summaryrefslogtreecommitdiff
path: root/cmd/podman/images/scp.go
Commit message (Collapse)AuthorAge
* podman ssh work, using new c/common interfaceCharlie Doern2022-08-09
| | | | | | | | | | | | | | | | | | | implement new ssh interface into podman this completely redesigns the entire functionality of podman image scp, podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh have been moved to common as have native ssh/scp execs and the new usage of the sftp package. this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default. Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production. The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used. podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls. My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* podman image scp remote support & podman image scp taggingcdoern2022-06-28
| | | | | | | | | | | | | | | | | | | add support for podman-remote image scp as well as direct access via the API. This entailed a full rework of the layering of image scp functions as well as the usual API plugging and type creation also, implemented podman image scp tagging. which makes the syntax much more readable and allows users t tag the new image they are loading to the local/remote machine: allow users to pass a "new name" for the image they are transferring `podman tag` as implemented creates a new image im `image list` when tagging, so this does the same meaning that when transferring images with tags, podman on the remote machine/user will load two images ex: `podman image scp computer1::alpine computer2::foobar` creates alpine:latest and localhost/foobar on the remote host implementing tags means removal of the flexible syntax. In the currently released podman image scp, the user can either specify `podman image scp source::img dest::` or `podman image scp dest:: source::img`. However, with tags this task becomes really hard to check which is the image (src) and which is the new tag (dst). Removal of that streamlines the arg parsing process Signed-off-by: Charlie Doern <cdoern@redhat.com>
* enable gocritic linterPaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | | | | | | | The linter ensures a common code style. - use switch/case instead of else if - use if instead of switch/case for single case statement - add space between comment and text - detect the use of defer with os.Exit() - use short form var += "..." instead of var = var + "..." - detect problems with append() ``` newSlice := append(orgSlice, val) ``` This could lead to nasty bugs because the orgSlice will be changed in place if it has enough capacity too hold the new elements. Thus we newSlice might not be a copy. Of course most of the changes are just cosmetic and do not cause any logic errors but I think it is a good idea to enforce a common style. This should help maintainability. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Remove error stutterDaniel J Walsh2022-03-25
| | | | | | | | | | | | | | | | | When podman gets an error it prints out "Error: " before printing the error string. If the error message starts with error, we end up with Error: error ... This PR Removes all of these stutters. logrus.Error() also prints out that this is an error, so no need for the error stutter. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix a number of errcheck issuesValentin Rothberg2022-03-22
| | | | | | Numerous issues remain, especially in tests/e2e. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* linter: enable nilerrValentin Rothberg2022-03-22
| | | | | | | A number of cases looked suspicious, so I marked them with `FIXME`s to leave some breadcrumbs. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* linter: enable wastedassignValentin Rothberg2022-03-22
| | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #13047 from cdoern/scpSyntaxOpenShift Merge Robot2022-02-03
|\ | | | | podman image scp syntax correction
| * podman image scp syntax correctioncdoern2022-01-27
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] image scp was reading the localhost syntax too loosely causing some errors with domains or hosts containing the word localhost. Fixed that and added a few lines to make sure the pure localhost connections do not touch sshd resolves #13021 Signed-off-by: cdoern <cdoern@redhat.com>
* | switch podman image scp from depending on machinectl to just os/execcdoern2022-01-26
|/ | | | | | | | | machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM, and use the given UID and GID to execute the command properly. machinectl is still used to create a user session. Ubuntu support is limited by this. Signed-off-by: cdoern <cdoern@redhat.com>
* bump go module to version 4Valentin Rothberg2022-01-18
| | | | | | | | | | | | | Automated for .go files via gomove [1]: `gomove github.com/containers/podman/v3 github.com/containers/podman/v4` Remaining files via vgrep [2]: `vgrep github.com/containers/podman/v3` [1] https://github.com/KSubedi/gomove [2] https://github.com/vrothberg/vgrep Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman image scp: implement --quietEd Santiago2022-01-12
| | | | | | | | | | | | | | | | Relay --quiet to save & load commands, in both Rootless and Rootful transfer functions. Also, a little cleanup: - remove unuseful SOURCE/DEST printfs - refactor duplication in execMachine() - fix Debug("Executing") statements to include the actual command they're executing [NO NEW TESTS NEEDED] : Tests are being slowly implemented in #12797 Signed-off-by: Charlie Doern <cdoern@redhat.com> Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman image scp never enter podman user NScdoern2021-12-23
| | | | | | | | | | | Podman image scp should never enter the Podman UserNS unless it needs to. This allows for a sudo exec.Command to transfer images to and from rootful storage. If this command is run using sudo, the simple sudo podman save/load does not work, machinectl/su is necessary here. This modification allows for both rootful and rootless transfers, and an overall change of scp to be more of a wrapper function for different load and save calls as well as the ssh component Signed-off-by: cdoern <cdoern@redhat.com>
* Merge pull request #12224 from cdoern/scpOpenShift Merge Robot2021-11-12
|\ | | | | Podman Image SCP transfer patch
| * Podman Image SCP transfer patchcdoern2021-11-11
| | | | | | | | | | | | | | | | | | | | Fixed syntax so that podman image scp transfer works with no user specified. This command can only be executed as root so to obtain the default user, I searched for the SUDO_USER environmental variable. If that is not found, we error out and inform the user to set this variable and make sure they are running as root Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | test connection addJhon Honce2021-11-08
|/ | | | | | | | | | * Fix connection JSON encoding * Add custom ginkgo matchers for connection testing * Cleanup code Fixes #11984 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Podman Image SCP rootful to rootless transfercdoern2021-11-05
| | | | | | | | | | | Added functionality for users to transfer images from root storage to rootless storage without using sshd. This is done through rootful podman by running `sudo podman image scp root@localhost::image user@localhost:: the user is needed in order to find and use their uid/gid to exec a new process. added necessary tests, and functions for this implementation. Created new image function Transfer so that the underlying code is majorly removed from CLI Signed-off-by: cdoern <cdoern@redhat.com>
* Fix some typos in documentation and comments (found by codespell)Stefan Weil2021-10-25
| | | | Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Added autocompletion for images and system connectionscdoern2021-08-09
| | | | | | | [NO TESTS NEEDED] image scp should autocomplete images and system connections since the args can be either. Made a new function, common.AutocompleteScp Signed-off-by: cdoern <cdoern@redhat.com>
* image scp: fix typo in outputValentin Rothberg2021-08-03
| | | | | | | | s/Loaded images(s)/Loaded image(s)/ [NO TESTS NEEDED] (I think we should test the output at some point) Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Created scp.go image_scp_test.go and podman-image-scp.1.mdcdoern2021-07-30
added functionality for image secure copying from local to remote. Also moved system connection add code around a bit so functions within that file can be used by scp. Signed-off-by: cdoern <cdoern@redhat.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-07 22:45:03 +0000