aboutsummaryrefslogtreecommitdiff
path: root/cmd/podman/runlabel.go
Commit message (Collapse)AuthorAge
* bump containers/image to v5.0.0, buildah to v1.11.4Nalin Dahyabhai2019-10-29
| | | | | | | | | Move to containers/image v5 and containers/buildah to v1.11.4. Replace an equality check with a type assertion when checking for a docker.ErrUnauthorizedForCredentials in `podman login`. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* Update c/image to v4.0.1 and buildah to 1.11.3Miloslav Trmač2019-10-04
| | | | | | | | | | | | | | This requires updating all import paths throughout, and a matching buildah update to interoperate. I can't figure out the reason for go.mod tracking github.com/containers/image v3.0.2+incompatible // indirect ((go mod graph) lists it as a direct dependency of libpod, but (go list -json -m all) lists it as an indirect dependency), but at least looking at the vendor subdirectory, it doesn't seem to be actually used in the built binaries. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* first pass of corrections for golangci-lintbaude2019-07-10
| | | | Signed-off-by: baude <bbaude@redhat.com>
* podman: create and run honors auth file locationGiuseppe Scrivano2019-07-09
| | | | | | | | if the auth file was overriden, be sure create and run honors it. Closes: https://github.com/containers/libpod/issues/3524 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* remove libpod from mainbaude2019-06-25
| | | | | | | | | | | | | the compilation demands of having libpod in main is a burden for the remote client compilations. to combat this, we should move the use of libpod structs, vars, constants, and functions into the adapter code where it will only be compiled by the local client. this should result in cleaner code organization and smaller binaries. it should also help if we ever need to compile the remote client on non-Linux operating systems natively (not cross-compiled). Signed-off-by: baude <bbaude@redhat.com>
* Fixup FlagsDaniel J Walsh2019-05-20
| | | | | | | | Mark hidden all references to signature-policy Default all uses of --authfile Add --authfile support to podman run and podman create. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Output name of process on runlabel commandNathaniel Kofalt2019-05-18
| | | | Signed-off-by: Nathaniel Kofalt <nathaniel@kofalt.com>
* Add variable for global flags to runlabelQi Wang2019-05-02
| | | | | | use $GLOBAL_OPTS to pass global flags to the runlabel command. Signed-off-by: Qi Wang <qiwan@redhat.com>
* runtime: pass down the contextGiuseppe Scrivano2019-04-26
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix segfaults attribute to missing optionsbaude2019-04-15
| | | | | | | | | In cases where the remote client culls options to a command, we need to be sure that the lookup for that flag does not result in a nil pointer. To do so, we add a Remote attribute to the podman struct and then cli helper funcs are now aware they are remote. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2595 from jwhonce/bug/1677908OpenShift Merge Robot2019-03-15
|\ | | | | Add --replace flag to "podman container runlabel"
| * Add --replace flag to "podman container runlabel"Jhon Honce2019-03-13
| | | | | | | | | | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1677908 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Usage messages: deduplicate '(default true)' et alEd Santiago2019-03-13
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove hardcoded '(default: true)' strings from bool flags, and '(default this-or-that)' from string flags. First because it's unmaintainable duplication that would cause confusion should someone ever change the default and not notice the message. Second, because cobra[1] already prints '(default XXXX)' for all options with non-false non-nil default. So in each of these cases, current podman help behavior is: $ podman login --help ... --tls-verify Require HTTPS ... (default: true) (default true) This PR eliminates that duplication. [1] actually spf13/pflag/flag.go The only nontrivial one of these is start.go, where the default for sigProxy depends on the --attach flag. Solution: change the command-line default to false, and implement the new conditional default in logic. Bonus: removed unnecessary check, because now if sigProxy is set without --attach, we can guarantee that it was done by the user. But please pay close scrutiny to this particular section in case there's something I missed. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Fix help commands to show short and long description.Daniel J Walsh2019-03-07
| | | | | | Cleanup lots of help information to look good when displayed. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Pull image for runlabel if not localbaude2019-03-01
| | | | | | | | | | In cases where a user issues the podman container runlabel command and the image is not local, we now default to pulling the image automatically to mimic the atomic cli behavior. Fixes: BZ #1677905 Signed-off-by: baude <bbaude@redhat.com>
