diff options
Diffstat (limited to 'pkg')
38 files changed, 645 insertions, 510 deletions
diff --git a/pkg/api/handlers/compat/containers.go b/pkg/api/handlers/compat/containers.go index aa12afc82..b41987800 100644 --- a/pkg/api/handlers/compat/containers.go +++ b/pkg/api/handlers/compat/containers.go @@ -22,6 +22,7 @@ import ( "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/container" "github.com/docker/go-connections/nat" + "github.com/docker/go-units" "github.com/gorilla/mux" "github.com/gorilla/schema" "github.com/pkg/errors" @@ -31,11 +32,11 @@ import ( func RemoveContainer(w http.ResponseWriter, r *http.Request) { decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { - All bool `schema:"all"` - Force bool `schema:"force"` - Ignore bool `schema:"ignore"` - Link bool `schema:"link"` - Volumes bool `schema:"v"` + Force bool `schema:"force"` + Ignore bool `schema:"ignore"` + Link bool `schema:"link"` + DockerVolumes bool `schema:"v"` + LibpodVolumes bool `schema:"volumes"` }{ // override any golang type defaults } @@ -46,10 +47,19 @@ func RemoveContainer(w http.ResponseWriter, r *http.Request) { return } - if query.Link && !utils.IsLibpodRequest(r) { - utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, - utils.ErrLinkNotSupport) - return + options := entities.RmOptions{ + Force: query.Force, + Ignore: query.Ignore, + } + if utils.IsLibpodRequest(r) { + options.Volumes = query.LibpodVolumes + } else { + if query.Link { + utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + utils.ErrLinkNotSupport) + return + } + options.Volumes = query.DockerVolumes } runtime := r.Context().Value("runtime").(*libpod.Runtime) @@ -57,12 +67,6 @@ func RemoveContainer(w http.ResponseWriter, r *http.Request) { // code. containerEngine := abi.ContainerEngine{Libpod: runtime} name := utils.GetName(r) - options := entities.RmOptions{ - All: query.All, - Force: query.Force, - Volumes: query.Volumes, - Ignore: query.Ignore, - } report, err := containerEngine.ContainerRm(r.Context(), []string{name}, options) if err != nil { if errors.Cause(err) == define.ErrNoSuchCtr { @@ -73,7 +77,7 @@ func RemoveContainer(w http.ResponseWriter, r *http.Request) { utils.InternalServerError(w, err) return } - if report[0].Err != nil { + if len(report) > 0 && report[0].Err != nil { utils.InternalServerError(w, report[0].Err) return } @@ -193,45 +197,48 @@ func KillContainer(w http.ResponseWriter, r *http.Request) { return } - sig, err := signal.ParseSignalNameOrNumber(query.Signal) - if err != nil { - utils.InternalServerError(w, err) - return - } + // Now use the ABI implementation to prevent us from having duplicate + // code. + containerEngine := abi.ContainerEngine{Libpod: runtime} name := utils.GetName(r) - con, err := runtime.LookupContainer(name) - if err != nil { - utils.ContainerNotFound(w, name, err) - return + options := entities.KillOptions{ + Signal: query.Signal, } - - state, err := con.State() + report, err := containerEngine.ContainerKill(r.Context(), []string{name}, options) if err != nil { - utils.InternalServerError(w, err) - return - } + if errors.Cause(err) == define.ErrCtrStateInvalid || + errors.Cause(err) == define.ErrCtrStopped { + utils.Error(w, fmt.Sprintf("Container %s is not running", name), http.StatusConflict, err) + return + } + if errors.Cause(err) == define.ErrNoSuchCtr { + utils.ContainerNotFound(w, name, err) + return + } - // If the Container is stopped already, send a 409 - if state == define.ContainerStateStopped || state == define.ContainerStateExited { - utils.Error(w, fmt.Sprintf("Container %s is not running", name), http.StatusConflict, errors.New(fmt.Sprintf("Cannot kill Container %s, it is not running", name))) + utils.InternalServerError(w, err) return } - signal := uint(sig) - - err = con.Kill(signal) - if err != nil { - utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "unable to kill Container %s", name)) + if len(report) > 0 && report[0].Err != nil { + utils.InternalServerError(w, report[0].Err) return } - // Docker waits for the container to stop if the signal is 0 or // SIGKILL. - if !utils.IsLibpodRequest(r) && (signal == 0 || syscall.Signal(signal) == syscall.SIGKILL) { - if _, err = con.Wait(); err != nil { - utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to wait for Container %s", con.ID())) + if !utils.IsLibpodRequest(r) { + sig, err := signal.ParseSignalNameOrNumber(query.Signal) + if err != nil { + utils.InternalServerError(w, err) return } + if sig == 0 || syscall.Signal(sig) == syscall.SIGKILL { + var opts entities.WaitOptions + if _, err := containerEngine.ContainerWait(r.Context(), []string{name}, opts); err != nil { + utils.Error(w, "Something went wrong.", http.StatusInternalServerError, err) + return + } + } } // Success utils.WriteResponse(w, http.StatusNoContent, nil) @@ -242,6 +249,10 @@ func WaitContainer(w http.ResponseWriter, r *http.Request) { // /{version}/containers/(name)/wait exitCode, err := utils.WaitContainer(w, r) if err != nil { + if errors.Cause(err) == define.ErrNoSuchCtr { + logrus.Warnf("container not found %q: %v", utils.GetName(r), err) + return + } logrus.Warnf("failed to wait on container %q: %v", mux.Vars(r)["name"], err) return } @@ -264,6 +275,7 @@ func LibpodToContainer(l *libpod.Container, sz bool) (*handlers.Container, error sizeRootFs int64 sizeRW int64 state define.ContainerStatus + status string ) if state, err = l.State(); err != nil { @@ -274,6 +286,35 @@ func LibpodToContainer(l *libpod.Container, sz bool) (*handlers.Container, error stateStr = "created" } + if state == define.ContainerStateConfigured || state == define.ContainerStateCreated { + status = "Created" + } else if state == define.ContainerStateStopped || state == define.ContainerStateExited { + exitCode, _, err := l.ExitCode() + if err != nil { + return nil, err + } + finishedTime, err := l.FinishedTime() + if err != nil { + return nil, err + } + status = fmt.Sprintf("Exited (%d) %s ago", exitCode, units.HumanDuration(time.Since(finishedTime))) + } else if state == define.ContainerStateRunning || state == define.ContainerStatePaused { + startedTime, err := l.StartedTime() + if err != nil { + return nil, err + } + status = fmt.Sprintf("Up %s", units.HumanDuration(time.Since(startedTime))) + if state == define.ContainerStatePaused { + status += " (Paused)" + } + } else if state == define.ContainerStateRemoving { + status = "Removal In Progress" + } else if state == define.ContainerStateStopping { + status = "Stopping" + } else { + status = "Unknown" + } + if sz { if sizeRW, err = l.RWSize(); err != nil { return nil, err @@ -295,7 +336,7 @@ func LibpodToContainer(l *libpod.Container, sz bool) (*handlers.Container, error SizeRootFs: sizeRootFs, Labels: l.Labels(), State: stateStr, - Status: "", + Status: status, HostConfig: struct { NetworkMode string `json:",omitempty"` }{ diff --git a/pkg/api/handlers/compat/containers_restart.go b/pkg/api/handlers/compat/containers_restart.go index e8928596a..70edfcbb3 100644 --- a/pkg/api/handlers/compat/containers_restart.go +++ b/pkg/api/handlers/compat/containers_restart.go @@ -4,7 +4,10 @@ import ( "net/http" "github.com/containers/podman/v2/libpod" + "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/pkg/api/handlers/utils" + "github.com/containers/podman/v2/pkg/domain/entities" + "github.com/containers/podman/v2/pkg/domain/infra/abi" "github.com/gorilla/schema" "github.com/pkg/errors" ) @@ -12,34 +15,49 @@ import ( func RestartContainer(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) decoder := r.Context().Value("decoder").