summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* auto updatesValentin Rothberg2020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to auto-update containers running in systemd units as generated with `podman generate systemd --new`. `podman auto-update` looks up containers with a specified "io.containers.autoupdate" label (i.e., the auto-update policy). If the label is present and set to "image", Podman reaches out to the corresponding registry to check if the image has been updated. We consider an image to be updated if the digest in the local storage is different than the one of the remote image. If an image must be updated, Podman pulls it down and restarts the container. Note that the restarting sequence relies on systemd. At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT" environment variables and stores it verbatim in the container's label. This variable is now set by all systemd units generated by `podman-generate-systemd` and is set to `%n` (i.e., the name of systemd unit starting the container). This data is then being used in the auto-update sequence to instruct systemd (via DBUS) to restart the unit and hence to restart the container. Note that this implementation of auto-updates relies on systemd and requires a fully-qualified image reference to be used to create the container. This enforcement is necessary to know which image to actually check and pull. If we used an image ID, we would not know which image to check/pull anymore. Fixes: #3575 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* add os|arch attributes when buildingBrent Baude2020-03-15
| | | | | | | | when building images, we can now add the os and arch of the image using overrides from the commandline. the commandline options set sane defaults so we use those as well. Fixes: #5503 Signed-off-by: Brent Baude <bbaude@redhat.com>
* remove imagefilter for varlink remote clientBrent Baude2020-03-12
| | | | | | the api for getting images changed to use filters but back level podman versions cannot handle it. so temporarily disabling the filtering for remote clients until the restful approach can be used. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5469 from giuseppe/no-size-create-containerOpenShift Merge Robot2020-03-12
|\ | | | | create: do not calculate image size
| * create: do not calculate image sizeGiuseppe Scrivano2020-03-12
| | | | | | | | | | | | | | calculating the image size can be an expensive operation. Avoid doing it when creating a new container since the size is not needed. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | man page cross-reference fixes: part 2Ed Santiago2020-03-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The other direction: fix or clean up elements documented in man pages but which did/do not exist in actual podman: * runlabel: add missing "-n" alias for --name And, remove man page entries for nonexistent options: * podman commit: --iidfile * podman container runlabel: --rootfs, --storage * podman create: --cpu-count There are two problems I don't know how to deal with. Both are related to main_local.go:rootCmd.PersistentFlags() : 1) podman-build.1.md documents --cni-config-dir and --runtime options, but these are not actually options under podman build; they are global options. The documentation in this man page differs from that under podman-build. 2) podman ps implements a binary --namespace option, but this option does not (cannot?) appear in --help because there's a global --namespace string option and Cobra somehow gets confused about this. Do we really intend for global options to be parsed on the right-hand side of subcommands? This strikes me as unintuitive and potentially confusing, although the fact that it has taken me this long to discover it suggests that it's not _that_ confusing. Suggestions welcome. I can file issues for 1/2 above, or simply teach my script to special-case ignore them. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | man pages: fix inconsistenciesEd Santiago2020-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I wrote a script to cross-reference podman --help against man pages. It found a bunch of inconsistencies fix them: * options missing from man pages * options misspelled or misformatted in man pages (usually misplaced asterisks or missing dashes, but see --dns-opt) * one spurious comma in the actual source file --help This is a fix in which I iterate over 'podman CMD --help' and check for presence in man pages. The other way around (look for flags in man pages, check podman CMD --help) is probably impossible: there are too many special cases Signed-off-by: Ed Santiago <santiago@redhat.com>
* | hide --trace flagValentin Rothberg2020-03-10
| | | | | | | | | | | | The tracing flag is not really something users should worry about. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | podman --help: mention defaults of boolsValentin Rothberg2020-03-10
