summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* regression: tls verify should be set on registries.conf if insecurebaude2018-04-18
| | | | | | | | | | | In the case where podman needs to pull an image, if that registry that the image resides on is known to be insesure (as defined in /etc/containers/registries.conf), tls-verify should be altered on the fly. Signed-off-by: baude <bbaude@redhat.com> Closes: #626 Approved by: mheon
* Allow podman to exit exit codes of removed containersMatthew Heon2018-04-17
| | | | | | | | | | | | | | | We can read the exit file created by conmon to get the exit code instead of querying libpod. Also, do not error on cleanup if the container is already gone, as a completely removed container is definitely cleaned up. Resolves: #527 Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #632 Approved by: rhatdan
* validate dns-search values prior to creationbaude2018-04-16
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #628 Approved by: baude
* podman pull should always try to pullbaude2018-04-14
| | | | | | | | | | | | | | In the case where you have an image local, if the the user runs podman pull, we should always attempt to pull an updated image. Added a forceRemote bool to New (image) so we can differentiate between "pull" or run because the actions differ. Run does not need to pull the latest -- only run. Signed-off-by: baude <bbaude@redhat.com> Closes: #618 Approved by: baude
* Allow the use of -i/-a on any containerbaude2018-04-14
| | | | | | | | | | | | | We used to not allow the use of -a/-i on containers that were not started with -i or a tty. Given the improvements in our terminal handling, this should work now. This also fixes a systemic problem with the autotests. Signed-off-by: baude <bbaude@redhat.com> Closes: #617 Approved by: baude
* Change attach to accept a struct containing streamsMatthew Heon2018-04-13
| | | | | | | | | | | Comparing Go interfaces, like io.Reader, to nil does not work. As such, we need to include a bool with each stream telling whether to attach to it. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #608 Approved by: baude
* Fix terminal attachMatthew Heon2018-04-13
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #608 Approved by: baude
* Changes to attach to enable per-stream attachingMatthew Heon2018-04-13
| | | | | | | | | | This allows us to attach to attach to just stdout or stderr or stdin, or any combination of these. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #608 Approved by: baude
* Containers transitioning to stop should not break statsbaude2018-04-11
| | | | | | | | | | | | When a container is transitioning from running to stopped and stats is runnings, we should not break stats if we are unable to get stats for that container. Resolves: #598 Signed-off-by: baude <bbaude@redhat.com> Closes: #599 Approved by: mheon
* Add -i to exec for compatibility reasonsbaude2018-04-11
| | | | | | | | | | | No change to functionality Issue: #606 Signed-off-by: baude <bbaude@redhat.com> Closes: #607 Approved by: rhatdan
* Unescape characters in inspect JSON format outputBoaz Shuster2018-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch changes the way the inspect command output is displayed on the screen when the format is set to JSON. Note: if the output is redirected to a file the output is *not* escaped. For example, before this commit if you run: $ sudo podman inspect --format "json" daveimg [ { ... "Author": "Dave \u003cdave@corp.io\u003e", } ... ] with this patch the output will be: [ { ... "Author": "Dave <dave@corp.io>", } ... ] Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com> Closes: #602 Approved by: mheon
* Use buildah commit for podman commitbaude2018-04-10
| | | | | | | | Resolves: #586 and #520 Signed-off-by: baude <bbaude@redhat.com> Closes: #592 Approved by: mheon
* Functionality changes to the following flagsumohnani82018-04-06
| | | | | | | | | | | | | | | | | | | --group-add --blkio-weight-device --device-read-bps --device-write-bps --device-read-iops --device-write-iops --group-add now supports group names as well as the gid associated with them. All the --device flags work now with moderate changes to the code to support both bps and iops. Added tests for all the flags. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #590 Approved by: mheon
* Remove image via storage if a buildah container is associatedTomSweeneyRedHat2018-04-05
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #522 Approved by: mheon
* Add hooks support to podmanDaniel J Walsh2018-04-05
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #155 Approved by: mheon
* Run images with no namesbaude2018-04-04
