| Commit message (Collapse) | Author | Age |
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Cleanup network option parsing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We were not handling the parsing of --ip. This pr adds validation
checks and now will support the flag.
Move validation to the actual parsing of the network flags.
We should only parse the dns flags if the user changed them. We don't
want to pass default options if set in containers.conf to the server.
Potential for duplicating defaults.
Add support for --dns-opt flag passing
Begin handling of --network flag, although we don't have a way right now
to translate a string into a specgen.Namespace.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While this commit was initially meant to fix #5847, it has turned into a
bigger refactoring which I did not manage to break into smaller pieces:
* Fix #5847 by refactoring the image-removal logic.
* Make the api handler for image-removal use the ABI code. This way,
both (i.e., ABI and Tunnel) end up using the same code. Achieving
this code share required to move some code around to prevent circular
dependencies.
* Everything in pkg/api (excluding pkg/api/types) must now only be
accessed from code using `ABISupport`.
* Avoid imports from entities on handlers to prevent circular
dependencies.
* Move `podman system service` logic into `cmd` to prevent circular
dependencies - it depends on pkg/api.
* Also remove the build header from infra/abi files. It will otherwise
confuse swagger and other tools; errors we cannot fix as go doesn't
expose a build-tag env variable.
Fixes: #5847
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Fix up handling of image data as well as setting Linux Capabilties correctly
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman inspect has a breaking change in that it dropped
--latest and --size options.
This PR adds these back. Lots of tests rely on
podman inspect -l.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If user sets capabilities list we need handle minimal capabilities.
Also handle seccomp-policy being passed in.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
V2 podman image tree
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Basic port of V1 podman image tree ID
TODO: Refactor to return tree from service and format in presentation
layer
TODO: Support tunneling mode
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
V2 Remove existing unix domain socket on startup
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
common: setting cgroup resources correctly
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | | |
fix some cgroups related integration tests.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
V2 Fix --latest for podman diff commands
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
* --latest now forces container diff
* diff options now passed into domain layer
* updated help/usage messages
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Pull images when doing podman create
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Currently podman create does not pull images if they don't
exist. It should follow the pull policy specified by the
user.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
V2 Fix support for tcp://[::]<port> connections
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Fix support for socket activation, on remote and service
$ systemd-socket-activate -l 8083 --fdname=podman bin/podman system service --log-level=debug --time=30
$ bin/podman-remote --remote=tcp://[::]:8083 image ls
Or, use the podman.{socket,service} unit files
$ bin/podman-remote --remote=unix:///run/podman/podman.sock image ls
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
Add pod prune for api v2
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Add the ability to prune pods for api v2,
Includes the addition of force flag, for client side prompt.
Update test suite to support this use case.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \
| |/
|/| |
enable integration testing
|
| |
| |
| |
| | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
| |
With this patch we can get run_passwd_test.go to pass
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Fixes for system tests
|
| |
| |
| |
| |
| |
| | |
Various fixes to protect against regressions in system tests
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
podmanV2: implement build
|
| |
| |
| |
| |
| |
| |
| |
| | |
Implement `podman build` for the local client. The remote client will
require some rather large work in the backend and a new build endpoint
for the libpod rest API.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
| |
* registry.PodmanConfig() new returns a pointer to the source of truth
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
| |
remote podman v1 and replace with podman v2.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
| |
rid ourseleves of libpod references in v2 client
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
| |
this is second phase of removing unneeded bloat in the remote client. this is important to be able to reduce the client size as well as possible native compilation for windows/mac.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
| |
Adds ability to prune containers for v2.
Adds client side prompt with force flag and filters options to prune.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* Move connection tracking into APIServer using ConnState()
* Remove Connection counters from CLI code
* Update events handler to support client not closing connection
* Improve logging messages
Fixes #5599
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Added support for system service
* Enabled linting on the varlinkapi source, needed to support V2
service command
* Added support for PODMAN_SOCKET
Skip linting deprecated code
Rather than introduce bugs by correcting deprecated code, linting the
code is being skipped. Code that is being ported into V2 is being
checked.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
| |
Accidently removed podman info from user namespace
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
refactor info
|
| |
| |
| |
| |
| |
| | |
the current implementation of info, while typed, is very loosely done so. we need stronger types for our apiv2 implmentation and bindings.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Cleanup whether to enter user namespace
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Add support for specifying CNI networks in podman play kube
|
| |
| |
| |
| |
| | |
Fixes: #5609
Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
V2 Move varlink home
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* move cmd/podman/varlink/* to pkg/varlink to support podmanV2 refactor
* update Makefile
* reformatted all impacted code
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We need to consistently use --time rather then --timeout throughout the code.
Fix locations where timeout defaults are not set correctly as well.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
rootless: make cgroup ownership detection not fatal
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
do not fail if we cannot detect the cgroup ownership. The detection
fails when running in a container, since the cgroup showed in
/proc/self/cgroup is not accessible, due to the runtime mounting it
directly as the cgroup root.
Closes: https://github.com/containers/libpod/issues/5488
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|