diff options
Diffstat (limited to 'pkg')
78 files changed, 2017 insertions, 450 deletions
diff --git a/pkg/api/handlers/compat/containers_attach.go b/pkg/api/handlers/compat/containers_attach.go index 80ad52aee..012e20daf 100644 --- a/pkg/api/handlers/compat/containers_attach.go +++ b/pkg/api/handlers/compat/containers_attach.go @@ -10,9 +10,14 @@ import ( "github.com/gorilla/schema" "github.com/pkg/errors" "github.com/sirupsen/logrus" - "k8s.io/client-go/tools/remotecommand" ) +// AttachHeader is the literal header sent for upgraded/hijacked connections for +// attach, sourced from Docker at: +// https://raw.githubusercontent.com/moby/moby/b95fad8e51bd064be4f4e58a996924f343846c85/api/server/router/container/container_routes.go +// Using literally to ensure compatibility with existing clients. +const AttachHeader = "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n" + func AttachContainer(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) decoder := r.Context().Value("decoder").(*schema.Decoder) @@ -89,7 +94,7 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) { return } } else if !(state == define.ContainerStateCreated || state == define.ContainerStateRunning) { - utils.InternalServerError(w, errors.Wrapf(define.ErrCtrStateInvalid, "can only attach to created or running containers")) + utils.InternalServerError(w, errors.Wrapf(define.ErrCtrStateInvalid, "can only attach to created or running containers - currently in state %s", state.String())) return } @@ -106,10 +111,7 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) { return } - // This header string sourced from Docker: - // https://raw.githubusercontent.com/moby/moby/b95fad8e51bd064be4f4e58a996924f343846c85/api/server/router/container/container_routes.go - // Using literally to ensure compatability with existing clients. - fmt.Fprintf(connection, "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: tcp\r\n\r\n") + fmt.Fprintf(connection, AttachHeader) logrus.Debugf("Hijack for attach of container %s successful", ctr.ID()) @@ -124,38 +126,3 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) { logrus.Debugf("Attach for container %s completed successfully", ctr.ID()) } - -func ResizeContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) - - query := struct { - Height uint16 `schema:"h"` - Width uint16 `schema:"w"` - }{} - if err := decoder.Decode(&query, r.URL.Query()); err != nil { - // This is not a 400, despite the fact that is should be, for - // compatibility reasons. - utils.InternalServerError(w, errors.Wrapf(err, "error parsing query options")) - return - } - - name := utils.GetName(r) - ctr, err := runtime.LookupContainer(name) - if err != nil { - utils.ContainerNotFound(w, name, err) - return - } - - newSize := remotecommand.TerminalSize{ - Width: query.Width, - Height: query.Height, - } - if err := ctr.AttachResize(newSize); err != nil { - utils.InternalServerError(w, err) - return - } - // This is not a 204, even though we write nothing, for compatibility - // reasons. - utils.WriteResponse(w, http.StatusOK, "") -} diff --git a/pkg/api/handlers/compat/containers_start.go b/pkg/api/handlers/compat/containers_start.go index 67bd287ab..cdbc8ff76 100644 --- a/pkg/api/handlers/compat/containers_start.go +++ b/pkg/api/handlers/compat/containers_start.go @@ -3,11 +3,12 @@ package compat import ( "net/http" + "github.com/sirupsen/logrus" + "github.com/containers/libpod/libpod" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/api/handlers/utils" "github.com/gorilla/schema" - "github.com/pkg/errors" ) func StartContainer(w http.ResponseWriter, r *http.Request) { @@ -23,8 +24,7 @@ func StartContainer(w http.ResponseWriter, r *http.Request) { } if len(query.DetachKeys) > 0 { // TODO - start does not support adding detach keys - utils.BadRequest(w, "detachKeys", query.DetachKeys, errors.New("the detachKeys parameter is not supported yet")) - return + logrus.Info("the detach keys parameter is not supported on start container") } runtime := r.Context().Value("runtime").(*libpod.Runtime) name := utils.GetName(r) @@ -33,7 +33,6 @@ func StartContainer(w http.ResponseWriter, r *http.Request) { utils.ContainerNotFound(w, name, err) return } - state, err := con.State() if err != nil { utils.InternalServerError(w, err) @@ -43,7 +42,7 @@ func StartContainer(w http.ResponseWriter, r *http.Request) { utils.WriteResponse(w, http.StatusNotModified, "") return } - if err := con.Start(r.Context(), false); err != nil { + if err := con.Start(r.Context(), len(con.PodID()) > 0); err != nil { utils.InternalServerError(w, err) return } diff --git a/pkg/api/handlers/compat/container_start.go b/pkg/api/handlers/compat/containers_stop.go index d26ef2c82..d26ef2c82 100644 --- a/pkg/api/handlers/compat/container_start.go +++ b/pkg/api/handlers/compat/containers_stop.go diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go index ec1a8ac96..6865a3319 100644 --- a/pkg/api/handlers/compat/exec.go +++ b/pkg/api/handlers/compat/exec.go @@ -104,4 +104,76 @@ func ExecInspectHandler(w http.ResponseWriter, r *http.Request) { } utils.WriteResponse(w, http.StatusOK, inspectOut) + + // Only for the Compat API: we want to remove sessions that were + // stopped. This is very hacky, but should suffice for now. + if !utils.IsLibpodRequest(r) && inspectOut.CanRemove { + logrus.Infof("Pruning stale exec session %s from container %s", sessionID, sessionCtr.ID()) + if err := sessionCtr.ExecRemove(sessionID, false); err != nil && errors.Cause(err) != define.ErrNoSuchExecSession { + logrus.Errorf("Error removing stale exec session %s from container %s: %v", sessionID, sessionCtr.ID(), err) + } + } +} + +// ExecStartHandler runs a given exec session. +func ExecStartHandler(w http.ResponseWriter, r *http.Request) { + runtime := r.Context().Value("runtime").(*libpod.Runtime) + + sessionID := mux.Vars(r)["id"] + + // TODO: We should read/support Tty and Detach from here. + bodyParams := new(handlers.ExecStartConfig) + + if err := json.NewDecoder(r.Body).Decode(&bodyParams); err != nil { + utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + errors.Wrapf(err, "failed to decode parameters for %s", r.URL.String())) + return + } + if bodyParams.Detach { + utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + errors.Errorf("Detached exec is not yet supported")) + return + } + // TODO: Verify TTY setting against what inspect session was made with + + sessionCtr, err := runtime.GetExecSessionContainer(sessionID) + if err != nil { + utils.Error(w, fmt.Sprintf("No such exec session: %s", sessionID), http.StatusNotFound, err) + return + } + + logrus.Debugf("Starting exec session %s of container %s", sessionID, sessionCtr.ID()) + + state, err := sessionCtr.State() + if err != nil { + utils.InternalServerError(w, err) + return + } + if state != define.ContainerStateRunning { + utils.Error(w, http.StatusText(http.StatusConflict), http.StatusConflict, errors.Errorf("cannot exec in a container that is not running; container %s is %s", sessionCtr.ID(), state.String())) + return + } + + // Hijack the connection + hijacker, ok := w.(http.Hijacker) + if !ok { + utils.InternalServerError(w, errors.Errorf("unable to hijack connection")) + return + } + + connection, buffer, err := hijacker.Hijack() + if err != nil { + utils.InternalServerError(w, errors.Wrapf(err, "error hijacking connection")) + return + } + + fmt.Fprintf(connection, AttachHeader) + + logrus.Debugf("Hijack for attach of container %s exec session %s successful", sessionCtr.ID(), sessionID) + + if err := sessionCtr.ExecHTTPStartAndAttach(sessionID, connection, buffer, nil, nil, nil); err != nil { + logrus.Errorf("Error attaching to container %s exec session %s: %v", sessionCtr.ID(), sessionID, err) + } + + logrus.Debugf("Attach for container %s exec session %s completed successfully", sessionCtr.ID(), sessionID) } diff --git a/pkg/api/handlers/compat/ping.go b/pkg/api/handlers/compat/ping.go index 6e77e270f..abee3d8e8 100644 --- a/pkg/api/handlers/compat/ping.go +++ b/pkg/api/handlers/compat/ping.go @@ -5,22 +5,22 @@ import ( "net/http" "github.com/containers/buildah" - "github.com/containers/libpod/pkg/api/handlers" + "github.com/containers/libpod/pkg/api/handlers/utils" ) // Ping returns headers to client about the service // // This handler must always be the same for the compatibility and libpod URL trees! // Clients will use the Header availability to test which backend engine is in use. +// Note: Additionally handler supports GET and HEAD methods func Ping(w http.ResponseWriter, r *http.Request) { - w.Header().Set("API-Version", handlers.DefaultApiVersion) + w.Header().Set("API-Version", utils.ApiVersion[utils.CompatTree][utils.CurrentApiVersion].String()) w.Header().Set("BuildKit-Version", "") w.Header().Set("Docker-Experimental", "true") w.Header().Set("Cache-Control", "no-cache") w.Header().Set("Pragma", "no-cache") - // API-Version and Libpod-API-Version may not always be equal - w.Header().Set("Libpod-API-Version", handlers.DefaultApiVersion) + w.Header().Set("Libpod-API-Version", utils.ApiVersion[utils.LibpodTree][utils.CurrentApiVersion].String()) w.Header().Set("Libpod-Buildha-Version", buildah.Version) w.WriteHeader(http.StatusOK) diff --git a/pkg/api/handlers/compat/resize.go b/pkg/api/handlers/compat/resize.go new file mode 100644 index 000000000..3ead733bc --- /dev/null +++ b/pkg/api/handlers/compat/resize.go @@ -0,0 +1,68 @@ +package compat + +import ( + "net/http" + "strings" + + "github.com/containers/libpod/libpod" + "github.com/containers/libpod/pkg/api/handlers/utils" + "github.com/gorilla/schema" + "github.com/pkg/errors" + "k8s.io/client-go/tools/remotecommand" +) + +func ResizeTTY(w http.ResponseWriter, r *http.Request) { + runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value("decoder").(*schema.Decoder) + + // /containers/{id}/resize + query := struct { + height uint16 `schema:"h"` + width uint16 `schema:"w"` + }{ + // override any golang type defaults + } + + if err := decoder.Decode(&query, r.URL.Query()); err != nil { + utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String())) + return + } + + sz := remotecommand.TerminalSize{ + Width: query.width, + Height: query.height, + } + + var status int + name := utils.GetName(r) + switch { + case strings.Contains(r.URL.Path, "/containers/"): + ctnr, err := runtime.LookupContainer(name) + if err != nil { + utils.ContainerNotFound(w, name, err) + return + } + if err := ctnr.AttachResize(sz); err != nil { + utils.InternalServerError(w, errors.Wrapf(err, "cannot resize container")) + return + } + // This is not a 204, even though we write nothing, for compatibility + // reasons. + status = http.StatusOK + case strings.Contains(r.URL.Path, "/exec/"): + ctnr, err := runtime.GetExecSessionContainer(name) + if err != nil { + utils.SessionNotFound(w, name, err) + return + } + if err := ctnr.ExecResize(name, sz); err != nil { + utils.InternalServerError(w, errors.Wrapf(err, "cannot resize session")) + return + } + // This is not a 204, even though we write nothing, for compatibility + // reasons. + status = http.StatusCreated + } + utils.WriteResponse(w, status, "") +} diff --git a/pkg/api/handlers/compat/version.go b/pkg/api/handlers/compat/version.go index 8786f1d5b..bfc226bb8 100644 --- a/pkg/api/handlers/compat/version.go +++ b/pkg/api/handlers/compat/version.go @@ -8,7 +8,6 @@ import ( "github.com/containers/libpod/libpod" "github.com/containers/libpod/libpod/define" - "github.com/containers/libpod/pkg/api/handlers" "github.com/containers/libpod/pkg/api/handlers/utils" "github.com/containers/libpod/pkg/domain/entities" docker "github.com/docker/docker/api/types" @@ -35,34 +34,35 @@ func VersionHandler(w http.ResponseWriter, r *http.Request) { Name: "Podman Engine", Version: versionInfo.Version, Details: map[string]string{ - "APIVersion": handlers.DefaultApiVersion, + "APIVersion": utils.ApiVersion[utils.LibpodTree][utils.CurrentApiVersion].String(), "Arch": goRuntime.GOARCH, "BuildTime": time.Unix(versionInfo.Built, 0).Format(time.RFC3339), "Experimental": "true", "GitCommit": versionInfo.GitCommit, "GoVersion": versionInfo.GoVersion, "KernelVersion": infoData.Host.Kernel, - "MinAPIVersion": handlers.MinimalApiVersion, + "MinAPIVersion": utils.ApiVersion[utils.LibpodTree][utils.MinimalApiVersion].String(), "Os": goRuntime.GOOS, }, }} - utils.WriteResponse(w, http.StatusOK, entities.ComponentVersion{Version: docker.Version{ - Platform: struct { - Name string - }{ - Name: fmt.Sprintf("%s/%s/%s-%s", goRuntime.GOOS, goRuntime.GOARCH, infoData.Host.Distribution.Distribution, infoData.Host.Distribution.Version), - }, - APIVersion: components[0].Details["APIVersion"], - Arch: components[0].Details["Arch"], - BuildTime: components[0].Details["BuildTime"], - Components: components, - Experimental: true, - GitCommit: components[0].Details["GitCommit"], - GoVersion: components[0].Details["GoVersion"], - KernelVersion: components[0].Details["KernelVersion"], - MinAPIVersion: components[0].Details["MinAPIVersion"], - Os: components[0].Details["Os"], - Version: components[0].Version, - }}) + utils.WriteResponse(w, http.StatusOK, entities.ComponentVersion{ + Version: docker.Version{ + Platform: struct { + Name string + }{ + Name: fmt.Sprintf("%s/%s/%s-%s", goRuntime.GOOS, goRuntime.GOARCH, infoData.Host.Distribution.Distribution, infoData.Host.Distribution.Version), + }, + APIVersion: components[0].Details["APIVersion"], + Arch: components[0].Details["Arch"], + BuildTime: components[0].Details["BuildTime"], + Components: components, + Experimental: true, + GitCommit: components[0].Details["GitCommit"], + GoVersion: components[0].Details["GoVersion"], + KernelVersion: components[0].Details["KernelVersion"], + MinAPIVersion: components[0].Details["MinAPIVersion"], + Os: components[0].Details["Os"], + Version: components[0].Version, + }}) } diff --git a/pkg/api/handlers/handler.go b/pkg/api/handlers/handler.go deleted file mode 100644 index 2dd2c886b..000000000 --- a/pkg/api/handlers/handler.go +++ /dev/null @@ -1,6 +0,0 @@ -package handlers - -const ( - DefaultApiVersion = "1.40" // See https://docs.docker.com/engine/api/v1.40/ - MinimalApiVersion = "1.24" -) diff --git a/pkg/api/handlers/libpod/containers_create.go b/pkg/api/handlers/libpod/containers_create.go index 40b6cacdb..71f440bce 100644 --- a/pkg/api/handlers/libpod/containers_create.go +++ b/pkg/api/handlers/libpod/containers_create.go @@ -5,10 +5,9 @@ import ( "encoding/json" "net/http" - "github.com/containers/libpod/pkg/domain/entities" - "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/api/handlers/utils" + "github.com/containers/libpod/pkg/domain/entities" "github.com/containers/libpod/pkg/specgen" "github.com/containers/libpod/pkg/specgen/generate" "github.com/pkg/errors" diff --git a/pkg/api/handlers/libpod/healthcheck.go b/pkg/api/handlers/libpod/healthcheck.go index 6eb2ab0e3..0ca3574b7 100644 --- a/pkg/api/handlers/libpod/healthcheck.go +++ b/pkg/api/handlers/libpod/healthcheck.go @@ -4,6 +4,7 @@ import ( "net/http" "github.com/containers/libpod/libpod" + "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/api/handlers/utils" ) @@ -12,32 +13,27 @@ func RunHealthCheck(w http.ResponseWriter, r *http.Request) { name := utils.GetName(r) status, err := runtime.HealthCheck(name) if err != nil { - if status == libpod.HealthCheckContainerNotFound { + if status == define.HealthCheckContainerNotFound { utils.ContainerNotFound(w, name, err) return } - if status == libpod.HealthCheckNotDefined { + if status == define.HealthCheckNotDefined { utils.Error(w, "no healthcheck defined", http.StatusConflict, err) return } - if status == libpod.HealthCheckContainerStopped { + if status == define.HealthCheckContainerStopped { utils.Error(w, "container not running", http.StatusConflict, err) return } utils.InternalServerError(w, err) return } - ctr, err := runtime.LookupContainer(name) - if err != nil { - utils.InternalServerError(w, err) - return + hcStatus := define.HealthCheckUnhealthy + if status == define.HealthCheckSuccess { + hcStatus = define.HealthCheckHealthy } - - hcLog, err := ctr.GetHealthCheckLog() - if err != nil { - utils.InternalServerError(w, err) - return + report := define.HealthCheckResults{ + Status: hcStatus, } - - utils.WriteResponse(w, http.StatusOK, hcLog) + utils.WriteResponse(w, http.StatusOK, report) } diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 93b4564a1..1cbcfb52c 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -56,13 +56,6 @@ func ImageExists(w http.ResponseWriter, r *http.Request) { func ImageTree(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) name := utils.GetName(r) - - img, err := runtime.ImageRuntime().NewFromLocal(name) - if err != nil { - utils.Error(w, "Something went wrong.", http.StatusNotFound, errors.Wrapf(err, "Failed to find image %s", name)) - return - } - decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { WhatRequires bool `schema:"whatrequires"` @@ -74,14 +67,18 @@ func ImageTree(w http.ResponseWriter, r *http.Request) { errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } - - tree, err := img.GenerateTree(query.WhatRequires) + ir := abi.ImageEngine{Libpod: runtime} + options := entities.ImageTreeOptions{WhatRequires: query.WhatRequires} + report, err := ir.Tree(r.Context(), name, options) if err != nil { + if errors.Cause(err) == define.ErrNoSuchImage { + utils.Error(w, "Something went wrong.", http.StatusNotFound, errors.Wrapf(err, "Failed to find image %s", name)) + return + } utils.Error(w, "Server error", http.StatusInternalServerError, errors.Wrapf(err, "failed to generate image tree for %s", name)) return } - - utils.WriteResponse(w, http.StatusOK, tree) + utils.WriteResponse(w, http.StatusOK, report) } func GetImage(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/api/handlers/libpod/networks.go b/pkg/api/handlers/libpod/networks.go index e8a92e93e..7de285e5e 100644 --- a/pkg/api/handlers/libpod/networks.go +++ b/pkg/api/handlers/libpod/networks.go @@ -1,39 +1,59 @@ package libpod import ( + "encoding/json" "net/http" "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/api/handlers/utils" + "github.com/containers/libpod/pkg/domain/entities" + "github.com/containers/libpod/pkg/domain/infra/abi" "github.com/containers/libpod/pkg/network" "github.com/gorilla/schema" "github.com/pkg/errors" ) -func CreateNetwork(w http.ResponseWriter, r *http.Request) {} -func ListNetworks(w http.ResponseWriter, r *http.Request) { +func CreateNetwork(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) - config, err := runtime.GetConfig() + decoder := r.Context().Value("decoder").