summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* network aliases for container creationbaude2020-11-09
| | | | | | | | podman can now support adding network aliases when running containers (--network-alias). It requires an updated dnsname plugin as well as an updated ocicni to work properly. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #8276 from Luap99/search-jsonOpenShift Merge Robot2020-11-09
|\ | | | | Add support for podman search --format json
| * Add support for podman search --format jsonPaul Holzinger2020-11-09
| | | | | | | | | | | | Fixes #8274 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | rootless container creation settingsbaude2020-11-05
|/ | | | | | | | when running container creation as rootless on the compatibility layer, we need to make sure settings are not being done for memory and memory swappiness. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #8166 from rhatdan/unbindableOpenShift Merge Robot2020-11-02
|\ | | | | Allow users to mount with unbindable flag
| * Add better support for unbindable volume mountsDaniel J Walsh2020-11-02
| | | | | | | | | | | | | | | | Allow users to specify unbindable on volume command line Switch internal mounts to rprivate to help prevent leaks. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #8207 from xordspar0/common-period-quotaOpenShift Merge Robot2020-11-02
|\ \ | | | | | | Centralize cores and period/quota conversion code
| * | Centralize cores and period/quota conversion codeJordan Christiansen2020-10-31
| |/ | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* / Match build pull functionality with Docker'sTomSweeneyRedHat2020-10-31
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a continuation of #8189 and #8085. When doing a `docker build` command, if the `--pull` command is not specified or set to `false` the pullOption used is `PullifMissing`. This causes the build to pull the image only if it is not present in local storage. It also will raise an error if the image is not found in the registry (or the registry is down), even if the image is present in local storage. If the `--pull` command IS specified or specified with an argument of `true`, the build will always pull the image from the registries. This uses the pullOption `PullAlways`. It also will raise an error if the image is not found in the registry, even if the image is present in local storage. These changes now brings the pull functionality for `podman build` into line with `docker build`. However, I consider this to be a breaking change. Previously if you did `podman build --pull`, `podman build` or `podman build --pull = true`, then the image would be pulled from the registry if there was not an image in local storage or if the image in the registry was newer than the one in local storage. An error would *NOT* be raised if there was not an image in the registry or the registry was down as long as there was a copy in the local storage. An error would be raised if the image could not be retrieved from both the registry and local storage. This is the PullOption `PullIfNewer`. I believe this also differs from what Buildah does at this time but I'm too beat to chase that down at the moment. Personally I'd like to use the `PullIfNewer` for at least `--pull` and `--pull=true` so that you don't get an error if the registry has a network hiccup and the image is already stored locally. But this differs from Docker. I'd like to post scrum about this at our next stand up to make sure we're all on the same page about the ramifications of this change. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #8201 from QiWang19/search-limitOpenShift Merge Robot2020-10-30
|\ | | | | Remove search limit since pagination support
| * Remove search limit since pagination supportQi Wang2020-10-30
| | | | | | | | | | | | Remove the search limit check since the c/image v5.6.0 supports pagination and can give result over 100 entries. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #8177 from rhatdan/wrapOpenShift Merge Robot2020-10-30
|\ \ | | | | | | Stop excessive wrapping of errors
| * | Stop excessive wrapping of errorsDaniel J Walsh2020-10-30
| |/ | | | | | | | | | | | | | | | | | | | | | | Most of the builtin golang functions like os.Stat and os.Open report errors including the file system object path. We should not wrap these errors and put the file path in a second time, causing stuttering of errors when they get presented to the user. This patch tries to cleanup a bunch of these errors. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #8187 from jwhonce/wip/tableOpenShift Merge Robot2020-10-30
|\ \ | |/ |/| Restore --format table header support
| * Restore --format table header supportJhon Honce2020-10-29
| | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #8189 from mheon/further_fix_pull_flagOpenShift Merge Robot2020-10-29
|\ \ | | | | | | Fix the `--pull` flag to `podman build` to match Docker
| * | Fix the `--pull` flag to `podman build` to match DockerMatthew Heon2020-10-29
| | | | | | | | | | | | | | | | | | | | | | | | The behavior should be as follows: Unset, pull if missing by default, obey the `--pull-never` and `--pull-always` flags. Set to false, pull never. Set to true, pull always. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #8186 from Luap99/fix-8184OpenShift Merge Robot2020-10-29
|\ \ \ | |/ / |/| | Create the default root API address path
| * | Create the default root API address pathPaul Holzinger2020-10-29