(*schema.Decoder) + // Now use the ABI implementation to prevent us from having duplicate + // code. + containerEngine := abi.ContainerEngine{Libpod: runtime} + // /{version}/containers/(name)/restart query := struct { - Timeout int `schema:"t"` + All bool `schema:"all"` + DockerTimeout uint `schema:"t"` + LibpodTimeout uint `schema:"timeout"` }{ - // Override golang default values for types + // override any golang type defaults } if err := decoder.Decode(&query, r.URL.Query()); err != nil { - utils.BadRequest(w, "url", r.URL.String(), errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) + utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } name := utils.GetName(r) - con, err := runtime.LookupContainer(name) - if err != nil { - utils.ContainerNotFound(w, name, err) - return - } - timeout := con.StopTimeout() - if _, found := r.URL.Query()["t"]; found { - timeout = uint(query.Timeout) + options := entities.RestartOptions{ + All: query.All, + Timeout: &query.DockerTimeout, + } + if utils.IsLibpodRequest(r) { + options.Timeout = &query.LibpodTimeout } + report, err := containerEngine.ContainerRestart(r.Context(), []string{name}, options) + if err != nil { + if errors.Cause(err) == define.ErrNoSuchCtr { + utils.ContainerNotFound(w, name, err) + return + } - if err := con.RestartWithTimeout(r.Context(), timeout); err != nil { utils.InternalServerError(w, err) return } + if len(report) > 0 && report[0].Err != nil { + utils.InternalServerError(w, report[0].Err) + return + } + // Success utils.WriteResponse(w, http.StatusNoContent, nil) } diff --git a/pkg/api/handlers/compat/containers_stop.go b/pkg/api/handlers/compat/containers_stop.go index 8bc58cf59..000685aa0 100644 --- a/pkg/api/handlers/compat/containers_stop.go +++ b/pkg/api/handlers/compat/containers_stop.go @@ -6,6 +6,8 @@ import ( "github.com/containers/podman/v2/libpod" "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/pkg/api/handlers/utils" + "github.com/containers/podman/v2/pkg/domain/entities" + "github.com/containers/podman/v2/pkg/domain/infra/abi" "github.com/gorilla/schema" "github.com/pkg/errors" ) @@ -13,10 +15,15 @@ import ( func StopContainer(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) decoder := r.Context().Value("decoder").(*schema.Decoder) + // Now use the ABI implementation to prevent us from having duplicate + // code. + containerEngine := abi.ContainerEngine{Libpod: runtime} // /{version}/containers/(name)/stop query := struct { - Timeout int `schema:"t"` + Ignore bool `schema:"ignore"` + DockerTimeout uint `schema:"t"` + LibpodTimeout uint `schema:"timeout"` }{ // override any golang type defaults } @@ -27,31 +34,46 @@ func StopContainer(w http.ResponseWriter, r *http.Request) { } name := utils.GetName(r) + + options := entities.StopOptions{ + Ignore: query.Ignore, + } + if utils.IsLibpodRequest(r) { + if query.LibpodTimeout > 0 { + options.Timeout = &query.LibpodTimeout + } + } else { + if query.DockerTimeout > 0 { + options.Timeout = &query.DockerTimeout + } + } con, err := runtime.LookupContainer(name) if err != nil { utils.ContainerNotFound(w, name, err) return } - state, err := con.State() if err != nil { - utils.InternalServerError(w, errors.Wrapf(err, "unable to get state for Container %s", name)) + utils.InternalServerError(w, err) return } - // If the Container is stopped already, send a 304 if state == define.ContainerStateStopped || state == define.ContainerStateExited { utils.WriteResponse(w, http.StatusNotModified, nil) return } + report, err := containerEngine.ContainerStop(r.Context(), []string{name}, options) + if err != nil { + if errors.Cause(err) == define.ErrNoSuchCtr { + utils.ContainerNotFound(w, name, err) + return + } - var stopError error - if query.Timeout > 0 { - stopError = con.StopWithTimeout(uint(query.Timeout)) - } else { - stopError = con.Stop() + utils.InternalServerError(w, err) + return } - if stopError != nil { - utils.InternalServerError(w, errors.Wrapf(stopError, "failed to stop %s", name)) + + if len(report) > 0 && report[0].Err != nil { + utils.InternalServerError(w, report[0].Err) return } diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go index 0f3da53e8..c352ac6cd 100644 --- a/pkg/api/handlers/compat/images_push.go +++ b/pkg/api/handlers/compat/images_push.go @@ -3,13 +3,15 @@ package compat import ( "context" "net/http" - "os" "strings" + "github.com/containers/image/v5/types" "github.com/containers/podman/v2/libpod" - "github.com/containers/podman/v2/libpod/image" "github.com/containers/podman/v2/pkg/api/handlers/utils" "github.com/containers/podman/v2/pkg/auth" + "github.com/containers/podman/v2/pkg/domain/entities" + "github.com/containers/podman/v2/pkg/domain/infra/abi" + "github.com/containers/storage" "github.com/gorilla/schema" "github.com/pkg/errors" ) @@ -18,11 +20,20 @@ import ( func PushImage(w http.ResponseWriter, r *http.Request) { decoder := r.Context().Value("decoder").(*schema.Decoder) runtime := r.Context().Value("runtime").(*libpod.Runtime) + // Now use the ABI implementation to prevent us from having duplicate + // code. + imageEngine := abi.ImageEngine{Libpod: runtime} query := struct { - Tag string `schema:"tag"` + All bool `schema:"all"` + Compress bool `schema:"compress"` + Destination string `schema:"destination"` + Format string `schema:"format"` + TLSVerify bool `schema:"tlsVerify"` + Tag string `schema:"tag"` }{ // This is where you can override the golang default value for one of fields + TLSVerify: true, } if err := decoder.Decode(&query, r.URL.Query()); err != nil { @@ -43,39 +54,34 @@ func PushImage(w http.ResponseWriter, r *http.Request) { return } - newImage, err := runtime.ImageRuntime().NewFromLocal(imageName) - if err != nil { - utils.ImageNotFound(w, imageName, errors.Wrapf(err, "failed to find image %s", imageName)) - return - } - - authConf, authfile, key, err := auth.GetCredentials(r) + authconf, authfile, key, err := auth.GetCredentials(r) if err != nil { utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse %q header for %s", key, r.URL.String())) return } defer auth.RemoveAuthfile(authfile) - - dockerRegistryOptions := &image.DockerRegistryOptions{DockerRegistryCreds: authConf} - if sys := runtime.SystemContext(); sys != nil { - dockerRegistryOptions.DockerCertPath = sys.DockerCertPath - dockerRegistryOptions.RegistriesConfPath = sys.SystemRegistriesConfPath + var username, password string + if authconf != nil { + username = authconf.Username + password = authconf.Password + } + options := entities.ImagePushOptions{ + All: query.All, + Authfile: authfile, + Compress: query.Compress, + Format: query.Format, + Password: password, + Username: username, } + if _, found := r.URL.Query()["tlsVerify"]; found { + options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) + } + if err := imageEngine.Push(context.Background(), imageName, query.Destination, options); err != nil { + if errors.Cause(err) != storage.ErrImageUnknown { + utils.ImageNotFound(w, imageName, errors.Wrapf(err, "failed to find image %s", imageName)) + return + } - err = newImage.PushImageToHeuristicDestination( - context.Background(), - imageName, - "", // manifest type - authfile, - "", // digest file - "", // signature policy - os.Stderr, - false, // force compression - image.SigningOptions{}, - dockerRegistryOptions, - nil, // additional tags - ) - if err != nil { utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "error pushing image %q", imageName)) return } diff --git a/pkg/api/handlers/libpod/containers.go b/pkg/api/handlers/libpod/containers.go index 6b07b1cc5..f6e348cef 100644 --- a/pkg/api/handlers/libpod/containers.go +++ b/pkg/api/handlers/libpod/containers.go @@ -12,7 +12,6 @@ import ( "github.com/containers/podman/v2/pkg/api/handlers/utils" "github.com/containers/podman/v2/pkg/domain/entities" "github.com/containers/podman/v2/pkg/domain/infra/abi" - "github.com/containers/podman/v2/pkg/ps" "github.com/gorilla/schema" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -63,6 +62,7 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { All bool `schema:"all"` + External bool `schema:"external"` Filters map[string][]string `schema:"filters"` Last int `schema:"last"` // alias for limit Limit int `schema:"limit"` @@ -90,17 +90,22 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { } runtime := r.Context().Value("runtime").