(*schema.Decoder) + options := entities.NetworkCreateOptions{} + if err := json.NewDecoder(r.Body).Decode(&options); err != nil { + utils.Error(w, "unable to marshall input", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) + return + } + query := struct { + Name string `schema:"name"` + }{ + // override any golang type defaults + } + if err := decoder.Decode(&query, r.URL.Query()); err != nil { + utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + errors.Wrapf(err, "Failed to parse parameters for %s", r.URL.String())) + return + } + ic := abi.ContainerEngine{Libpod: runtime} + report, err := ic.NetworkCreate(r.Context(), query.Name, options) if err != nil { utils.InternalServerError(w, err) return } - configDir := config.Network.NetworkConfigDir - if len(configDir) < 1 { - configDir = network.CNIConfigDir - } - networks, err := network.LoadCNIConfsFromDir(configDir) + utils.WriteResponse(w, http.StatusOK, report) + +} +func ListNetworks(w http.ResponseWriter, r *http.Request) { + runtime := r.Context().Value("runtime").(*libpod.Runtime) + options := entities.NetworkListOptions{} + ic := abi.ContainerEngine{Libpod: runtime} + reports, err := ic.NetworkList(r.Context(), options) if err != nil { utils.InternalServerError(w, err) return } - utils.WriteResponse(w, http.StatusOK, networks) + utils.WriteResponse(w, http.StatusOK, reports) } func RemoveNetwork(w http.ResponseWriter, r *http.Request) { - // 200 ok - // 404 no such - // 500 internal + runtime := r.Context().Value("runtime").(*libpod.Runtime) decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { Force bool `schema:"force"` @@ -46,22 +66,30 @@ func RemoveNetwork(w http.ResponseWriter, r *http.Request) { return } name := utils.GetName(r) - if err := network.RemoveNetwork(name); err != nil { + + options := entities.NetworkRmOptions{ + Force: query.Force, + } + ic := abi.ContainerEngine{Libpod: runtime} + reports, err := ic.NetworkRm(r.Context(), []string{name}, options) + if err != nil { + utils.InternalServerError(w, err) + return + } + if reports[0].Err != nil { // If the network cannot be found, we return a 404. if errors.Cause(err) == network.ErrNetworkNotFound { utils.Error(w, "Something went wrong", http.StatusNotFound, err) return } - utils.InternalServerError(w, err) - return } - utils.WriteResponse(w, http.StatusOK, "") + utils.WriteResponse(w, http.StatusOK, reports) } func InspectNetwork(w http.ResponseWriter, r *http.Request) { + runtime := r.Context().Value("runtime").(*libpod.Runtime) decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { - Force bool `schema:"force"` }{ // override any golang type defaults } @@ -71,7 +99,9 @@ func InspectNetwork(w http.ResponseWriter, r *http.Request) { return } name := utils.GetName(r) - n, err := network.InspectNetwork(name) + options := entities.NetworkInspectOptions{} + ic := abi.ContainerEngine{Libpod: runtime} + reports, err := ic.NetworkInspect(r.Context(), []string{name}, options) if err != nil { // If the network cannot be found, we return a 404. if errors.Cause(err) == network.ErrNetworkNotFound { @@ -81,5 +111,5 @@ func InspectNetwork(w http.ResponseWriter, r *http.Request) { utils.InternalServerError(w, err) return } - utils.WriteResponse(w, http.StatusOK, n) + utils.WriteResponse(w, http.StatusOK, reports) } diff --git a/pkg/api/handlers/libpod/swagger.go b/pkg/api/handlers/libpod/swagger.go index 46426eb6b..057fbfb41 100644 --- a/pkg/api/handlers/libpod/swagger.go +++ b/pkg/api/handlers/libpod/swagger.go @@ -91,6 +91,34 @@ type swagInfoResponse struct { Body define.Info } +// Network rm +// swagger:response NetworkRmReport +type swagNetworkRmReport struct { + // in:body + Body entities.NetworkRmReport +} + +// Network inspect +// swagger:response NetworkInspectReport +type swagNetworkInspectReport struct { + // in:body + Body []entities.NetworkInspectReport +} + +// Network list +// swagger:response NetworkListReport +type swagNetworkListReport struct { + // in:body + Body []entities.NetworkListReport +} + +// Network create +// swagger:response NetworkCreateReport +type swagNetworkCreateReport struct { + // in:body + Body entities.NetworkCreateReport +} + func ServeSwagger(w http.ResponseWriter, r *http.Request) { path := DefaultPodmanSwaggerSpec if p, found := os.LookupEnv("PODMAN_SWAGGER_SPEC"); found { diff --git a/pkg/api/handlers/libpod/system.go b/pkg/api/handlers/libpod/system.go index 98e33bf10..81ed37b4a 100644 --- a/pkg/api/handlers/libpod/system.go +++ b/pkg/api/handlers/libpod/system.go @@ -7,6 +7,7 @@ import ( "github.com/containers/libpod/pkg/api/handlers/compat" "github.com/containers/libpod/pkg/api/handlers/utils" "github.com/containers/libpod/pkg/domain/entities" + "github.com/containers/libpod/pkg/domain/infra/abi" "github.com/gorilla/schema" "github.com/pkg/errors" ) @@ -69,3 +70,25 @@ func SystemPrune(w http.ResponseWriter, r *http.Request) { } utils.WriteResponse(w, http.StatusOK, systemPruneReport) } + +// SystemReset Resets podman storage back to default state +func SystemReset(w http.ResponseWriter, r *http.Request) { + err := r.Context().Value("runtime").(*libpod.Runtime).Reset(r.Context()) + if err != nil { + utils.InternalServerError(w, err) + return + } + utils.WriteResponse(w, http.StatusOK, nil) +} + +func DiskUsage(w http.ResponseWriter, r *http.Request) { + // Options are only used by the CLI + options := entities.SystemDfOptions{} + runtime := r.Context().Value("runtime").(*libpod.Runtime) + ic := abi.ContainerEngine{Libpod: runtime} + response, err := ic.SystemDf(r.Context(), options) + if err != nil { + utils.InternalServerError(w, err) + } + utils.WriteResponse(w, http.StatusOK, response) +} diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go index 2075d29df..d8cdd9caf 100644 --- a/pkg/api/handlers/types.go +++ b/pkg/api/handlers/types.go @@ -170,6 +170,11 @@ type ExecCreateResponse struct { docker.IDResponse } +type ExecStartConfig struct { + Detach bool `json:"Detach"` + Tty bool `json:"Tty"` +} + func ImageToImageSummary(l *libpodImage.Image) (*entities.ImageSummary, error) { containers, err := l.Containers() if err != nil { diff --git a/pkg/api/handlers/utils/errors.go b/pkg/api/handlers/utils/errors.go index 3253a9be3..c17720694 100644 --- a/pkg/api/handlers/utils/errors.go +++ b/pkg/api/handlers/utils/errors.go @@ -63,6 +63,14 @@ func PodNotFound(w http.ResponseWriter, name string, err error) { Error(w, msg, http.StatusNotFound, err) } +func SessionNotFound(w http.ResponseWriter, name string, err error) { + if errors.Cause(err) != define.ErrNoSuchExecSession { + InternalServerError(w, err) + } + msg := fmt.Sprintf("No such exec session: %s", name) + Error(w, msg, http.StatusNotFound, err) +} + func ContainerNotRunning(w http.ResponseWriter, containerID string, err error) { msg := fmt.Sprintf("Container %s is not running", containerID) Error(w, msg, http.StatusConflict, err) diff --git a/pkg/api/handlers/utils/handler.go b/pkg/api/handlers/utils/handler.go index b5bd488fb..2f4a54b98 100644 --- a/pkg/api/handlers/utils/handler.go +++ b/pkg/api/handlers/utils/handler.go @@ -9,11 +9,55 @@ import ( "os" "strings" + "github.com/blang/semver" "github.com/gorilla/mux" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) +type ( + // VersionTree determines which API endpoint tree for version + VersionTree int + // VersionLevel determines which API level, current or something from the past + VersionLevel int +) + +const ( + // LibpodTree supports Libpod endpoints + LibpodTree = VersionTree(iota) + // CompatTree supports Libpod endpoints + CompatTree + + // CurrentApiVersion announces what is the current API level + CurrentApiVersion = VersionLevel(iota) + // MinimalApiVersion announces what is the oldest API level supported + MinimalApiVersion +) + +var ( + // See https://docs.docker.com/engine/api/v1.40/ + // libpod compat handlers are expected to honor docker API versions + + // ApiVersion provides the current and minimal API versions for compat and libpod endpoint trees + // Note: GET|HEAD /_ping is never versioned and provides the API-Version and Libpod-API-Version headers to allow + // clients to shop for the Version they wish to support + ApiVersion = map[VersionTree]map[VersionLevel]semver.Version{ + LibpodTree: { + CurrentApiVersion: semver.MustParse("1.0.0"), + MinimalApiVersion: semver.MustParse("1.0.0"), + }, + CompatTree: { + CurrentApiVersion: semver.MustParse("1.40.0"), + MinimalApiVersion: semver.MustParse("1.24.0"), + }, + } + + // ErrVersionNotGiven returned when version not given by client + ErrVersionNotGiven = errors.New("version not given in URL path") + // ErrVersionNotSupported returned when given version is too old + ErrVersionNotSupported = errors.New("given version is not supported") +) + // IsLibpodRequest returns true if the request related to a libpod endpoint // (e.g., /v2/libpod/...). func IsLibpodRequest(r *http.Request) bool { @@ -21,6 +65,48 @@ func IsLibpodRequest(r *http.Request) bool { return len(split) >= 3 && split[2] == "libpod" } +// SupportedVersion validates that the version provided by client is included in the given condition +// https://github.com/blang/semver#ranges provides the details for writing conditions +// If a version is not given in URL path, ErrVersionNotGiven is returned +func SupportedVersion(r *http.Request, condition string) (semver.Version, error) { + version := semver.Version{} + val, ok := mux.Vars(r)["version"] + if !ok { + return version, ErrVersionNotGiven + } + safeVal, err := url.PathUnescape(val) + if err != nil { + return version, errors.Wrapf(err, "unable to unescape given API version: %q", val) + } + version, err = semver.ParseTolerant(safeVal) + if err != nil { + return version, errors.Wrapf(err, "unable to parse given API version: %q from %q", safeVal, val) + } + + inRange, err := semver.ParseRange(condition) + if err != nil { + return version, err + } + + if inRange(version) { + return version, nil + } + return version, ErrVersionNotSupported +} + +// SupportedVersionWithDefaults validates that the version provided by client valid is supported by server +// minimal API version <= client path version <= maximum API version focused on the endpoint tree from URL +func SupportedVersionWithDefaults(r *http.Request) (semver.Version, error) { + tree := CompatTree + if IsLibpodRequest(r) { + tree = LibpodTree + } + + return SupportedVersion(r, + fmt.Sprintf(">=%s <=%s", ApiVersion[tree][MinimalApiVersion].String(), + ApiVersion[tree][CurrentApiVersion].String())) +} + // WriteResponse encodes the given value as JSON or string and renders it for http client func WriteResponse(w http.ResponseWriter, code int, value interface{}) { // RFC2616 explicitly states that the following status codes "MUST NOT diff --git a/pkg/api/handlers/utils/handler_test.go b/pkg/api/handlers/utils/handler_test.go new file mode 100644 index 000000000..6009432b5 --- /dev/null +++ b/pkg/api/handlers/utils/handler_test.go @@ -0,0 +1,139 @@ +package utils + +import ( + "errors" + "fmt" + "net/http" + "net/http/httptest" + "testing" + + "github.com/gorilla/mux" +) + +func TestSupportedVersion(t *testing.T) { + req, err := http.NewRequest("GET", + fmt.Sprintf("/v%s/libpod/testing/versions", ApiVersion[LibpodTree][CurrentApiVersion]), + nil) + if err != nil { + t.Fatal(err) + } + req = mux.SetURLVars(req, map[string]string{"version": ApiVersion[LibpodTree][CurrentApiVersion].String()}) + + rr := httptest.NewRecorder() + handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + _, err := SupportedVersionWithDefaults(r) + switch { + case errors.Is(err, ErrVersionNotGiven): // for compat endpoints version optional + w.WriteHeader(http.StatusInternalServerError) + fmt.Fprint(w, err.Error()) + case errors.Is(err, ErrVersionNotSupported): // version given but not supported + w.WriteHeader(http.StatusBadRequest) + fmt.Fprint(w, err.Error()) + case err != nil: + w.WriteHeader(http.StatusInternalServerError) + fmt.Fprint(w, err.Error()) + default: // all good + w.WriteHeader(http.StatusOK) + fmt.Fprint(w, "OK") + } + }) + handler.ServeHTTP(rr, req) + + if status := rr.Code; status != http.StatusOK { + t.Errorf("handler returned wrong status code: got %v want %v", + status, http.StatusOK) + } + + // Check the response body is what we expect. + expected := `OK` + if rr.Body.String() != expected { + t.Errorf("handler returned unexpected body: got %q want %q", + rr.Body.String(), expected) + } +} + +func TestUnsupportedVersion(t *testing.T) { + version := "999.999.999" + req, err := http.NewRequest("GET", + fmt.Sprintf("/v%s/libpod/testing/versions", version), + nil) + if err != nil { + t.Fatal(err) + } + req = mux.SetURLVars(req, map[string]string{"version": version}) + + rr := httptest.NewRecorder() + handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + _, err := SupportedVersionWithDefaults(r) + switch { + case errors.Is(err, ErrVersionNotGiven): // for compat endpoints version optional + w.WriteHeader(http.StatusInternalServerError) + fmt.Fprint(w, err.Error()) + case errors.Is(err, ErrVersionNotSupported): // version given but not supported + w.WriteHeader(http.StatusBadRequest) + fmt.Fprint(w, err.Error()) + case err != nil: + w.WriteHeader(http.StatusInternalServerError) + fmt.Fprint(w, err.Error()) + default: // all good + w.WriteHeader(http.StatusOK) + fmt.Fprint(w, "OK") + } + }) + handler.ServeHTTP(rr, req) + + if status := rr.Code; status != http.StatusBadRequest { + t.Errorf("handler returned wrong status code: got %v want %v", + status, http.StatusBadRequest) + } + + // Check the response body is what we expect. + expected := ErrVersionNotSupported.Error() + if rr.Body.String() != expected { + t.Errorf("handler returned unexpected body: got %q want %q", + rr.Body.String(), expected) + } +} + +func TestEqualVersion(t *testing.T) { + version := "1.30.0" + req, err := http.NewRequest("GET", + fmt.Sprintf("/v%s/libpod/testing/versions", version), + nil) + if err != nil { + t.Fatal(err) + } + req = mux.SetURLVars(req, map[string]string{"version": version}) + + rr := httptest.NewRecorder() + handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + _, err := SupportedVersion(r, "=="+version) + switch { + case errors.Is(err, ErrVersionNotGiven): // for compat endpoints version optional + w.WriteHeader(http.StatusInternalServerError) + fmt.Fprint(w, err.Error()) + case errors.Is(err, ErrVersionNotSupported): // version given but not supported + w.WriteHeader(http.StatusBadRequest) + fmt.Fprint(w, err.Error()) + case err != nil: + w.WriteHeader(http.StatusInternalServerError) + fmt.Fprint(w, err.Error()) + default: // all good + w.WriteHeader(http.StatusOK) + fmt.Fprint(w, "OK") + } + }) + handler.ServeHTTP(rr, req) + + if status := rr.Code; status != http.StatusOK { + t.Errorf("handler returned wrong status code: got %v want %v", + status, http.StatusOK) + } + + // Check the response body is what we expect. + expected := http.StatusText(http.StatusOK) + if rr.Body.String() != expected { + t.Errorf("handler returned unexpected body: got %q want %q", + rr.Body.String(), expected) + } +} diff --git a/pkg/api/handlers/utils/images.go b/pkg/api/handlers/utils/images.go index 1c67de9db..7fb31a177 100644 --- a/pkg/api/handlers/utils/images.go +++ b/pkg/api/handlers/utils/images.go @@ -62,7 +62,6 @@ func GetImages(w http.ResponseWriter, r *http.Request) ([]*image.Image, error) { }{ // This is where you can override the golang default value for one of fields } - // TODO I think all is implemented with a filter? if err := decoder.Decode(&query, r.URL.Query()); err != nil { return nil, err @@ -71,6 +70,10 @@ func GetImages(w http.ResponseWriter, r *http.Request) ([]*image.Image, error) { if _, found := r.URL.Query()["digests"]; found && query.Digests { UnSupportedParameter("digests") } + var ( + images []*image.Image + err error + ) if len(query.Filters) > 0 { for k, v := range query.Filters { @@ -78,11 +81,33 @@ func GetImages(w http.ResponseWriter, r *http.Request) ([]*image.Image, error) { filters = append(filters, fmt.Sprintf("%s=%s", k, val)) } } - return runtime.ImageRuntime().GetImagesWithFilters(filters) + images, err = runtime.ImageRuntime().GetImagesWithFilters(filters) + if err != nil { + return images, err + } } else { - return runtime.ImageRuntime().GetImages() + images, err = runtime.ImageRuntime().GetImages() + if err != nil { + return images, err + } } - + if query.All { + return images, nil + } + var returnImages []*image.Image + for _, img := range images { + if len(img.Names()) == 0 { + parent, err := img.IsParent(r.Context()) + if err != nil { + return nil, err + } + if parent { + continue + } + } + returnImages = append(returnImages, img) + } + return returnImages, nil } func GetImage(r *http.Request, name string) (*image.Image, error) { diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index 378d1e06c..0d78e4cdb 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -584,9 +584,9 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // $ref: "#/responses/NoSuchContainer" // 500: // $ref: "#/responses/InternalError" - r.HandleFunc(VersionedPath("/containers/{name}/resize"), s.APIHandler(compat.ResizeContainer)).Methods(http.MethodPost) + r.HandleFunc(VersionedPath("/containers/{name}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost) // Added non version path to URI to support docker non versioned paths - r.HandleFunc("/containers/{name}/resize", s.APIHandler(compat.ResizeContainer)).Methods(http.MethodPost) + r.HandleFunc("/containers/{name}/resize", s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost) // swagger:operation GET /containers/{name}/export compat exportContainer // --- // tags: @@ -1259,7 +1259,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // $ref: "#/responses/NoSuchContainer" // 500: // $ref: "#/responses/InternalError" - r.HandleFunc(VersionedPath("/libpod/containers/{name}/resize"), s.APIHandler(compat.ResizeContainer)).Methods(http.MethodPost) + r.HandleFunc(VersionedPath("/libpod/containers/{name}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost) // swagger:operation GET /libpod/containers/{name}/export libpod libpodExportContainer // --- // tags: diff --git a/pkg/api/server/register_exec.go b/pkg/api/server/register_exec.go index 71fb50307..1533edba9 100644 --- a/pkg/api/server/register_exec.go +++ b/pkg/api/server/register_exec.go @@ -97,10 +97,10 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error { // properties: // Detach: // type: boolean - // description: Detach from the command + // description: Detach from the command. Not presently supported. // Tty: // type: boolean - // description: Allocate a pseudo-TTY + // description: Allocate a pseudo-TTY. Presently ignored. // produces: // - application/json // responses: @@ -109,12 +109,12 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error { // 404: // $ref: "#/responses/NoSuchExecInstance" // 409: - // description: container is stopped or paused + // description: container is not running // 500: // $ref: "#/responses/InternalError" - r.Handle(VersionedPath("/exec/{id}/start"), s.APIHandler(compat.UnsupportedHandler)).Methods(http.MethodPost) + r.Handle(VersionedPath("/exec/{id}/start"), s.APIHandler(compat.ExecStartHandler)).Methods(http.MethodPost) // Added non version path to URI to support docker non versioned paths - r.Handle("/exec/{id}/start", s.APIHandler(compat.UnsupportedHandler)).Methods(http.MethodPost) + r.Handle("/exec/{id}/start", s.APIHandler(compat.ExecStartHandler)).Methods(http.MethodPost) // swagger:operation POST /exec/{id}/resize compat resizeExec // --- // tags: @@ -145,15 +145,15 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error { // $ref: "#/responses/NoSuchExecInstance" // 500: // $ref: "#/responses/InternalError" - r.Handle(VersionedPath("/exec/{id}/resize"), s.APIHandler(compat.UnsupportedHandler)).Methods(http.MethodPost) + r.Handle(VersionedPath("/exec/{id}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost) // Added non version path to URI to support docker non versioned paths - r.Handle("/exec/{id}/resize", s.APIHandler(compat.UnsupportedHandler)).Methods(http.MethodPost) + r.Handle("/exec/{id}/resize", s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost) // swagger:operation GET /exec/{id}/json compat inspectExec // --- // tags: // - exec (compat) // summary: Inspect an exec instance - // description: Return low-level information about an exec instance. + // description: Return low-level information about an exec instance. Stale (stopped) exec sessions will be auto-removed after inspect runs. // parameters: // - in: path // name: id @@ -264,10 +264,10 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error { // properties: // Detach: // type: boolean - // description: Detach from the command + // description: Detach from the command. Not presently supported. // Tty: // type: boolean - // description: Allocate a pseudo-TTY + // description: Allocate a pseudo-TTY. Presently ignored. // produces: // - application/json // responses: @@ -276,10 +276,10 @@ func (s *APIServer) registerExecHandlers(r *mux.Router) error { // 404: // $ref: "#/responses/NoSuchExecInstance" // 409: - // description: container is stopped or paused + // description: container is not running. // 500: // $ref: "#/responses/InternalError" - r.Handle(VersionedPath("/libpod/exec/{id}/start"), s.APIHandler(compat.UnsupportedHandler)).Methods(http.MethodPost) + r.Handle(VersionedPath("/libpod/exec/{id}/start"), s.APIHandler(compat.ExecStartHandler)).Methods(http.MethodPost) // swagger:operation POST /libpod/exec/{id}/resize libpod libpodResizeExec // --- // tags: diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go index 0e8d68b7e..01854b9c4 100644 --- a/pkg/api/server/register_images.go +++ b/pkg/api/server/register_images.go @@ -698,7 +698,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // responses: // 200: // $ref: '#/responses/LibpodImageTreeResponse' - // 401: + // 404: // $ref: '#/responses/NoSuchImage' // 500: // $ref: '#/responses/InternalError' @@ -854,7 +854,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // 500: // $ref: '#/responses/InternalError' r.Handle(VersionedPath("/libpod/images/remove"), s.APIHandler(libpod.ImagesBatchRemove)).Methods(http.MethodDelete) - // swagger:operation DELETE /libpod/images/{name:.