| | | | | | | | | | | | | | | | | | While string variables are shown to expect a string argument, boolean variables are not. This easily tricks users into believing they are simple switches without arguments. Hence, explicitly mention the default to clarify it a bit more. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | use storage/pkg/homedirValentin Rothberg2020-03-09
| | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #5412 from rhatdan/tmpdirOpenShift Merge Robot2020-03-08
|\ \ | | | | | | Allow users to set TMPDIR environment
| * | Allow users to set TMPDIR environmentDaniel J Walsh2020-03-06
| | | | | | | | | | | | | | | | | | | | | Some users have small /var/tmp directories and need to be able to specify a different location for temporary files, which includes more space. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Fix spelling mistakes in code found by codespellDaniel J Walsh2020-03-07
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | add default network for apiv2 createBrent Baude2020-03-06
|/ / | | | | | | | | | | | | | | | | | | | | | | | | during container creation, if no network is provided, we need to add a default value so the container can be later started. use apiv2 container creation for RunTopContainer instead of an exec to the system podman. RunTopContainer now also returns the container id and an error. added a libpod commit endpoint. also, changed the use of the connections and bindings slightly to make it more convenient to write tests. Fixes: 5366 Signed-off-by: Brent Baude <bbaude@redhat.com>
* / golangci: enable goimportsValentin Rothberg2020-03-05
|/ | | | | | Enable the goimports linter and fix reports. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5389 from openSUSE/fix-image-sign-helpOpenShift Merge Robot2020-03-04
|\ | | | | Fix podman image sign help output
| * Fix podman image sign help outputSascha Grunert2020-03-04
| | | | | | | | | | | | | | Adjust the help output to mention `podman image sign` instead of just `podman sign`. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #5381 from vrothberg/ENVFIXOpenShift Merge Robot2020-03-04
|\ \ | | | | | | env: set "container" to current binary
| * | env: don't set "container" envValentin Rothberg2020-03-04
| |/ | | | | | | | | | | | | | | Leave setting the "container" variable to consumers of pkg/env. Podman is now hard-setting it to "podman" while "libpod" will set it internally to "libpod" if it's unset. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #4772 from boaz0/closes_4628OpenShift Merge Robot2020-03-04
|\ \ | |/ |/| Add the rmi flag to podman-run to delete container image
| * Add the rmi flag to podman-run to delete container imageBoaz Shuster2020-03-03
| | | | | | | | | | | | | | | | | | | | The --rmi flag will delete the container image after its execution unless that image is already been used by another container(s). This is useful when one wants to execute a container once and remove any resources attached to it. Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | consolidate env handling into pkg/envValentin Rothberg2020-03-03
|/ | | | | | | | | Env-variable related code is scattered across several packages making it hard to maintain and extend. Consolidate the code into a new pkg/env package. Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #5244 from Akasurde/i4962OpenShift Merge Robot2020-02-28
|\ | | | | Add cmd flag to show container name in log
| * Review commentsAbhijeet Kasurde2020-02-19
| | | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
| * [WIP] Add cmd flag to show container name in logAbhijeet Kasurde2020-02-19
| | | | | | | | | | | | | | | | This flag allows user to show container name in podman log command Fixes: #4962 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | build: specify input fd to buildahGiuseppe Scrivano2020-02-28
| | | | | | | | | | | | | | It solves a tight loop with poll as stdin will be initialized to /dev/null in buildah/imagebuildah/StageExecutor.Run. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Remove 1 sec delayJhon Honce2020-02-25
| | | | | | | | | | | | | | | | | | * Stop closing net.Listener() twice on interrupt * Do not report error if closing server twice Fixes #5311 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #5305 from mheon/check_for_common_deadlocksOpenShift Merge Robot2020-02-25
|\ \ | | | | | | Add basic deadlock detection for container start/remove
| * | Add basic deadlock detection for container start/removeMatthew Heon2020-02-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can easily tell if we're going to deadlock by comparing lock IDs before actually taking the lock. Add a few checks for this in common places where deadlocks might occur. This does not yet cover pod operations, where detection is more difficult (and costly) due to the number of locks being involved being higher than 2. Also, add some error wrapping on the Podman side, so we can tell people to use `system renumber` when it occurs. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | build: move initialization after SetXdgDirsGiuseppe Scrivano2020-02-24
