the input image exists in local storage
-func (i *LibpodAPI) ImageExists(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) ImageExists(call iopodman.VarlinkCall, name string) error {
_, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if errors.Cause(err) == image.ErrNoSuchImage {
return call.ReplyImageExists(1)
@@ -772,7 +772,7 @@ func (i *LibpodAPI) ImageExists(call iopodman.VarlinkCall, name string) error {
}
// ContainerRunlabel ...
-func (i *LibpodAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.Runlabel) error {
+func (i *VarlinkAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.Runlabel) error {
ctx := getContext()
dockerRegistryOptions := image.DockerRegistryOptions{}
stdErr := os.Stderr
@@ -798,7 +798,7 @@ func (i *LibpodAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.
}
// ImagesPrune ....
-func (i *LibpodAPI) ImagesPrune(call iopodman.VarlinkCall, all bool, filter []string) error {
+func (i *VarlinkAPI) ImagesPrune(call iopodman.VarlinkCall, all bool, filter []string) error {
prunedImages, err := i.Runtime.ImageRuntime().PruneImages(context.TODO(), all, []string{})
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -807,7 +807,7 @@ func (i *LibpodAPI) ImagesPrune(call iopodman.VarlinkCall, all bool, filter []st
}
// ImageSave ....
-func (i *LibpodAPI) ImageSave(call iopodman.VarlinkCall, options iopodman.ImageSaveOptions) error {
+func (i *VarlinkAPI) ImageSave(call iopodman.VarlinkCall, options iopodman.ImageSaveOptions) error {
newImage, err := i.Runtime.ImageRuntime().NewFromLocal(options.Name)
if err != nil {
if errors.Cause(err) == define.ErrNoSuchImage {
@@ -905,7 +905,7 @@ func (i *LibpodAPI) ImageSave(call iopodman.VarlinkCall, options iopodman.ImageS
}
// LoadImage ...
-func (i *LibpodAPI) LoadImage(call iopodman.VarlinkCall, name, inputFile string, deleteInputFile, quiet bool) error {
+func (i *VarlinkAPI) LoadImage(call iopodman.VarlinkCall, name, inputFile string, deleteInputFile, quiet bool) error {
var (
names string
writer io.Writer
@@ -974,7 +974,7 @@ func (i *LibpodAPI) LoadImage(call iopodman.VarlinkCall, name, inputFile string,
}
// Diff ...
-func (i *LibpodAPI) Diff(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) Diff(call iopodman.VarlinkCall, name string) error {
var response []iopodman.DiffInfo
changes, err := i.Runtime.GetDiff("", name)
if err != nil {
@@ -987,7 +987,7 @@ func (i *LibpodAPI) Diff(call iopodman.VarlinkCall, name string) error {
}
// GetLayersMapWithImageInfo is a development only endpoint to obtain layer information for an image.
-func (i *LibpodAPI) GetLayersMapWithImageInfo(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) GetLayersMapWithImageInfo(call iopodman.VarlinkCall) error {
layerInfo, err := image.GetLayersMapWithImageInfo(i.Runtime.ImageRuntime())
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -1000,7 +1000,7 @@ func (i *LibpodAPI) GetLayersMapWithImageInfo(call iopodman.VarlinkCall) error {
}
// BuildImageHierarchyMap ...
-func (i *LibpodAPI) BuildImageHierarchyMap(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) BuildImageHierarchyMap(call iopodman.VarlinkCall, name string) error {
img, err := i.Runtime.ImageRuntime().NewFromLocal(name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -1024,7 +1024,7 @@ func (i *LibpodAPI) BuildImageHierarchyMap(call iopodman.VarlinkCall, name strin
}
// ImageTree returns the image tree string for the provided image name or ID
-func (i *LibpodAPI) ImageTree(call iopodman.VarlinkCall, nameOrID string, whatRequires bool) error {
+func (i *VarlinkAPI) ImageTree(call iopodman.VarlinkCall, nameOrID string, whatRequires bool) error {
img, err := i.Runtime.ImageRuntime().NewFromLocal(nameOrID)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
diff --git a/pkg/varlinkapi/mount.go b/pkg/varlinkapi/mount.go
index 2450f6fd9..6e1eed644 100644
--- a/pkg/varlinkapi/mount.go
+++ b/pkg/varlinkapi/mount.go
@@ -5,7 +5,7 @@ package varlinkapi
import iopodman "github.com/containers/libpod/pkg/varlink"
// ListContainerMounts ...