*}/remove libpod libpodRemoveImage + // swagger:operation DELETE /libpod/images/{name:.*} libpod libpodRemoveImage // --- // tags: // - images @@ -883,7 +883,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // $ref: '#/responses/ConflictError' // 500: // $ref: '#/responses/InternalError' - r.Handle(VersionedPath("/libpod/images/{name:.*}/remove"), s.APIHandler(libpod.ImagesRemove)).Methods(http.MethodDelete) + r.Handle(VersionedPath("/libpod/images/{name:.*}"), s.APIHandler(libpod.ImagesRemove)).Methods(http.MethodDelete) // swagger:operation POST /libpod/images/pull libpod libpodImagesPull // --- // tags: diff --git a/pkg/api/server/register_networks.go b/pkg/api/server/register_networks.go new file mode 100644 index 000000000..b1189c1f4 --- /dev/null +++ b/pkg/api/server/register_networks.go @@ -0,0 +1,100 @@ +package server + +import ( + "net/http" + + "github.com/containers/libpod/pkg/api/handlers/libpod" + "github.com/gorilla/mux" +) + +func (s *APIServer) registerNetworkHandlers(r *mux.Router) error { + // swagger:operation DELETE /libpod/networks/{name} libpod libpodRemoveNetwork + // --- + // tags: + // - networks + // summary: Remove a network + // description: Remove a CNI configured network + // parameters: + // - in: path + // name: name + // type: string + // required: true + // description: the name of the network + // - in: query + // name: Force + // type: boolean + // description: remove containers associated with network + // produces: + // - application/json + // responses: + // 200: + // $ref: "#/responses/NetworkRmReport" + // 404: + // $ref: "#/responses/NoSuchNetwork" + // 500: + // $ref: "#/responses/InternalError" + r.HandleFunc(VersionedPath("/libpod/networks/{name}"), s.APIHandler(libpod.RemoveNetwork)).Methods(http.MethodDelete) + // swagger:operation GET /libpod/networks/{name}/json libpod libpodInspectNetwork + // --- + // tags: + // - networks + // summary: Inspect a network + // description: Display low level configuration for a CNI network + // parameters: + // - in: path + // name: name + // type: string + // required: true + // description: the name of the network + // produces: + // - application/json + // responses: + // 200: + // $ref: "#/responses/NetworkInspectReport" + // 404: + // $ref: "#/responses/NoSuchNetwork" + // 500: + // $ref: "#/responses/InternalError" + r.HandleFunc(VersionedPath("/libpod/networks/{name}/json"), s.APIHandler(libpod.InspectNetwork)).Methods(http.MethodGet) + // swagger:operation GET /libpod/networks/json libpod libpodListNetwork + // --- + // tags: + // - networks + // summary: List networks + // description: Display summary of network configurations + // produces: + // - application/json + // responses: + // 200: + // $ref: "#/responses/NetworkListReport" + // 500: + // $ref: "#/responses/InternalError" + r.HandleFunc(VersionedPath("/libpod/networks/json"), s.APIHandler(libpod.ListNetworks)).Methods(http.MethodGet) + // swagger:operation POST /libpod/networks/create libpod libpodCreateNetwork + // --- + // tags: + // - networks + // summary: Create network + // description: Create a new CNI network configuration + // produces: + // - application/json + // parameters: + // - in: query + // name: name + // type: string + // description: optional name for new network + // - in: body + // name: create + // description: attributes for creating a container + // schema: + // $ref: "#/definitions/NetworkCreateOptions" + // responses: + // 200: + // $ref: "#/responses/NetworkCreateReport" + // 400: + // $ref: "#/responses/BadParamError" + // 500: + // $ref: "#/responses/InternalError" + r.HandleFunc(VersionedPath("/libpod/networks/create"), s.APIHandler(libpod.CreateNetwork)).Methods(http.MethodPost) + return nil +} diff --git a/pkg/api/server/register_system.go b/pkg/api/server/register_system.go index 7375a75c1..8a942a888 100644 --- a/pkg/api/server/register_system.go +++ b/pkg/api/server/register_system.go @@ -12,7 +12,7 @@ func (s *APIServer) registerSystemHandlers(r *mux.Router) error { r.Handle(VersionedPath("/system/df"), s.APIHandler(compat.GetDiskUsage)).Methods(http.MethodGet) // Added non version path to URI to support docker non versioned paths r.Handle("/system/df", s.APIHandler(compat.GetDiskUsage)).Methods(http.MethodGet) - // Swagger:operation POST /libpod/system/prune libpod pruneSystem + // swagger:operation POST /libpod/system/prune libpod pruneSystem // --- // tags: // - system @@ -27,6 +27,33 @@ func (s *APIServer) registerSystemHandlers(r *mux.Router) error { // 500: // $ref: "#/responses/InternalError" r.Handle(VersionedPath("/libpod/system/prune"), s.APIHandler(libpod.SystemPrune)).Methods(http.MethodPost) - + // swagger:operation POST /libpod/system/reset libpod resetSystem + // --- + // tags: + // - system + // summary: Reset podman storage + // description: All containers will be stopped and removed, and all images, volumes and container content will be removed. + // produces: + // - application/json + // responses: + // 200: + // description: no error + // 500: + // $ref: "#/responses/InternalError" + r.Handle(VersionedPath("/libpod/system/reset"), s.APIHandler(libpod.SystemReset)).Methods(http.MethodPost) + // swagger:operation GET /libpod/system/df libpod df + // --- + // tags: + // - system + // summary: Show disk usage + // description: Return information about disk usage for containers, images, and volumes + // produces: + // - application/json + // responses: + // 200: + // $ref: '#/responses/SystemDiskUse' + // 500: + // $ref: "#/responses/InternalError" + r.Handle(VersionedPath("/libpod/system/df"), s.APIHandler(libpod.DiskUsage)).Methods(http.MethodGet) return nil } diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go index a6c5d8e1e..d39528f45 100644 --- a/pkg/api/server/server.go +++ b/pkg/api/server/server.go @@ -104,6 +104,7 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li server.registerInfoHandlers, server.registerManifestHandlers, server.registerMonitorHandlers, + server.registerNetworkHandlers, server.registerPingHandlers, server.registerPlayHandlers, server.registerPluginsHandlers, diff --git a/pkg/api/server/swagger.go b/pkg/api/server/swagger.go index e47f2cc2f..ebd99ba27 100644 --- a/pkg/api/server/swagger.go +++ b/pkg/api/server/swagger.go @@ -24,6 +24,15 @@ type swagErrNoSuchContainer struct { } } +// No such network +// swagger:response NoSuchNetwork +type swagErrNoSuchNetwork struct { + // in:body + Body struct { + entities.ErrorModel + } +} + // No such exec instance // swagger:response NoSuchExecInstance type swagErrNoSuchExecInstance struct { @@ -190,3 +199,21 @@ type swagVersion struct { entities.SystemVersionReport } } + +// Disk usage +// swagger:response SystemDiskUse +type swagDiskUseResponse struct { + // in:body + Body struct { + entities.SystemDfReport + } +} + +// Prune report +// swagger:response SystemPruneReport +type swagSystemPruneReport struct { + // in:body + Body struct { + entities.SystemPruneReport + } +} diff --git a/pkg/api/tags.yaml b/pkg/api/tags.yaml index 5b5d9f5bb..1ffb5e940 100644 --- a/pkg/api/tags.yaml +++ b/pkg/api/tags.yaml @@ -5,9 +5,11 @@ tags: description: Actions related to exec - name: images description: Actions related to images - - name: pods - description: Actions related to manifests - name: manifests + description: Actions related to manifests + - name: networks + description: Actions related to networks + - name: pods description: Actions related to pods - name: volumes description: Actions related to volumes diff --git a/pkg/autoupdate/autoupdate.go b/pkg/autoupdate/autoupdate.go index 78d5ac474..eca5c342c 100644 --- a/pkg/autoupdate/autoupdate.go +++ b/pkg/autoupdate/autoupdate.go @@ -23,6 +23,10 @@ import ( // container labels. const Label = "io.containers.autoupdate" +// Label denotes the container label key to specify authfile in +// container labels. +const AuthfileLabel = "io.containers.autoupdate.authfile" + // Policy represents an auto-update policy. type Policy string @@ -63,6 +67,12 @@ func LookupPolicy(s string) (Policy, error) { return "", errors.Errorf("invalid auto-update policy %q: valid policies are %+q", s, keys) } +// Options include parameters for auto updates. +type Options struct { + // Authfile to use when contacting registries. + Authfile string +} + // ValidateImageReference checks if the specified imageName is a fully-qualified // image reference to the docker transport (without digest). Such a reference // includes a domain, name and tag (e.g., quay.io/podman/stable:latest). The @@ -96,7 +106,7 @@ func ValidateImageReference(imageName string) error { // // It returns a slice of successfully restarted systemd units and a slice of // errors encountered during auto update. -func AutoUpdate(runtime *libpod.Runtime) ([]string, []error) { +func AutoUpdate(runtime *libpod.Runtime, options Options) ([]string, []error) { // Create a map from `image ID -> []*Container`. containerMap, errs := imageContainersMap(runtime) if len(containerMap) == 0 { @@ -138,7 +148,12 @@ func AutoUpdate(runtime *libpod.Runtime) ([]string, []error) { if rawImageName == "" { errs = append(errs, errors.Errorf("error auto-updating container %q: raw-image name is empty", ctr.ID())) } - needsUpdate, err := newerImageAvailable(runtime, image, rawImageName) + labels := ctr.Labels() + authFilePath, exists := labels[AuthfileLabel] + if exists { + options.Authfile = authFilePath + } + needsUpdate, err := newerImageAvailable(runtime, image, rawImageName, options) if err != nil { errs = append(errs, errors.Wrapf(err, "error auto-updating container %q: image check for %q failed", ctr.ID(), rawImageName)) continue @@ -148,7 +163,7 @@ func AutoUpdate(runtime *libpod.Runtime) ([]string, []error) { } logrus.Infof("Auto-updating container %q using image %q", ctr.ID(), rawImageName) if _, updated := updatedRawImages[rawImageName]; !updated { - _, err = updateImage(runtime, rawImageName) + _, err = updateImage(runtime, rawImageName, options) if err != nil { errs = append(errs, errors.Wrapf(err, "error auto-updating container %q: image update for %q failed", ctr.ID(), rawImageName)) continue @@ -230,13 +245,15 @@ func imageContainersMap(runtime *libpod.Runtime) (map[string][]*libpod.Container // newerImageAvailable returns true if there corresponding image on the remote // registry is newer. -func newerImageAvailable(runtime *libpod.Runtime, img *image.Image, origName string) (bool, error) { +func newerImageAvailable(runtime *libpod.Runtime, img *image.Image, origName string, options Options) (bool, error) { remoteRef, err := docker.ParseReference("//" + origName) if err != nil { return false, err } - remoteImg, err := remoteRef.NewImage(context.Background(), runtime.SystemContext()) + sys := runtime.SystemContext() + sys.AuthFilePath = options.Authfile + remoteImg, err := remoteRef.NewImage(context.Background(), sys) if err != nil { return false, err } @@ -255,25 +272,22 @@ func newerImageAvailable(runtime *libpod.Runtime, img *image.Image, origName str } // updateImage pulls the specified image. -func updateImage(runtime *libpod.Runtime, name string) (*image.Image, error) { +func updateImage(runtime *libpod.Runtime, name string, options Options) (*image.Image, error) { sys := runtime.SystemContext() registryOpts := image.DockerRegistryOptions{} signaturePolicyPath := "" - authFilePath := "" if sys != nil { registryOpts.OSChoice = sys.OSChoice registryOpts.ArchitectureChoice = sys.OSChoice registryOpts.DockerCertPath = sys.DockerCertPath - signaturePolicyPath = sys.SignaturePolicyPath - authFilePath = sys.AuthFilePath } newImage, err := runtime.ImageRuntime().New(context.Background(), docker.Transport.Name()+"://"+name, signaturePolicyPath, - authFilePath, + options.Authfile, os.Stderr, ®istryOpts, image.SigningOptions{}, diff --git a/pkg/bindings/bindings.go b/pkg/bindings/bindings.go index 4b07847d1..7e2a444bd 100644 --- a/pkg/bindings/bindings.go +++ b/pkg/bindings/bindings.go @@ -8,11 +8,20 @@ package bindings +import ( + "github.com/blang/semver" +) + var ( // PTrue is a convenience variable that can be used in bindings where // a pointer to a bool (optional parameter) is required. - PTrue bool = true + pTrue = true + PTrue = &pTrue // PFalse is a convenience variable that can be used in bindings where // a pointer to a bool (optional parameter) is required. - PFalse bool = false + pFalse = false + PFalse = &pFalse + + // _*YES*- podman will fail to run if this value is wrong + APIVersion = semver.MustParse("1.0.0") ) diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go index da3755fc8..d21d55beb 100644 --- a/pkg/bindings/connection.go +++ b/pkg/bindings/connection.go @@ -15,6 +15,7 @@ import ( "strings" "time" + "github.com/blang/semver" "github.com/containers/libpod/pkg/api/types" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" @@ -39,6 +40,7 @@ type APIResponse struct { type Connection struct { _url *url.URL client *http.Client + conn *net.Conn } type valueKey string @@ -88,26 +90,26 @@ func NewConnection(ctx context.Context, uri string, identity ...string) (context } // Now we setup the http client to use the connection above - var client *http.Client + var connection Connection switch _url.Scheme { case "ssh": secure, err = strconv.ParseBool(_url.Query().Get("secure")) if err != nil { secure = false } - client, err = sshClient(_url, identity[0], secure) + connection, err = sshClient(_url, identity[0], secure) case "unix": if !strings.HasPrefix(uri, "unix:///") { // autofix unix://path_element vs unix:///path_element _url.Path = JoinURL(_url.Host, _url.Path) _url.Host = "" } - client, err = unixClient(_url) + connection, err = unixClient(_url) case "tcp": if !strings.HasPrefix(uri, "tcp://") { return nil, errors.New("tcp URIs should begin with tcp://") } - client, err = tcpClient(_url) + connection, err = tcpClient(_url) default: return nil, errors.Errorf("'%s' is not a supported schema", _url.Scheme) } @@ -115,26 +117,34 @@ func NewConnection(ctx context.Context, uri string, identity ...string) (context return nil, errors.Wrapf(err, "Failed to create %sClient", _url.Scheme) } - ctx = context.WithValue(ctx, clientKey, &Connection{_url, client}) + ctx = context.WithValue(ctx, clientKey, &connection) if err := pingNewConnection(ctx); err != nil { return nil, err } return ctx, nil } -func tcpClient(_url *url.URL) (*http.Client, error) { - return &http.Client{ +func tcpClient(_url *url.URL) (Connection, error) { + connection := Connection{ + _url: _url, + } + connection.client = &http.Client{ Transport: &http.Transport{ - DialContext: func(_ context.Context, _, _ string) (net.Conn, error) { - return net.Dial("tcp", _url.Host) + DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) { + conn, err := net.Dial("tcp", _url.Host) + if c, ok := ctx.Value(clientKey).(*Connection); ok { + c.conn = &conn + } + return conn, err }, DisableCompression: true, }, - }, nil + } + return connection, nil } // pingNewConnection pings to make sure the RESTFUL service is up -// and running. it should only be used where initializing a connection +// and running. it should only be used when initializing a connection func pingNewConnection(ctx context.Context) error { client, err := GetClient(ctx) if err != nil { @@ -145,16 +155,28 @@ func pingNewConnection(ctx context.Context) error { if err != nil { return err } + if response.StatusCode == http.StatusOK { - return nil + v, err := semver.ParseTolerant(response.Header.Get("Libpod-API-Version")) + if err != nil { + return err + } + + switch APIVersion.Compare(v) { + case 1, 0: + // Server's job when client version is equal or older + return nil + case -1: + return errors.Errorf("server API version is too old. client %q server %q", APIVersion.String(), v.String()) + } } return errors.Errorf("ping response was %q", response.StatusCode) } -func sshClient(_url *url.URL, identity string, secure bool) (*http.Client, error) { +func sshClient(_url *url.URL, identity string, secure bool) (Connection, error) { auth, err := publicKey(identity) if err != nil { - return nil, errors.Wrapf(err, "Failed to parse identity %s: %v\n", _url.String(), identity) + return Connection{}, errors.Wrapf(err, "Failed to parse identity %s: %v\n", _url.String(), identity) } callback := ssh.InsecureIgnoreHostKey() @@ -188,26 +210,39 @@ func sshClient(_url *url.URL, identity string, secure bool) (*http.Client, error }, ) if err != nil { - return nil, errors.Wrapf(err, "Connection to bastion host (%s) failed.", _url.String()) + return Connection{}, errors.Wrapf(err, "Connection to bastion host (%s) failed.", _url.String()) } - return &http.Client{ + + connection := Connection{_url: _url} + connection.client = &http.Client{ Transport: &http.Transport{ - DialContext: func(_ context.Context, _, _ string) (net.Conn, error) { - return bastion.Dial("unix", _url.Path) + DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) { + conn, err := bastion.Dial("unix", _url.Path) + if c, ok := ctx.Value(clientKey).