| |/ | | | | | | | | | | Fixes #8184 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #8085 from TomSweeneyRedHat/dev/tsweeney/fixpullsOpenShift Merge Robot2020-10-29
|\ \ | | | | | | Fix pull method selection
| * | Fix pull method selectionTomSweeneyRedHat2020-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using 'podman build --pull=true', the image was not pulled if the image being pulled was present locally, but a newer version was in the repository. It was only pulled if there was no image in local storage. In addition, the pull-never option was ignored. The line `if flags.Pull{` at line 244 was always returning true negating the default pullPolicy of PullNever. Reworked the algorthim for the selection process. Now PullIfNewer is set to the default, and then we set the pullPolicy appropriately based on the other flags passed in to this routine. As an FYI, logic run in the calling functions ensures that we have only one pull flag in the command. Addresses: #8024 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | new "image" mount typeValentin Rothberg2020-10-29
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | Add a new "image" mount type to `--mount`. The source of the mount is the name or ID of an image. The destination is the path inside the container. Image mounts further support an optional `rw,readwrite` parameter which if set to "true" will yield the mount writable inside the container. Note that no changes are propagated to the image mount on the host (which in any case is read only). Mounts are overlay mounts. To support read-only overlay mounts, vendor a non-release version of Buildah. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #8102 from ashley-cui/inspectOpenShift Merge Robot2020-10-27
|\ \ | | | | | | Add pod, volume, network to inspect package
| * | Add pod, volume, network to inspect packageAshley Cui2020-10-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman inspect only had the capabilities to inspect containers and images. if a user wanted to inspect a pod, volume, or network, they would have to use `podman network inspect`, `podman pod inspect` etc. Docker's cli allowed users to inspect both volumes and networks using regular inspect, so this commit gives the user the functionality If the inspect type is not specified using --type, the order of inspection is: containers images volumes networks pods meaning if container that has the same name as an image, podman inspect would return the container inspect. To avoid duplicate code, podman network inspect and podman volume inspect now use the inspect package as well. Podman pod inspect does not because podman pod inspect returns a single json object while podman inspect can return multiple) Signed-off-by: Ashley Cui <acui@redhat.com>
* | | set resources only when specifiedbaude2020-10-27
|/ / | | | | | | | | | | when using the compatibility endpoint to create a container, we should only set certain resources when we are provided a value for them or we result in fields with zero values. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #8094 from rhatdan/cidfileOpenShift Merge Robot2020-10-27
|\ \ | | | | | | The cidfile should be created when the container is created
| * | The cidfile should be created when the container is createdDaniel J Walsh2020-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if you run an interactive session of podman run and specifiy the --cidfile option, the cidfile will not get created until the container finishes running. If you run a detached container, it will get created right away. This Patch creates the cidfile as soon as the container is created. This could allow other tools to use the cidefile on all running containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | auto update: mark it as non-experimentalValentin Rothberg2020-10-26
|/ / | | | | | | | | | | | | | | | | Auto updates have inititally been marked as experimental which allowed us to receive initital feedback from the community. More than half a year has passed and we are now confident to mark `podman-auto-update` as stable. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #8053 from rhatdan/detachkeysOpenShift Merge Robot2020-10-22
|\ \ | | | | | | podman create doesn't support creating detached containers
| * | podman create doesn't support creating detached containersDaniel J Walsh2020-10-21
| |/ | | | | | | | | | | | | | | | | | | | | | | Detached containers and detach keys are only created with the podman run, i exec, and start commands. We do not store the detach key sequence or the detach flags in the database, nor does Docker. The current code was ignoreing these fields but documenting that they can be used. Fix podman create man page and --help output to no longer indicate that --detach and --detach-keys works. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7772 from TomSweeneyRedHat/dev/tsweeney/splitnOpenShift Merge Robot2020-10-21
|\ \ | |/ |/| Convert Split() calls with an equal sign to SplitN()
| * Convert Split() calls with an equal sign to SplitN()TomSweeneyRedHat2020-10-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After seeing #7759, I decided to look at the calls in Podman and Buildah to see if we had issues with strings.Split() calls where an "=" (equals) sign was in play and we expected to split on only the first one. There were only one or two that I found in here that I think might have been troubling, the remainder are just adding some extra safety. I also had another half dozen or so that were checking length expectations appropriately, those I left alone. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #8077 from jwhonce/wip/reportOpenShift Merge Robot2020-10-21