-func (i *LibpodAPI) ListContainerMounts(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) ListContainerMounts(call iopodman.VarlinkCall) error {
mounts := make(map[string]string)
allContainers, err := i.Runtime.GetAllContainers()
if err != nil {
@@ -24,7 +24,7 @@ func (i *LibpodAPI) ListContainerMounts(call iopodman.VarlinkCall) error {
}
// MountContainer ...
-func (i *LibpodAPI) MountContainer(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) MountContainer(call iopodman.VarlinkCall, name string) error {
container, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -37,7 +37,7 @@ func (i *LibpodAPI) MountContainer(call iopodman.VarlinkCall, name string) error
}
// UnmountContainer ...
-func (i *LibpodAPI) UnmountContainer(call iopodman.VarlinkCall, name string, force bool) error {
+func (i *VarlinkAPI) UnmountContainer(call iopodman.VarlinkCall, name string, force bool) error {
container, err := i.Runtime.LookupContainer(name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
diff --git a/pkg/varlinkapi/pods.go b/pkg/varlinkapi/pods.go
index 79ffb6677..94add1b6c 100644
--- a/pkg/varlinkapi/pods.go
+++ b/pkg/varlinkapi/pods.go
@@ -14,7 +14,7 @@ import (
)
// CreatePod ...
-func (i *LibpodAPI) CreatePod(call iopodman.VarlinkCall, create iopodman.PodCreate) error {
+func (i *VarlinkAPI) CreatePod(call iopodman.VarlinkCall, create iopodman.PodCreate) error {
var options []libpod.PodCreateOption
if create.Infra {
options = append(options, libpod.WithInfraContainer())
@@ -61,7 +61,7 @@ func (i *LibpodAPI) CreatePod(call iopodman.VarlinkCall, create iopodman.PodCrea
}
// ListPods ...
-func (i *LibpodAPI) ListPods(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) ListPods(call iopodman.VarlinkCall) error {
var (
listPods []iopodman.ListPodData
)
@@ -82,7 +82,7 @@ func (i *LibpodAPI) ListPods(call iopodman.VarlinkCall) error {
}
// GetPod ...
-func (i *LibpodAPI) GetPod(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) GetPod(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -98,7 +98,7 @@ func (i *LibpodAPI) GetPod(call iopodman.VarlinkCall, name string) error {
}
// GetPodsByStatus returns a slice of pods filtered by a libpod status
-func (i *LibpodAPI) GetPodsByStatus(call iopodman.VarlinkCall, statuses []string) error {
+func (i *VarlinkAPI) GetPodsByStatus(call iopodman.VarlinkCall, statuses []string) error {
filterFuncs := func(p *libpod.Pod) bool {
state, _ := shared.GetPodStatus(p)
for _, status := range statuses {
@@ -120,7 +120,7 @@ func (i *LibpodAPI) GetPodsByStatus(call iopodman.VarlinkCall, statuses []string
}
// InspectPod ...
-func (i *LibpodAPI) InspectPod(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) InspectPod(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -137,7 +137,7 @@ func (i *LibpodAPI) InspectPod(call iopodman.VarlinkCall, name string) error {
}
// StartPod ...
-func (i *LibpodAPI) StartPod(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) StartPod(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -158,7 +158,7 @@ func (i *LibpodAPI) StartPod(call iopodman.VarlinkCall, name string) error {
}
// StopPod ...
-func (i *LibpodAPI) StopPod(call iopodman.VarlinkCall, name string, timeout int64) error {
+func (i *VarlinkAPI) StopPod(call iopodman.VarlinkCall, name string, timeout int64) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -172,7 +172,7 @@ func (i *LibpodAPI) StopPod(call iopodman.VarlinkCall, name string, timeout int6
}
// RestartPod ...
-func (i *LibpodAPI) RestartPod(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) RestartPod(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -194,7 +194,7 @@ func (i *LibpodAPI) RestartPod(call iopodman.VarlinkCall, name string) error {
// KillPod kills the running containers in a pod. If you want to use the default SIGTERM signal,
// just send a -1 for the signal arg.