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | otherwise it triggers the config file initialization from vendor/github.com/containers/common/pkg/config before the init() in main.go can set correctly XDG_RUNTIME_DIR and DBUS_SESSION_BUS_ADDRESS when they are missing. commit 96de762eedd1470dfbe73cf424eea848589268d7 introduced the regression. Closes: https://github.com/containers/libpod/issues/5314 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #4889 from baude/portsearchOpenShift Merge Robot2020-02-23
|\ \ | | | | | | fix port list by container with port
| * | Friendly amendment: tests, and a help messageEd Santiago2020-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) Help message for podman port was missing [PORT] 2) Add test for 'podman port'. And, actually, an entire networking test that I'd written some weeks ago but apparently didn't 'git add'. Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Brent Baude <bbaude@redhat.com>
| * | fix port list by container with portbaude2020-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | code was erronously misinterpretting the port as a containername. Fixes: #1791832 Signed-off-by: baude <bbaude@redhat.com> Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Add --no-healthcheck command to create/runBrent Baude2020-02-22
|/ / | | | | | | | | | | | | | | Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well. Fixes: #5299 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Add support for ssh:// and unix:// podman clientsJhon Honce2020-02-20
| | | | | | | | | | | | | | | | | | | | * Make context keys package safe * Add support for PODMAN_HOST and PODMAN_SSHKEY * Add slight increasing delay when client connections fail * Remove usages of path.Join(), added JoinURL(). '/' is not OS dependent. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #5268 from Akasurde/warn_bare_passwordOpenShift Merge Robot2020-02-20
|\ \ | | | | | | Warn user about --password cli option in login
| * | Warn user about --password cli option in loginAbhijeet Kasurde2020-02-20
| | | | | | | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | | Merge pull request #5253 from rhatdan/buildahOpenShift Merge Robot2020-02-20
|\ \ \ | | | | | | | | Update to the latest version of buildah
| * | | Update to the latest version of buildahDaniel J Walsh2020-02-19
| |/ / | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #5241 from mheon/pod_network_opts_addOpenShift Merge Robot2020-02-20
|\ \ \ | |/ / |/| | Add network opts to pods
| * | Add network options to podman pod createMatthew Heon2020-02-19
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables most of the network-related functionality from `podman run` in `podman pod create`. Custom CNI networks can be specified, host networking is supported, DNS options can be configured. Also enables host networking in `podman play kube`. Fixes #2808 Fixes #3837 Fixes #4432 Fixes #4718 Fixes #4770 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5225 from vrothberg/fix-5087OpenShift Merge Robot2020-02-19
|\ \ | | | | | | config: use built-in TOML merge and adhere to label setting
| * | set process labels in pkg/specValentin Rothberg2020-02-19
| | | | | | | | | | | | | | | | | | | | | | | | Set the (default) process labels in `pkg/spec`. This way, we can also query libpod.conf and disable labeling if needed. Fixes: #5087 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #5233 from QiWang19/login/out-parameterOpenShift Merge Robot2020-02-19
|\ \ \ | |/ / |/| | fix mandatory parameter in login/logout
| * | fix mandatory parameter in login/logoutQi Wang2020-02-18
| | | | | | | | | | | | | | | | | | | | | fix #5146 Insted of using a registry as mandatory parameter, this path allows podman to use the first registry from registries.conf. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #5243 from Akasurde/misc_typoOpenShift Merge Robot2020-02-18
|\ \ \ | |/ / |/| | Misc typo fixes
| * | Misc typo fixesAbhijeet Kasurde2020-02-18
| |/ | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | Merge pull request #5223 from vrothberg/ps-image-idOpenShift Merge Robot2020-02-18
|\ \ | | | | | | podman-ps: support image IDs
| * | podman-ps: support image IDsValentin Rothberg2020-02-17
| | | | | | | | | | | | | | | | | | | | | Support printing image IDs via `--format "{{.ImageID}}"`. Fixes: #5160 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Fix handler and systemd activation errorsJhon Honce2020-02-17
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On panic from handler: log warning and stack trace, report InternalServerError to client When using `podman system service` make determining the listening endpoint deterministic. // When determining _*THE*_ listening endpoint -- // 1) User input wins always // 2) systemd socket activation // 3) rootless honors XDG_RUNTIME_DIR // 4) if varlink -- adapter.DefaultVarlinkAddress // 5) lastly adapter.DefaultAPIAddress Fixes #5150 Fixes #5151 Signed-off-by: Jhon Honce <jhonce@redhat.com>