summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* Merge pull request #3639 from giuseppe/user-ns-containerOpenShift Merge Robot2019-07-26
|\ | | | | podman: support --userns=ns|container
| * pods: do not to join a userns if there is not anyGiuseppe Scrivano2019-07-25
| | | | | | | | | | | | | | do not attempt to join the user namespace if the pod is running in the host user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | fix import not ignoring url pathQi Wang2019-07-24
|/ | | | | | | fix #3609 Podman import used to check filename to only allow tarball path as a file. It should also allow an url as the doc mentioned. This PR allows the program to continue if the input is a valid URL Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #3624 from haircommander/conmon-exec-with-remote-execOpenShift Merge Robot2019-07-24
|\ | | | | Add remote exec
| * add detach keys support for remotePeter Hunt2019-07-23
| | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
| * move editing of exitCode to runtimePeter Hunt2019-07-23
| | | | | | | | | | | | | | | | | | There's no way to get the error if we successfully get an exit code (as it's just printed to stderr instead). instead of relying on the error to be passed to podman, and edit based on the error code, process it on the varlink side instead Also move error codes to define package Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Merge pull request #3633 from QiWang19/networkOpenShift Merge Robot2019-07-24
|\ \ | | | | | | fix build --network=container
| * | fix build --network=containerQi Wang2019-07-23
| |/ | | | | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* / Fixes issue #3577.John Hooks2019-07-23
|/ | | | | | Fix punctuation and wording in some places. Signed-off-by: John Hooks <hooksie11@gmail.com>
* Merge pull request #3621 from baude/golangcilint4OpenShift Merge Robot2019-07-23
|\ | | | | golangci-lint phase 4
| * golangci-lint phase 4baude2019-07-22
| | | | | | | | | | | | | | | | | | | | | | clean up some final linter issues and add a make target for golangci-lint. in addition, begin running the tests are part of the gating tasks in cirrus ci. we cannot fully shift over to the new linter until we fix the image on the openshift side. for short term, we will use both Signed-off-by: baude <bbaude@redhat.com>
* | Implement conmon execPeter Hunt2019-07-22
|/ | | | | | | | | | | | | | | | | | | | | | This includes: Implement exec -i and fix some typos in description of -i docs pass failed runtime status to caller Add resize handling for a terminal connection Customize exec systemd-cgroup slice fix healthcheck fix top add --detach-keys Implement podman-remote exec (jhonce) * Cleanup some orphaned code (jhonce) adapt remote exec for conmon exec (pehunt) Fix healthcheck and exec to match docs Introduce two new OCIRuntime errors to more comprehensively describe situations in which the runtime can error Use these different errors in branching for exit code in healthcheck and exec Set conmon to use new api version Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: Peter Hunt <pehunt@redhat.com>
* golangci-lint round #3baude2019-07-21
| | | | | | | this is the third round of preparing to use the golangci-lint on our code base. Signed-off-by: baude <bbaude@redhat.com>
* Add support for listing read/only and read/write imagesDaniel J Walsh2019-07-19
| | | | | | | When removing --all images prune images only attempt to remove read/write images, ignore read/only images Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #3599 from QiWang19/ps-regexpOpenShift Merge Robot2019-07-19
|\ | | | | support podman ps filter regular expressions
| * support podman ps filter regular expressionsQi Wang2019-07-18
| | | | | | | | | | | | podman ps --filter use regexp to match the container name. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #3443 from adrianreber/rootfs-changes-migrationOpenShift Merge Robot2019-07-19
|\ \ | | | | | | Include changes to the container's root file-system in the checkpoint archive
| * | Add --ignore-rootfs option for checkpoint/restoreAdrian Reber2019-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The newly added functionality to include the container's root file-system changes into the checkpoint archive can now be explicitly disabled. Either during checkpoint or during restore. If a container changes a lot of files during its runtime it might be more effective to migrated the root file-system changes in some other way and to not needlessly increase the size of the checkpoint archive. If a checkpoint archive does not contain the root file-system changes information it will automatically be skipped. If the root file-system changes are part of the checkpoint archive it is also possible to tell Podman to ignore these changes. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Fix typo in checkpoint/restore related textsAdrian Reber2019-07-11
| | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Merge pull request #3579 from QiWang19/dns_netOpenShift Merge Robot2019-07-19
|\ \ \ | | | | | | | | fix --dns and --network conflict
| * | | fix --dns* and --network not set to host conflictQi Wang2019-07-18
| | |/ | |/| | | | | | | | | | | | | | | | Close #3553 This PR makes --dns, --dns-option, --dns-search, and --network not set to host flag mutually exclusive for podman build and create. Returns conflict error if both flags are set. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #3584 from QiWang19/pssizeOpenShift Merge Robot2019-07-18
|\ \ \ | | | | | | | | podman-remote make --size optional in ps
| * | | podman-remote make --size optional in psQi Wang2019-07-18
| | | | | | | | | | | | | | | | | | | | | | | | Close #3578 Add `size` field to PsOpts in podman remote to receive size as an option. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | libpod: support for cgroup namespaceGiuseppe Scrivano2019-07-18
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | allow a container to run in a new cgroup namespace. When running in a new cgroup namespace, the current cgroup appears to be the root, so that there is no way for the container to access cgroups outside of its own subtree. By default it uses --cgroup=host to keep the previous behavior. To create a new namespace, --cgroup=private must be provided. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Move the HostConfig portion of Inspect inside libpodMatthew Heon2019-07-17
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we first began writing Podman, we ran into a major issue when implementing Inspect. Libpod deliberately does not tie its internal data structures to Docker, and stores most information about containers encoded within the OCI spec. However, Podman must present a CLI compatible with Docker, which means it must expose all the information in 'docker inspect' - most of which is not contained in the OCI spec or libpod's Config struct. Our solution at the time was the create artifact. We JSON'd the complete CreateConfig (a parsed form of the CLI arguments to 'podman run') and stored it with the container, restoring it when we needed to run commands that required the extra info. Over the past month, I've been looking more at Inspect, and refactored large portions of it into Libpod - generating them from what we know about the OCI config and libpod's (now much expanded, versus previously) container configuration. This path comes close to completing the process, moving the last part of inspect into libpod and removing the need for the create artifact. This improves libpod's compatability with non-Podman containers. We no longer require an arbitrarily-formatted JSON blob to be present to run inspect. Fixes: #3500 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3508 from csomh/healthcheck-flag-compatOpenShift Merge Robot2019-07-16
|\ \ | | | | | | Make the healthcheck flags compatible with Docker CLI
| * | Make the healthcheck flags compatible with Docker CLIHunor Csomortáni2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker CLI calls the healthcheck flags "--health-*", instead of "--healthcheck-*". Introduce the former, in order to keep compatibility, and alias the later, in order to avoid breaking current usage. Change "--healthcheck-*" to "--health-*" in the docs and tests. Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
* | | create: ignore check if image has HEALTHCHECK NONEStefan Becker2019-07-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the image was built with "HEALTHCHECK NONE" then we should create a container without healthcheck configuration. Otherwise executing the healthcheck on the container will return "unhealthy" instead of the correct error message that the container doesn't have a healthcheck. We also ignore the healthcheck configuration if the command list is empty or the command string is empty. Fixes #3525 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | | create: apply defaults on image healthcheck optionsStefan Becker2019-07-16