(*Connection); ok { + c.conn = &conn + } + return conn, err }, - }}, nil + }} + return connection, nil } -func unixClient(_url *url.URL) (*http.Client, error) { - return &http.Client{ +func unixClient(_url *url.URL) (Connection, error) { + connection := Connection{_url: _url} + connection.client = &http.Client{ Transport: &http.Transport{ DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) { d := net.Dialer{} - return d.DialContext(ctx, "unix", _url.Path) + conn, err := d.DialContext(ctx, "unix", _url.Path) + if c, ok := ctx.Value(clientKey).(*Connection); ok { + c.conn = &conn + } + return conn, err }, DisableCompression: true, }, - }, nil + } + return connection, nil } // DoRequest assembles the http request and returns the response @@ -232,6 +267,7 @@ func (c *Connection) DoRequest(httpBody io.Reader, httpMethod, endpoint string, if len(queryParams) > 0 { req.URL.RawQuery = queryParams.Encode() } + req = req.WithContext(context.WithValue(context.Background(), clientKey, c)) // Give the Do three chances in the case of a comm/service hiccup for i := 0; i < 3; i++ { response, err = c.client.Do(req) // nolint @@ -243,6 +279,10 @@ func (c *Connection) DoRequest(httpBody io.Reader, httpMethod, endpoint string, return &APIResponse{response, req}, err } +func (c *Connection) Write(b []byte) (int, error) { + return (*c.conn).Write(b) +} + // FiltersToString converts our typical filter format of a // map[string][]string to a query/html safe string. func FiltersToString(filters map[string][]string) (string, error) { @@ -295,8 +335,8 @@ func publicKey(path string) (ssh.AuthMethod, error) { func hostKey(host string) ssh.PublicKey { // parse OpenSSH known_hosts file // ssh or use ssh-keyscan to get initial key - known_hosts := filepath.Join(homedir.HomeDir(), ".ssh", "known_hosts") - fd, err := os.Open(known_hosts) + knownHosts := filepath.Join(homedir.HomeDir(), ".ssh", "known_hosts") + fd, err := os.Open(knownHosts) if err != nil { logrus.Error(err) return nil diff --git a/pkg/bindings/containers/containers.go b/pkg/bindings/containers/containers.go index e74a256c7..1ed4919e0 100644 --- a/pkg/bindings/containers/containers.go +++ b/pkg/bindings/containers/containers.go @@ -2,9 +2,13 @@ package containers import ( "context" + "encoding/binary" + "fmt" "io" "net/http" "net/url" + "os" + "os/signal" "strconv" "strings" @@ -12,7 +16,14 @@ import ( "github.com/containers/libpod/pkg/api/handlers" "github.com/containers/libpod/pkg/bindings" "github.com/containers/libpod/pkg/domain/entities" + sig "github.com/containers/libpod/pkg/signal" "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "golang.org/x/crypto/ssh/terminal" +) + +var ( + ErrLostSync = errors.New("lost synchronization with attach multiplexed result") ) // List obtains a list of containers in local storage. All parameters to this method are optional. @@ -247,7 +258,7 @@ func Unpause(ctx context.Context, nameOrID string) error { // Wait blocks until the given container reaches a condition. If not provided, the condition will // default to stopped. If the condition is stopped, an exit code for the container will be provided. The // nameOrID can be a container name or a partial/full ID. -func Wait(ctx context.Context, nameOrID string, condition *define.ContainerStatus) (int32, error) { //nolint +func Wait(ctx context.Context, nameOrID string, condition *define.ContainerStatus) (int32, error) { // nolint var exitCode int32 conn, err := bindings.GetClient(ctx) if err != nil { @@ -333,3 +344,233 @@ func ContainerInit(ctx context.Context, nameOrID string) error { } return response.Process(nil) } + +// Attach attaches to a running container +func Attach(ctx context.Context, nameOrId string, detachKeys *string, logs, stream *bool, stdin io.Reader, stdout io.Writer, stderr io.Writer, attachReady chan bool) error { + conn, err := bindings.GetClient(ctx) + if err != nil { + return err + } + + // Do we need to wire in stdin? + ctnr, err := Inspect(ctx, nameOrId, bindings.PFalse) + if err != nil { + return err + } + + params := url.Values{} + if detachKeys != nil { + params.Add("detachKeys", *detachKeys) + } + if logs != nil { + params.Add("logs", fmt.Sprintf("%t", *logs)) + } + if stream != nil { + params.Add("stream", fmt.Sprintf("%t", *stream)) + } + if stdin != nil { + params.Add("stdin", "true") + } + if stdout != nil { + params.Add("stdout", "true") + } + if stderr != nil { + params.Add("stderr", "true") + } + + // Unless all requirements are met, don't use "stdin" is a terminal + file, ok := stdin.(*os.File) + needTTY := ok && terminal.IsTerminal(int(file.Fd())) && ctnr.Config.Tty + if needTTY { + state, err := terminal.MakeRaw(int(file.Fd())) + if err != nil { + return err + } + + logrus.SetFormatter(&rawFormatter{}) + + defer func() { + if err := terminal.Restore(int(file.Fd()), state); err != nil { + logrus.Errorf("unable to restore terminal: %q", err) + } + logrus.SetFormatter(&logrus.TextFormatter{}) + }() + + winChange := make(chan os.Signal, 1) + signal.Notify(winChange, sig.SIGWINCH) + winCtx, winCancel := context.WithCancel(ctx) + defer winCancel() + + go func() { + // Prime the pump, we need one reset to ensure everything is ready + winChange <- sig.SIGWINCH + for { + select { + case <-winCtx.Done(): + return + case <-winChange: + h, w, err := terminal.GetSize(int(file.Fd())) + if err != nil { + logrus.Warnf("failed to obtain TTY size: " + err.Error()) + } + + if err := ResizeContainerTTY(ctx, nameOrId, &h, &w); err != nil { + logrus.Warnf("failed to resize TTY: " + err.Error()) + } + } + } + }() + } + + response, err := conn.DoRequest(nil, http.MethodPost, "/containers/%s/attach", params, nameOrId) + if err != nil { + return err + } + defer response.Body.Close() + // If we are attaching around a start, we need to "signal" + // back that we are in fact attached so that started does + // not execute before we can attach. + if attachReady != nil { + attachReady <- true + } + if !(response.IsSuccess() || response.IsInformational()) { + return response.Process(nil) + } + + if stdin != nil { + go func() { + _, err := io.Copy(conn, stdin) + if err != nil { + logrus.Error("failed to write input to service: " + err.Error()) + } + }() + } + + buffer := make([]byte, 1024) + if ctnr.Config.Tty { + // If not multiplex'ed, read from server and write to stdout + _, err := io.Copy(stdout, response.Body) + if err != nil { + return err + } + } else { + for { + // Read multiplexed channels and write to appropriate stream + fd, l, err := DemuxHeader(response.Body, buffer) + if err != nil { + if errors.Is(err, io.EOF) { + return nil + } + return err + } + frame, err := DemuxFrame(response.Body, buffer, l) + if err != nil { + return err + } + + switch { + case fd == 0 && stdin != nil: + _, err := stdout.Write(frame[0:l]) + if err != nil { + return err + } + case fd == 1 && stdout != nil: + _, err := stdout.Write(frame[0:l]) + if err != nil { + return err + } + case fd == 2 && stderr != nil: + _, err := stderr.Write(frame[0:l]) + if err != nil { + return err + } + case fd == 3: + return fmt.Errorf("error from daemon in stream: %s", frame) + default: + return fmt.Errorf("unrecognized input header: %d", fd) + } + } + } + return nil +} + +// DemuxHeader reads header for stream from server multiplexed stdin/stdout/stderr/2nd error channel +func DemuxHeader(r io.Reader, buffer []byte) (fd, sz int, err error) { + n, err := io.ReadFull(r, buffer[0:8]) + if err != nil { + return + } + if n < 8 { + err = io.ErrUnexpectedEOF + return + } + + fd = int(buffer[0]) + if fd < 0 || fd > 3 { + err = ErrLostSync + return + } + + sz = int(binary.BigEndian.Uint32(buffer[4:8])) + return +} + +// DemuxFrame reads contents for frame from server multiplexed stdin/stdout/stderr/2nd error channel +func DemuxFrame(r io.Reader, buffer []byte, length int) (frame []byte, err error) { + if len(buffer) < length { + buffer = append(buffer, make([]byte, length-len(buffer)+1)...) + } + n, err := io.ReadFull(r, buffer[0:length]) + if err != nil { + return nil, nil + } + if n < length { + err = io.ErrUnexpectedEOF + return + } + + return buffer[0:length], nil +} + +// ResizeContainerTTY sets container's TTY height and width in characters +func ResizeContainerTTY(ctx context.Context, nameOrId string, height *int, width *int) error { + return resizeTTY(ctx, bindings.JoinURL("containers", nameOrId, "resize"), height, width) +} + +// ResizeExecTTY sets session's TTY height and width in characters +func ResizeExecTTY(ctx context.Context, nameOrId string, height *int, width *int) error { + return resizeTTY(ctx, bindings.JoinURL("exec", nameOrId, "resize"), height, width) +} + +// resizeTTY set size of TTY of container +func resizeTTY(ctx context.Context, endpoint string, height *int, width *int) error { + conn, err := bindings.GetClient(ctx) + if err != nil { + return err + } + + params := url.Values{} + if height != nil { + params.Set("h", strconv.Itoa(*height)) + } + if width != nil { + params.Set("w", strconv.Itoa(*width)) + } + rsp, err := conn.DoRequest(nil, http.MethodPost, endpoint, params) + if err != nil { + return err + } + return rsp.Process(nil) +} + +type rawFormatter struct { + logrus.TextFormatter +} + +func (f *rawFormatter) Format(entry *logrus.Entry) ([]byte, error) { + buffer, err := f.TextFormatter.Format(entry) + if err != nil { + return buffer, err + } + return append(buffer, '\r'), nil +} diff --git a/pkg/bindings/images/images.go b/pkg/bindings/images/images.go index 034ade618..69b9e9bbf 100644 --- a/pkg/bindings/images/images.go +++ b/pkg/bindings/images/images.go @@ -74,8 +74,22 @@ func GetImage(ctx context.Context, nameOrID string, size *bool) (*entities.Image return &inspectedData, response.Process(&inspectedData) } -func Tree(ctx context.Context, nameOrId string) error { - return bindings.ErrNotImplemented +// Tree retrieves a "tree" based representation of the given image +func Tree(ctx context.Context, nameOrId string, whatRequires *bool) (*entities.ImageTreeReport, error) { + var report entities.ImageTreeReport + conn, err := bindings.GetClient(ctx) + if err != nil { + return nil, err + } + params := url.Values{} + if whatRequires != nil { + params.Set("size", strconv.FormatBool(*whatRequires)) + } + response, err := conn.DoRequest(nil, http.MethodGet, "/images/%s/tree", params, nameOrId) + if err != nil { + return nil, err + } + return &report, response.Process(&report) } // History returns the parent layers of an image. @@ -132,7 +146,7 @@ func Export(ctx context.Context, nameOrID string, w io.Writer, format *string, c _, err = io.Copy(w, response.Body) return err } - return nil + return response.Process(nil) } // Prune removes unused images from local storage. The optional filters can be used to further diff --git a/pkg/bindings/images/rm.go b/pkg/bindings/images/rm.go index e3b5590df..05aa3f9ca 100644 --- a/pkg/bindings/images/rm.go +++ b/pkg/bindings/images/rm.go @@ -52,7 +52,7 @@ func Remove(ctx context.Context, nameOrID string, force bool) (*entities.ImageRe params := url.Values{} params.Set("force", strconv.FormatBool(force)) - response, err := conn.DoRequest(nil, http.MethodDelete, "/images/%s/remove", params, nameOrID) + response, err := conn.DoRequest(nil, http.MethodDelete, "/images/%s", params, nameOrID) if err != nil { return nil, err } diff --git a/pkg/bindings/network/network.go b/pkg/bindings/network/network.go index c95b22953..7bba4f478 100644 --- a/pkg/bindings/network/network.go +++ b/pkg/bindings/network/network.go @@ -3,40 +3,76 @@ package network import ( "context" "net/http" + "net/url" + "strconv" + "strings" - "github.com/containernetworking/cni/libcni" "github.com/containers/libpod/pkg/bindings" + "github.com/containers/libpod/pkg/domain/entities" + jsoniter "github.com/json-iterator/go" ) -func Create() {} -func Inspect(ctx context.Context, nameOrID string) (map[string]interface{}, error) { +// Create makes a new CNI network configuration +func Create(ctx context.Context, options entities.NetworkCreateOptions, name *string) (*entities.NetworkCreateReport, error) { + var report entities.NetworkCreateReport + conn, err := bindings.GetClient(ctx) + if err != nil { + return nil, err + } + params := url.Values{} + if name != nil { + params.Set("name", *name) + } + networkConfig, err := jsoniter.MarshalToString(options) + if err != nil { + return nil, err + } + stringReader := strings.NewReader(networkConfig) + response, err := conn.DoRequest(stringReader, http.MethodPost, "/networks/create", params) + if err != nil { + return nil, err + } + return &report, response.Process(&report) +} + +// Inspect returns low level information about a CNI network configuration +func Inspect(ctx context.Context, nameOrID string) ([]entities.NetworkInspectReport, error) { + var reports []entities.NetworkInspectReport conn, err := bindings.GetClient(ctx) if err != nil { return nil, err } - n := make(map[string]interface{}) response, err := conn.DoRequest(nil, http.MethodGet, "/networks/%s/json", nil, nameOrID) if err != nil { - return n, err + return nil, err } - return n, response.Process(&n) + return reports, response.Process(&reports) } -func Remove(ctx context.Context, nameOrID string) error { +// Remove deletes a defined CNI network configuration by name. The optional force boolean +// will remove all containers associated with the network when set to true. A slice +// of NetworkRemoveReports are returned. +func Remove(ctx context.Context, nameOrID string, force *bool) ([]*entities.NetworkRmReport, error) { + var reports []*entities.NetworkRmReport conn, err := bindings.GetClient(ctx) if err != nil { - return err + return nil, err } - response, err := conn.DoRequest(nil, http.MethodDelete, "/networks/%s", nil, nameOrID) + params := url.Values{} + if force != nil { + params.Set("size", strconv.FormatBool(*force)) + } + response, err := conn.DoRequest(nil, http.MethodDelete, "/networks/%s", params, nameOrID) if err != nil { - return err + return nil, err } - return response.Process(nil) + return reports, response.Process(&reports) } -func List(ctx context.Context) ([]*libcni.NetworkConfigList, error) { +// List returns a summary of all CNI network configurations +func List(ctx context.Context) ([]*entities.NetworkListReport, error) { var ( - netList []*libcni.NetworkConfigList + netList []*entities.NetworkListReport ) conn, err := bindings.GetClient(ctx) if err != nil { diff --git a/pkg/bindings/system/system.go b/pkg/bindings/system/system.go index caef6af6f..ed960b8e0 100644 --- a/pkg/bindings/system/system.go +++ b/pkg/bindings/system/system.go @@ -112,12 +112,40 @@ func Version(ctx context.Context) (*entities.SystemVersionReport, error) { f, _ := strconv.ParseFloat(component.APIVersion, 64) b, _ := time.Parse(time.RFC3339, component.BuildTime) report.Server = &define.Version{ - RemoteAPIVersion: int64(f), - Version: component.Version.Version, - GoVersion: component.GoVersion, - GitCommit: component.GitCommit, - Built: b.Unix(), - OsArch: fmt.Sprintf("%s/%s", component.Os, component.Arch), + APIVersion: int64(f), + Version: component.Version.Version, + GoVersion: component.GoVersion, + GitCommit: component.GitCommit, + Built: b.Unix(), + OsArch: fmt.Sprintf("%s/%s", component.Os, component.Arch), } return &report, err } + +// Reset removes all unused system data. +func Reset(ctx context.Context) error { + conn, err := bindings.GetClient(ctx) + if err != nil { + return err + } + response, err := conn.DoRequest(nil, http.MethodPost, "/system/reset", nil) + if err != nil { + return err + } + return response.Process(response) +} + +// DiskUsage returns information about image, container, and volume disk +// consumption +func DiskUsage(ctx context.Context) (*entities.SystemDfReport, error) { + var report entities.SystemDfReport + conn, err := bindings.GetClient(ctx) + if err != nil { + return nil, err + } + response, err := conn.DoRequest(nil, http.MethodGet, "/system/df", nil) + if err != nil { + return nil, err + } + return &report, response.Process(&report) +} diff --git a/pkg/bindings/test/attach_test.go b/pkg/bindings/test/attach_test.go new file mode 100644 index 000000000..6fb166828 --- /dev/null +++ b/pkg/bindings/test/attach_test.go @@ -0,0 +1,110 @@ +package test_bindings + +import ( + "bytes" + "fmt" + "time" + + "github.com/containers/libpod/libpod/define" + "github.com/containers/libpod/pkg/bindings" + "github.com/containers/libpod/pkg/bindings/containers" + "github.com/containers/libpod/pkg/specgen" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + "github.com/onsi/gomega/gexec" +) + +var _ = Describe("Podman containers attach", func() { + var ( + bt *bindingTest + s *gexec.Session + ) + + BeforeEach(func() { + bt = newBindingTest() + bt.RestoreImagesFromCache() + s = bt.startAPIService() + time.Sleep(1 * time.Second) + err := bt.NewConnection() + Expect(err).ShouldNot(HaveOccurred()) + }) + + AfterEach(func() { + s.Kill() + bt.cleanup() + }) + + It("can run top in container", func() { + name := "TopAttachTest" + id, err := bt.RunTopContainer(&name, nil, nil) + Expect(err).ShouldNot(HaveOccurred()) + + tickTock := time.NewTimer(2 * time.Second) + go func() { + <-tickTock.C + timeout := uint(5) + err := containers.Stop(bt.conn, id, &timeout) + if err != nil { + GinkgoWriter.Write([]byte(err.Error())) + } + }() + + stdout := &bytes.Buffer{} + stderr := &bytes.Buffer{} + go func() { + defer GinkgoRecover() + + err := containers.Attach(bt.conn, id, nil, bindings.PTrue, bindings.PTrue, nil, stdout, stderr, nil) + Expect(err).ShouldNot(HaveOccurred()) + }() + + time.Sleep(5 * time.Second) + + // First character/First line of top output + Expect(stdout.String()).Should(ContainSubstring("Mem: ")) + }) + + It("can echo data via cat in container", func() { + s := specgen.NewSpecGenerator(alpine.name, false) + s.Name = "CatAttachTest" + s.Terminal = true + s.Command = []string{"/bin/cat"} + ctnr, err := containers.CreateWithSpec(bt.conn, s) + Expect(err).ShouldNot(HaveOccurred()) + + err = containers.Start(bt.conn, ctnr.ID, nil) + Expect(err).ShouldNot(HaveOccurred()) + + wait := define.ContainerStateRunning + _, err = containers.Wait(bt.conn, ctnr.ID, &wait) + Expect(err).ShouldNot(HaveOccurred()) + + tickTock := time.NewTimer(2 * time.Second) + go func() { + <-tickTock.C + timeout := uint(5) + err := containers.Stop(bt.conn, ctnr.ID, &timeout) + if err != nil { + GinkgoWriter.Write([]byte(err.Error())) + } + }() + + msg := "Hello, World" + stdin := &bytes.Buffer{} + stdin.WriteString(msg + "\n") + + stdout := &bytes.Buffer{} + stderr := &bytes.Buffer{} + go