| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
Mark hidden all references to signature-policy
Default all uses of --authfile
Add --authfile support to podman run and podman create.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Supporting the all-tags semantics added some non-trivial code to the
pull command which does not make use of `registries.conf` and introduced
some regressions such as not adhering to the configured search registries.
Speacial case the all-tags flags to let existing users of all-tags
continue working while others can work again. This implies that the
all-tags pull does not adhere to configured search registries while the
default (non-all-tags) pull does.
Note that this is a purely symptomaic fix. A final solution should
include Buildah and the c/image library to avoid redundant and
error-prone code across the projects.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1701922
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
In cases where the remote client culls options to a command, we need to
be sure that the lookup for that flag does not result in a nil pointer.
To do so, we add a Remote attribute to the podman struct and then cli
helper funcs are now aware they are remote.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
Closes: https://github.com/containers/libpod/issues/2785
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
we were printing something like:
(0x1840f00,0xc00041bba0)
Closes: https://github.com/containers/libpod/issues/2710
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The remote client should not honor most of the local podman "global"
options. Many of them are only applicable to where the podman backend
is actually running.
Also, removing some options for push and pull that also are not
applicable to the remote client environment.
Additionally, take some of the code from main and pop it into functions
that can be called whether local or not. This helps the remote client
and darwin builds.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
Remove references to image2 in source code. Makes the code
slightly more readable.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently in rootless containers, we end up not using the blob cache.
We also don't store the blob cache based on the users specified graph
storage. This change will cause the cache directory to be stored with
the rest of the containe images.
While doing this patch, I found that we had duplicated GetSystemContext in
two places in libpod. I cleaned this up.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove hardcoded '(default: true)' strings from bool flags,
and '(default this-or-that)' from string flags.
First because it's unmaintainable duplication that would cause
confusion should someone ever change the default and not notice
the message.
Second, because cobra[1] already prints '(default XXXX)' for
all options with non-false non-nil default. So in each of
these cases, current podman help behavior is:
$ podman login --help
...
--tls-verify Require HTTPS ... (default: true) (default true)
This PR eliminates that duplication.
[1] actually spf13/pflag/flag.go
The only nontrivial one of these is start.go, where the default
for sigProxy depends on the --attach flag. Solution: change
the command-line default to false, and implement the new
conditional default in logic. Bonus: removed unnecessary
check, because now if sigProxy is set without --attach,
we can guarantee that it was done by the user. But please
pay close scrutiny to this particular section in case
there's something I missed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
| |
Cleanup lots of help information to look good when displayed.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
| |
Conceptually simple: include, where applicable, a brief
description of command-line options for each subcommand.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
| |
enable pod start, stop, and kill subcommands for the remote-client.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
Several commands were logging errors but exiting with a 0
exit code. This patch cleans these up.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
| |
Drop context.Context field from cli.Context
Signed-off-by: Sebastian Jug <sejug@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Adds the third chunk of Cobra examples to the cli help.
As were putting together a release tomorrow, tried to
hit the heavy commands with this PR.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\
| |
| | |
Add --all-tags to pull command
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Add --all-tags for the `podman pull` command so all tags
of an image will be pulled, not just ':latest'. Emulates
the change in Buildah https://github.com/containers/buildah/pull/1263
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Subcommands should not be showing the global flags. This causes the important
information to scroll off the screen.
Also fixed a typo on runCommmand (Too many 'm's)
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
| |
In the previous CLI, we had an accurate depiction of commands
available for the remote client and those available for the
local client.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
| |
We intend to migrate to the cobra cli from urfave/cli because the
project is more well maintained. There are also some technical reasons
as well which extend into our remote client work.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
We have no consistancy in out option usages and descritions
on whether or not the first letter should be capatalized.
This patch forces them all to be capatilized.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The toolbox project would benefit from a few changes to more closely
resembe the original atomic cli project. Changes made are:
* only pull image for container runlabel if the label exists in the image
* if a container image does not have the desired label, exit with non-zero
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
We clean up the code by eliminating stuttering references when we embed
the runtime struct into localRuntime. Makes for less change in the future
as well.
