summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* networking, userNS: configure the network namespace after createGiuseppe Scrivano2018-05-04
| | | | | | | | | | | so that the OCI runtime creates the network namespace from the correct userNS. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #690 Approved by: mheon
* Begin wiring in USERNS Support into podmanDaniel J Walsh2018-05-04
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #690 Approved by: mheon
* varlink containersbaude2018-05-03
| | | | | | | | | | | | | first pass at adding in the container related endpoints/methods for the libpod backend. Couple of important notes: * endpoints that can use a console are not going to be done until we have "remote" console * several of the container methods should probably be able to stream as opposed to a one-off return Signed-off-by: baude <bbaude@redhat.com> Closes: #708 Approved by: baude
* Trivial refactor on volume additionMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* When adding volumes to DB, handle nontrivial casesMatthew Heon2018-05-03
| | | | | | | | | | We want to make sure we don't add anything but the host volume, and the volumes can include options and container locations. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Store user Volumes, Entrypoint, Command in databaseMatthew Heon2018-05-03
| | | | | | | | | | | We need these for commit, and they cannot be properly deduced from just the OCI spec, so save them in the database so we can retrieve them for commit. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Add config bool to indicate there are user volumesMatthew Heon2018-05-03
| | | | | | | | | | This allows us to accurately trigger OCI hooks that trigger on the presence of volume mounts. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* remove options from create/run that we cannot supportbaude2018-05-02
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #711 Approved by: rhatdan
* Fix podman logout --all flagumohnani82018-05-02
| | | | | | | | | | | podman logout --all should remove cached credentials for all registries in the auth.json file. Before this, it was asking for a registry to be given with the --all flag also. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #712 Approved by: rhatdan
* podman should assign a host port to -p when omittedbaude2018-05-01
| | | | | | | | | | | If the user does not provide a host port when adding -p to create/run, podman should inject an available random port. podman run -p 80 .... podman should assign a random port to the host and expose the container port 80 to it Signed-off-by: baude <bbaude@redhat.com> Closes: #703 Approved by: rhatdan
* Fix misc stuff found by jhoncebaude2018-04-30
| | | | | | | | | | | During the python client implementation, jhonce found some return types that needed correction as well as a panic related to history which is now corrected. Signed-off-by: baude <bbaude@redhat.com> Closes: #704 Approved by: rhatdan
* do not commit default volumes from containerbaude2018-04-30
| | | | | | | | | | | when performing a container commit, we should not add the default list of volumes for a container to the resulting image. it will cause the resulting image to crash when run subsequently. Signed-off-by: baude <bbaude@redhat.com> Closes: #699 Approved by: mheon
* Make ':' a restricted character for file namesumohnani82018-04-30
| | | | | | | | | | | file names for podman load, save, export, and import cannot contain ":" in them. It is a reserved character for parsing filenames. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #694 Approved by: rhatdan
* Add more validation to --volume flag for run and createumohnani82018-04-30
| | | | | | | | | | Return error if the host and container paths is a relative path. Only absolute paths allowed. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #695 Approved by: rhatdan
* Use buildah commit and bud in podmanbaude2018-04-27
| | | | | | | | | | | Vendor in buildah and use as much of commit and bug as possible for podman build and commit. Resolves #586 Signed-off-by: baude <bbaude@redhat.com> Closes: #681 Approved by: mheon
* varlink imagesbaude2018-04-26
| | | | | | | | | | | | | implement varlink image functions for working with libpod with the exception of a couple due to incompletions on the libpod side of things (build). also, created a first pass at a libpodpy package which will stand as a client to working with libpod's varlink methods using python. Signed-off-by: baude <bbaude@redhat.com> Closes: #669 Approved by: baude
* Add --default-mounts-file hidden flagumohnani82018-04-26
