summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* switch projectatomic to containersDaniel J Walsh2018-08-16
| | | | | | | | | | Need to get some small changes into libpod to pull back into buildah to complete buildah transition. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1270 Approved by: mheon
* Suport format param for varlink CommitQi Wang2018-08-16
| | | | | | | | | We need to pass the image format OCI or docker in the varlink commit command. Signed-off-by: Qi Wang <qiwan@redhat.com> Closes: #1281 Approved by: mheon
* Fix segfault in top when -l and no args are passedhaircommander2018-08-16
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1284 Approved by: mheon
* build, rootless: specify IsolationOCIRootlessGiuseppe Scrivano2018-08-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1269 Approved by: rhatdan
* rootless: not require userns for help/versionGiuseppe Scrivano2018-08-14
| | | | | | | | | | | these commands do not require to be root in an userns Closes: https://github.com/containers/libpod/issues/1263 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1268 Approved by: vrothberg
* podman in rootless mode will only work with cgroupfs at this point.Daniel J Walsh2018-08-14
| | | | | | | | | | | If user does not pass in cgroup manager and running in rootless mode, then we need to force the cgroupfs support until/unless we get support for rootless systemd support. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1261 Approved by: mheon
* search name should include registrybaude2018-08-10
| | | | | | | | | | | | | | | | | | | | | | When doing a podman search, the so-called NAME should be the image's fully qualified name (not index plus shortname). ``` $ sudo podman search rhel7 INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED redhat.com registry.access.redhat.com/rhel7/rhel This platform image provides a minimal runti... 0 redhat.com registry.access.redhat.com/rhel7.0 This platform image provides a minimal runti... 0 redhat.com registry.access.redhat.com/rhel7 This platform image provides a minimal runti... 0 .... ``` Resolves: #1208 Resolves: Bugz #1614710 Signed-off-by: baude <bbaude@redhat.com> Closes: #1253 Approved by: rhatdan
* apparmor: respect "unconfined" settingValentin Rothberg2018-08-09
| | | | | | | | | | The "unconfined" profile must be treated specially to turn off apparmor confinement and to avoid applying any other profile. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1241 Approved by: mheon
* add podman pod inspectbaude2018-08-09
| | | | | | | | | first pass of podman pod inspect Signed-off-by: baude <bbaude@redhat.com> Closes: #1236 Approved by: rhatdan
* Fix ambiguity in adding localhost to podman savehaircommander2018-08-08
| | | | | | | | | | | ...and some naming decisions. This change ensures podman save doesn't incorrectly prepend localhost when saving an image. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1140 Approved by: rhatdan
* Improve ps handling of container start/stop timeMatthew Heon2018-08-08
| | | | | | | | | | | | | | Previously all calculations were done based off the container's start time. Retrieve end time and use it to calculate time stopped for containers. Also, convert ps JSON output to report timestamps for create, start, and stop times. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1228 Approved by: rhatdan
* Stub varlink pod methods.haircommander2018-08-06
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1196 Approved by: baude
* Rename varlink socket and interfacebaude2018-08-06
| | | | | | | | | io.projectatomic.podman -> io.podman Signed-off-by: baude <bbaude@redhat.com> Closes: #1204 Approved by: mheon
* Make one runtime for the varlink servicebaude2018-08-05
| | | | | | | | | | | | | Rather than making a runtime each time a client hits a varlink endpoint, we now make a single runtime when the varlink service starts up. This fixes a problem where we hit a max inotify limit from CNI. Resolves: #1211 Signed-off-by: baude <bbaude@redhat.com> Closes: #1215 Approved by: rhatdan
* Vendor in latest github.com/projectatomic/buildahDaniel J Walsh2018-08-03
| | | | | | | | | | | | | | This adds support for Dockerfile.in and fixes some limits issues on docker build Also adds support for podman build to read Dockerfile from stdin. cat Dockerfile | podman build -f - . Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1209 Approved by: mheon
* Added ps --pod optionhaircommander2018-08-02
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1205 Approved by: rhatdan