|/ / | | | | | | | | | | | | | | | | | | | | | | If the image doesn't provide any options, e.g. interval, timeout, etc., then apply the Docker defaults when creating the container. Otherwise the defaults will be left 0 and podman doesn't schedule the healtcheck service & timer for the container or incorrectly reports unhealthy state when the check is executed. Fixes #3525 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | create: improve parser for --healthcheck-commandStefan Becker2019-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix Docker CLI compatibility issue: the "--healthcheck-command" option value should not be split but instead be passed as single string to "CMD-SHELL", i.e. "/bin/sh -c <opt>". On the other hand implement the same extension as is already available for "--entrypoint", i.e. allow the option value to be a JSON array of strings. This will make life easier for tools like podman-compose. Updated "--healthcheck-command" option values in tests accordingly. Continuation of #3455 & #3507 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | Merge pull request #3557 from rhatdan/envOpenShift Merge Robot2019-07-12
|\ \ | | | | | | Add support for --env-host
| * | Fix spelling mistakes in man pages and other docsDaniel J Walsh2019-07-11
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Add glob parsing for --env flagDaniel J Walsh2019-07-11
| | | | | | | | | | | | | | | | | | Sometimes you want to add a few environmen variables based on the last field being a "*". Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Add support for -env-hostDaniel J Walsh2019-07-11
| |/ | | | | | | | | | | | | | | | | | | This flag passes the host environment into the container. The basic idea is to leak all environment variables from the host into the container. Environment variables from the image, and passed in via --env and --env-file will override the host environment. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / golangci-lint pass number 2baude2019-07-11
|/ | | | | | clean up and prepare to migrate to the golangci-linter Signed-off-by: baude <bbaude@redhat.com>
* first pass of corrections for golangci-lintbaude2019-07-10
| | | | Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #3528 from giuseppe/fix-auth-locationOpenShift Merge Robot2019-07-09
|\ | | | | podman: create and run honors auth file location
| * podman: create and run honors auth file locationGiuseppe Scrivano2019-07-09
| | | | | | | | | | | | | | | | if the auth file was overriden, be sure create and run honors it. Closes: https://github.com/containers/libpod/issues/3524 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Fix podman-remote usage message to display `podman-remote` instead of `podman`Ashley Cui2019-07-08
|/ | | | | | When the user uses remote client, the message prompts the user to use `podman-remote`. This does not apply for Mac usage. Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* Merge pull request #3495 from baude/golandcodecleanupOpenShift Merge Robot2019-07-04
|\ | | | | trivial cleanups from golang
| * trivial cleanups from golangbaude2019-07-03
| | | | | | | | | | | | the results of a code cleanup performed by the goland IDE. Signed-off-by: baude <bbaude@redhat.com>
* | ps should use nostore when possiblebaude2019-07-03
|/ | | | | | | | | when not using --size with ps, we do not need a store. this should make ps more effecient when the system is under heavy load. also, prune unused ps functions as no longer needed. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #3477 from ashley-cui/pauserootlessOpenShift Merge Robot2019-07-03
|\ | | | | Fix rootless detection error for pause & unpause
| * Fix rootless detection error for pause & unpauseAshley Cui2019-07-02
| | | | | | | | | | | | | | | | Previously, when pause & unpause were run on rootless, the error message that pause was unsupported for rootless was not being thrown. When running remote, even if remote host was root, unsupported rootless error was being thrown. Now, the error shows up when appropriate. Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* | configure runtime without storebaude2019-07-01
|/ | | | | | | | | some podman commands do not require the use of a container/image store. in those cases, it is more effecient to not open the store, because that results in having to also close the store which can be costly when the system is under heavy write I/O loads. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #3324 from marcov/detach-keys-configurableOpenShift Merge Robot2019-07-01
|\ | | | | libpod: specify a detach keys sequence in libpod.conf
| * podman: clarify the format of --detach-keys argumentMarco Vedovati2019-06-26
| | | | | | | | Signed-off-by: Marco Vedovati <mvedovati@suse.com>
* | Merge pull request #3422 from nalind/no-layer-imagesOpenShift Merge Robot2019-06-28
|\ \ | | | | | | Handle images which contain no layers
| * | Handle images which contain no layersNalin Dahyabhai2019-06-26
| | | | | | | | | | | | | | | | | | | | | This fixes some of our handling of images which have no layers, i.e., those whose TopLayer is set to an empty value. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | | Merge pull request #3451 from ashley-cui/unmountOpenShift Merge Robot2019-06-28
|\ \ \ | | | | | | | | Remove umount command from remote client.