func() { + defer GinkgoRecover() + + err := containers.Attach(bt.conn, ctnr.ID, nil, bindings.PFalse, bindings.PTrue, stdin, stdout, stderr, nil) + Expect(err).ShouldNot(HaveOccurred()) + }() + + time.Sleep(5 * time.Second) + // Tty==true so we get echo'ed stdin + expected output + Expect(stdout.String()).Should(Equal(fmt.Sprintf("%[1]s\r\n%[1]s\r\n", msg))) + Expect(stderr.String()).Should(BeEmpty()) + }) +}) diff --git a/pkg/bindings/test/common_test.go b/pkg/bindings/test/common_test.go index f33e42440..a86e6f2e3 100644 --- a/pkg/bindings/test/common_test.go +++ b/pkg/bindings/test/common_test.go @@ -191,7 +191,7 @@ func (b *bindingTest) restoreImageFromCache(i testImage) { func (b *bindingTest) RunTopContainer(containerName *string, insidePod *bool, podName *string) (string, error) { s := specgen.NewSpecGenerator(alpine.name, false) s.Terminal = false - s.Command = []string{"top"} + s.Command = []string{"/usr/bin/top"} if containerName != nil { s.Name = *containerName } diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go index 328691df2..f725d1cf2 100644 --- a/pkg/bindings/test/containers_test.go +++ b/pkg/bindings/test/containers_test.go @@ -56,7 +56,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a running container by name", func() { // Pausing by name should work var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name) Expect(err).To(BeNil()) @@ -70,7 +70,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a running container by id", func() { // Pausing by id should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid) Expect(err).To(BeNil()) @@ -84,7 +84,7 @@ var _ = Describe("Podman containers ", func() { It("podman unpause a running container by name", func() { // Unpausing by name should work var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name) Expect(err).To(BeNil()) @@ -100,7 +100,7 @@ var _ = Describe("Podman containers ", func() { It("podman unpause a running container by ID", func() { // Unpausing by ID should work var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Pause by name err = containers.Pause(bt.conn, name) @@ -119,7 +119,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a paused container by name", func() { // Pausing a paused container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name) Expect(err).To(BeNil()) @@ -132,7 +132,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a paused container by id", func() { // Pausing a paused container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid) Expect(err).To(BeNil()) @@ -145,7 +145,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a stopped container by name", func() { // Pausing a stopped container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -158,7 +158,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a stopped container by id", func() { // Pausing a stopped container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -171,11 +171,11 @@ var _ = Describe("Podman containers ", func() { It("podman remove a paused container by id without force", func() { // Removing a paused container without force should fail var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid) Expect(err).To(BeNil()) - err = containers.Remove(bt.conn, cid, &bindings.PFalse, &bindings.PFalse) + err = containers.Remove(bt.conn, cid, bindings.PFalse, bindings.PFalse) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -192,18 +192,18 @@ var _ = Describe("Podman containers ", func() { // Removing a paused container with force should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid) Expect(err).To(BeNil()) - err = containers.Remove(bt.conn, cid, &bindings.PTrue, &bindings.PFalse) + err = containers.Remove(bt.conn, cid, bindings.PTrue, bindings.PFalse) Expect(err).To(BeNil()) }) It("podman stop a paused container by name", func() { // Stopping a paused container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name) Expect(err).To(BeNil()) @@ -216,7 +216,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a paused container by id", func() { // Stopping a paused container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid) Expect(err).To(BeNil()) @@ -229,7 +229,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a running container by name", func() { // Stopping a running container by name should work var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -243,7 +243,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a running container by ID", func() { // Stopping a running container by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -302,6 +302,8 @@ var _ = Describe("Podman containers ", func() { errChan = make(chan error) go func() { + defer GinkgoRecover() + _, waitErr := containers.Wait(bt.conn, name, &running) errChan <- waitErr close(errChan) @@ -324,7 +326,7 @@ var _ = Describe("Podman containers ", func() { // a container that has no healthcheck should be a 409 var name = "top" - bt.RunTopContainer(&name, &bindings.PFalse, nil) + bt.RunTopContainer(&name, bindings.PFalse, nil) _, err = containers.RunHealthCheck(bt.conn, name) Expect(err).ToNot(BeNil()) code, _ = bindings.CheckResponseCode(err) @@ -371,7 +373,7 @@ var _ = Describe("Podman containers ", func() { _, err = containers.Wait(bt.conn, r.ID, nil) Expect(err).To(BeNil()) - opts := containers.LogOptions{Stdout: &bindings.PTrue, Follow: &bindings.PTrue} + opts := containers.LogOptions{Stdout: bindings.PTrue, Follow: bindings.PTrue} go func() { containers.Logs(bt.conn, r.ID, opts, stdoutChan, nil) }() @@ -383,7 +385,7 @@ var _ = Describe("Podman containers ", func() { It("podman top", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // By name @@ -421,7 +423,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by name", func() { // Container existence check by name should work var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, name) Expect(err).To(BeNil()) @@ -431,7 +433,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by ID", func() { // Container existence check by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, cid) Expect(err).To(BeNil()) @@ -441,7 +443,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by short ID", func() { // Container existence check by short ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, cid[0:12]) Expect(err).To(BeNil()) @@ -459,7 +461,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by name with SIGINT", func() { // Killing a running container should work var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, name, "SIGINT") Expect(err).To(BeNil()) @@ -470,7 +472,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by ID with SIGTERM", func() { // Killing a running container by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, "SIGTERM") Expect(err).To(BeNil()) @@ -481,7 +483,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by ID with SIGKILL", func() { // Killing a running container by ID with TERM should work var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, "SIGKILL") Expect(err).To(BeNil()) @@ -490,7 +492,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by bogus signal", func() { //Killing a running container by bogus signal should fail var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, "foobar") Expect(err).ToNot(BeNil()) @@ -503,9 +505,9 @@ var _ = Describe("Podman containers ", func() { var name1 = "first" var name2 = "second" var latestContainers = 1 - _, err := bt.RunTopContainer(&name1, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name1, bindings.PFalse, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(&name2, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) Expect(err).To(BeNil()) containerLatestList, err := containers.List(bt.conn, nil, nil, &latestContainers, nil, nil, nil) Expect(err).To(BeNil()) @@ -534,7 +536,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune stopped containers", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -549,7 +551,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune stopped containers with filters", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -583,7 +585,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune running containers", func() { // Start the container. var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Check if the container is running. @@ -606,7 +608,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect running container", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Inspecting running container should succeed _, err = containers.Inspect(bt.conn, name, nil) @@ -615,7 +617,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect stopped container", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -626,20 +628,20 @@ var _ = Describe("Podman containers ", func() { It("podman inspect running container with size", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) - _, err = containers.Inspect(bt.conn, name, &bindings.PTrue) + _, err = containers.Inspect(bt.conn, name, bindings.PTrue) Expect(err).To(BeNil()) }) It("podman inspect stopped container with size", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Inspecting stopped container with size should succeed - _, err = containers.Inspect(bt.conn, name, &bindings.PTrue) + _, err = containers.Inspect(bt.conn, name, bindings.PTrue) Expect(err).To(BeNil()) }) @@ -651,7 +653,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, nil, nil) @@ -662,7 +664,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, nil, nil) @@ -673,10 +675,10 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail - err = containers.Remove(bt.conn, name, &bindings.PTrue, nil) + err = containers.Remove(bt.conn, name, bindings.PTrue, nil) Expect(err).To(BeNil()) //code, _ := bindings.CheckResponseCode(err) //Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -684,10 +686,10 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail - err = containers.Remove(bt.conn, cid, &bindings.PTrue, nil) + err = containers.Remove(bt.conn, cid, bindings.PTrue, nil) Expect(err).To(BeNil()) //code, _ := bindings.CheckResponseCode(err) //Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -695,10 +697,10 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container and volume by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail - err = containers.Remove(bt.conn, name, nil, &bindings.PTrue) + err = containers.Remove(bt.conn, name, nil, bindings.PTrue) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -706,10 +708,10 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container and volume by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail - err = containers.Remove(bt.conn, cid, nil, &bindings.PTrue) + err = containers.Remove(bt.conn, cid, nil, bindings.PTrue) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -717,10 +719,10 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container and volume by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail - err = containers.Remove(bt.conn, name, &bindings.PTrue, &bindings.PTrue) + err = containers.Remove(bt.conn, name, bindings.PTrue, bindings.PTrue) Expect(err).To(BeNil()) //code, _ := bindings.CheckResponseCode(err) //Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) @@ -728,10 +730,10 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container and volume by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) // Removing running container should fail - err = containers.Remove(bt.conn, cid, &bindings.PTrue, &bindings.PTrue) + err = containers.Remove(bt.conn, cid, bindings.PTrue, bindings.PTrue) Expect(err).To(BeNil()) //code, _ := bindings.CheckResponseCode(err) //Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) diff --git a/pkg/bindings/test/exec_test.go b/pkg/bindings/test/exec_test.go index 1ef2197b6..53b2dcb4a 100644 --- a/pkg/bindings/test/exec_test.go +++ b/pkg/bindings/test/exec_test.go @@ -33,7 +33,7 @@ var _ = Describe("Podman containers exec", func() { It("Podman exec create makes an exec session", func() { name := "testCtr" - cid, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) execConfig := new(handlers.ExecCreateConfig) @@ -53,7 +53,7 @@ var _ = Describe("Podman containers exec", func() { It("Podman exec create with bad command fails", func() { name := "testCtr" - _, err := bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) execConfig := new(handlers.ExecCreateConfig) diff --git a/pkg/bindings/test/images_test.go b/pkg/bindings/test/images_test.go index 9c8e82149..f2a1a51e5 100644 --- a/pkg/bindings/test/images_test.go +++ b/pkg/bindings/test/images_test.go @@ -76,7 +76,7 @@ var _ = Describe("Podman images", func() { // Expect(data.Size).To(BeZero()) // Enabling the size parameter should result in size being populated - data, err = images.GetImage(bt.conn, alpine.name, &bindings.PTrue) + data, err = images.GetImage(bt.conn, alpine.name, bindings.PTrue) Expect(err).To(BeNil()) Expect(data.Size).To(BeNumerically(">", 0)) }) @@ -104,7 +104,7 @@ var _ = Describe("Podman images", func() { // Start a container with alpine image var top string = "top" - _, err = bt.RunTopContainer(&top, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&top, bindings.PFalse, nil) Expect(err).To(BeNil()) // we should now have a container called "top" running containerResponse, err := containers.Inspect(bt.conn, "top", nil) @@ -122,7 +122,7 @@ var _ = Describe("Podman images", func() { Expect(err).To(BeNil()) // To be extra sure, check if the previously created container // is gone as well. - _, err = containers.Inspect(bt.conn, "top", &bindings.PFalse) + _, err = containers.Inspect(bt.conn, "top", bindings.PFalse) code, _ = bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusNotFound)) @@ -182,13 +182,13 @@ var _ = Describe("Podman images", func() { // List images with a filter filters := make(map[string][]string) filters["reference"] = []string{alpine.name} - filteredImages, err := images.List(bt.conn, &bindings.PFalse, filters) + filteredImages, err := images.List(bt.conn, bindings.PFalse, filters) Expect(err).To(BeNil()) Expect(len(filteredImages)).To(BeNumerically("==", 1)) // List images with a bad filter filters["name"] = []string{alpine.name} - _, err = images.List(bt.conn, &bindings.PFalse, filters) + _, err = images.List(bt.conn, bindings.PFalse, filters) Expect(err).ToNot(BeNil()) code, _ := bindings.CheckResponseCode(err) Expect(code).To(BeNumerically("==", http.StatusInternalServerError)) diff --git a/pkg/bindings/test/pods_test.go b/pkg/bindings/test/pods_test.go index 49bbfa246..d8e2a5ef7 100644 --- a/pkg/bindings/test/pods_test.go +++ b/pkg/bindings/test/pods_test.go @@ -63,7 +63,7 @@ var _ = Describe("Podman pods", func() { Expect(err).To(BeNil()) // Adding an alpine container to the existing pod - _, err = bt.RunTopContainer(nil, &bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) Expect(err).To(BeNil()) podSummary, err = pods.List(bt.conn, nil) // Verify no errors. @@ -93,7 +93,7 @@ var _ = Describe("Podman pods", func() { _, err = pods.Start(bt.conn, newpod) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(nil, &bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) Expect(err).To(BeNil()) // Expected err with invalid filter params @@ -174,7 +174,7 @@ var _ = Describe("Podman pods", func() { Expect(code).To(BeNumerically("==", http.StatusNotFound)) // Adding an alpine container to the existing pod - _, err = bt.RunTopContainer(nil, &bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) Expect(err).To(BeNil()) // Binding needs to be modified to inspect the pod state. diff --git a/pkg/bindings/test/system_test.go b/pkg/bindings/test/system_test.go index 62ea32377..fb2df258b 100644 --- a/pkg/bindings/test/system_test.go +++ b/pkg/bindings/test/system_test.go @@ -5,6 +5,7 @@ import ( "github.com/containers/libpod/pkg/bindings" "github.com/containers/libpod/pkg/bindings/containers" + "github.com/containers/libpod/pkg/bindings/images" "github.com/containers/libpod/pkg/bindings/pods" "github.com/containers/libpod/pkg/bindings/system" "github.com/containers/libpod/pkg/bindings/volumes" @@ -64,12 +65,12 @@ var _ = Describe("Podman system", func() { Expect(err).To(BeNil()) // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) - systemPruneResponse, err := system.Prune(bt.conn, &bindings.PTrue, &bindings.PFalse) + systemPruneResponse, err := system.Prune(bt.conn, bindings.PTrue, bindings.PFalse) Expect(err).To(BeNil()) Expect(len(systemPruneResponse.PodPruneReport)).To(Equal(1)) Expect(len(systemPruneResponse.ContainerPruneReport.ID)).To(Equal(1)) @@ -89,21 +90,21 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) Expect(err).To(BeNil()) // Adding an unused volume _, err = volumes.Create(bt.conn, entities.VolumeCreateOptions{}) Expect(err).To(BeNil()) - systemPruneResponse, err := system.Prune(bt.conn, &bindings.PTrue, &bindings.PFalse) + systemPruneResponse, err := system.Prune(bt.conn, bindings.PTrue, bindings.PFalse) Expect(err).To(BeNil()) Expect(len(systemPruneResponse.PodPruneReport)).To(Equal(1)) Expect(len(systemPruneResponse.ContainerPruneReport.ID)).To(Equal(1)) @@ -123,21 +124,21 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start second container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, &bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) Expect(err).To(BeNil()) // Adding an unused volume should work _, err = volumes.Create(bt.conn, entities.VolumeCreateOptions{}) Expect(err).To(BeNil()) - systemPruneResponse, err := system.Prune(bt.conn, &bindings.PTrue, &bindings.PTrue) + systemPruneResponse, err := system.Prune(bt.conn, bindings.PTrue, bindings.PTrue) Expect(err).To(BeNil()) Expect(len(systemPruneResponse.PodPruneReport)).To(Equal(0)) Expect(len(systemPruneResponse.ContainerPruneReport.ID)).To(Equal(1)) @@ -149,4 +150,45 @@ var _ = Describe("Podman system", func() { // Volume should be pruned now as flag set true Expect(len(systemPruneResponse.VolumePruneReport)).To(Equal(1)) }) + + It("podman system reset", func() { + // Adding an unused volume should work + _, err := volumes.Create(bt.conn, entities.VolumeCreateOptions{}) + Expect(err).To(BeNil()) + + vols, err := volumes.List(bt.conn, nil) + Expect(err).To(BeNil()) + Expect(len(vols)).To(Equal(1)) + + // Start a pod and leave it running + _, err = pods.Start(bt.conn, newpod) + Expect(err).To(BeNil()) + + imageSummary, err := images.List(bt.conn, nil, nil) + Expect(err).To(BeNil()) + // Since in the begin context images are created + Expect(len(imageSummary)).To(Equal(3)) + + err = system.Reset(bt.conn) + Expect(err).To(BeNil()) + + // re-establish connection + s = bt.startAPIService() + time.Sleep(1 * time.Second) + + // No pods + podSummary, err := pods.List(bt.conn, nil) + Expect(err).To(BeNil()) + Expect(len(podSummary)).To(Equal(0)) + + // No images + imageSummary, err = images.List(bt.conn, bindings.PTrue, nil) + Expect(err).To(BeNil()) + Expect(len(imageSummary)).To(Equal(0)) + + // no volumes + vols, err = volumes.List(bt.conn, nil) + Expect(err).To(BeNil()) + Expect(len(vols)).To(BeZero()) + }) }) diff --git a/pkg/bindings/test/test_suite_test.go b/pkg/bindings/test/test_suite_test.go index dc2b49b88..d2c2c7838 100644 --- a/pkg/bindings/test/test_suite_test.go +++ b/pkg/bindings/test/test_suite_test.go @@ -5,9 +5,14 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" + "github.com/sirupsen/logrus" ) func TestTest(t *testing.T) { + if testing.Verbose() { + logrus.SetLevel(logrus.DebugLevel) + } + RegisterFailHandler(Fail) RunSpecs(t, "Test Suite") } diff --git a/pkg/bindings/test/volumes_test.go b/pkg/bindings/test/volumes_test.go index 59fe48f22..839a4c575 100644 --- a/pkg/bindings/test/volumes_test.go +++ b/pkg/bindings/test/volumes_test.go @@ -105,7 +105,7 @@ var _ = Describe("Podman volumes", func() { zero := uint(0) err = containers.Stop(connText, "vtest", &zero) Expect(err).To(BeNil()) - err = volumes.Remove(connText, vol.Name, &bindings.PTrue) + err = volumes.Remove(connText, vol.Name, bindings.PTrue) Expect(err).To(BeNil()) }) diff --git a/pkg/bindings/version.go b/pkg/bindings/version.go deleted file mode 100644 index c833a644c..000000000 --- a/pkg/bindings/version.go +++ /dev/null @@ -1,3 +0,0 @@ -package bindings - -func (c Connection) Version() {} diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go index d51905f4b..3b56f944f 100644 --- a/pkg/cgroups/cgroups.go +++ b/pkg/cgroups/cgroups.go @@ -517,6 +517,10 @@ func (c *CgroupControl) AddPid(pid int) error { } for _, n := range names { + // If we aren't using cgroup2, we won't write correctly to unified hierarchy + if !c.cgroup2 && n == "unified" { + continue + } p := filepath.Join(c.getCgroupv1Path(n), "tasks") if err := ioutil.WriteFile(p, pidString, 0644); err != nil { return errors.Wrapf(err, "write %s", p) diff --git a/pkg/domain/entities/auto-update.go b/pkg/domain/entities/auto-update.go index aef8fc46b..c51158816 100644 --- a/pkg/domain/entities/auto-update.go +++ b/pkg/domain/entities/auto-update.go @@ -1,5 +1,11 @@ package entities +// AutoUpdateOptions are the options for running auto-update. +type AutoUpdateOptions struct { + // Authfile to use when contacting registries. + Authfile string +} + // AutoUpdateReport contains the results from running auto-update. type AutoUpdateReport struct { // Units - the restarted systemd units during auto-update. diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index e5330e1ab..8d85a9b23 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -170,7 +170,7 @@ type CheckpointOptions struct { IgnoreRootFS bool Keep bool Latest bool - LeaveRuninng bool + LeaveRunning bool TCPEstablished bool } @@ -242,7 +242,6 @@ type ExecOptions struct { Latest bool PreserveFDs uint Privileged bool - Streams define.AttachStreams Tty bool User string WorkDir string @@ -311,6 +310,7 @@ type ContainerRunReport struct { // cleanup command type ContainerCleanupOptions struct { All bool + Exec string Latest bool Remove bool RemoveImage bool diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go index 719ac3f9e..3d5161745 100644 --- a/pkg/domain/entities/engine_container.go +++ b/pkg/domain/entities/engine_container.go @@ -10,7 +10,7 @@ import ( ) type ContainerEngine interface { - AutoUpdate(ctx context.Context) (*AutoUpdateReport, []error) + AutoUpdate(ctx context.Context, options AutoUpdateOptions) (*AutoUpdateReport, []error) Config(ctx context.Context) (*config.Config, error) ContainerAttach(ctx context.Context, nameOrId string, options AttachOptions) error ContainerCheckpoint(ctx context.Context, namesOrIds []string, options CheckpointOptions) ([]*CheckpointReport, error) @@ -19,7 +19,8 @@ type ContainerEngine interface { ContainerCp(ctx context.Context, source, dest string, options ContainerCpOptions) (*ContainerCpReport, error) ContainerCreate(ctx context.Context, s *specgen.SpecGenerator) (*ContainerCreateReport, error) ContainerDiff(ctx context.Context, nameOrId string, options DiffOptions) (*DiffReport, error) - ContainerExec(ctx context.Context, nameOrId string, options ExecOptions) (int, error) + ContainerExec(ctx context.Context, nameOrId string, options ExecOptions, streams define.AttachStreams) (int, error) + ContainerExecDetached(ctx context.Context, nameOrID string, options ExecOptions) (string, error) ContainerExists(ctx context.Context, nameOrId string) (*BoolReport, error) ContainerExport(ctx context.Context, nameOrId string, options ContainerExportOptions) error ContainerInit(ctx context.Context, namesOrIds []string, options ContainerInitOptions) ([]*ContainerInitReport, error) diff --git a/pkg/domain/entities/engine_image.go b/pkg/domain/entities/engine_image.go index ffa71abd6..7d7099838 100644 --- a/pkg/domain/entities/engine_image.go +++ b/pkg/domain/entities/engine_image.go @@ -34,4 +34,5 @@ type ImageEngine interface { ManifestAnnotate(ctx context.Context, names []string, opts ManifestAnnotateOptions) (string, error) ManifestRemove(ctx context.Context, names []string) (string, error) ManifestPush(ctx context.Context, names []string, manifestPushOpts ManifestPushOptions) error + Sign(ctx context.Context, names []string, options SignOptions) (*SignReport, error) } diff --git a/pkg/domain/entities/engine_system.go b/pkg/domain/entities/engine_system.go index e2000f5cb..a0ecfe9ea 100644 --- a/pkg/domain/entities/engine_system.go +++ b/pkg/domain/entities/engine_system.go @@ -9,6 +9,6 @@ import ( type SystemEngine interface { Renumber(ctx context.Context, flags *pflag.FlagSet, config *PodmanConfig) error Migrate(ctx context.Context, flags *pflag.FlagSet, config *PodmanConfig, options SystemMigrateOptions) error - Reset(ctx context.Context, options SystemResetOptions) error + Reset(ctx context.Context) error Shutdown(ctx context.Context) } diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index e116a90b9..0f909ab37 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -1,7 +1,6 @@ package entities import ( - "net/url" "time" "github.com/containers/image/v5/manifest" @@ -221,15 +220,13 @@ type ImageSearchReport struct { // Image List Options type ImageListOptions struct { - All bool `json:"all" schema:"all"` - Filter []string `json:"Filter,omitempty"` - Filters url.Values `json:"filters" schema:"filters"` + All bool `json:"all" schema:"all"` + Filter []string `json:"Filter,omitempty"` } type ImagePruneOptions struct { - All bool `json:"all" schema:"all"` - Filter []string `json:"filter" schema:"filter"` - Filters url.Values `json:"filters" schema:"filters"` + All bool `json:"all" schema:"all"` + Filter []string `json:"filter" schema:"filter"` } type ImagePruneReport struct { @@ -309,3 +306,13 @@ type SetTrustOptions struct { PubKeysFile []string Type string } + +// SignOptions describes input options for the CLI signing +type SignOptions struct { + Directory string + SignBy string + CertDir string +} + +// SignReport describes the result of signing +type SignReport struct{} diff --git a/pkg/domain/entities/network.go b/pkg/domain/entities/network.go index cffd40899..9beeeb042 100644 --- a/pkg/domain/entities/network.go +++ b/pkg/domain/entities/network.go @@ -10,6 +10,7 @@ import ( type NetworkListOptions struct { Format string Quiet bool + Filter string } // NetworkListReport describes the results from listing networks @@ -19,6 +20,7 @@ type NetworkListReport struct { // NetworkInspectOptions describes options for inspect networks type NetworkInspectOptions struct { + Format string } // NetworkInspectReport describes the results from inspect networks @@ -36,6 +38,7 @@ type NetworkRmReport struct { } // NetworkCreateOptions describes options to create a network +// swagger:model NetworkCreateOptions type NetworkCreateOptions struct { DisableDNS bool Driver string diff --git a/pkg/domain/infra/abi/auto-update.go b/pkg/domain/infra/abi/auto-update.go index aa20664b4..9fcc451fd 100644 --- a/pkg/domain/infra/abi/auto-update.go +++ b/pkg/domain/infra/abi/auto-update.go @@ -7,7 +7,11 @@ import ( "github.com/containers/libpod/pkg/domain/entities" ) -func (ic *ContainerEngine) AutoUpdate(ctx context.Context) (*entities.AutoUpdateReport, []error) { - units, failures := autoupdate.AutoUpdate(ic.Libpod) +func (ic *ContainerEngine) AutoUpdate(ctx context.Context, options entities.AutoUpdateOptions) (*entities.AutoUpdateReport, []error) { + // Convert the entities options to the autoupdate ones. We can't use + // them in the entities package as low-level packages must not leak + // into the remote client. + autoOpts := autoupdate.Options{Authfile: options.Authfile} + units, failures := autoupdate.AutoUpdate(ic.Libpod, autoOpts) return &entities.AutoUpdateReport{Units: units}, failures } diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index 249e8147c..b4e38ca23 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -434,6 +434,7 @@ func (ic *ContainerEngine) ContainerCheckpoint(ctx context.Context, namesOrIds [ TCPEstablished: options.TCPEstablished, TargetFile: options.Export, IgnoreRootfs: options.IgnoreRootFS, + KeepRunning: options.LeaveRunning, } if options.All { @@ -535,7 +536,22 @@ func (ic *ContainerEngine) ContainerAttach(ctx context.Context, nameOrId string, return nil } -func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrId string, options entities.ExecOptions) (int, error) { +func makeExecConfig(options entities.ExecOptions) *libpod.ExecConfig { + execConfig := new(libpod.ExecConfig) + execConfig.Command = options.Cmd + execConfig.Terminal = options.Tty + execConfig.Privileged = options.Privileged + execConfig.Environment = options.Envs + execConfig.User = options.User + execConfig.WorkDir = options.WorkDir + execConfig.DetachKeys = &options.DetachKeys + execConfig.PreserveFDs = options.PreserveFDs + execConfig.AttachStdin = options.Interactive + + return execConfig +} + +func checkExecPreserveFDs(options entities.ExecOptions) (int, error) { ec := define.ExecErrorCodeGeneric if options.PreserveFDs > 0 { entries, err := ioutil.ReadDir("/proc/self/fd") @@ -558,15 +574,66 @@ func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrId string, o } } } + return ec, nil +} + +func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrId string, options entities.ExecOptions, streams define.AttachStreams) (int, error) { + ec, err := checkExecPreserveFDs(options) + if err != nil { + return ec, err + } ctrs, err := getContainersByContext(false, options.Latest, []string{nameOrId}, ic.Libpod) if err != nil { return ec, err } ctr := ctrs[0] - ec, err = terminal.ExecAttachCtr(ctx, ctr, options.Tty, options.Privileged, options.Envs, options.Cmd, options.User, options.WorkDir, &options.Streams, options.PreserveFDs, options.DetachKeys) + + execConfig := makeExecConfig(options) + + ec, err = terminal.ExecAttachCtr(ctx, ctr, execConfig, &streams) return define.TranslateExecErrorToExitCode(ec, err), err } +func (ic *ContainerEngine) ContainerExecDetached(ctx context.Context, nameOrId string, options entities.ExecOptions) (string, error) { + _, err := checkExecPreserveFDs(options) + if err != nil { + return "", err + } + ctrs, err := getContainersByContext(false, options.Latest, []string{nameOrId}, ic.Libpod) + if err != nil { + return "", err + } + ctr := ctrs[0] + + execConfig := makeExecConfig(options) + + // Make an exit command + storageConfig := ic.Libpod.StorageConfig() + runtimeConfig, err := ic.Libpod.GetConfig() + if err != nil { + return "", errors.Wrapf(err, "error retrieving Libpod configuration to build exec exit command") + } + podmanPath, err := os.Executable() + if err != nil { + return "", errors.Wrapf(err, "error retrieving executable to build exec exit command") + } + // TODO: Add some ability to toggle syslog + exitCommandArgs := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, podmanPath, false, true, true) + execConfig.ExitCommand = exitCommandArgs + + // Create and start the exec session + id, err := ctr.ExecCreate(execConfig) + if err != nil { + return "", err + } + + // TODO: we should try and retrieve exit code if this fails. + if err := ctr.ExecStart(id); err != nil { + return "", err + } + return id, nil +} + func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []string, options entities.ContainerStartOptions) ([]*entities.ContainerStartReport, error) { var reports []*entities.ContainerStartReport var exitCode = define.ExecErrorCodeGeneric @@ -835,6 +902,20 @@ func (ic *ContainerEngine) ContainerCleanup(ctx context.Context, namesOrIds []st for _, ctr := range ctrs { var err error report := entities.ContainerCleanupReport{Id: ctr.ID()} + + if options.Exec != "" { + if options.Remove { + if err := ctr.ExecRemove(options.Exec, false); err != nil { + return nil, err + } + } else { + if err := ctr.ExecCleanup(options.Exec); err != nil { + return nil, err + } + } + return []*entities.ContainerCleanupReport{}, nil + } + if options.Remove { err = ic.Libpod.RemoveContainer(ctx, ctr, false, true) if err != nil { diff --git a/pkg/domain/infra/abi/healthcheck.go b/pkg/domain/infra/abi/healthcheck.go index 351bf4f7e..4e925ef56 100644 --- a/pkg/domain/infra/abi/healthcheck.go +++ b/pkg/domain/infra/abi/healthcheck.go @@ -3,7 +3,6 @@ package abi import ( "context" - "github.com/containers/libpod/libpod" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/domain/entities" ) @@ -13,9 +12,9 @@ func (ic *ContainerEngine) HealthCheckRun(ctx context.Context, nameOrId string, if err != nil { return nil, err } - hcStatus := "unhealthy" - if status == libpod.HealthCheckSuccess { - hcStatus = "healthy" + hcStatus := define.HealthCheckUnhealthy + if status == define.HealthCheckSuccess { + hcStatus = define.HealthCheckHealthy } report := define.HealthCheckResults{ Status: hcStatus, diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 7ab5131f0..6e774df8e 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -4,14 +4,22 @@ import ( "context" "fmt" "io" + "io/ioutil" + "net/url" "os" + "path/filepath" + "strconv" "strings" + "github.com/containers/libpod/pkg/rootless" + "github.com/containers/common/pkg/config" "github.com/containers/image/v5/docker" dockerarchive "github.com/containers/image/v5/docker/archive" "github.com/containers/image/v5/docker/reference" "github.com/containers/image/v5/manifest" + "github.com/containers/image/v5/signature" + "github.com/containers/image/v5/transports" "github.com/containers/image/v5/transports/alltransports" "github.com/containers/image/v5/types" "github.com/containers/libpod/libpod/define" @@ -19,6 +27,7 @@ import ( libpodImage "github.com/containers/libpod/libpod/image" "github.com/containers/libpod/pkg/domain/entities" domainUtils "github.com/containers/libpod/pkg/domain/utils" + "github.com/containers/libpod/pkg/trust" "github.com/containers/libpod/pkg/util" "github.com/containers/storage" imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1" @@ -26,6 +35,9 @@ import ( "github.com/sirupsen/logrus" ) +// SignatureStoreDir defines default directory to store signatures +const SignatureStoreDir = "/var/lib/containers/sigstore" + func (ir *ImageEngine) Exists(_ context.Context, nameOrId string) (*entities.BoolReport, error) { _, err := ir.Libpod.ImageRuntime().NewFromLocal(nameOrId) if err != nil && errors.Cause(err) != define.ErrNoSuchImage { @@ -549,3 +561,145 @@ func (ir *ImageEngine) Shutdown(_ context.Context) { _ = ir.Libpod.Shutdown(false) }) } + +func (ir *ImageEngine) Sign(ctx context.Context, names []string, options entities.SignOptions) (*entities.SignReport, error) { + dockerRegistryOptions := image.DockerRegistryOptions{ + DockerCertPath: options.CertDir, + } + + mech, err := signature.NewGPGSigningMechanism() + if err != nil { + return nil, errors.Wrap(err, "error initializing GPG") + } + defer mech.Close() + if err := mech.SupportsSigning(); err != nil { + return nil, errors.Wrap(err, "signing is not supported") + } + sc := ir.Libpod.SystemContext() + sc.DockerCertPath = options.CertDir + + systemRegistriesDirPath := trust.RegistriesDirPath(sc) + registryConfigs, err := trust.LoadAndMergeConfig(systemRegistriesDirPath) + if err != nil { + return nil, errors.Wrapf(err, "error reading registry configuration") + } + + for _, signimage := range names { + var sigStoreDir string + srcRef, err := alltransports.ParseImageName(signimage) + if err != nil { + return nil, errors.Wrapf(err, "error parsing image name") + } + rawSource, err := srcRef.NewImageSource(ctx, sc) + if err != nil { + return nil, errors.Wrapf(err, "error getting image source") + } + err = rawSource.Close() + if err != nil { + logrus.Errorf("unable to close new image source %q", err) + } + getManifest, _, err := rawSource.GetManifest(ctx, nil) + if err != nil { + return nil, errors.Wrapf(err, "error getting getManifest") + } + dockerReference := rawSource.Reference().DockerReference() + if dockerReference == nil { + return nil, errors.Errorf("cannot determine canonical Docker reference for destination %s", transports.ImageName(rawSource.Reference())) + } + + // create the signstore file + rtc, err := ir.Libpod.GetConfig() + if err != nil { + return nil, err + } + newImage, err := ir.Libpod.ImageRuntime().New(ctx, signimage, rtc.Engine.SignaturePolicyPath, "", os.Stderr, &dockerRegistryOptions, image.SigningOptions{SignBy: options.SignBy}, nil, util.PullImageMissing) + if err != nil { + return nil, errors.Wrapf(err, "error pulling image %s", signimage) + } + if sigStoreDir == "" { + if rootless.IsRootless() { + sigStoreDir = filepath.Join(filepath.Dir(ir.Libpod.StorageConfig().GraphRoot), "sigstore") + } else { + registryInfo := trust.HaveMatchRegistry(rawSource.Reference().DockerReference().String(), registryConfigs) + if registryInfo != nil { + if sigStoreDir = registryInfo.SigStoreStaging; sigStoreDir == "" { + sigStoreDir = registryInfo.SigStore + + } + } + } + } + sigStoreDir, err = isValidSigStoreDir(sigStoreDir) + if err != nil { + return nil, errors.Wrapf(err, "invalid signature storage %s", sigStoreDir) + } + repos, err := newImage.RepoDigests() + if err != nil { + return nil, errors.Wrapf(err, "error calculating repo digests for %s", signimage) + } + if len(repos) == 0 { + logrus.Errorf("no repodigests associated with the image %s", signimage) + continue + } + + // create signature + newSig, err := signature.SignDockerManifest(getManifest, dockerReference.String(), mech, options.SignBy) + if err != nil { + return nil, errors.Wrapf(err, "error creating new signature") + } + + trimmedDigest := strings.TrimPrefix(repos[0], strings.Split(repos[0], "/")[0]) + sigStoreDir = filepath.Join(sigStoreDir, strings.Replace(trimmedDigest, ":", "=", 1)) + if err := os.MkdirAll(sigStoreDir, 0751); err != nil { + // The directory is allowed to exist + if !os.IsExist(err) { + logrus.Errorf("error creating directory %s: %s", sigStoreDir, err) + continue + } + } + sigFilename, err := getSigFilename(sigStoreDir) + if err != nil { + logrus.Errorf("error creating sigstore file: %v", err) + continue + } + err = ioutil.WriteFile(filepath.Join(sigStoreDir, sigFilename), newSig, 0644) + if err != nil { + logrus.Errorf("error storing signature for %s", rawSource.Reference().DockerReference().String()) + continue + } + } + return nil, nil +} + +func getSigFilename(sigStoreDirPath string) (string, error) { + sigFileSuffix := 1 + sigFiles, err := ioutil.ReadDir(sigStoreDirPath) + if err != nil { + return "", err + } + sigFilenames := make(map[string]bool) + for _, file := range