* RFC: Remove unused transport name constants from libpodMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | They are not used anywhere in the packagee. Two of the values still have users in the CLI, but used only once. So, use the .Transport.Name() calls in there directly, that is likely to be cheaper (and makes the files depend directly on the transports instead of referring to them indirectly through libpod). RFC: Should not change behavior in _this_ repo, but it is an externally-observable API change. Is there any user that could notice? Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Replace Runtime.LoadFromArchive with Runtime.LoadFromArchiveReferenceMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | | | | | | | All callers of LoadFromArchive expect the input to be in the transport:name format, or create it that way. So, pass a types.ImageReference instead of a string. That requires us to add an explicit parse step in (podman pull); in (podman load) we can, instead of pasting strings, create native objects directly. Changes the error behavior of (podman pull), we no longer try heuristically parsing docker-archive:... inputs as Docker references. Also changes the string reported by (podman load) if all parsing attempts fail, to be only the path instead of dir:path. The error message itself is likely to be the same (from directory.Transport). (While at it, update a mismatched comment.) Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Rename the "image" variable to "imageName"Miloslav Trmač2018-08-01
| | | | | | | | | | | ... so that it does not shadow the libpod/image module. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Fix the heuristic for docker-archive: sources in (podman pull)Miloslav Trmač2018-08-01
| | | | | | | | | | Instead of searching for "docker-archive" anywhere in the input, only accept it at the start, and require the colon separator as well. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* RFC: Rename Image.PushImage to Image.PushImageToHeuristicDestinationMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | | | | The goal is to be very explicit about which functions try to heuristically guess what is the expected format of the string. Not quite "shaming" the users, but making sure they stand out. RFC: - Is this at all acceptable? Desirable? - varlink ExportImage says "destination must have transport type"; should it be using alltransports.ParseImageReference + PushImageToReference, then? (While touching the call in cmd/podman, also remove a commented-out older version of the call.) Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* RFC? Hard-code "format" string values instead of using libpod.* transport namesMiloslav Trmač2018-08-01
| | | | | | | | | | | | | We don't really want to change the names of the CLI options just because the transport names change (with oci-dir/docker-dir there is no direct correspondence wanyway), and this removes a dependency. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Use PushImageToReference for (podman save)Miloslav Trmač2018-08-01
| | | | | | | | | | | | To do that, create the relevant ImageReference values directly by calling ParseReference/NewReference from the relevant transport subpackages instead of formatting strings to be parsed (and heuristically re-parsed) by PushImage. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Call imageNameForSaveDestination while creating the referencesMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | Instead of creating a reference string and then checking it again to see which kind of archive it is, just call imageNameForSaveDestination at the place where we already know what kind of archive it is because we are making that decision. This also notably fixes the use of strings.CONTAINS to see whether the just constructed strings start with one of the transport names; that would match anywhere in the path. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Exit early in the simple case in imageNameForSaveDestinationMiloslav Trmač2018-08-01
| | | | | | | | | | | ... to make it a tiny bit easier to read. Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Rename parameters of imageNameForSaveDestinationMiloslav Trmač2018-08-01
| | | | | | | | | | | ... to make their relationship clear, at the very least. Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Split imageNameForSaveDestination from saveCmdMiloslav Trmač2018-08-01
| | | | | | | | | | | | | We will need to call it from two places in the future. Should not change behavior, the code is pretty unchanged (down to using confusing parameter names, which we will change immediately) (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Split a single if statement into two.Miloslav Trmač2018-08-01
| | | | | | | | | | | This should not change behavior; it will only make it easier to show that future code move does not change it (but does not add unit tets.) Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Move source handling before destination parsingMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | This will allow adding the reference in the OCIArchive/DockerArchive case in one step, instead of appending it later. Should not change behavior, except that source-related errors will now be reported before possible destination-related errors (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Add --force to podman umount to force the unmounting of the rootfsDaniel J Walsh2018-08-01
