summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* podman-generate-systemd --newValentin Rothberg2020-01-09
| | | | | | | | | | | | | | | Add a --new flag to podman-generate-systemd to create a new container via podman-run instead of starting an existing container. Creating a new container presents the challenge to find a reverse mapping from a container to the CLI flags it can be created with. We are doing this via `(Container).Config.CreateCommand` field, which includes a copy of the process' command from procFS at creating time. This field may not be useful when the container was not created via the Podman CLI (e.g., via a Python script). Hence, we do not guarantee the correctness of the generated files. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #4802 from rhatdan/varlinkOpenShift Merge Robot2020-01-09
|\ | | | | Fix podman-remote info to show registry data
| * Fix podman-remote info to show registry dataDaniel J Walsh2020-01-07
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add `untag` sub-commandSascha Grunert2020-01-08
|/ | | | | | | | Podman now supports untagging images via the `untag` sub-command for the root and `image` commands. Testing and documentation has been added as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* Merge pull request #4781 from haircommander/seccomp-profile-rootOpenShift Merge Robot2020-01-07
|\ | | | | play kube: make seccomp handling better conform to k8s
| * play kube: make seccomp handling better conform to k8sPeter Hunt2020-01-03
| | | | | | | | | | | | | | Add flag --seccomp-profile-root in play kube to allow users to specify where to look for seccomp profiles update tests Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | fix bug copy from container directoryQi Wang2020-01-02
|/ | | | | | Keep the original input source path with "/." so podman can copy the content of the directory when copying from container to host. Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #4748 from NevilleC/nc-podnameOpenShift Merge Robot2019-12-29
|\ | | | | [Issue #4703] Add the pod name when we use `podman ps -p`
| * Add the pod name when we use `podman ps -p`Neville Cain2019-12-28
| | | | | | | | | | | | | | | | | | | | | | | | The pod name does not appear when doing `podman ps -p`. It is missing as the documentation says: -p, --pod Print the ID and name of the pod the containers are associated with The pod name is added in the ps output and checked in unit tests. Closes #4703 Signed-off-by: NevilleC <neville.cain@qonto.eu>
* | Merge pull request #4749 from edsantiago/parse_and_validate_signalOpenShift Merge Robot2019-12-27
|\ \ | | | | | | signal parsing - better input validation
| * | signal parsing - better input validationEd Santiago2019-12-26
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The helper function we use for signal name mapping does not check for negative numbers nor invalid (too-high) ones. This can yield unexpected error messages: # podman kill -s -1 foo ERRO[0000] unknown signal "18446744073709551615" This PR introduces a small wrapper for it that: 1) Strips off a leading dash, allowing '-1' or '-HUP' as valid inputs; and 2) Rejects numbers <1 or >64 (SIGRTMAX) Also adds a test suite checking signal handling as well as ensuring that invalid signals are rejected by the command line. Fixes: #4746 Signed-off-by: Ed Santiago <santiago@redhat.com>
* / The --quiet flag does not conflict with templates in psMatthew Heon2019-12-26
|/ | | | | | | | To match Docker behavior, make `--quiet` and `--format` with a Go template not conflict. Instead, just turn off `--quiet` in such cases, as we'll be using Go template output instead. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* add struct response for removal of imagesbaude2019-12-23
| | | | | | | | when removing an image from storage, we should return a struct that details what was untagged vs deleted. this replaces the simple println's used previously and assists in API development. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #4722 from giuseppe/drop-arbitrary-limitOpenShift Merge Robot2019-12-19
|\ | | | | libpod: drop arbitrary memory limit of 4M
| * libpod: drop arbitrary memory limit of 4MGiuseppe Scrivano2019-12-17
| | | | | | | | | | | | drop the arbitrary limit of 4M for creating a container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | container config: add CreateCommandValentin Rothberg2019-12-13
|/ | | | | | | | | | | | | | | | | | Store the full command plus arguments of the process the container has been created with. Expose this data as a `Config.CreateCommand` field in the container-inspect data as well. This information can be useful for debugging, as we can find out which command has created the container, and, if being created via the Podman CLI, we know exactly with which flags the container has been created with. The immediate motivation for this change is to use this information for `podman-generate-systemd` to generate systemd-service files that allow for creating new containers (in contrast to only starting existing ones). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #4677 from baude/execenvfileOpenShift Merge Robot2019-12-11