* Better usage synopses for subcommandsEd Santiago2019-02-26
| | | | | | | Conceptually simple: include, where applicable, a brief description of command-line options for each subcommand. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Exit with errors not just logging errorDaniel J Walsh2019-02-22
| | | | | | | Several commands were logging errors but exiting with a 0 exit code. This patch cleans these up. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add 4th chunk of Cobra ExamplesTomSweeneyRedHat2019-02-18
| | | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Adds the 4th chunk of Cobra Examples to the CLI help. One more chunk of 10 to complete. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Don't show global flags except for podman commandDaniel J Walsh2019-02-12
| | | | | | | | | Subcommands should not be showing the global flags. This causes the important information to scroll off the screen. Also fixed a typo on runCommmand (Too many 'm's) Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Migrate to cobra CLIbaude2019-02-08
| | | | | | | | We intend to migrate to the cobra cli from urfave/cli because the project is more well maintained. There are also some technical reasons as well which extend into our remote client work. Signed-off-by: baude <bbaude@redhat.com>
* Capatilize all usage and descriptionsDaniel J Walsh2019-02-05
| | | | | | | | | We have no consistancy in out option usages and descritions on whether or not the first letter should be capatalized. This patch forces them all to be capatilized. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Changes to container runlabel for toolbox projectbaude2019-01-30
| | | | | | | | | | The toolbox project would benefit from a few changes to more closely resembe the original atomic cli project. Changes made are: * only pull image for container runlabel if the label exists in the image * if a container image does not have the desired label, exit with non-zero Signed-off-by: baude <bbaude@redhat.com>
* Minimally update for the DockerInsecureSkipTLSVerify type changeMiloslav Trmač2018-12-06
| | | | | | | | | | | | | | | | | Following SystemContext.DockerInsecureSkipTLSVerify, make the DockerRegistryOne also an OptionalBool, and update callers. Explicitly document that --tls-verify=true and --tls-verify unset have different behavior in those commands where the behavior changed (or where it hasn't changed but the documentation needed updating). Also make the --tls-verify man page sections a tiny bit more consistent throughout. This is a minimal fix, without changing the existing "--tls-verify=true" paths nor existing manual insecure registry lookups. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Adding more varlink endpointsbaude2018-12-03
| | | | | | | | | | | * runlabel * checkpoint * restore * container|image exists * mount * unmount Signed-off-by: baude <bbaude@redhat.com>
* runlabel: run any commandValentin Rothberg2018-10-24
| | | | | | | | | | | | | | | | As discussed [1], the runlabel command should execute any command specified in a label. The reasoning behind is that we cannot restrict which options are passed to Podman which thereby has full access to the host (runlabels must be used with care). With the updated semantics, runlabel will substitute the commands with a basepath equal to "docker" or "podman" with "/proc/self/exe", and otherwise leave the command unchanged to execute any other command on the host. [1] https://github.com/containers/libpod/pull/1607#issuecomment-428321382 Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* Support auth file environment variable & add change to man pagesQi Wang2018-10-12
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Sort all command flagsQi Wang2018-10-11
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* fix runlabel functions based on QA feedbackbaude2018-10-11
| | | | Signed-off-by: baude <bbaude@redhat.com>
* runlabel: execute /proc/self/exe and avoid recursionValentin Rothberg2018-10-05
| | | | | | | | | | | | | Execute /proc/self/exe instead of podman. This makes the runlabel command more portable as it works for binaries outside the path as well as for local builds. Also, avoid redundantly executing the runlabel command by setting the PODMAN_RUNLABEL_NESTED environment variable to "1". Podman now checks for this variable before executing the runlabel command and will throw an error in case the variable is set. Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
* Add container runlabel commandbaude2018-09-28
Execute the command as described by a container image. The value of the label is processed into a command by: 1. Ensuring the first argument of the command is podman. 2. Substituting any variables with those defined by the environment or otherwise. If no label exists in the container image, nothing is done. podman container runlabel LABEL IMAGE extra_args Signed-off-by: baude <bbaude@redhat.com>