| | | | | | | | | | | | podman umount will currently only unmount file system if not other process is using it, otherwise the umount decrements the container storage to indicate that the caller is no longer using the mount point, once the count gets to 0, the file system is actually unmounted. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1184 Approved by: TomSweeneyRedHat
* Add pod pause/unpausehaircommander2018-07-27
| | | | | | | | | | | Added Pause() and Unpause() to libpod/pod.go Added man pages, tests and completions Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1126 Approved by: rhatdan
* Refactored method of getting podshaircommander2018-07-27
| | | | | | | | | Now, for commands that have --latest and --all, the context flags are checked, and pods are grabbed in a single function Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1161 Approved by: rhatdan
* Cleanup descriptions and help informationDaniel J Walsh2018-07-27
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1167 Approved by: baude
* Skip seccomp-dependent tests on non-LinuxMiloslav Trmač2018-07-26
| | | | | | | | | | | | | | | | | Currently, getRuntimeSpec always fails on non-Linux because spec.CreateConfigToOCISpec always fails, because the podman CLI sets up a seccomp path, and processing that on non-Linux is not supported. This breaks testing of entirely unrelated options. We can either skip the tests on non-Linux, or explicitly disable seccomp inside the tests. Linux testing matters much more than other platforms, and the tests are more reliable when they don't change supposedly unrelated options; so, skip the tests on non-Linux. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1115 Approved by: rhatdan
* Remove cmd/podman/user.goMiloslav Trmač2018-07-26
| | | | | | | | | | | | None of the functions are used within the package, and it does not build on non-Linux systems. (Similar code continues to exist in pkg/chrootuser, and is unaffected.) Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1115 Approved by: rhatdan
* Add pod killhaircommander2018-07-25
| | | | | | | | | With tests, man page, and completions. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1125 Approved by: rhatdan
* Added pod restarthaircommander2018-07-25
| | | | | | | | | With tests, man page and completions. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1152 Approved by: rhatdan
* Merge pull request #1116 from mheon/namespacesDaniel J Walsh2018-07-25
|\ | | | | Add Pod and Container namespaces
| * Address first round of review commentsMatthew Heon2018-07-24
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Add --namespace flag to PodmanMatthew Heon2018-07-24
| | | | | | | | | | | | | | Allows joining libpod to a specific namespace when running a Podman command. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | podman: allow to specify the IPC namespace to joinGiuseppe Scrivano2018-07-24
| | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1145 Approved by: rhatdan
* | podman: allow to specify the UTS namespace to joinGiuseppe Scrivano2018-07-24
| | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1145 Approved by: rhatdan
* | podman: allow to specify the PID namespace to joinGiuseppe Scrivano2018-07-24
| | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1145 Approved by: rhatdan
* | podman: allow to specify the userns to joinGiuseppe Scrivano2018-07-24
|/ | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1145 Approved by: rhatdan
* We don't currently support --mac-addressDaniel J Walsh2018-07-24
| | | | | | | | | Make this clear in the docs and Command. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1138 Approved by: mheon
* Update container Mounted() and Mountpoint() functionsMatthew Heon2018-07-24
| | | | | | | | | | | | | | | | Addresses a regression in `podman mount` due to our mount changes to allow concurrency by letting c/storage handle mounting and unmounting. Combine Mounted() and Mountpoint() into one function and query c/storage directly to ensure we get accurate information. Fixes: #1143 Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1144 Approved by: baude
* AppArmor: runtime check if it's enabled on the hostValentin Rothberg2018-07-23
| | | | | | | | | Check at runtime if AppArmor is enabled on the host. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1128 Approved by: mheon
* Add format descriptors infor to podman topDaniel J Walsh2018-07-23
| | | | | | | | | | Trying to play with podman top, I had a hard time finding info on format options. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1134 Approved by: umohnani8
* Fix error handling in pod start/stop.haircommander2018-07-23
| | | | | | | | | Before, errors in containers would never be printed, and a generic error would only be shown. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1132 Approved by: mheon
* Merge pull request #1117 from haircommander/pod-start-stop1Matthew Heon2018-07-20
|\ | | | | Add pod start and stop