++ jhonce
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add the ability to run the integration (ginkgo) suite using
the remote client.
Only the images_test.go file is run right now; all the rest are
isolated with a // +build !remotelinux. As more content is
developed for the remote client, we can unblock the files and
just block single tests as needed.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
DockerRegistryOptions.DockerInsecureSkipTLSVerify as an types.OptionalBool
can now represent that value, so forceSecure is redundant.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following SystemContext.DockerInsecureSkipTLSVerify, make the
DockerRegistryOne also an OptionalBool, and update callers.
Explicitly document that --tls-verify=true and --tls-verify unset
have different behavior in those commands where the behavior changed
(or where it hasn't changed but the documentation needed updating).
Also make the --tls-verify man page sections a tiny bit more consistent
throughout.
This is a minimal fix, without changing the existing "--tls-verify=true"
paths nor existing manual insecure registry lookups.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
| |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
|
|
| |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't print potentially verbose help messages in case of usage errors,
but print only the usage error followed by a pointer to the command's
help. This aligns with Docker.
```
$ podman run -h
flag needs an argument: -h
See 'podman run --help'.
```
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1379
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
| |
Need to get some small changes into libpod to pull back into buildah
to complete buildah transition.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1270
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
They are not used anywhere in the packagee.
Two of the values still have users in the CLI, but used only once.
So, use the .Transport.Name() calls in there directly, that is
likely to be cheaper (and makes the files depend directly
on the transports instead of referring to them indirectly through
libpod).
RFC: Should not change behavior in _this_ repo, but it is an
externally-observable API change. Is there any user that could
notice?
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All callers of LoadFromArchive expect the input to be in the
transport:name format, or create it that way. So, pass a
types.ImageReference instead of a string.
That requires us to add an explicit parse step in (podman pull);
in (podman load) we can, instead of pasting strings, create
native objects directly.
Changes the error behavior of (podman pull), we no longer
try heuristically parsing docker-archive:... inputs as
Docker references.
Also changes the string reported by (podman load) if all parsing
attempts fail, to be only the path instead of dir:path. The error
message itself is likely to be the same (from directory.Transport).
(While at it, update a mismatched comment.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
| |
Instead of searching for "docker-archive" anywhere in the input,
only accept it at the start, and require the colon separator as well.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
| |
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1167
Approved by: baude
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The docker-archive tar files can have multiple tags for the same
image stored in it. Load pulls all the tags found in the archive
when loading a tar file. Save can oush multiple tags of the same
image to a tar archive.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #819
Approved by: rhatdan
|
| |
|
|
|
|
|
| |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #831
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
implement varlink image functions for working with libpod with the exception of a
couple due to incompletions on the libpod side of things (build).
also, created a first pass at a libpodpy package which will stand as a client to
working with libpod's varlink methods using python.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #669
Approved by: baude
|
| |
|
|
|
|
|
|
|
| |
Made necessary changes to functions to include contex.Context wherever needed
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #640
Approved by: baude
|
| |
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #636
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
| |
Ensure we don't force TLS verification when --tls-verify is set
to false.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #636
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
| |
In the case where podman needs to pull an image, if that registry that the image
resides on is known to be insesure (as defined in /etc/containers/registries.conf),
tls-verify should be altered on the fly.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #626
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the case where you have an image local, if the the user runs
podman pull, we should always attempt to pull an updated image.
Added a forceRemote bool to New (image) so we can differentiate
between "pull" or run because the actions differ. Run does not
need to pull the latest -- only run.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #618
Approved by: baude
|
| |
|
|
|
|
|
|
|
|
| |
Cull funcs from runtime_img.go which are no longer needed. Also, fix any remaining
spots that use the old image technique.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #532
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
| |
podman save would write the progress bar to the image tar file
when the output was redirected with >.
Fixed the writer to write to stderr for all commands using writer
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #362
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When using podman to pull an image, print the image id after
the image is pulled.
Resolves issue #329
Signed-off-by: baude <bbaude@redhat.com>
Closes: #342
Approved by: rhatdan
|
| |
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|
|
The decision is in, kpod is going to be named podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #145
Approved by: umohnani8
|