sigFiles { + sigFilenames[file.Name()] = true + } + for { + sigFilename := "signature-" + strconv.Itoa(sigFileSuffix) + if _, exists := sigFilenames[sigFilename]; !exists { + return sigFilename, nil + } + sigFileSuffix++ + } +} + +func isValidSigStoreDir(sigStoreDir string) (string, error) { + writeURIs := map[string]bool{"file": true} + url, err := url.Parse(sigStoreDir) + if err != nil { + return sigStoreDir, errors.Wrapf(err, "invalid directory %s", sigStoreDir) + } + _, exists := writeURIs[url.Scheme] + if !exists { + return sigStoreDir, errors.Errorf("writing to %s is not supported. Use a supported scheme", sigStoreDir) + } + sigStoreDir = url.Path + return sigStoreDir, nil +} diff --git a/pkg/domain/infra/abi/images_list.go b/pkg/domain/infra/abi/images_list.go index c559e250c..3034e36ec 100644 --- a/pkg/domain/infra/abi/images_list.go +++ b/pkg/domain/infra/abi/images_list.go @@ -13,14 +13,7 @@ func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions) err error ) - // TODO: Future work support for domain.Filters - // filters := utils.ToLibpodFilters(opts.Filters) - - if len(opts.Filter) > 0 { - images, err = ir.Libpod.ImageRuntime().GetImagesWithFilters(opts.Filter) - } else { - images, err = ir.Libpod.ImageRuntime().GetImages() - } + images, err = ir.Libpod.ImageRuntime().GetImagesWithFilters(opts.Filter) if err != nil { return nil, err } @@ -40,9 +33,18 @@ func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions) } } } else { - repoTags, _ = img.RepoTags() - if len(repoTags) == 0 { - continue + repoTags, err = img.RepoTags() + if err != nil { + return nil, err + } + if len(img.Names()) == 0 { + parent, err := img.IsParent(ctx) + if err != nil { + return nil, err + } + if parent { + continue + } } } diff --git a/pkg/domain/infra/abi/network.go b/pkg/domain/infra/abi/network.go index 5c39b5374..8e3515824 100644 --- a/pkg/domain/infra/abi/network.go +++ b/pkg/domain/infra/abi/network.go @@ -6,7 +6,9 @@ import ( "fmt" "io/ioutil" "path/filepath" + "strings" + "github.com/containernetworking/cni/libcni" cniversion "github.com/containernetworking/cni/pkg/version" "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/domain/entities" @@ -15,32 +17,32 @@ import ( "github.com/pkg/errors" ) -func getCNIConfDir(r *libpod.Runtime) (string, error) { - config, err := r.GetConfig() - if err != nil { - return "", err - } - configPath := config.Network.NetworkConfigDir - - if len(config.Network.NetworkConfigDir) < 1 { - configPath = network.CNIConfigDir - } - return configPath, nil -} - func (ic *ContainerEngine) NetworkList(ctx context.Context, options entities.NetworkListOptions) ([]*entities.NetworkListReport, error) { var reports []*entities.NetworkListReport - cniConfigPath, err := getCNIConfDir(ic.Libpod) + + config, err := ic.Libpod.GetConfig() if err != nil { return nil, err } - networks, err := network.LoadCNIConfsFromDir(cniConfigPath) + + networks, err := network.LoadCNIConfsFromDir(network.GetCNIConfDir(config)) if err != nil { return nil, err } + var tokens []string + // tokenize the networkListOptions.Filter in key=value. + if len(options.Filter) > 0 { + tokens = strings.Split(options.Filter, "=") + if len(tokens) != 2 { + return nil, fmt.Errorf("invalid filter syntax : %s", options.Filter) + } + } + for _, n := range networks { - reports = append(reports, &entities.NetworkListReport{NetworkConfigList: n}) + if ifPassesFilterTest(n, tokens) { + reports = append(reports, &entities.NetworkListReport{NetworkConfigList: n}) + } } return reports, nil } @@ -49,8 +51,14 @@ func (ic *ContainerEngine) NetworkInspect(ctx context.Context, namesOrIds []stri var ( rawCNINetworks []entities.NetworkInspectReport ) + + config, err := ic.Libpod.GetConfig() + if err != nil { + return nil, err + } + for _, name := range namesOrIds { - rawList, err := network.InspectNetwork(name) + rawList, err := network.InspectNetwork(config, name) if err != nil { return nil, err } @@ -61,6 +69,12 @@ func (ic *ContainerEngine) NetworkInspect(ctx context.Context, namesOrIds []stri func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, options entities.NetworkRmOptions) ([]*entities.NetworkRmReport, error) { var reports []*entities.NetworkRmReport + + config, err := ic.Libpod.GetConfig() + if err != nil { + return nil, err + } + for _, name := range namesOrIds { report := entities.NetworkRmReport{Name: name} containers, err := ic.Libpod.GetAllContainers() @@ -80,7 +94,7 @@ func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, o } } } - if err := network.RemoveNetwork(name); err != nil { + if err := network.RemoveNetwork(config, name); err != nil { report.Err = err } reports = append(reports, &report) @@ -117,10 +131,10 @@ func createBridge(r *libpod.Runtime, name string, options entities.NetworkCreate // if range is provided, make sure it is "in" network if subnet.IP != nil { // if network is provided, does it conflict with existing CNI or live networks - err = network.ValidateUserNetworkIsAvailable(subnet) + err = network.ValidateUserNetworkIsAvailable(runtimeConfig, subnet) } else { // if no network is provided, figure out network - subnet, err = network.GetFreeNetwork() + subnet, err = network.GetFreeNetwork(runtimeConfig) } if err != nil { return "", err @@ -158,13 +172,13 @@ func createBridge(r *libpod.Runtime, name string, options entities.NetworkCreate return "", errors.Errorf("the ip range %s does not fall within the subnet range %s", options.Range.String(), subnet.String()) } } - bridgeDeviceName, err := network.GetFreeDeviceName() + bridgeDeviceName, err := network.GetFreeDeviceName(runtimeConfig) if err != nil { return "", err } if len(name) > 0 { - netNames, err := network.GetNetworkNamesFromFileSystem() + netNames, err := network.GetNetworkNamesFromFileSystem(runtimeConfig) if err != nil { return "", err } @@ -205,11 +219,7 @@ func createBridge(r *libpod.Runtime, name string, options entities.NetworkCreate if err != nil { return "", err } - cniConfigPath, err := getCNIConfDir(r) - if err != nil { - return "", err - } - cniPathName := filepath.Join(cniConfigPath, fmt.Sprintf("%s.conflist", name)) + cniPathName := filepath.Join(network.GetCNIConfDir(runtimeConfig), fmt.Sprintf("%s.conflist", name)) err = ioutil.WriteFile(cniPathName, b, 0644) return cniPathName, err } @@ -222,12 +232,18 @@ func createMacVLAN(r *libpod.Runtime, name string, options entities.NetworkCreat if err != nil { return "", err } + + config, err := r.GetConfig() + if err != nil { + return "", err + } + // Make sure the host-device exists if !util.StringInSlice(options.MacVLAN, liveNetNames) { return "", errors.Errorf("failed to find network interface %q", options.MacVLAN) } if len(name) > 0 { - netNames, err := network.GetNetworkNamesFromFileSystem() + netNames, err := network.GetNetworkNamesFromFileSystem(config) if err != nil { return "", err } @@ -235,7 +251,7 @@ func createMacVLAN(r *libpod.Runtime, name string, options entities.NetworkCreat return "", errors.Errorf("the network name %s is already used", name) } } else { - name, err = network.GetFreeDeviceName() + name, err = network.GetFreeDeviceName(config) if err != nil { return "", err } @@ -248,11 +264,29 @@ func createMacVLAN(r *libpod.Runtime, name string, options entities.NetworkCreat if err != nil { return "", err } - cniConfigPath, err := getCNIConfDir(r) - if err != nil { - return "", err - } - cniPathName := filepath.Join(cniConfigPath, fmt.Sprintf("%s.conflist", name)) + cniPathName := filepath.Join(network.GetCNIConfDir(config), fmt.Sprintf("%s.conflist", name)) err = ioutil.WriteFile(cniPathName, b, 0644) return cniPathName, err } + +func ifPassesFilterTest(netconf *libcni.NetworkConfigList, filter []string) bool { + result := false + if len(filter) == 0 { + // No filter, so pass + return true + } + switch strings.ToLower(filter[0]) { + case "name": + if filter[1] == netconf.Name { + result = true + } + case "plugin": + plugins := network.GetCNIPlugins(netconf) + if strings.Contains(plugins, filter[1]) { + result = true + } + default: + result = false + } + return result +} diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index d701d65de..af2ec5f7b 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -375,7 +375,7 @@ func sizeOfPath(path string) (int64, error) { return size, err } -func (se *SystemEngine) Reset(ctx context.Context, options entities.SystemResetOptions) error { +func (se *SystemEngine) Reset(ctx context.Context) error { return se.Libpod.Reset(ctx) } diff --git a/pkg/domain/infra/abi/terminal/terminal_linux.go b/pkg/domain/infra/abi/terminal/terminal_linux.go index 15701342f..8d9cdde03 100644 --- a/pkg/domain/infra/abi/terminal/terminal_linux.go +++ b/pkg/domain/infra/abi/terminal/terminal_linux.go @@ -15,13 +15,13 @@ import ( ) // ExecAttachCtr execs and attaches to a container -func ExecAttachCtr(ctx context.Context, ctr *libpod.Container, tty, privileged bool, env map[string]string, cmd []string, user, workDir string, streams *define.AttachStreams, preserveFDs uint, detachKeys string) (int, error) { +func ExecAttachCtr(ctx context.Context, ctr *libpod.Container, execConfig *libpod.ExecConfig, streams *define.AttachStreams) (int, error) { resize := make(chan remotecommand.TerminalSize) haveTerminal := terminal.IsTerminal(int(os.Stdin.Fd())) // Check if we are attached to a terminal. If we are, generate resize // events, and set the terminal to raw mode - if haveTerminal && tty { + if haveTerminal && execConfig.Terminal { cancel, oldTermState, err := handleTerminalAttach(ctx, resize) if err != nil { return -1, err @@ -34,16 +34,6 @@ func ExecAttachCtr(ctx context.Context, ctr *libpod.Container, tty, privileged b }() } - execConfig := new(libpod.ExecConfig) - execConfig.Command = cmd - execConfig.Terminal = tty - execConfig.Privileged = privileged - execConfig.Environment = env - execConfig.User = user - execConfig.WorkDir = workDir - execConfig.DetachKeys = &detachKeys - execConfig.PreserveFDs = preserveFDs - return ctr.Exec(execConfig, streams, resize) } diff --git a/pkg/domain/infra/tunnel/auto-update.go b/pkg/domain/infra/tunnel/auto-update.go index fac033050..5c2dd360d 100644 --- a/pkg/domain/infra/tunnel/auto-update.go +++ b/pkg/domain/infra/tunnel/auto-update.go @@ -7,6 +7,6 @@ import ( "github.com/pkg/errors" ) -func (ic *ContainerEngine) AutoUpdate(ctx context.Context) (*entities.AutoUpdateReport, []error) { +func (ic *ContainerEngine) AutoUpdate(ctx context.Context, options entities.AutoUpdateOptions) (*entities.AutoUpdateReport, []error) { return nil, []error{errors.New("not implemented")} } diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go index 49a3069d6..30c4a8359 100644 --- a/pkg/domain/infra/tunnel/containers.go +++ b/pkg/domain/infra/tunnel/containers.go @@ -4,14 +4,17 @@ import ( "context" "io" "os" + "strings" "github.com/containers/common/pkg/config" "github.com/containers/image/v5/docker/reference" "github.com/containers/libpod/libpod/define" + "github.com/containers/libpod/pkg/bindings" "github.com/containers/libpod/pkg/bindings/containers" "github.com/containers/libpod/pkg/domain/entities" "github.com/containers/libpod/pkg/specgen" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) func (ic *ContainerEngine) ContainerRunlabel(ctx context.Context, label string, image string, args []string, options entities.ContainerRunlabelOptions) error { @@ -84,10 +87,25 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin } for _, c := range ctrs { report := entities.StopReport{Id: c.ID} - report.Err = containers.Stop(ic.ClientCxt, c.ID, &options.Timeout) - // TODO we need to associate errors returned by http with common - // define.errors so that we can equity tests. this will allow output - // to be the same as the native client + if err = containers.Stop(ic.ClientCxt, c.ID, &options.Timeout); err != nil { + // These first two are considered non-fatal under the right conditions + if errors.Cause(err).Error() == define.ErrCtrStopped.Error() { + logrus.Debugf("Container %s is already stopped", c.ID) + reports = append(reports, &report) + continue + } else if options.All && errors.Cause(err).Error() == define.ErrCtrStateInvalid.Error() { + logrus.Debugf("Container %s is not running, could not stop", c.ID) + reports = append(reports, &report) + continue + } + + // TODO we need to associate errors returned by http with common + // define.errors so that we can equity tests. this will allow output + // to be the same as the native client + report.Err = err + reports = append(reports, &report) + continue + } reports = append(reports, &report) } return reports, nil @@ -267,7 +285,7 @@ func (ic *ContainerEngine) ContainerCheckpoint(ctx context.Context, namesOrIds [ } } for _, c := range ctrs { - report, err := containers.Checkpoint(ic.ClientCxt, c.ID, &options.Keep, &options.LeaveRuninng, &options.TCPEstablished, &options.IgnoreRootFS, &options.Export) + report, err := containers.Checkpoint(ic.ClientCxt, c.ID, &options.Keep, &options.LeaveRunning, &options.TCPEstablished, &options.IgnoreRootFS, &options.Export) if err != nil { reports = append(reports, &entities.CheckpointReport{Id: c.ID, Err: err}) } @@ -324,15 +342,59 @@ func (ic *ContainerEngine) ContainerLogs(ctx context.Context, containers []strin } func (ic *ContainerEngine) ContainerAttach(ctx context.Context, nameOrId string, options entities.AttachOptions) error { - return errors.New("not implemented") + return containers.Attach(ic.ClientCxt, nameOrId, &options.DetachKeys, nil, bindings.PTrue, options.Stdin, options.Stdout, options.Stderr, nil) } -func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrId string, options entities.ExecOptions) (int, error) { +func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrId string, options entities.ExecOptions, streams define.AttachStreams) (int, error) { return 125, errors.New("not implemented") } +func (ic *ContainerEngine) ContainerExecDetached(ctx context.Context, nameOrID string, options entities.ExecOptions) (string, error) { + return "", errors.New("not implemented") +} + +func startAndAttach(ic *ContainerEngine, name string, detachKeys *string, input, output, errput *os.File) error { //nolint + attachErr := make(chan error) + attachReady := make(chan bool) + go func() { + err := containers.Attach(ic.ClientCxt, name, detachKeys, bindings.PFalse, bindings.PTrue, input, output, errput, attachReady) + attachErr <- err + }() + // Wait for the attach to actually happen before starting + // the container. + <-attachReady + if err := containers.Start(ic.ClientCxt, name, detachKeys); err != nil { + return err + } + return <-attachErr +} + func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []string, options entities.ContainerStartOptions) ([]*entities.ContainerStartReport, error) { - return nil, errors.New("not implemented") + var reports []*entities.ContainerStartReport + for _, name := range namesOrIds { + report := entities.ContainerStartReport{ + Id: name, + RawInput: name, + ExitCode: 125, + } + if options.Attach { + report.Err = startAndAttach(ic, name, &options.DetachKeys, options.Stdin, options.Stdout, options.Stderr) + if report.Err == nil { + exitCode, err := containers.Wait(ic.ClientCxt, name, nil) + if err == nil { + report.ExitCode = int(exitCode) + } + } else { + report.ExitCode = define.ExitCode(report.Err) + } + reports = append(reports, &report) + return reports, nil + } + report.Err = containers.Start(ic.ClientCxt, name, &options.DetachKeys) + report.ExitCode = define.ExitCode(report.Err) + reports = append(reports, &report) + } + return reports, nil } func (ic *ContainerEngine) ContainerList(ctx context.Context, options entities.ContainerListOptions) ([]entities.ListContainer, error) { @@ -340,7 +402,30 @@ func (ic *ContainerEngine) ContainerList(ctx context.Context, options entities.C } func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) { - return nil, errors.New("not implemented") + if opts.Rm { + logrus.Info("the remote client does not support --rm yet") + } + con, err := containers.CreateWithSpec(ic.ClientCxt, opts.Spec) + if err != nil { + return nil, err + } + report := entities.ContainerRunReport{Id: con.ID} + // Attach + if !opts.Detach { + err = startAndAttach(ic, con.ID, &opts.DetachKeys, opts.InputStream, opts.OutputStream, opts.ErrorStream) + if err == nil { + exitCode, err := containers.Wait(ic.ClientCxt, con.ID, nil) + if err == nil { + report.ExitCode = int(exitCode) + } + } + } else { + err = containers.Start(ic.ClientCxt, con.ID, nil) + } + if err != nil { + report.ExitCode = define.ExitCode(err) + } + return &report, err } func (ic *ContainerEngine) ContainerDiff(ctx context.Context, nameOrId string, _ entities.DiffOptions) (*entities.DiffReport, error) { @@ -360,6 +445,11 @@ func (ic *ContainerEngine) ContainerInit(ctx context.Context, namesOrIds []strin } for _, ctr := range ctrs { err := containers.ContainerInit(ic.ClientCxt, ctr.ID) + // When using all, it is NOT considered an error if a container + // has already been init'd. + if err != nil && options.All && strings.Contains(errors.Cause(err).Error(), define.ErrCtrStateInvalid.Error()) { + err = nil + } reports = append(reports, &entities.ContainerInitReport{ Err: err, Id: ctr.ID, @@ -381,7 +471,29 @@ func (ic *ContainerEngine) Config(_ context.Context) (*config.Config, error) { } func (ic *ContainerEngine) ContainerPort(ctx context.Context, nameOrId string, options entities.ContainerPortOptions) ([]*entities.ContainerPortReport, error) { - return nil, errors.New("not implemented") + var ( + reports []*entities.ContainerPortReport + namesOrIds []string + ) + if len(nameOrId) > 0 { + namesOrIds = append(namesOrIds, nameOrId) + } + ctrs, err := getContainersByContext(ic.ClientCxt, options.All, namesOrIds) + if err != nil { + return nil, err + } + for _, con := range ctrs { + if con.State != define.ContainerStateRunning.String() { + continue + } + if len(con.Ports) > 0 { + reports = append(reports, &entities.ContainerPortReport{ + Id: con.ID, + Ports: con.Ports, + }) + } + } + return reports, nil } func (ic *ContainerEngine) ContainerCp(ctx context.Context, source, dest string, options entities.ContainerCpOptions) (*entities.ContainerCpReport, error) { diff --git a/pkg/domain/infra/tunnel/helpers.go b/pkg/domain/infra/tunnel/helpers.go index 682d60d6a..862c7a5d6 100644 --- a/pkg/domain/infra/tunnel/helpers.go +++ b/pkg/domain/infra/tunnel/helpers.go @@ -20,7 +20,7 @@ func getContainersByContext(contextWithConnection context.Context, all bool, nam if all && len(namesOrIds) > 0 { return nil, errors.New("cannot lookup containers and all") } - c, err := containers.List(contextWithConnection, nil, &bindings.PTrue, nil, nil, nil, &bindings.PTrue) + c, err := containers.List(contextWithConnection, nil, bindings.PTrue, nil, nil, nil, bindings.PTrue) if err != nil { return nil, err } @@ -37,7 +37,7 @@ func getContainersByContext(contextWithConnection context.Context, all bool, nam } } if !found { - return nil, errors.Errorf("unable to find container %q", id) + return nil, errors.Wrapf(define.ErrNoSuchCtr, "unable to find container %q", id) } } return cons, nil diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go index 00893194c..3d5626c45 100644 --- a/pkg/domain/infra/tunnel/images.go +++ b/pkg/domain/infra/tunnel/images.go @@ -4,6 +4,7 @@ import ( "context" "io/ioutil" "os" + "strings" "github.com/containers/common/pkg/config" "github.com/containers/image/v5/docker/reference" @@ -25,8 +26,13 @@ func (ir *ImageEngine) Remove(ctx context.Context, imagesArg []string, opts enti } func (ir *ImageEngine) List(ctx context.Context, opts entities.ImageListOptions) ([]*entities.ImageSummary, error) { - images, err := images.List(ir.ClientCxt, &opts.All, opts.Filters) + filters := make(map[string][]string, len(opts.Filter)) + for _, filter := range opts.Filter { + f := strings.Split(filter, "=") + filters[f[0]] = f[1:] + } + images, err := images.List(ir.ClientCxt, &opts.All, filters) if err != nil { return nil, err } @@ -61,7 +67,13 @@ func (ir *ImageEngine) History(ctx context.Context, nameOrId string, opts entiti } func (ir *ImageEngine) Prune(ctx context.Context, opts entities.ImagePruneOptions) (*entities.ImagePruneReport, error) { - results, err := images.Prune(ir.ClientCxt, &opts.All, opts.Filters) + filters := make(map[string][]string, len(opts.Filter)) + for _, filter := range opts.Filter { + f := strings.Split(filter, "=") + filters[f[0]] = f[1:] + } + + results, err := images.Prune(ir.ClientCxt, &opts.All, filters) if err != nil { return nil, err } @@ -112,7 +124,7 @@ func (ir *ImageEngine) Tag(ctx context.Context, nameOrId string, tags []string, func (ir *ImageEngine) Untag(ctx context.Context, nameOrId string, tags []string, options entities.ImageUntagOptions) error { // Remove all tags if none are provided if len(tags) == 0 { - newImage, err := images.GetImage(ir.ClientCxt, nameOrId, &bindings.PFalse) + newImage, err := images.GetImage(ir.ClientCxt, nameOrId, bindings.PFalse) if err != nil { return err } @@ -190,7 +202,6 @@ func (ir *ImageEngine) Save(ctx context.Context, nameOrId string, tags []string, f *os.File err error ) - switch options.Format { case "oci-dir", "docker-dir": f, err = ioutil.TempFile("", "podman_save") @@ -258,9 +269,13 @@ func (ir *ImageEngine) Build(ctx context.Context, containerFiles []string, opts } func (ir *ImageEngine) Tree(ctx context.Context, nameOrId string, opts entities.ImageTreeOptions) (*entities.ImageTreeReport, error) { - return nil, errors.New("not implemented yet") + return images.Tree(ir.ClientCxt, nameOrId, &opts.WhatRequires) } // Shutdown Libpod engine func (ir *ImageEngine) Shutdown(_ context.Context) { } + +func (ir *ImageEngine) Sign(ctx context.Context, names []string, options entities.SignOptions) (*entities.SignReport, error) { + return nil, errors.New("not implemented yet") +} diff --git a/pkg/domain/infra/tunnel/manifest.go b/pkg/domain/infra/tunnel/manifest.go index 9c1f5349a..beac378fe 100644 --- a/pkg/domain/infra/tunnel/manifest.go +++ b/pkg/domain/infra/tunnel/manifest.go @@ -57,46 +57,21 @@ func (ir *ImageEngine) ManifestAdd(ctx context.Context, opts entities.ManifestAd } manifestAddOpts.Annotation = annotations } - listID, err := manifests.Add(ctx, opts.Images[1], manifestAddOpts) + listID, err := manifests.Add(ir.ClientCxt, opts.Images[1], manifestAddOpts) if err != nil { return listID, errors.Wrapf(err, "error adding to manifest list %s", opts.Images[1]) } return listID, nil } -// FIXME There is no endpoint for annotate and therefor this code is currently invalid // ManifestAnnotate updates an entry of the manifest list func (ir *ImageEngine) ManifestAnnotate(ctx context.Context, names []string, opts entities.ManifestAnnotateOptions) (string, error) { return "", errors.New("not implemented") - // manifestAnnotateOpts := image.ManifestAnnotateOpts{ - // Arch: opts.Arch, - // Features: opts.Features, - // OS: opts.OS, - // OSFeatures: opts.OSFeatures, - // OSVersion: opts.OSVersion, - // Variant: opts.Variant, - // } - // if len(opts.Annotation) > 0 { - // annotations := make(map[string]string) - // for _, annotationSpec := range opts.Annotation { - // spec := strings.SplitN(annotationSpec, "=", 2) - // if len(spec) != 2 { - // return "", errors.Errorf("no value given for annotation %q", spec[0]) - // } - // annotations[spec[0]] = spec[1] - // } - // manifestAnnotateOpts.Annotation = annotations - // } - // updatedListID, err := manifests.Annotate(ctx, names[0], names[1], manifestAnnotateOpts) - // if err != nil { - // return updatedListID, errors.Wrapf(err, "error annotating %s of manifest list %s", names[1], names[0]) - // } - // return fmt.Sprintf("%s :%s", updatedListID, names[1]), nil } // ManifestRemove removes the digest from manifest list func (ir *ImageEngine) ManifestRemove(ctx context.Context, names []string) (string, error) { - updatedListID, err := manifests.Remove(ctx, names[0], names[1]) + updatedListID, err := manifests.Remove(ir.ClientCxt, names[0], names[1]) if err != nil { return updatedListID, errors.Wrapf(err, "error removing from manifest %s", names[0]) } @@ -105,6 +80,6 @@ func (ir *ImageEngine) ManifestRemove(ctx context.Context, names []string) (stri // ManifestPush pushes a manifest list or image index to the destination func (ir *ImageEngine) ManifestPush(ctx context.Context, names []string, opts entities.ManifestPushOptions) error { - _, err := manifests.Push(ctx, names[0], &names[1], &opts.All) + _, err := manifests.Push(ir.ClientCxt, names[0], &names[1], &opts.All) return err } diff --git a/pkg/domain/infra/tunnel/network.go b/pkg/domain/infra/tunnel/network.go index 4ff72dcfc..7725d8257 100644 --- a/pkg/domain/infra/tunnel/network.go +++ b/pkg/domain/infra/tunnel/network.go @@ -2,22 +2,39 @@ package tunnel import ( "context" - "errors" + "github.com/containers/libpod/pkg/bindings/network" "github.com/containers/libpod/pkg/domain/entities" ) func (ic *ContainerEngine) NetworkList(ctx context.Context, options entities.NetworkListOptions) ([]*entities.NetworkListReport, error) { - return nil, errors.New("not implemented") + return network.List(ic.ClientCxt) } func (ic *ContainerEngine) NetworkInspect(ctx context.Context, namesOrIds []string, options entities.NetworkInspectOptions) ([]entities.NetworkInspectReport, error) { - return nil, errors.New("not implemented") + var reports []entities.NetworkInspectReport + for _, name := range namesOrIds { + report, err := network.Inspect(ic.ClientCxt, name) + if err != nil { + return nil, err + } + reports = append(reports, report...) + } + return reports, nil } + func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, options entities.NetworkRmOptions) ([]*entities.NetworkRmReport, error) { - return nil, errors.New("not implemented") + var reports []*entities.NetworkRmReport + for _, name := range namesOrIds { + report, err := network.Remove(ic.ClientCxt, name, &options.Force) + if err != nil { + report[0].Err = err + } + reports = append(reports, report...) + } + return reports, nil } func (ic *ContainerEngine) NetworkCreate(ctx context.Context, name string, options entities.NetworkCreateOptions) (*entities.NetworkCreateReport, error) { - return nil, errors.New("not implemented") + return network.Create(ic.ClientCxt, options, &name) } diff --git a/pkg/domain/infra/tunnel/runtime.go b/pkg/domain/infra/tunnel/runtime.go index c111f99e9..357e2c390 100644 --- a/pkg/domain/infra/tunnel/runtime.go +++ b/pkg/domain/infra/tunnel/runtime.go @@ -13,3 +13,8 @@ type ImageEngine struct { type ContainerEngine struct { ClientCxt context.Context } + +// Container-related runtime using an ssh-tunnel to utilize Podman service +type SystemEngine struct { + ClientCxt context.Context +} diff --git a/pkg/domain/infra/tunnel/system.go b/pkg/domain/infra/tunnel/system.go index dafada805..829af31f6 100644 --- a/pkg/domain/infra/tunnel/system.go +++ b/pkg/domain/infra/tunnel/system.go @@ -27,8 +27,13 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys return system.Prune(ic.ClientCxt, &options.All, &options.Volume) } +// Reset removes all storage +func (ic *SystemEngine) Reset(ctx context.Context) error { + return system.Reset(ic.ClientCxt) +} + func (ic *ContainerEngine) SystemDf(ctx context.Context, options entities.SystemDfOptions) (*entities.SystemDfReport, error) { - panic(errors.New("system df is not supported on remote clients")) + return system.DiskUsage(ic.ClientCxt) } func (ic *ContainerEngine) Unshare(ctx context.Context, args []string) error { diff --git a/pkg/network/devices.go b/pkg/network/devices.go index 78e1a5aa5..8eac32142 100644 --- a/pkg/network/devices.go +++ b/pkg/network/devices.go @@ -4,6 +4,7 @@ import ( "fmt" "os/exec" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/pkg/util" "github.com/containers/libpod/utils" "github.com/sirupsen/logrus" @@ -11,12 +12,12 @@ import ( // GetFreeDeviceName returns a device name that is unused; used when no network // name is provided by user -func GetFreeDeviceName() (string, error) { +func GetFreeDeviceName(config *config.Config) (string, error) { var ( deviceNum uint deviceName string ) - networkNames, err := GetNetworkNamesFromFileSystem() + networkNames, err := GetNetworkNamesFromFileSystem(config) if err != nil { return "", err } @@ -24,7 +25,7 @@ func GetFreeDeviceName() (string, error) { if err != nil { return "", err } - bridgeNames, err := GetBridgeNamesFromFileSystem() + bridgeNames, err := GetBridgeNamesFromFileSystem(config) if err != nil { return "", err } diff --git a/pkg/network/files.go b/pkg/network/files.go index 116189c43..81c0e1a28 100644 --- a/pkg/network/files.go +++ b/pkg/network/files.go @@ -9,9 +9,17 @@ import ( "github.com/containernetworking/cni/libcni" "github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator" + "github.com/containers/common/pkg/config" "github.com/pkg/errors" ) +func GetCNIConfDir(config *config.Config) string { + if len(config.Network.NetworkConfigDir) < 1 { + return CNIConfigDir + } + return config.Network.NetworkConfigDir +} + // LoadCNIConfsFromDir loads all the CNI configurations from a dir func LoadCNIConfsFromDir(dir string) ([]*libcni.NetworkConfigList, error) { var configs []*libcni.NetworkConfigList @@ -33,8 +41,8 @@ func LoadCNIConfsFromDir(dir string) ([]*libcni.NetworkConfigList, error) { // GetCNIConfigPathByName finds a CNI network by name and // returns its configuration file path -func GetCNIConfigPathByName(name string) (string, error) { - files, err := libcni.ConfFiles(CNIConfigDir, []string{".conflist"}) +func GetCNIConfigPathByName(config *config.Config, name string) (string, error) { + files, err := libcni.ConfFiles(GetCNIConfDir(config), []string{".conflist"}) if err != nil { return "", err } @@ -52,8 +60,8 @@ func GetCNIConfigPathByName(name string) (string, error) { // ReadRawCNIConfByName reads the raw CNI configuration for a CNI // network by name -func ReadRawCNIConfByName(name string) ([]byte, error) { - confFile, err := GetCNIConfigPathByName(name) +func ReadRawCNIConfByName(config *config.Config, name string) ([]byte, error) { + confFile, err := GetCNIConfigPathByName(config, name) if err != nil { return nil, err } @@ -73,9 +81,10 @@ func GetCNIPlugins(list *libcni.NetworkConfigList) string { // GetNetworksFromFilesystem gets all the networks from the cni configuration // files -func GetNetworksFromFilesystem() ([]*allocator.Net, error) { +func GetNetworksFromFilesystem(config *config.Config) ([]*allocator.Net, error) { var cniNetworks []*allocator.Net - networks, err := LoadCNIConfsFromDir(CNIConfigDir) + + networks, err := LoadCNIConfsFromDir(GetCNIConfDir(config)) if err != nil { return nil, err } @@ -96,9 +105,10 @@ func GetNetworksFromFilesystem() ([]*allocator.Net, error) { // GetNetworkNamesFromFileSystem gets all the names from the cni network // configuration files -func GetNetworkNamesFromFileSystem() ([]string, error) { +func GetNetworkNamesFromFileSystem(config *config.Config) ([]string, error) { var networkNames []string - networks, err := LoadCNIConfsFromDir(CNIConfigDir) + + networks, err := LoadCNIConfsFromDir(GetCNIConfDir(config)) if err != nil { return nil, err } @@ -133,9 +143,10 @@ func GetInterfaceNameFromConfig(path string) (string, error) { // GetBridgeNamesFromFileSystem is a convenience function to get all the bridge // names from the configured networks -func GetBridgeNamesFromFileSystem() ([]string, error) { +func GetBridgeNamesFromFileSystem(config *config.Config) ([]string, error) { var bridgeNames []string - networks, err := LoadCNIConfsFromDir(CNIConfigDir) + + networks, err := LoadCNIConfsFromDir(GetCNIConfDir(config)) if err != nil { return nil, err } diff --git a/pkg/network/network.go b/pkg/network/network.go index bb6f13579..5e9062019 100644 --- a/pkg/network/network.go +++ b/pkg/network/network.go @@ -7,6 +7,7 @@ import ( "github.com/containernetworking/cni/pkg/types" "github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -56,8 +57,8 @@ func GetLiveNetworkNames() ([]string, error) { // GetFreeNetwork looks for a free network according to existing cni configuration // files and network interfaces. -func GetFreeNetwork() (*net.IPNet, error) { - networks, err := GetNetworksFromFilesystem() +func GetFreeNetwork(config *config.Config) (*net.IPNet, error) { + networks, err := GetNetworksFromFilesystem(config) if err != nil { return nil, err } @@ -131,8 +132,8 @@ func networkIntersect(n1, n2 *net.IPNet) bool { // ValidateUserNetworkIsAvailable returns via an error if a network is available // to be used -func ValidateUserNetworkIsAvailable(userNet *net.IPNet) error { - networks, err := GetNetworksFromFilesystem() +func ValidateUserNetworkIsAvailable(config *config.Config, userNet *net.IPNet) error { + networks, err := GetNetworksFromFilesystem(config) if err != nil { return err } @@ -153,8 +154,8 @@ func ValidateUserNetworkIsAvailable(userNet *net.IPNet) error { // RemoveNetwork removes a given network by name. If the network has container associated with it, that // must be handled outside the context of this. -func RemoveNetwork(name string) error { - cniPath, err := GetCNIConfigPathByName(name) +func RemoveNetwork(config *config.Config, name string) error { + cniPath, err := GetCNIConfigPathByName(config, name) if err != nil { return err } @@ -181,8 +182,8 @@ func RemoveNetwork(name string) error { } // InspectNetwork reads a CNI config and returns its configuration -func InspectNetwork(name string) (map[string]interface{}, error) { - b, err := ReadRawCNIConfByName(name) +func InspectNetwork(config *config.Config, name string) (map[string]interface{}, error) { + b, err := ReadRawCNIConfByName(config, name) if err != nil { return nil, err } diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index f3aaf96bf..ffd7fd4dd 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -111,7 +111,8 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener if err != nil { return nil, err } - options = append(options, createExitCommandOption(s, rt.StorageConfig(), rtc, podmanPath)) + // TODO: Enable syslog support - we'll need to put this in SpecGen. + options = append(options, libpod.WithExitCommand(CreateExitCommandArgs(rt.StorageConfig(), rtc, podmanPath, false, s.Remove, false))) runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts) if err != nil { @@ -228,7 +229,7 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. return options, nil } -func createExitCommandOption(s *specgen.SpecGenerator, storageConfig storage.StoreOptions, config *config.Config, podmanPath string) libpod.CtrCreateOption { +func CreateExitCommandArgs(storageConfig storage.StoreOptions, config *config.Config, podmanPath string, syslog, rm bool, exec bool) []string { // We need a cleanup process for containers in the current model. // But we can't assume that the caller is Podman - it could be another // user of the API. @@ -255,14 +256,18 @@ func createExitCommandOption(s *specgen.SpecGenerator, storageConfig storage.Sto command = append(command, []string{"--events-backend", config.Engine.EventsLogger}...) } - // TODO Mheon wants to leave this for now - //if s.sys { - // command = append(command, "--syslog", "true") - //} + if syslog { + command = append(command, "--syslog", "true") + } command = append(command, []string{"container", "cleanup"}...) - if s.Remove { + if rm { command = append(command, "--rm") } - return libpod.WithExitCommand(command) + + if exec { + command = append(command, "--exec") + } + + return command } diff --git a/pkg/specgen/namespaces.go b/pkg/specgen/namespaces.go index 11dee1986..da1f8e8fc 100644 --- a/pkg/specgen/namespaces.go +++ b/pkg/specgen/namespaces.go @@ -40,6 +40,9 @@ const ( KeepID NamespaceMode = "keep-id" // KeepId indicates to automatically create a user namespace Auto NamespaceMode = "auto" + // DefaultKernelNamespaces is a comma-separated list of default kernel + // namespaces. + DefaultKernelNamespaces = "cgroup,ipc,net,uts" ) // Namespace describes the namespace diff --git a/pkg/util/mountOpts_linux.go b/pkg/util/mountOpts_linux.go index 3eac4dd25..bc7c675f3 100644 --- a/pkg/util/mountOpts_linux.go +++ b/pkg/util/mountOpts_linux.go @@ -7,7 +7,7 @@ import ( ) func getDefaultMountOptions(path string) (defaultMountOptions, error) { - opts := defaultMountOptions{true, true, true} + opts := defaultMountOptions{false, true, true} if path == "" { return opts, nil } diff --git a/pkg/varlinkapi/containers.go b/pkg/varlinkapi/containers.go index 258cb8652..291353cad 100644 --- a/pkg/varlinkapi/containers.go +++ b/pkg/varlinkapi/containers.go @@ -901,12 +901,12 @@ func (i *VarlinkAPI) ExecContainer(call iopodman.VarlinkCall, opts iopodman.Exec // HealthCheckRun executes defined container's healthcheck command and returns the container's health status. func (i *VarlinkAPI) HealthCheckRun(call iopodman.VarlinkCall, nameOrID string) error { hcStatus, err := i.Runtime.HealthCheck(nameOrID) - if err != nil && hcStatus != libpod.HealthCheckFailure { + if err != nil && hcStatus != define.HealthCheckFailure { return call.ReplyErrorOccurred(err.Error()) } - status := libpod.HealthCheckUnhealthy - if hcStatus == libpod.HealthCheckSuccess { - status = libpod.HealthCheckHealthy + status := define.HealthCheckUnhealthy + if hcStatus == define.HealthCheckSuccess { + status = define.HealthCheckHealthy } return call.ReplyHealthCheckRun(status) } diff --git a/pkg/varlinkapi/system.go b/pkg/varlinkapi/system.go index 82efe9b5d..308f02274 100644 --- a/pkg/varlinkapi/system.go +++ b/pkg/varlinkapi/system.go @@ -28,7 +28,7 @@ func (i *VarlinkAPI) GetVersion(call iopodman.VarlinkCall) error { versionInfo.GitCommit, time.Unix(versionInfo.Built, 0).Format(time.RFC3339), versionInfo.OsArch, - versionInfo.RemoteAPIVersion, + versionInfo.APIVersion, ) } diff --git a/pkg/varlinkapi/transfers.go b/pkg/varlinkapi/transfers.go index 9df8ffcdc..aed6e054d 100644 --- a/pkg/varlinkapi/transfers.go +++ b/pkg/varlinkapi/transfers.go @@ -39,7 +39,7 @@ func (i *VarlinkAPI) SendFile(call iopodman.VarlinkCall, ftype string, length in logrus.Debugf("successfully received %s", outputFile.Name()) // Send an ACK to the client - call.Call.Writer.WriteString(outputFile.Name()) + call.Call.Writer.WriteString(outputFile.Name() + ":") call.Call.Writer.Flush() return nil |