(*libpod.Runtime) + // Now use the ABI implementation to prevent us from having duplicate + // code. + containerEngine := abi.ContainerEngine{Libpod: runtime} opts := entities.ContainerListOptions{ All: query.All, + External: query.External, Filters: query.Filters, Last: limit, - Size: query.Size, - Sort: "", Namespace: query.Namespace, - Pod: true, - Sync: query.Sync, + // Always return Pod, should not be part of the API. + // https://github.com/containers/podman/pull/7223 + Pod: true, + Size: query.Size, + Sync: query.Sync, } - pss, err := ps.GetContainerLists(runtime, opts) + pss, err := containerEngine.ContainerList(r.Context(), opts) if err != nil { utils.InternalServerError(w, err) return @@ -143,6 +148,12 @@ func GetContainer(w http.ResponseWriter, r *http.Request) { func WaitContainer(w http.ResponseWriter, r *http.Request) { exitCode, err := utils.WaitContainer(w, r) if err != nil { + name := utils.GetName(r) + if errors.Cause(err) == define.ErrNoSuchCtr { + utils.ContainerNotFound(w, name, err) + return + } + logrus.Warnf("failed to wait on container %q: %v", name, err) return } utils.WriteResponse(w, http.StatusOK, strconv.Itoa(int(exitCode))) diff --git a/pkg/api/handlers/libpod/manifests.go b/pkg/api/handlers/libpod/manifests.go index 35221ecf1..ded51a31f 100644 --- a/pkg/api/handlers/libpod/manifests.go +++ b/pkg/api/handlers/libpod/manifests.go @@ -147,7 +147,6 @@ func ManifestPush(w http.ResponseWriter, r *http.Request) { query := struct { All bool `schema:"all"` Destination string `schema:"destination"` - Format string `schema:"format"` TLSVerify bool `schema:"tlsVerify"` }{ // Add defaults here once needed. @@ -163,24 +162,21 @@ func ManifestPush(w http.ResponseWriter, r *http.Request) { } source := utils.GetName(r) - authConf, authfile, key, err := auth.GetCredentials(r) + authconf, authfile, key, err := auth.GetCredentials(r) if err != nil { utils.Error(w, "failed to retrieve repository credentials", http.StatusBadRequest, errors.Wrapf(err, "failed to parse %q header for %s", key, r.URL.String())) return } defer auth.RemoveAuthfile(authfile) var username, password string - if authConf != nil { - username = authConf.Username - password = authConf.Password - + if authconf != nil { + username = authconf.Username + password = authconf.Password } - options := entities.ImagePushOptions{ Authfile: authfile, Username: username, Password: password, - Format: query.Format, All: query.All, } if sys := runtime.SystemContext(); sys != nil { diff --git a/pkg/api/handlers/utils/containers.go b/pkg/api/handlers/utils/containers.go index 1439a3a75..fac237f87 100644 --- a/pkg/api/handlers/utils/containers.go +++ b/pkg/api/handlers/utils/containers.go @@ -6,6 +6,8 @@ import ( "github.com/containers/podman/v2/libpod" "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v2/pkg/domain/entities" + "github.com/containers/podman/v2/pkg/domain/infra/abi" "github.com/gorilla/schema" "github.com/pkg/errors" ) @@ -16,10 +18,13 @@ func WaitContainer(w http.ResponseWriter, r *http.Request) (int32, error) { interval time.Duration ) runtime := r.Context().Value("runtime").(*libpod.Runtime) + // Now use the ABI implementation to prevent us from having duplicate + // code. + containerEngine := abi.ContainerEngine{Libpod: runtime} decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { - Interval string `schema:"interval"` - Condition string `schema:"condition"` + Interval string `schema:"interval"` + Condition define.ContainerStatus `schema:"condition"` }{ // Override golang default values for types } @@ -27,6 +32,10 @@ func WaitContainer(w http.ResponseWriter, r *http.Request) (int32, error) { Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return 0, err } + options := entities.WaitOptions{ + Condition: define.ContainerStateStopped, + } + name := GetName(r) if _, found := r.URL.Query()["interval"]; found { interval, err = time.ParseDuration(query.Interval) if err != nil { @@ -40,19 +49,19 @@ func WaitContainer(w http.ResponseWriter, r *http.Request) (int32, error) { return 0, err } } - condition := define.ContainerStateStopped + options.Interval = interval + if _, found := r.URL.Query()["condition"]; found { - condition, err = define.StringToContainerStatus(query.Condition) - if err != nil { - InternalServerError(w, err) - return 0, err - } + options.Condition = query.Condition } - name := GetName(r) - con, err := runtime.LookupContainer(name) + + report, err := containerEngine.ContainerWait(r.Context(), []string{name}, options) if err != nil { - ContainerNotFound(w, name, err) return 0, err } - return con.WaitForConditionWithInterval(interval, condition) + if len(report) == 0 { + InternalServerError(w, errors.New("No reports returned")) + return 0, err + } + return report[0].ExitCode, report[0].Error } diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index 74a04b2e6..ff1781d1e 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -48,6 +48,11 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // default: false // description: Return all containers. By default, only running containers are shown // - in: query + // name: external + // type: boolean + // default: false + // description: Return containers in storage not controlled by Podman + // - in: query // name: limit // description: Return this number of most recently created containers, including non-running ones. // type: integer @@ -194,6 +199,11 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // required: true // description: the name or ID of the container // - in: query + // name: all + // type: boolean + // default: false + // description: Send kill signal to all containers + // - in: query // name: signal // type: string // default: TERM @@ -481,6 +491,11 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // - paused // - running // - stopped + // - in: query + // name: interval + // type: string + // default: "250ms" + // description: Time Interval to wait before polling for completion. // produces: // - application/json // responses: @@ -1214,9 +1229,20 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // required: true // description: the name or ID of the container // - in: query - // name: t + // name: all + // type: boolean + // default: false + // description: Stop all containers + // - in: query + // name: timeout // type: integer + // default: 10 // description: number of seconds to wait before killing container + // - in: query + // name: Ignore + // type: boolean + // default: false + // description: do not return error if container is already stopped // produces: // - application/json // responses: diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go index d76f811e9..2ce0829b4 100644 --- a/pkg/api/server/register_images.go +++ b/pkg/api/server/register_images.go @@ -235,6 +235,18 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // name: tag // type: string // description: The tag to associate with the image on the registry. + // - in: query + // name: all + // type: boolean + // description: All indicates whether to push all images related to the image list + // - in: query + // name: compress + // type: boolean + // description: use compression on image + // - in: query + // name: destination + // type: string + // description: destination name for the image being pushed // - in: header // name: X-Registry-Auth // type: string diff --git a/pkg/bindings/containers/containers.go b/pkg/bindings/containers/containers.go index 40fcfbded..8e644b712 100644 --- a/pkg/bindings/containers/containers.go +++ b/pkg/bindings/containers/containers.go @@ -5,7 +5,6 @@ import ( "io" "net/http" "net/url" - "strconv" "strings" "github.com/containers/podman/v2/libpod/define" @@ -83,18 +82,9 @@ func Remove(ctx context.Context, nameOrID string, options *RemoveOptions) error if err != nil { return err } - params := url.Values{} - if v := options.GetVolumes(); options.Changed("Volumes") { - params.Set("v", strconv.FormatBool(v)) - } - if all := options.GetAll(); options.Changed("All") { - params.Set("all", strconv.FormatBool(all)) - } - if force := options.GetForce(); options.Changed("Force") { - params.Set("force", strconv.FormatBool(force)) - } - if ignore := options.GetIgnore(); options.Changed("Ignore") { - params.Set("ignore", strconv.FormatBool(ignore)) + params, err := options.ToParams() + if err != nil { + return err } response, err := conn.DoRequest(nil, http.MethodDelete, "/containers/%s", params, nil, nameOrID) if err != nil { @@ -130,7 +120,7 @@ func Inspect(ctx context.Context, nameOrID string, options *InspectOptions) (*de // Kill sends a given signal to a given container. The signal should be the string // representation of a signal like 'SIGKILL'. The nameOrID can be a container name // or a partial/full ID -func Kill(ctx context.Context, nameOrID string, sig string, options *KillOptions) error { +func Kill(ctx context.Context, nameOrID string, options *KillOptions) error { if options == nil { options = new(KillOptions) } @@ -142,7 +132,6 @@ func Kill(ctx context.Context, nameOrID