| | | | | | | | | | | | | When an image name has no reponames, you should still be able to run it by ID. When doing so, imageName needs to be set to "" so we don't hit an index out of range error Resolves: #587 Signed-off-by: baude <bbaude@redhat.com> Closes: #593 Approved by: mheon
* Only allocate tty when -tbaude2018-04-03
| | | | | | | | | | | In our ezrly development, we always allocated a tty when not -d. Now we should only allocated when the user asks for it. Resolves: #573 Signed-off-by: baude <bbaude@redhat.com> Closes: #574 Approved by: rhatdan
* Stopping a stopped container should not be an errorbaude2018-04-03
| | | | | | | | | Resolves: #575 Signed-off-by: baude <bbaude@redhat.com> Closes: #588 Approved by: mheon
* --entrypoint= should delete existing entrypointbaude2018-04-03
| | | | | | | | | Resolves: #572 Signed-off-by: baude <bbaude@redhat.com> Closes: #585 Approved by: mheon
* Remove explicit Init() calls in run and startMatthew Heon2018-04-03
| | | | | | | | | | | | | We no longer require an explicit Init() to start a container, as Start() will now call Init() if the container is not initialized. Remove explicit Init() invocations from run and start to help with dependency ordering - less time for a dependency to go down before we start. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #577 Approved by: rhatdan
* Add secrets patch to podmanumohnani82018-03-29
| | | | | | | | | | Adds support for mounting secrets especially on RHEL where the container can use the host subsription to run yum Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #544 Approved by: rhatdan
* podman: new option --conmon-pidfile=Giuseppe Scrivano2018-03-29
| | | | | | | | | | | | | | | | | | | so that it is possible to use systemd to automatically restart the container: [Service] Type=forking PIDFile=/run/awesome-service.pid ExecStart=/usr/bin/podman run --conmon-pidfile=/run/awesome-service.pid --name awesome -d IMAGE /usr/bin/do-something ExecStopPost=/usr/bin/podman rm awesome Restart=always Closes: https://github.com/projectatomic/libpod/issues/534 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #549 Approved by: rhatdan
* Remove dependency on kubernetesbaude2018-03-27
| | | | | | | | | | podman parse and attach were using a very small portion of the kubernetes code but using it caused a signficant increase in binary size. Signed-off-by: baude <bbaude@redhat.com> Closes: #559 Approved by: rhatdan
* Vendor in lots of kubernetes stuff to shrink image sizeDaniel J Walsh2018-03-27
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #554 Approved by: mheon
* cmd/podman/run.go: Error nicely when no image foundbaude2018-03-27
| | | | | | | | | | | | When no image is found, display a useful error message. Also, in imageToRef protect against a nil image being passed. Resolves: #553 Signed-off-by: baude <bbaude@redhat.com> Closes: #555 Approved by: mheon
* podman exec should handle options --env fooDaniel J Walsh2018-03-26
| | | | | | | | | | | | | If the user does not specify foo=bar, then the exec code should look for the foo environment variable in its environment and pass it in. This is the way podman run works. Also added tests to make sure this all works. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #552 Approved by: mheon
* Make container env variable conditionalMatthew Heon2018-03-23
| | | | | | | | | | | | Add only when it's not already present. Add a more specific version in podman spec generation so we get 'container=podman' not 'container=libpod' Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #540 Approved by: baude
* Stage 4 Image cleanupbaude2018-03-23
| | | | | | | | | | Cull funcs from runtime_img.go which are no longer needed. Also, fix any remaining spots that use the old image technique. Signed-off-by: baude <bbaude@redhat.com> Closes: #532 Approved by: mheon
* If cidfile exists, do not proceedbaude2018-03-23
| | | | | | | | | | | | | Both podman run and create have an option to write the container ID to a file. The option is called cidfile. If the cidfile exists, we should not create or run a container but rather output a sensical error message. Resolves: #530 Signed-off-by: baude <bbaude@redhat.com> Closes: #531 Approved by: rhatdan
* Removing tagged images change in behaviorbaude2018-03-22
| | | | | | | | | | | | | | | An image name is really just a tag. When an image has multiple tags, we should be able to "delete" the one of its tags without harm. In this case, the "delete' is really a form of Untag (removing the tag from the image). If an image has multiple tags and the user tries to delete by ID without force, this should be denied because when you delete by ID there is no distinguishing it like image tags. Signed-off-by: baude <bbaude@redhat.com> Closes: #528 Approved by: mheon