|\ | | | | allow exec to read files of environment variables
| * allow exec to read files of environment variablesbaude2019-12-11
| | | | | | | | | | | | | | | | | | we want the ability to define environment variables in files for the exec command. Fixes: #1782408 Signed-off-by: baude <bbaude@redhat.com>
* | move image filters under libpod/imagesbaude2019-12-10
|/ | | | | | | | to make things more effecient for the api work we are doing, we should process image filters internally (as opposed to in main). this allows for better api responses and more closely affiliated functions. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #4517 from baude/macvlanOpenShift Merge Robot2019-12-09
|\ | | | | macvlan networks
| * macvlan networksbaude2019-12-09
| | | | | | | | | | | | add the ability to a macvlan network with podman network create. Signed-off-by: baude <bbaude@redhat.com>
* | Use terminal detach keys sequence specified in the config fileMarco Vedovati2019-12-06
| | | | | | | | | | | | Fixes: #4556 Signed-off-by: Marco Vedovati <mv@sba.lat>
* | Merge pull request #4596 from kunalkushwaha/container-pruneOpenShift Merge Robot2019-12-02
|\ \ | | | | | | container prune command fixed as per docker prune command
| * | filter added to container prune commandKunal Kushwaha2019-11-29
| | | | | | | | | | | | | | | | | | | | | filter flag helps to filter the containers based on labels, until(time), name, etc for prune command. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | command output fixed as per docker equivalentKunal Kushwaha2019-11-28
| | | | | | | | | | | | | | | | | | container prune command ask for confirmation by default. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | Merge pull request #4608 from rhatdan/vendorOpenShift Merge Robot2019-12-02
|\ \ \ | | | | | | | | Fix podman-remote version to print client and server
| * | | Fix podman-remote version to print client and serverDaniel J Walsh2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the user specifies .Server.* on a non podman-remote, substitute .Client for .Server and return the value. This is for compatability with Docker. Since prior versions documented --format {{ .Version }}, we have to continue to support that. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4493 from mheon/add_removing_stateOpenShift Merge Robot2019-12-02
|\ \ \ \ | |/ / / |/| | | Add ContainerStateRemoving
| * | | Add ContainerStateRemovingMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Libpod removes a container, there is the possibility that removal will not fully succeed. The most notable problems are storage issues, where the container cannot be removed from c/storage. When this occurs, we were faced with a choice. We can keep the container in the state, appearing in `podman ps` and available for other API operations, but likely unable to do any of them as it's been partially removed. Or we can remove it very early and clean up after it's already gone. We have, until now, used the second approach. The problem that arises is intermittent problems removing storage. We end up removing a container, failing to remove its storage, and ending up with a container permanently stuck in c/storage that we can't remove with the normal Podman CLI, can't use the name of, and generally can't interact with. A notable cause is when Podman is hit by a SIGKILL midway through removal, which can consistently cause `podman rm` to fail to remove storage. We now add a new state for containers that are in the process of being removed, ContainerStateRemoving. We set this at the beginning of the removal process. It notifies Podman that the container cannot be used anymore, but preserves it in the DB until it is fully removed. This will allow Remove to be run on these containers again, which should successfully remove storage if it fails. Fixes #3906 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #4558 from rhatdan/resetOpenShift Merge Robot2019-11-29
|\ \ \ \ | | | | | | | | | | Add podman system reset command
| * | | | Add podman system reset commandDaniel J Walsh2019-11-29
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | This command will destroy all data created via podman. It will remove containers, images, volumes, pods. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / | | Do not initialize store on rootless podmanSascha Grunert2019-11-29
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | This fixes a double-locking issue of the container storage when running rootless podman. Closes #4591 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #4568 from openSUSE/historyOpenShift Merge Robot2019-11-27
|\ \ \ | | | | | | | | Add support for image name history
| * | | Add support for image name historySascha Grunert2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We leverage the containers/storage image history tracking feature to show the previously used image names when running: `podman images --history` Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | Merge pull request #4443 from QiWang19/prune_podOpenShift Merge Robot2019-11-26
|\ \ \ \ | | | | | | | | | | Remove containers when pod prune & pod rm.