string, sig string, options *KillOptions if err != nil { return err } - params.Set("signal", sig) response, err := conn.DoRequest(nil, http.MethodPost, "/containers/%s/kill", params, nil, nameOrID) if err != nil { return err @@ -180,9 +169,9 @@ func Restart(ctx context.Context, nameOrID string, options *RestartOptions) erro if err != nil { return err } - params := url.Values{} - if options.Changed("Timeout") { - params.Set("t", strconv.Itoa(options.GetTimeout())) + params, err := options.ToParams() + if err != nil { + return err } response, err := conn.DoRequest(nil, http.MethodPost, "/containers/%s/restart", params, nil, nameOrID) if err != nil { @@ -335,9 +324,9 @@ func Wait(ctx context.Context, nameOrID string, options *WaitOptions) (int32, er if err != nil { return exitCode, err } - params := url.Values{} - if options.Changed("Condition") { - params.Set("condition", options.GetCondition().String()) + params, err := options.ToParams() + if err != nil { + return exitCode, err } response, err := conn.DoRequest(nil, http.MethodPost, "/containers/%s/wait", params, nil, nameOrID) if err != nil { diff --git a/pkg/bindings/containers/types.go b/pkg/bindings/containers/types.go index 24604fa83..771cde72c 100644 --- a/pkg/bindings/containers/types.go +++ b/pkg/bindings/containers/types.go @@ -106,6 +106,7 @@ type MountedContainerPathsOptions struct{} // ListOptions are optional options for listing containers type ListOptions struct { All *bool + External *bool Filters map[string][]string Last *int Namespace *bool @@ -122,7 +123,6 @@ type PruneOptions struct { //go:generate go run ../generator/generator.go RemoveOptions // RemoveOptions are optional options for removing containers type RemoveOptions struct { - All *bool Ignore *bool Force *bool Volumes *bool @@ -137,6 +137,7 @@ type InspectOptions struct { //go:generate go run ../generator/generator.go KillOptions // KillOptions are optional options for killing containers type KillOptions struct { + Signal *string } //go:generate go run ../generator/generator.go PauseOptions @@ -176,11 +177,13 @@ type UnpauseOptions struct{} // WaitOptions are optional options for waiting on containers type WaitOptions struct { Condition *define.ContainerStatus + Interval *string } //go:generate go run ../generator/generator.go StopOptions // StopOptions are optional options for stopping containers type StopOptions struct { + Ignore *bool Timeout *uint } diff --git a/pkg/bindings/containers/types_kill_options.go b/pkg/bindings/containers/types_kill_options.go index dd84f0d9f..c5d5a3c6a 100644 --- a/pkg/bindings/containers/types_kill_options.go +++ b/pkg/bindings/containers/types_kill_options.go @@ -86,3 +86,19 @@ func (o *KillOptions) ToParams() (url.Values, error) { } return params, nil } + +// WithSignal +func (o *KillOptions) WithSignal(value string) *KillOptions { + v := &value + o.Signal = v + return o +} + +// GetSignal +func (o *KillOptions) GetSignal() string { + var signal string + if o.Signal == nil { + return signal + } + return *o.Signal +} diff --git a/pkg/bindings/containers/types_list_options.go b/pkg/bindings/containers/types_list_options.go index 43326fa59..c363dcd32 100644 --- a/pkg/bindings/containers/types_list_options.go +++ b/pkg/bindings/containers/types_list_options.go @@ -103,6 +103,22 @@ func (o *ListOptions) GetAll() bool { return *o.All } +// WithExternal +func (o *ListOptions) WithExternal(value bool) *ListOptions { + v := &value + o.External = v + return o +} + +// GetExternal +func (o *ListOptions) GetExternal() bool { + var external bool + if o.External == nil { + return external + } + return *o.External +} + // WithFilters func (o *ListOptions) WithFilters(value map[string][]string) *ListOptions { v := value diff --git a/pkg/bindings/containers/types_remove_options.go b/pkg/bindings/containers/types_remove_options.go index 3ef32fa03..ffe1488c1 100644 --- a/pkg/bindings/containers/types_remove_options.go +++ b/pkg/bindings/containers/types_remove_options.go @@ -87,22 +87,6 @@ func (o *RemoveOptions) ToParams() (url.Values, error) { return params, nil } -// WithAll -func (o *RemoveOptions) WithAll(value bool) *RemoveOptions { - v := &value - o.All = v - return o -} - -// GetAll -func (o *RemoveOptions) GetAll() bool { - var all bool - if o.All == nil { - return all - } - return *o.All -} - // WithIgnore func (o *RemoveOptions) WithIgnore(value bool) *RemoveOptions { v := &value diff --git a/pkg/bindings/containers/types_stop_options.go b/pkg/bindings/containers/types_stop_options.go index db692dbf0..940ec5832 100644 --- a/pkg/bindings/containers/types_stop_options.go +++ b/pkg/bindings/containers/types_stop_options.go @@ -87,6 +87,22 @@ func (o *StopOptions) ToParams() (url.Values, error) { return params, nil } +// WithIgnore +func (o *StopOptions) WithIgnore(value bool) *StopOptions { + v := &value + o.Ignore = v + return o +} + +// GetIgnore +func (o *StopOptions) GetIgnore() bool { + var ignore bool + if o.Ignore == nil { + return ignore + } + return *o.Ignore +} + // WithTimeout func (o *StopOptions) WithTimeout(value uint) *StopOptions { v := &value diff --git a/pkg/bindings/containers/types_wait_options.go b/pkg/bindings/containers/types_wait_options.go index 470d67611..2f5aa983e 100644 --- a/pkg/bindings/containers/types_wait_options.go +++ b/pkg/bindings/containers/types_wait_options.go @@ -103,3 +103,19 @@ func (o *WaitOptions) GetCondition() define.ContainerStatus { } return *o.Condition } + +// WithInterval +func (o *WaitOptions) WithInterval(value string) *WaitOptions { + v := &value + o.Interval = v + return o +} + +// GetInterval +func (o *WaitOptions) GetInterval() string { + var interval string + if o.Interval == nil { + return interval + } + return *o.Interval +} diff --git a/pkg/bindings/images/types.go b/pkg/bindings/images/types.go index 0248f2fa6..7bf70c82b 100644 --- a/pkg/bindings/images/types.go +++ b/pkg/bindings/images/types.go @@ -2,7 +2,6 @@ package images import ( "github.com/containers/buildah/imagebuildah" - "github.com/containers/common/pkg/config" ) //go:generate go run ../generator/generator.go RemoveOptions @@ -104,37 +103,16 @@ type PushOptions struct { // Authfile is the path to the authentication file. Ignored for remote // calls. Authfile *string - // CertDir is the path to certificate directories. Ignored for remote - // calls. - CertDir *string - // Compress tarball image layers when pushing to a directory using the 'dir' - // transport. Default is same compression type as source. Ignored for remote - // calls. + // Compress tarball image layers when pushing to a directory using the 'dir' transport. Compress *bool - // Username for authenticating against the registry. - Username *string + // Manifest type of the pushed image + Format *string // Password for authenticating against the registry. Password *string - // DigestFile, after copying the image, write the digest of the resulting - // image to the file. Ignored for remote calls. - DigestFile *string - // Format is the Manifest type (oci, v2s1, or v2s2) to use when pushing an - // image using the 'dir' transport. Default is manifest type of source. - // Ignored for remote calls. - Format *string - // Quiet can be specified to suppress pull progress when pulling. Ignored - // for remote calls. - Quiet *bool - // RemoveSignatures, discard any pre-existing signatures in the image. - // Ignored for remote calls. - RemoveSignatures *bool - // SignaturePolicy to use when pulling. Ignored for remote calls. - SignaturePolicy *string - // SignBy adds a signature at the destination using the specified key. - // Ignored for remote calls. - SignBy *string // SkipTLSVerify to skip HTTPS and certificate verification. SkipTLSVerify *bool + // Username for authenticating against the registry. + Username *string } //go:generate go run ../generator/generator.go SearchOptions @@ -161,32 +139,25 @@ type PullOptions struct { // AllTags can be specified to pull all tags of an image. Note // that this only works if the image does not include a tag. AllTags *bool + // Arch will overwrite the local architecture for image pulls. + Arch *string // Authfile is the path to the authentication file. Ignored for remote // calls. Authfile *string - // CertDir is the path to certificate directories. Ignored for remote - // calls. - CertDir *string - // Username for authenticating against the registry. - Username *string - // Password for authenticating against the registry. - Password *string - // Arch will overwrite the local architecture for image pulls. - Arch *string // OS will overwrite the local operating system (OS) for image // pulls. OS *string - // Variant will overwrite the local variant for image pulls. - Variant *string + // Password for authenticating against the registry. + Password *string // Quiet can be specified to suppress pull progress when pulling. Ignored // for remote calls. Quiet *bool - // SignaturePolicy to use when pulling. Ignored for remote calls. - SignaturePolicy *string // SkipTLSVerify to skip HTTPS and certificate verification. SkipTLSVerify *bool - // PullPolicy whether to pull new image - PullPolicy *config.PullPolicy + // Username for authenticating against the registry. + Username *string + // Variant will overwrite the local variant for image pulls. + Variant *string } //BuildOptions are optional options for building images diff --git a/pkg/bindings/images/types_pull_options.go b/pkg/bindings/images/types_pull_options.go index 2bdf2b66e..5452560fb 100644 --- a/pkg/bindings/images/types_pull_options.go +++ b/pkg/bindings/images/types_pull_options.go @@ -6,7 +6,6 @@ import ( "strconv" "strings" - "github.com/containers/common/pkg/config" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" ) @@ -104,70 +103,6 @@ func (o *PullOptions) GetAllTags() bool { return *o.AllTags } -// WithAuthfile -func (o *PullOptions) WithAuthfile(value string) *PullOptions { - v := &value - o.Authfile = v - return o -} - -// GetAuthfile -func (o *PullOptions) GetAuthfile() string { - var authfile string - if o.Authfile == nil { - return authfile - } - return *o.Authfile -} - -// WithCertDir -func (o *PullOptions) WithCertDir(value string) *PullOptions { - v := &value - o.CertDir = v - return o -} - -// GetCertDir -func (o *PullOptions) GetCertDir() string { - var certDir string - if o.CertDir == nil { - return certDir - } - return *o.CertDir -} - -// WithUsername -func (o *PullOptions) WithUsername(value string) *PullOptions { - v := &value - o.Username = v - return o -} - -// GetUsername -func (o *PullOptions) GetUsername() string { - var username string - if o.Username == nil { - return username - } - return *o.Username -} - -// WithPassword -func (o *PullOptions) WithPassword(value string) *PullOptions { - v := &value - o.Password = v - return o -} - -// GetPassword -func (o *PullOptions) GetPassword() string { - var password string - if o.Password == nil { - return password - } - return *o.Password -} - // WithArch func (o *PullOptions) WithArch(value string) *PullOptions { v := &value @@ -184,6 +119,22 @@ func (o *PullOptions) GetArch() string { return *o.Arch } +// WithAuthfile +func (o *PullOptions) WithAuthfile(value string) *PullOptions { + v := &value + o.Authfile = v + return o +} + +// GetAuthfile +func (o *PullOptions) GetAuthfile() string { + var authfile string + if o.Authfile == nil { + return authfile + } + return *o.Authfile +} + // WithOS func (o *PullOptions) WithOS(value string) *PullOptions { v := &value @@ -200,20 +151,20 @@ func (o *PullOptions) GetOS() string { return *o.OS } -// WithVariant -func (o *PullOptions) WithVariant(value string) *PullOptions { +// WithPassword +func (o *PullOptions) WithPassword(value string) *PullOptions { v := &value - o.Variant = v + o.Password = v return o } -// GetVariant -func (o *PullOptions) GetVariant() string { - var variant string - if o.Variant == nil { - return variant +// GetPassword +func (o *PullOptions) GetPassword() string { + var password string + if o.Password == nil { + return password } - return *o.Variant + return *o.Password } // WithQuiet @@ -232,22 +183,6 @@ func (o *PullOptions) GetQuiet() bool { return *o.Quiet } -// WithSignaturePolicy -func (o *PullOptions) WithSignaturePolicy(value string) *PullOptions { - v := &value - o.SignaturePolicy = v - return o -} - -// GetSignaturePolicy -func (o *PullOptions) GetSignaturePolicy() string { - var signaturePolicy string - if o.SignaturePolicy == nil { - return signaturePolicy - } - return *o.SignaturePolicy -} - // WithSkipTLSVerify func (o *PullOptions) WithSkipTLSVerify(value bool) *PullOptions { v := &value @@ -264,18 +199,34 @@ func (o *PullOptions) GetSkipTLSVerify() bool { return *o.SkipTLSVerify } -// WithPullPolicy -func (o *PullOptions) WithPullPolicy(value config.PullPolicy) *PullOptions { +// WithUsername +func (o *PullOptions) WithUsername(value string) *PullOptions { + v := &value + o.Username = v + return o +} + +// GetUsername +func (o *PullOptions) GetUsername() string { + var username string + if o.Username == nil { + return username + } + return *o.Username +} + +// WithVariant +func (o *PullOptions) WithVariant(value string) *PullOptions { v := &value - o.PullPolicy = v + o.Variant = v return o } -// GetPullPolicy -func (o *PullOptions) GetPullPolicy() config.PullPolicy { - var pullPolicy config.PullPolicy - if o.PullPolicy == nil { - return pullPolicy +// GetVariant +func (o *PullOptions) GetVariant() string { + var variant string + if o.Variant == nil { + return variant } - return *o.PullPolicy + return *o.Variant } diff --git a/pkg/bindings/images/types_push_options.go b/pkg/bindings/images/types_push_options.go index 0c12ce4ac..b7d8a6f2d 100644 --- a/pkg/bindings/images/types_push_options.go +++ b/pkg/bindings/images/types_push_options.go @@ -119,22 +119,6 @@ func (o *PushOptions) GetAuthfile() string { return *o.Authfile } -// WithCertDir -func (o *PushOptions) WithCertDir(value string) *PushOptions { - v := &value - o.CertDir = v - return o -} - -// GetCertDir -func (o *PushOptions) GetCertDir() string { - var certDir string - if o.CertDir == nil { - return certDir - } - return *o.CertDir -} - // WithCompress func (o *PushOptions) WithCompress(value bool) *PushOptions { v := &value @@ -151,54 +135,6 @@ func (o *PushOptions) GetCompress() bool { return *o.Compress } -// WithUsername -func (o *PushOptions) WithUsername(value string) *PushOptions { - v := &value - o.Username = v - return o -} - -// GetUsername -func (o *PushOptions) GetUsername() string { - var username string - if o.Username == nil { - return username - } - return *o.Username -} - -// WithPassword -func (o *PushOptions) WithPassword(value string) *PushOptions { - v := &value - o.Password = v - return o -} - -// GetPassword -func (o *PushOptions) GetPassword() string { - var password string - if o.Password == nil { - return password - } - return *o.Password -} - -// WithDigestFile -func (o *PushOptions) WithDigestFile(value string) *PushOptions { - v := &value - o.DigestFile = v - return o -} - -// GetDigestFile -func (o *PushOptions) GetDigestFile() string { - var digestFile string - if o.DigestFile == nil { - return digestFile - } - return *o.DigestFile -} - // WithFormat func (o *PushOptions) WithFormat(value string) *PushOptions { v := &value @@ -215,68 +151,20 @@ func (o *PushOptions) GetFormat() string { return *o.Format } -// WithQuiet -func (o *PushOptions) WithQuiet(value bool) *PushOptions { - v := &value - o.Quiet = v - return o -} - -// GetQuiet -func (o *PushOptions) GetQuiet() bool { - var quiet bool - if o.Quiet == nil { - return quiet - } - return *o.Quiet -} - -// WithRemoveSignatures -func (o *PushOptions) WithRemoveSignatures(value bool) *PushOptions { - v := &value - o.RemoveSignatures = v - return o -} - -// GetRemoveSignatures -func (o *PushOptions) GetRemoveSignatures() bool { - var removeSignatures bool - if o.RemoveSignatures == nil { - return removeSignatures - } - return *o.RemoveSignatures -} - -// WithSignaturePolicy -func (o *PushOptions) WithSignaturePolicy(value string) *PushOptions { - v := &value - o.SignaturePolicy = v - return o -} - -// GetSignaturePolicy -func (o *PushOptions) GetSignaturePolicy() string { - var signaturePolicy string - if o.SignaturePolicy == nil { - return signaturePolicy - } - return *o.SignaturePolicy -} - -// WithSignBy -func (o *PushOptions) WithSignBy(value string) *PushOptions { +// WithPassword +func (o *PushOptions) WithPassword(value string) *PushOptions { v := &value - o.SignBy = v + o.Password = v return o } -// GetSignBy -func (o *PushOptions) GetSignBy() string { - var signBy string - if o.SignBy == nil { - return signBy +// GetPassword +func (o *PushOptions) GetPassword() string { + var password string + if o.Password == nil { + return password } - return *o.SignBy + return *o.Password } // WithSkipTLSVerify @@ -294,3 +182,19 @@ func (o *PushOptions) GetSkipTLSVerify() bool { } return *o.SkipTLSVerify } + +// WithUsername +func (o *PushOptions) WithUsername(value string) *PushOptions { + v := &value + o.Username = v + return o +} + +// GetUsername +func (o *PushOptions) GetUsername() string { + var username string + if o.Username == nil { + return username + } + return *o.Username +} diff --git a/pkg/bindings/manifests/manifests.go b/pkg/bindings/manifests/manifests.go index fec9832a0..4634dd442 100644 --- a/pkg/bindings/manifests/manifests.go +++ b/pkg/bindings/manifests/manifests.go @@ -153,7 +153,6 @@ func Push(ctx context.Context, name, destination string, options *images.PushOpt } params.Set("image", name) params.Set("destination", destination) - params.Set("format", *options.Format) _, err = conn.DoRequest(nil, http.MethodPost, "/manifests/%s/push", params, nil, name) if err != nil { return "", err diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go index 3d7526cb8..9b9f98047 100644 --- a/pkg/bindings/test/containers_test.go +++ b/pkg/bindings/test/containers_test.go @@ -443,7 +443,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill bogus container", func() { // Killing bogus container should return 404 - err := containers.Kill(bt.conn, "foobar", "SIGTERM", nil) + err := containers.Kill(bt.conn, "foobar", new(containers.KillOptions).WithSignal("SIGTERM")) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusNotFound)) @@ -454,7 +454,7 @@ var _ = Describe("Podman containers ", func() { var name = "top" _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) - err = containers.Kill(bt.conn, name, "SIGINT", nil) + err = containers.Kill(bt.conn, name, new(containers.KillOptions).WithSignal("SIGINT")) Expect(err).To(BeNil()) _, err = containers.Exists(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -465,7 +465,7 @@ var _ = Describe("Podman containers ", func() { var name = "top" cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) - err = containers.Kill(bt.conn, cid, "SIGTERM", nil) + err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("SIGTERM")) Expect(err).To(BeNil()) _, err = containers.Exists(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -476,7 +476,7 @@ var _ = Describe("Podman containers ", func() { var name = "top" cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) - err = containers.Kill(bt.conn, cid, "SIGKILL", nil) + err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("SIGKILL")) Expect(err).To(BeNil()) }) @@ -485,7 +485,7 @@ var _ = Describe("Podman containers ", func() { var name = "top" cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) - err = containers.Kill(bt.conn, cid, "foobar", nil) + err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("foobar")) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -501,7 +501,7 @@ var _ = Describe("Podman containers ", func() { Expect(err).To(BeNil()) containerLatestList, err := containers.List(bt.conn, new(containers.ListOptions).WithLast(1)) Expect(err).To(BeNil()) - err = containers.Kill(bt.conn, containerLatestList[0].Names[0], "SIGTERM", nil) + err = containers.Kill(bt.conn, containerLatestList[0].Names[0], new(containers.KillOptions).WithSignal("SIGTERM")) Expect(err).To(BeNil()) }) diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go index c200dd01a..285fd093a 100644 --- a/pkg/cgroups/cgroups.go +++ b/pkg/cgroups/cgroups.go @@ -24,6 +24,7 @@ var ( ErrCgroupDeleted = errors.New("cgroup deleted") // ErrCgroupV1Rootless means the cgroup v1 were attempted to be used in rootless environment ErrCgroupV1Rootless = errors.New("no support for CGroups V1 in rootless environments") + ErrStatCgroup = errors.New("no cgroup available for gathering user statistics") ) // CgroupControl controls a cgroup hierarchy @@ -525,10 +526,19 @@ func (c *CgroupControl) AddPid(pid int) error { // Stat returns usage statistics for the cgroup func (c *CgroupControl) Stat() (*Metrics, error) { m := Metrics{} + found := false for _, h := range handlers { if err := h.Stat(c, &m); err != nil { - return nil, err + if !os.IsNotExist(errors.Cause(err)) { + return nil, err + } + logrus.Warningf("Failed to retrieve cgroup stats: %v", err) + continue } + found = true + } + if !found { + return nil, ErrStatCgroup } return &m, nil } diff --git a/pkg/cgroups/cgroups_test.go b/pkg/cgroups/cgroups_test.go new file mode 100644 index 000000000..54315f7be --- /dev/null +++ b/pkg/cgroups/cgroups_test.go @@ -0,0 +1,32 @@ +package cgroups + +import ( + "testing" + + "github.com/containers/podman/v2/pkg/rootless" + spec "github.com/opencontainers/runtime-spec/specs-go" +) + +func TestCreated(t *testing.T) { + // tests only works in rootless mode + if rootless.IsRootless() { + return + } + + var resources spec.LinuxResources + cgr, err := New("machine.slice", &resources) + if err != nil { + t.Error(err) + } + if err := cgr.Delete(); err != nil { + t.Error(err) + } + + cgr, err = NewSystemd("machine.slice") + if err != nil { + t.Error(err) + } + if err := cgr.Delete(); err != nil { + t.Error(err) + } +} diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index 4c1bd6a7d..63be5578f 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -81,11 +81,10 @@ type PauseUnpauseReport struct { } type StopOptions struct { - All bool - CIDFiles []string - Ignore bool - Latest bool - Timeout *uint + All bool + Ignore bool + Latest bool + Timeout *uint } type StopReport struct { @@ -104,10 +103,9 @@ type TopOptions struct { } type KillOptions struct { - All bool - Latest bool - Signal string - CIDFiles []string + All bool + Latest bool + Signal string } type KillReport struct { @@ -297,8 +295,8 @@ type ContainerListOptions struct { Pod bool Quiet bool Size bool + External bool Sort string - Storage bool Sync bool Watch uint } diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index 48a32817d..d0599a595 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -6,7 +6,6 @@ import ( "io/ioutil" "os" "strconv" - "strings" "sync" "time" @@ -139,14 +138,6 @@ func (ic *ContainerEngine) ContainerUnpause(ctx context.Context, namesOrIds []st } func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []string, options entities.StopOptions) ([]*entities.StopReport, error) { names := namesOrIds - for _, cidFile := range options.CIDFiles { - content, err := ioutil.ReadFile(cidFile) - if err != nil { - return nil, errors.Wrap(err, "error reading CIDFile") - } - id := strings.Split(string(content), "\n")[0] - names = append(names, id) - } ctrs, err := getContainersByContext(options.All, options.Latest, names, ic.Libpod) if err != nil && !(options.Ignore && errors.Cause(err) == define.ErrNoSuchCtr) { return nil, err @@ -202,14 +193,6 @@ func (ic *ContainerEngine) ContainerPrune(ctx context.Context, options entities. } func (ic *ContainerEngine) ContainerKill(ctx context.Context, namesOrIds []string, options entities.KillOptions) ([]*entities.KillReport, error) { - for _, cidFile := range options.CIDFiles { - content, err := ioutil.ReadFile(cidFile) - if err != nil { - return nil, errors.Wrap(err, "error reading CIDFile") - } - id := strings.Split(string(content), "\n")[0] - namesOrIds = append(namesOrIds, id) - } sig, err := signal.ParseSignalNameOrNumber(options.Signal) if err != nil { return nil, err diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go index 524b29553..e9c513f8e 100644 --- a/pkg/domain/infra/tunnel/containers.go +++ b/pkg/domain/infra/tunnel/containers.go @@ -4,7 +4,6 @@ import ( "context" "fmt" "io" - "io/ioutil" "os" "strconv" "strings" @@ -41,7 +40,7 @@ func (ic *ContainerEngine) ContainerWait(ctx context.Context, namesOrIds []strin return nil, err } responses := make([]entities.WaitReport, 0, len(cons)) - options := new(containers.WaitOptions).WithCondition(opts.Condition) + options := new(containers.WaitOptions).WithCondition(opts.Condition).WithInterval(opts.Interval.String()) for _, c := range cons { response := entities.WaitReport{Id: c.ID} exitCode, err := containers.Wait(ic.ClientCtx, c.ID, options) @@ -83,19 +82,11 @@ func (ic *ContainerEngine) ContainerUnpause(ctx context.Context, namesOrIds []st func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []string, opts entities.StopOptions) ([]*entities.StopReport, error) { reports := []*entities.StopReport{} - for _, cidFile := range opts.CIDFiles { - content, err := ioutil.ReadFile(cidFile) - if err != nil { - return nil, errors.Wrap(err, "error reading CIDFile") - } - id := strings.Split(string(content), "\n")[0] - namesOrIds = append(namesOrIds, id) - } ctrs, err := getContainersByContext(ic.ClientCtx, opts.All, opts.Ignore, namesOrIds) if err != nil { return nil, err } - options := new(containers.StopOptions) + options := new(containers.StopOptions).WithIgnore(opts.Ignore) if to := opts.Timeout; to != nil { options.WithTimeout(*to) } @@ -126,23 +117,16 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin } func (ic *ContainerEngine) ContainerKill(ctx context.Context, namesOrIds []string, opts entities.KillOptions) ([]*entities.KillReport, error) { - for _, cidFile := range opts.CIDFiles { - content, err := ioutil.ReadFile(cidFile) - if err != nil { - return nil, errors.Wrap(err, "error reading CIDFile") - } - id := strings.Split(string(content), "\n")[0] - namesOrIds = append(namesOrIds, id) - } ctrs, err := getContainersByContext(ic.ClientCtx, opts.All, false, namesOrIds) if err != nil { return nil, err } + options := new(containers.KillOptions).WithSignal(opts.Signal) reports := make([]*entities.KillReport, 0, len(ctrs)) for _, c := range ctrs { reports = append(reports, &entities.KillReport{ Id: c.ID, - Err: containers.Kill(ic.ClientCtx, c.ID, opts.Signal, nil), + Err: containers.Kill(ic.ClientCtx, c.ID, options), }) } return reports, nil @@ -173,19 +157,32 @@ func (ic *ContainerEngine) ContainerRestart(ctx context.Context, namesOrIds []st } func (ic *ContainerEngine) ContainerRm(ctx context.Context, namesOrIds []string, opts entities.RmOptions) ([]*entities.RmReport, error) { - ctrs, err := getContainersByContext(ic.ClientCtx, opts.All, opts.Ignore, namesOrIds) - if err != nil { - return nil, err - } // TODO there is no endpoint for container eviction. Need to discuss - reports := make([]*entities.RmReport, 0, len(ctrs)) - options := new(containers.RemoveOptions).WithForce(opts.Force).WithVolumes(opts.Volumes) - for _, c := range ctrs { + options := new(containers.RemoveOptions).WithForce(opts.Force).WithVolumes(opts.Volumes).WithIgnore(opts.Ignore) + + if opts.All { + ctrs, err := getContainersByContext(ic.ClientCtx, opts.All, opts.Ignore, namesOrIds) + if err != nil { + return nil, err + } + reports := make([]*entities.RmReport, 0, len(ctrs)) + for _, c := range ctrs { + reports = append(reports, &entities.RmReport{ + Id: c.ID, + Err: containers.Remove(ic.ClientCtx, c.ID, options), + }) + } + return reports, nil + } + + reports := make([]*entities.RmReport, 0, len(namesOrIds)) + for _, name := range namesOrIds { reports = append(reports, &entities.RmReport{ - Id: c.ID, - Err: containers.Remove(ic.ClientCtx, c.ID, options), + Id: name, + Err: containers.Remove(ic.ClientCtx, name, options), }) } + return reports, nil } @@ -601,7 +598,7 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri func (ic *ContainerEngine) ContainerList(ctx context.Context, opts entities.ContainerListOptions) ([]entities.ListContainer, error) { options := new(containers.ListOptions).WithFilters(opts.Filters).WithAll(opts.All).WithLast(opts.Last) - options.WithNamespace(opts.Namespace).WithSize(opts.Size).WithSync(opts.Sync) + options.WithNamespace(opts.Namespace).WithSize(opts.Size).WithSync(opts.Sync).WithExternal(opts.External) return containers.List(ic.ClientCtx, options) } diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go index 0de756756..f10c8c175 100644 --- a/pkg/domain/infra/tunnel/images.go +++ b/pkg/domain/infra/tunnel/images.go @@ -106,8 +106,9 @@ func (ir *ImageEngine) Prune(ctx context.Context, opts entities.ImagePruneOption func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, opts entities.ImagePullOptions) (*entities.ImagePullReport, error) { options := new(images.PullOptions) - options.WithAllTags(opts.AllTags).WithAuthfile(opts.Authfile).WithCertDir(opts.CertDir).WithArch(opts.Arch).WithOS(opts.OS) - options.WithVariant(opts.Variant).WithPassword(opts.Password).WithPullPolicy(opts.PullPolicy) + options.WithAllTags(opts.AllTags).WithAuthfile(opts.Authfile).WithArch(opts.Arch).WithOS(opts.OS) + options.WithVariant(opts.Variant).WithPassword(opts.Password) + options.WithQuiet(opts.Quiet).WithUsername(opts.Username) if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined { if s == types.OptionalBoolTrue { options.WithSkipTLSVerify(true) @@ -115,7 +116,6 @@ func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, opts entities. options.WithSkipTLSVerify(false) } } - options.WithQuiet(opts.Quiet).WithSignaturePolicy(opts.SignaturePolicy).WithUsername(opts.Username) pulledImages, err := images.Pull(ir.ClientCtx, rawImage, options) if err != nil { return nil, err @@ -236,10 +236,7 @@ func (ir *ImageEngine) Import(ctx context.Context, opts entities.ImageImportOpti func (ir *ImageEngine) Push(ctx context.Context, source string, destination string, opts entities.ImagePushOptions) error { options := new(images.PushOptions) - options.WithUsername(opts.Username).WithSignaturePolicy(opts.SignaturePolicy).WithQuiet(opts.Quiet) - options.WithPassword(opts.Password).WithCertDir(opts.CertDir).WithAuthfile(opts.Authfile) - options.WithCompress(opts.Compress).WithDigestFile(opts.DigestFile).WithFormat(opts.Format) - options.WithRemoveSignatures(opts.RemoveSignatures).WithSignBy(opts.SignBy) + options.WithAll(opts.All).WithCompress(opts.Compress).WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithFormat(opts.Format) if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined { if s == types.OptionalBoolTrue { diff --git a/pkg/domain/infra/tunnel/manifest.go b/pkg/domain/infra/tunnel/manifest.go index c12ba0045..e261afee2 100644 --- a/pkg/domain/infra/tunnel/manifest.go +++ b/pkg/domain/infra/tunnel/manifest.go @@ -86,10 +86,8 @@ func (ir *ImageEngine) ManifestRemove(ctx context.Context, names []string) (stri // ManifestPush pushes a manifest list or image index to the destination func (ir *ImageEngine) ManifestPush(ctx context.Context, name, destination string, opts entities.ImagePushOptions) (string, error) { options := new(images.PushOptions) - options.WithUsername(opts.Username).WithSignaturePolicy(opts.SignaturePolicy).WithQuiet(opts.Quiet) - options.WithPassword(opts.Password).WithCertDir(opts.CertDir).WithAuthfile(opts.Authfile) - options.WithCompress(opts.Compress).WithDigestFile(opts.DigestFile).WithFormat(opts.Format) - options.WithRemoveSignatures(opts.RemoveSignatures).WithSignBy(opts.SignBy) + options.WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile) + options.WithAll(opts.All) if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined { if s == types.OptionalBoolTrue { diff --git a/pkg/ps/ps.go b/pkg/ps/ps.go index dc577890a..42f9e1d39 100644 --- a/pkg/ps/ps.go +++ b/pkg/ps/ps.go @@ -69,7 +69,7 @@ func GetContainerLists(runtime *libpod.Runtime, options entities.ContainerListOp pss = append(pss, listCon) } - if options.All && options.Storage { + if options.All && options.External { externCons, err := runtime.StorageContainers() if err != nil { return nil, err diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go index a0d36f865..81cb8b78d 100644 --- a/pkg/specgen/container_validate.go +++ b/pkg/specgen/container_validate.go @@ -30,7 +30,7 @@ func exclusiveOptions(opt1, opt2 string) error { // input for creating a container. func (s *SpecGenerator) Validate() error { - if rootless.IsRootless() { + if rootless.IsRootless() && len(s.CNINetworks) == 0 { if s.StaticIP != nil || s.StaticIPv6 != nil { return ErrNoStaticIPRootless } diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index e39a700eb..0d7ee3ad2 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -3,6 +3,7 @@ package kube import ( "context" "fmt" + "net" "strings" "github.com/containers/common/pkg/parse" @@ -44,6 +45,31 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec) podPorts := getPodPorts(podYAML.Spec.Containers) p.PortMappings = podPorts + if dnsConfig := podYAML.Spec.DNSConfig; dnsConfig != nil { + // name servers + if dnsServers := dnsConfig.Nameservers; len(dnsServers) > 0 { + servers := make([]net.IP, 0) + for _, server := range dnsServers { + servers = append(servers, net.ParseIP(server)) + } + p.DNSServer = servers + } + // search domans + if domains := dnsConfig.Searches; len(domains) > 0 { + p.DNSSearch = domains + } + // dns options + if options := dnsConfig.Options; len(options) > 0 { + dnsOptions := make([]string, 0) + for _, opts := range options { + d := opts.Name + if opts.Value != nil { + d += ":" + *opts.Value + } + dnsOptions = append(dnsOptions, d) + } + } + } return p, nil } diff --git a/pkg/specgen/pod_validate.go b/pkg/specgen/pod_validate.go index 7c81f3f9f..518adb32f 100644 --- a/pkg/specgen/pod_validate.go +++ b/pkg/specgen/pod_validate.go @@ -20,7 +20,7 @@ func exclusivePodOptions(opt1, opt2 string) error { // Validate verifies the input is valid func (p *PodSpecGenerator) Validate() error { - if rootless.IsRootless() { + if rootless.IsRootless() && len(p.CNINetworks) == 0 { if p.StaticIP != nil { return ErrNoStaticIPRootless } diff --git a/pkg/systemd/generate/common.go b/pkg/systemd/generate/common.go index de6751a17..e9902319c 100644 --- a/pkg/systemd/generate/common.go +++ b/pkg/systemd/generate/common.go @@ -60,13 +60,21 @@ func filterPodFlags(command []string) []string { return processed } -// quoteArguments makes sure that all arguments with at least one whitespace +// escapeSystemdArguments makes sure that all arguments with at least one whitespace // are quoted to make sure those are interpreted as one argument instead of -// multiple ones. -func quoteArguments(command []string) []string { +// multiple ones. Also make sure to escape all characters which have a special +// meaning to systemd -> $,% and \ +// see: https://www.freedesktop.org/software/systemd/man/systemd.service.html#Command%20lines +func escapeSystemdArguments(command []string) []string { for i := range command { + command[i] = strings.ReplaceAll(command[i], "$", "$$") + command[i] = strings.ReplaceAll(command[i], "%", "%%") if strings.ContainsAny(command[i], " \t") { command[i] = strconv.Quote(command[i]) + } else if strings.Contains(command[i], `\`) { + // strconv.Quote also escapes backslashes so + // we should replace only if strconv.Quote was not used + command[i] = strings.ReplaceAll(command[i], `\`, `\\`) } } return command diff --git a/pkg/systemd/generate/common_test.go b/pkg/systemd/generate/common_test.go index d0ec5637c..a0691d1ad 100644 --- a/pkg/systemd/generate/common_test.go +++ b/pkg/systemd/generate/common_test.go @@ -29,7 +29,7 @@ func TestFilterPodFlags(t *testing.T) { } } -func TestQuoteArguments(t *testing.T) { +func TestEscapeSystemdArguments(t *testing.T) { tests := []struct { input []string output []string @@ -46,10 +46,46 @@ func TestQuoteArguments(t *testing.T) { []string{"foo", "bar=\"arg with\ttab\""}, []string{"foo", "\"bar=\\\"arg with\\ttab\\\"\""}, }, + { + []string{"$"}, + []string{"$$"}, + }, + { + []string{"foo", "command with dollar sign $"}, + []string{"foo", "\"command with dollar sign $$\""}, + }, + { + []string{"foo", "command with two dollar signs $$"}, + []string{"foo", "\"command with two dollar signs $$$$\""}, + }, + { + []string{"%"}, + []string{"%%"}, + }, + { + []string{"foo", "command with percent sign %"}, + []string{"foo", "\"command with percent sign %%\""}, + }, + { + []string{"foo", "command with two percent signs %%"}, + []string{"foo", "\"command with two percent signs %%%%\""}, + }, + { + []string{`\`}, + []string{`\\`}, + }, + { + []string{"foo", `command with backslash \`}, + []string{"foo", `"command with backslash \\"`}, + }, + { + []string{"foo", `command with two backslashs \\`}, + []string{"foo", `"command with two backslashs \\\\"`}, + }, } for _, test := range tests { - quoted := quoteArguments(test.input) + quoted := escapeSystemdArguments(test.input) assert.Equal(t, test.output, quoted) } } diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go index 5f52b0a77..abe159812 100644 --- a/pkg/systemd/generate/containers.go +++ b/pkg/systemd/generate/containers.go @@ -204,7 +204,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst startCommand := []string{info.Executable} if index > 2 { // include root flags - info.RootFlags = strings.Join(quoteArguments(info.CreateCommand[1:index-1]), " ") + info.RootFlags = strings.Join(escapeSystemdArguments(info.CreateCommand[1:index-1]), " ") startCommand = append(startCommand, info.CreateCommand[1:index-1]...) } startCommand = append(startCommand, @@ -279,7 +279,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst } } startCommand = append(startCommand, remainingCmd...) - startCommand = quoteArguments(startCommand) + startCommand = escapeSystemdArguments(startCommand) info.ExecStartPre = "/bin/rm -f {{{{.PIDFile}}}} {{{{.ContainerIDFile}}}}" info.ExecStart = strings.Join(startCommand, " ") diff --git a/pkg/systemd/generate/containers_test.go b/pkg/systemd/generate/containers_test.go index 96d95644b..be14e4c28 100644 --- a/pkg/systemd/generate/containers_test.go +++ b/pkg/systemd/generate/containers_test.go @@ -352,6 +352,30 @@ Type=forking [Install] WantedBy=multi-user.target default.target ` + + goodNewWithSpecialChars := `# jadda-jadda.service +# autogenerated by Podman CI + +[Unit] +Description=Podman jadda-jadda.service +Documentation=man:podman-generate-systemd(1) +Wants=network.target +After=network-online.target + +[Service] +Environment=PODMAN_SYSTEMD_UNIT=%n +Restart=always +TimeoutStopSec=70 +ExecStartPre=/bin/rm -f %t/jadda-jadda.pid %t/jadda-jadda.ctr-id +ExecStart=/usr/bin/podman run --conmon-pidfile %t/jadda-jadda.pid --cidfile %t/jadda-jadda.ctr-id --cgroups=no-conmon -d --replace --name test awesome-image:latest sh -c "kill $$$$ && echo %%\\" +ExecStop=/usr/bin/podman stop --ignore --cidfile %t/jadda-jadda.ctr-id -t 10 +ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/jadda-jadda.ctr-id +PIDFile=%t/jadda-jadda.pid +Type=forking + +[Install] +WantedBy=multi-user.target default.target +` tests := []struct { name string info containerInfo @@ -647,6 +671,22 @@ WantedBy=multi-user.target default.target true, false, }, + {"good with special chars", + containerInfo{ + Executable: "/usr/bin/podman", + ServiceName: "jadda-jadda", + ContainerNameOrID: "jadda-jadda", + RestartPolicy: "always", + PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", + StopTimeout: 10, + PodmanVersion: "CI", + CreateCommand: []string{"I'll get stripped", "create", "--name", "test", "awesome-image:latest", "sh", "-c", "kill $$ && echo %\\"}, + EnvVariable: EnvVariable, + }, + goodNewWithSpecialChars, + true, + false, + }, } for _, tt := range tests { test := tt diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go index c7e3aa955..d6ede19af 100644 --- a/pkg/systemd/generate/pods.go +++ b/pkg/systemd/generate/pods.go @@ -269,7 +269,7 @@ func executePodTemplate(info *podInfo, options entities.GenerateSystemdOptions) return "", errors.Errorf("pod does not appear to be created via `podman pod create`: %v", info.CreateCommand) } podRootArgs = info.CreateCommand[1 : podCreateIndex-1] - info.RootFlags = strings.Join(quoteArguments(podRootArgs), " ") + info.RootFlags = strings.Join(escapeSystemdArguments(podRootArgs), " ") podCreateArgs = filterPodFlags(info.CreateCommand[podCreateIndex+1:]) } // We're hard-coding the first five arguments and append the @@ -306,7 +306,7 @@ func executePodTemplate(info *podInfo, options entities.GenerateSystemdOptions) } startCommand = append(startCommand, podCreateArgs...) - startCommand = quoteArguments(startCommand) + startCommand = escapeSystemdArguments(startCommand) info.ExecStartPre1 = "/bin/rm -f {{{{.PIDFile}}}} {{{{.PodIDFile}}}}" info.ExecStartPre2 = strings.Join(startCommand, " ") diff --git a/pkg/util/mountOpts.go b/pkg/util/mountOpts.go index 580aaf4f2..b3a38f286 100644 --- a/pkg/util/mountOpts.go +++ b/pkg/util/mountOpts.go @@ -86,6 +86,10 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string return nil, errors.Wrapf(ErrDupeMntOption, "the 'tmpcopyup' or 'notmpcopyup' option can only be set once") } foundCopyUp = true + case "consistency": + // Often used on MACs and mistakenly on Linux platforms. + // Since Docker ignores this option so shall we. + continue case "notmpcopyup": if !isTmpfs { return nil, errors.Wrapf(ErrBadMntOption, "the 'notmpcopyup' option is only allowed with tmpfs mounts") |