* Migrate podman inspect and tag to image librarybaude2018-03-21
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #525 Approved by: baude
* Migrate podman images to image librarybaude2018-03-21
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #523 Approved by: mheon
* Image library stage 4 - create and commitbaude2018-03-20
| | | | | | | | | | Migrate the podman create and commit subcommandis to leverage the images library. I also had to migrate the cmd/ portions of run and rmi. Signed-off-by: baude <bbaude@redhat.com> Closes: #498 Approved by: mheon
* Fix build after c/image changesMatthew Heon2018-03-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #505 Approved by: rhatdan
* Merge pull request #447 from mheon/sig_proxyDaniel J Walsh2018-03-16
|\ | | | | Add signal proxying to podman run and attach
| * Add signal proxying to podman run, start, and attachMatthew Heon2018-03-15
| | | | | | | | | | | | | | Also removes sig-proxy from 'podman create', where is does not make sense. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Address review commentsMatthew Heon2018-03-16
| | | | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #503 Approved by: rhatdan
* | Add 'podman restart' commandMatthew Heon2018-03-16
| | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #503 Approved by: rhatdan
* | Remove ability to specify mount label when mountingMatthew Heon2018-03-16
|/ | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #506 Approved by: rhatdan
* We should not allow a user to mount a container with a different labelDaniel J Walsh2018-03-15
| | | | | | | | | We need to get the label from the container and mount with it. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #502 Approved by: mheon
* We should not have a default workdirDaniel J Walsh2018-03-15
| | | | | | | | | | Having a default workdir is causing us not to use the container images workdir. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #501 Approved by: mheon
* Add StartAndAttach() API endpoint for containersMatthew Heon2018-03-15
| | | | | | | | | | | | This solves our prior problems with attach races by ensuring the order is correct. Also contains substantial cleanups to the attach code. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #482 Approved by: baude
* Add test. Move attach code in start backMatthew Heon2018-03-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #482 Approved by: baude
* Implement container restartingMatthew Heon2018-03-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #482 Approved by: baude
* Stage3 Image Librarybaude2018-03-14
| | | | | | | | | | | | | This represents the stage3 implementation for the image library. At this point, we are moving the image-centric functions to pkg/image including migration of args and object-oriented references. This is a not a one-for-one migration of funcs and some funcs will need to continue to reside in runtime_img as they are overly specific to libpod and probably not useful to others. Signed-off-by: baude <bbaude@redhat.com> Closes: #484 Approved by: baude
* Include tmpfs in inspectbaude2018-03-14
| | | | | | | | | | | | Other container runtimes include the tmpfs mount points in their inspect output. Podman should as well. It is under hostconfig. Resolves: #483 Signed-off-by: baude <bbaude@redhat.com> Closes: #488 Approved by: rhatdan
* podman-images: return correct image listValentin Rothberg2018-03-14
| | | | | | | | | | | Return and print the correct list of images by adding all specified RepoTags to one image object, and priting them separately in repository:repotag pairs. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #477 Approved by: rhatdan
* Fix a potential race around container removal in psMatthew Heon2018-03-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #467 Approved by: baude
* podman ps command string too longbaude2018-03-09
| | | | | | | | | | | | The default outout for podman ps should limit itself if the command is long. If the command is more than 20 characters, we truncate the command and add an elipses to it. Resolves: #464 Signed-off-by: baude <bbaude@redhat.com> Closes: #466 Approved by: rhatdan
* podman import, load, and commit are too verbosebaude2018-03-07
| | | | | | | | | | | | | | | The progress should not be show for import, load, and commit. It makes machine parsing of the output much more difficult. Also, each command should output an image ID or name for the user. Added a --verbose flag for users that still want to see progress. Resolves issue #450 Signed-off-by: baude <bbaude@redhat.com> Closes: #456 Approved by: rhatdan