| * | | | Remove containers when pruning a stopped pod.Qi Wang2019-11-26
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod. PrunePods and RemovePod should be able to remove containers without force removal of stopped pods. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #4475 from rhatdan/tmpdirOpenShift Merge Robot2019-11-26
|\ \ \ \ | |/ / / |/| | | Add missing information to podman.1 man page
| * | | Add missing information to podman.1 man pageDaniel J Walsh2019-11-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add missing options. Define the use of the TMPDIR environment variable for the storing of container images when they are being pulled to the system. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4514 from mheon/discard_cleanup_errorsOpenShift Merge Robot2019-11-26
|\ \ \ \ | | | | | | | | | | Discard errors from Shutdown in `system renumber`
| * | | | Discard errors from Shutdown in `system renumber`Matthew Heon2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Every other Podman command discards errors from Shutdown, which will error if containers are running. Mirror that behavior, just ignore the errors. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | podman {pod,} rm/stop: add --ignore flagValentin Rothberg2019-11-25
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an --ignore flag to podman rm and stop. When specified, Podman will ignore "no such {container,pod}" errors that occur when a specified container/pod is not present in the store (anymore). The motivation behind adding this flag is to write more robust systemd services using Podman. A user might have manually decided to remove a container/pod which would lead to a failure during the `ExecStop` directive of a systemd service referencing that container/pod. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4512 from kunalkushwaha/prune-filterOpenShift Merge Robot2019-11-22
|\ \ \ \ | |_|/ / |/| | | image prune command fixed as per docker image prune.
| * | | filter added to image pruge command.Kunal Kushwaha2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filter option accepts two filters. - label - until label supports "label=value" or "label=key=value" format until supports all golang compatible time/duration formats. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | | warning added before image prune commandKunal Kushwaha2019-11-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Warning message added before executing image prune Added a force option, to execute without user input. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | | Merge pull request #4523 from vrothberg/systemd-improvementsOpenShift Merge Robot2019-11-19
|\ \ \ \ | | | | | | | | | | podman rm/stop --cidfile
| * | | | podman rm/stop --cidfileValentin Rothberg2019-11-18
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a --cidfile flag to podman rm/stop to pass a container ID via a file. Podman run already provides the functionaly to store the ID in a specified file which we now complete with rm/stop. This allows for a better life-cycle management in systemd services. Note that --cdifile can be specified multiple times to rm/stop. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4505 from vrothberg/archOpenShift Merge Robot2019-11-16
|\ \ \ \ | | | | | | | | | | container create: os/arch check
| * | | | container create: os/arch checkValentin Rothberg2019-11-12
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | Unless explicitely overridden, check if the image's OS and architecture and throw an errors in case of a mismatch. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4368 from haircommander/pod-annotationsOpenShift Merge Robot2019-11-15
|\ \ \ \ | |_|/ / |/| | | Add pod annotations to container
| * | | Add pod annotations to containerPeter Hunt2019-11-08
| | | | | | | | | | | | | | | | | | | | | | | | We have the annotations SandboxID, let's use them. This also allows kata containers to be created in pods and share a VM with the infra container. Note: as of now, this sharing only works if the pod has an infra container Signed-off-by: Peter Hunt <pehunt@redhat.com>