| | | | | | | | | | | The hidden flag is used to override the path of the default mounts file for testing purposes. Also modified the secrets pkg to allow for this override to happen. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #678 Approved by: mheon
* Only generate the varlink glue code if needed and from the vendor dirHarald Hoyer2018-04-25
| | | | | Closes: #671 Approved by: baude
* Updated varlink vendored codebaude2018-04-25
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #670 Approved by: mheon
* packagers need the varlink generated filebaude2018-04-24
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #664 Approved by: baude
* Initial varlink implementationbaude2018-04-23
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #627 Approved by: mheon
* podman push without destination imagebaude2018-04-20
| | | | | | | | | | | | | the destination image for podman push should be optional (if the destination has already been tagged in). the man page for podman push describes that it should work this way. Resolves: #645 Signed-off-by: baude <bbaude@redhat.com> Closes: #646 Approved by: mheon
* Print ctr ID if neither STDOUT and STDERR are attachedMatthew Heon2018-04-19
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #638 Approved by: rhatdan
* Vendor in latest containers/image and contaners/storageumohnani82018-04-19
| | | | | | | | | Made necessary changes to functions to include contex.Context wherever needed Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #640 Approved by: baude
* It is OK to start an already running container (with no attach)baude2018-04-18
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #637 Approved by: rhatdan
* Refactor logic for forceSecure in pull for readabilityMatthew Heon2018-04-18
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #636 Approved by: rhatdan
* Small logic fix for podman pull with tls-verifyMatthew Heon2018-04-18
| | | | | | | | | | Ensure we don't force TLS verification when --tls-verify is set to false. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #636 Approved by: rhatdan
* Allow podman start to attach to a running containerbaude2018-04-18
| | | | | | | | | | If a container is already running, and a user asks to start it -a (attach), we should honor this and attach to the container. Signed-off-by: baude <bbaude@redhat.com> Closes: #634 Approved by: baude
* regression: tls verify should be set on registries.conf if insecurebaude2018-04-18
| | | | | | | | | | | In the case where podman needs to pull an image, if that registry that the image resides on is known to be insesure (as defined in /etc/containers/registries.conf), tls-verify should be altered on the fly. Signed-off-by: baude <bbaude@redhat.com> Closes: #626 Approved by: mheon
* Allow podman to exit exit codes of removed containersMatthew Heon2018-04-17
| | | | | | | | | | | | | | | We can read the exit file created by conmon to get the exit code instead of querying libpod. Also, do not error on cleanup if the container is already gone, as a completely removed container is definitely cleaned up. Resolves: #527 Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #632 Approved by: rhatdan
* validate dns-search values prior to creationbaude2018-04-16
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #628 Approved by: baude
* podman pull should always try to pullbaude2018-04-14
| | | | | | | | | | | | | | In the case where you have an image local, if the the user runs podman pull, we should always attempt to pull an updated image. Added a forceRemote bool to New (image) so we can differentiate between "pull" or run because the actions differ. Run does not need to pull the latest -- only run. Signed-off-by: baude <bbaude@redhat.com> Closes: #618 Approved by: baude
* Allow the use of -i/-a on any containerbaude2018-04-14
| | | | | | | | | | | | | We used to not allow the use of -a/-i on containers that were not started with -i or a tty. Given the improvements in our terminal handling, this should work now. This also fixes a systemic problem with the autotests. Signed-off-by: baude <bbaude@redhat.com> Closes: #617 Approved by: baude
* Change attach to accept a struct containing streamsMatthew Heon2018-04-13
| | | | | | | | | | | Comparing Go interfaces, like io.Reader, to nil does not work. As such, we need to include a bool with each stream telling whether to attach to it. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #608 Approved by: baude
* Fix terminal attachMatthew Heon2018-04-13
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #608 Approved by: baude