-func (i *LibpodAPI) KillPod(call iopodman.VarlinkCall, name string, signal int64) error {
+func (i *VarlinkAPI) KillPod(call iopodman.VarlinkCall, name string, signal int64) error {
killSignal := uint(syscall.SIGTERM)
if signal != -1 {
killSignal = uint(signal)
@@ -213,7 +213,7 @@ func (i *LibpodAPI) KillPod(call iopodman.VarlinkCall, name string, signal int64
}
// PausePod ...
-func (i *LibpodAPI) PausePod(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) PausePod(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -227,7 +227,7 @@ func (i *LibpodAPI) PausePod(call iopodman.VarlinkCall, name string) error {
}
// UnpausePod ...
-func (i *LibpodAPI) UnpausePod(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) UnpausePod(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -241,7 +241,7 @@ func (i *LibpodAPI) UnpausePod(call iopodman.VarlinkCall, name string) error {
}
// RemovePod ...
-func (i *LibpodAPI) RemovePod(call iopodman.VarlinkCall, name string, force bool) error {
+func (i *VarlinkAPI) RemovePod(call iopodman.VarlinkCall, name string, force bool) error {
ctx := getContext()
pod, err := i.Runtime.LookupPod(name)
if err != nil {
@@ -255,7 +255,7 @@ func (i *LibpodAPI) RemovePod(call iopodman.VarlinkCall, name string, force bool
}
// GetPodStats ...
-func (i *LibpodAPI) GetPodStats(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) GetPodStats(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyPodNotFound(name, err.Error())
@@ -291,7 +291,7 @@ func (i *LibpodAPI) GetPodStats(call iopodman.VarlinkCall, name string) error {
}
// GetPodsByContext returns a slice of pod ids based on all, latest, or a list
-func (i *LibpodAPI) GetPodsByContext(call iopodman.VarlinkCall, all, latest bool, input []string) error {
+func (i *VarlinkAPI) GetPodsByContext(call iopodman.VarlinkCall, all, latest bool, input []string) error {
var podids []string
pods, err := shortcuts.GetPodsByContext(all, latest, input, i.Runtime)
@@ -305,7 +305,7 @@ func (i *LibpodAPI) GetPodsByContext(call iopodman.VarlinkCall, all, latest bool
}
// PodStateData returns a container's state data in string format
-func (i *LibpodAPI) PodStateData(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) PodStateData(call iopodman.VarlinkCall, name string) error {
pod, err := i.Runtime.LookupPod(name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -322,7 +322,7 @@ func (i *LibpodAPI) PodStateData(call iopodman.VarlinkCall, name string) error {
}
// TopPod provides the top stats for a given or latest pod
-func (i *LibpodAPI) TopPod(call iopodman.VarlinkCall, name string, latest bool, descriptors []string) error {
+func (i *VarlinkAPI) TopPod(call iopodman.VarlinkCall, name string, latest bool, descriptors []string) error {
var (
pod *libpod.Pod
err error
diff --git a/pkg/varlinkapi/system.go b/pkg/varlinkapi/system.go
index 7bee643c2..82efe9b5d 100644
--- a/pkg/varlinkapi/system.go
+++ b/pkg/varlinkapi/system.go
@@ -16,7 +16,7 @@ import (
)
// GetVersion ...
-func (i *LibpodAPI) GetVersion(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) GetVersion(call iopodman.VarlinkCall) error {
versionInfo, err := define.GetVersion()
if err != nil {
return err
@@ -33,7 +33,7 @@ func (i *LibpodAPI) GetVersion(call iopodman.VarlinkCall) error {
}
// GetInfo returns details about the podman host and its stores
-func (i *LibpodAPI) GetInfo(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) GetInfo(call iopodman.VarlinkCall) error {
versionInfo, err := define.GetVersion()
if err != nil {
return err
@@ -106,7 +106,7 @@ func (i *LibpodAPI) GetInfo(call iopodman.VarlinkCall) error {
}
// GetVersion ...