|\ \ | | | | | | Refactor podman to use c/common/pkg/report
| * | Refactor podman to use c/common/pkg/reportJhon Honce2020-10-21
| | | | | | | | | | | | | | | | | | | | | All formatting for containers stack moved into one package The does not correct issue with headers when using custom tables Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #8034 from rhatdan/optionsOpenShift Merge Robot2020-10-21
|\ \ \ | | | | | | | | Switch help messages from using [flags] to [options]
| * | | Switch use of Flags to OptionsDaniel J Walsh2020-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Want to have man pages match commands, since we have lots of printed man pages with using Options, we will change the command line to use Options in --help. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #8093 from rhatdan/waitOpenShift Merge Robot2020-10-21
|\ \ \ \ | |_|/ / |/| | | Fix handling and documentation of podman wait --interval
| * | | Fix handling and documentation of podman wait --intervalDaniel J Walsh2020-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In older versions of podman, we supported decimal numbers defaulting to microseconds. This PR fixes to allow users to continue to specify only digits. Also cleaned up documentation to fully describe what input for --interval flag. Finally improved testing on podman wait to actually make sure the command succeeded. Fixed tests to work on podman-remote. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #8092 from rhatdan/stdinOpenShift Merge Robot2020-10-21
|\ \ \ \ | | | | | | | | | | Podman build should default to not usins stdin
| * | | | Podman build should default to not usins stdinDaniel J Walsh2020-10-21
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we leak stdin into podman builds, which can lead to issues like run commands inside of the container waiting for user input. We should not take input from users other then if the user specifies podman build -f - or podman build -, which are taken care of in other code. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #7948 from saschagrunert/ps-fixOpenShift Merge Robot2020-10-21
|\ \ \ \ | |_|/ / |/| | | Fix ps port output
| * | | Fix ps port outputSascha Grunert2020-10-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When defining multiple ports (same src/dst) like `-p 80:80 -p 443:443` then podman will not show the complete output on `podman ps` (only `0.0.0.0:80->80/tcp` in the example). This also applies to port ranges. This patch refactors the port loop by pre-checking for ranges and displaying them correctly to the end user. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | Merge pull request #8022 from baude/compatapitospecgenOpenShift Merge Robot2020-10-21
|\ \ \ \ | |_|/ / |/| | | refactor api compatibility container creation to specgen
| * | | refactor api compatibility container creation to specgenbaude2020-10-20
| |/ / | | | | | | | | | | | | | | | when using the compatibility layer to create containers, it used code paths to the pkg/spec which is the old implementation of containers. it is error prone and no longer being maintained. rather that fixing things in spec, migrating to specgen usage seems to make the most sense. furthermore, any fixes to the compat create will not need to be ported later. Signed-off-by: baude <bbaude@redhat.com>
* / / --tls-verify and --authfile should work for all remote commandsDaniel J Walsh2020-10-19
|/ / | | | | | | | | | | | | These options are now fully supported in the remote API and should no longer be hidden and/or documented as non supported. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7908 from rhatdan/diffOpenShift Merge Robot2020-10-19
|\ \ | | | | | | fix podman container exists and diff for storage containers
| * | Add support for external containerDaniel J Walsh2020-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | External containers are containers created outside of Podman. For example Buildah and CRI-O Containers. $ buildah from alpine alpine-working-container $ buildah run alpine-working-container touch /test $ podman container exists --external alpine-working-container $ podman container diff alpine-working-container C /etc A /test Added --external flag to refer to external containers, rather then --storage. Added --external for podman container exists and modified podman ps to use --external rather then --storage. It was felt that --storage would confuse the user into thinking about changing the storage driver or options. --storage is still supported through the use of aliases. Finally podman contianer diff, does not require the --external flag, since it there is little change of users making the mistake, and would just be a pain for the user to remember the flag. podman container exists --external is required because it could fool scripts that rely on the existance of a Podman container, and there is a potential for a partial deletion of a container, which could mess up existing users. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Fix podman image trust show --raw outputPaul Holzinger2020-10-15
|/ / | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #8021 from mheon/fix_pod_inspect_indentOpenShift Merge Robot2020-10-14
|\ \ | | | | | | Fix indentation for `podman pod inspect`
| * | Fix indentation for `podman pod inspect`Matthew Heon2020-10-14
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>