* Changes to attach to enable per-stream attachingMatthew Heon2018-04-13
| | | | | | | | | | This allows us to attach to attach to just stdout or stderr or stdin, or any combination of these. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #608 Approved by: baude
* Containers transitioning to stop should not break statsbaude2018-04-11
| | | | | | | | | | | | When a container is transitioning from running to stopped and stats is runnings, we should not break stats if we are unable to get stats for that container. Resolves: #598 Signed-off-by: baude <bbaude@redhat.com> Closes: #599 Approved by: mheon
* Add -i to exec for compatibility reasonsbaude2018-04-11
| | | | | | | | | | | No change to functionality Issue: #606 Signed-off-by: baude <bbaude@redhat.com> Closes: #607 Approved by: rhatdan
* Unescape characters in inspect JSON format outputBoaz Shuster2018-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch changes the way the inspect command output is displayed on the screen when the format is set to JSON. Note: if the output is redirected to a file the output is *not* escaped. For example, before this commit if you run: $ sudo podman inspect --format "json" daveimg [ { ... "Author": "Dave \u003cdave@corp.io\u003e", } ... ] with this patch the output will be: [ { ... "Author": "Dave <dave@corp.io>", } ... ] Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com> Closes: #602 Approved by: mheon
* Use buildah commit for podman commitbaude2018-04-10
| | | | | | | | Resolves: #586 and #520 Signed-off-by: baude <bbaude@redhat.com> Closes: #592 Approved by: mheon
* Functionality changes to the following flagsumohnani82018-04-06
| | | | | | | | | | | | | | | | | | | --group-add --blkio-weight-device --device-read-bps --device-write-bps --device-read-iops --device-write-iops --group-add now supports group names as well as the gid associated with them. All the --device flags work now with moderate changes to the code to support both bps and iops. Added tests for all the flags. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #590 Approved by: mheon
* Remove image via storage if a buildah container is associatedTomSweeneyRedHat2018-04-05
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #522 Approved by: mheon
* Add hooks support to podmanDaniel J Walsh2018-04-05
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #155 Approved by: mheon
* Run images with no namesbaude2018-04-04
| | | | | | | | | | | | | When an image name has no reponames, you should still be able to run it by ID. When doing so, imageName needs to be set to "" so we don't hit an index out of range error Resolves: #587 Signed-off-by: baude <bbaude@redhat.com> Closes: #593 Approved by: mheon
* Only allocate tty when -tbaude2018-04-03
| | | | | | | | | | | In our ezrly development, we always allocated a tty when not -d. Now we should only allocated when the user asks for it. Resolves: #573 Signed-off-by: baude <bbaude@redhat.com> Closes: #574 Approved by: rhatdan
* Stopping a stopped container should not be an errorbaude2018-04-03
| | | | | | | | | Resolves: #575 Signed-off-by: baude <bbaude@redhat.com> Closes: #588 Approved by: mheon
* --entrypoint= should delete existing entrypointbaude2018-04-03
| | | | | | | | | Resolves: #572 Signed-off-by: baude <bbaude@redhat.com> Closes: #585 Approved by: mheon
* Remove explicit Init() calls in run and startMatthew Heon2018-04-03
| | | | | | | | | | | | | We no longer require an explicit Init() to start a container, as Start() will now call Init() if the container is not initialized. Remove explicit Init() invocations from run and start to help with dependency ordering - less time for a dependency to go down before we start. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #577 Approved by: rhatdan
* Add secrets patch to podmanumohnani82018-03-29
| | | | | | | | | | Adds support for mounting secrets especially on RHEL where the container can use the host subsription to run yum Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #544 Approved by: rhatdan
* podman: new option --conmon-pidfile=Giuseppe Scrivano2018-03-29
| | | | | | | | | | | | | | | | | | | so that it is possible to use systemd to automatically restart the container: [Service] Type=forking PIDFile=/run/awesome-service.pid ExecStart=/usr/bin/podman run --conmon-pidfile=/run/awesome-service.pid --name awesome -d IMAGE /usr/bin/do-something ExecStopPost=/usr/bin/podman rm awesome Restart=always Closes: https://github.com/projectatomic/libpod/issues/534 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #549 Approved by: rhatdan