-func (i *LibpodAPI) Reset(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) Reset(call iopodman.VarlinkCall) error {
if err := i.Runtime.Reset(context.TODO()); err != nil {
logrus.Errorf("Reset Failed: %v", err)
if err := call.ReplyErrorOccurred(err.Error()); err != nil {
diff --git a/pkg/varlinkapi/transfers.go b/pkg/varlinkapi/transfers.go
index 654da276e..9df8ffcdc 100644
--- a/pkg/varlinkapi/transfers.go
+++ b/pkg/varlinkapi/transfers.go
@@ -4,7 +4,6 @@ package varlinkapi
import (
"bufio"
- "fmt"
"io"
"io/ioutil"
"os"
@@ -14,7 +13,7 @@ import (
)
// SendFile allows a client to send a file to the varlink server
-func (i *LibpodAPI) SendFile(call iopodman.VarlinkCall, ftype string, length int64) error {
+func (i *VarlinkAPI) SendFile(call iopodman.VarlinkCall, ftype string, length int64) error {
if !call.WantsUpgrade() {
return call.ReplyErrorOccurred("client must use upgraded connection to send files")
}
@@ -40,14 +39,14 @@ func (i *LibpodAPI) SendFile(call iopodman.VarlinkCall, ftype string, length int
logrus.Debugf("successfully received %s", outputFile.Name())
// Send an ACK to the client
- call.Call.Writer.WriteString(fmt.Sprintf("%s:", outputFile.Name()))
+ call.Call.Writer.WriteString(outputFile.Name())
call.Call.Writer.Flush()
return nil
}
// ReceiveFile allows the varlink server to send a file to a client
-func (i *LibpodAPI) ReceiveFile(call iopodman.VarlinkCall, filepath string, delete bool) error {
+func (i *VarlinkAPI) ReceiveFile(call iopodman.VarlinkCall, filepath string, delete bool) error {
if !call.WantsUpgrade() {
return call.ReplyErrorOccurred("client must use upgraded connection to send files")
}
diff --git a/pkg/varlinkapi/volumes.go b/pkg/varlinkapi/volumes.go
index b0c3608c4..ff72c3869 100644
--- a/pkg/varlinkapi/volumes.go
+++ b/pkg/varlinkapi/volumes.go
@@ -11,7 +11,7 @@ import (
)
// VolumeCreate creates a libpod volume based on input from a varlink connection
-func (i *LibpodAPI) VolumeCreate(call iopodman.VarlinkCall, options iopodman.VolumeCreateOpts) error {
+func (i *VarlinkAPI) VolumeCreate(call iopodman.VarlinkCall, options iopodman.VolumeCreateOpts) error {
var volumeOptions []libpod.VolumeCreateOption
if len(options.VolumeName) > 0 {
@@ -38,7 +38,7 @@ func (i *LibpodAPI) VolumeCreate(call iopodman.VarlinkCall, options iopodman.Vol
}
// VolumeRemove removes volumes by options.All or options.Volumes
-func (i *LibpodAPI) VolumeRemove(call iopodman.VarlinkCall, options iopodman.VolumeRemoveOpts) error {
+func (i *VarlinkAPI) VolumeRemove(call iopodman.VarlinkCall, options iopodman.VolumeRemoveOpts) error {
success, failed, err := shared.SharedRemoveVolumes(getContext(), i.Runtime, options.Volumes, options.All, options.Force)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -52,7 +52,7 @@ func (i *LibpodAPI) VolumeRemove(call iopodman.VarlinkCall, options iopodman.Vol
}
// GetVolumes returns all the volumes known to the remote system
-func (i *LibpodAPI) GetVolumes(call iopodman.VarlinkCall, args []string, all bool) error {
+func (i *VarlinkAPI) GetVolumes(call iopodman.VarlinkCall, args []string, all bool) error {
var (
err error
reply []*libpod.Volume
@@ -87,7 +87,7 @@ func (i *LibpodAPI) GetVolumes(call iopodman.VarlinkCall, args []string, all boo
}
// InspectVolume inspects a single volume, returning its JSON as a string.
-func (i *LibpodAPI) InspectVolume(call iopodman.VarlinkCall, name string) error {
+func (i *VarlinkAPI) InspectVolume(call iopodman.VarlinkCall, name string) error {
vol, err := i.Runtime.LookupVolume(name)
if err != nil {
return call.ReplyErrorOccurred(err.Error())
@@ -104,7 +104,7 @@ func (i *LibpodAPI) InspectVolume(call iopodman.VarlinkCall, name string) error
}
// VolumesPrune removes unused images via a varlink call
-func (i *LibpodAPI) VolumesPrune(call iopodman.VarlinkCall) error {
+func (i *VarlinkAPI) VolumesPrune(call iopodman.VarlinkCall) error {
var (
prunedErrors []string
prunedNames []string