summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* auto-update: make output more user friendlyValentin Rothberg2021-07-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rather raw and scarce output of `podman auto-update` has been a thorn in my eyes for a longer while. So far, Podman would only print updated systemd units, one per line, without further formatting. Motivated by issue #9949 which is asking for some more useful information in combination with a dry-run feature, I sat down and reflected which information may come in handy. Running `podman auto-update` will now look as follows: ``` $ podman auto-update Trying to pull [...] UNIT CONTAINER IMAGE POLICY UPDATED container-test.service 08fd34e533fd (test) localhost:5000/busybox registry false ``` Also refactor the spaghetti code in the backend a bit to make it easier to digest and maintain. For easier testing and for the sake of consistency with other commands listing output, add a `--format` flag. The man page will get an overhaul in a follow up commit. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* auto-update: make restarted unit more obviousValentin Rothberg2021-07-13
| | | | | | | | | | | | | | | | | | The output of auto-update leaves quite some space for improvements. One thing is to make it more obvious which systemd units were restarted. With this change, the output looks as follows: ``` $ podman auto-update Trying to pull... Restarted the following systemd units: $unit-1 $unit-2 $unit-3 ``` Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Restore headers of optional information in 'podman pod ps'Hironori Shiina2021-07-09
| | | | | | | | | When optional information such as container IDs and names in pods, the headers are not displayed. This fix restored the headers. Documentation of this subcommand is also updated. Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
* Merge pull request #10788 from infiniteregrets/multi-pullOpenShift Merge Robot2021-07-06
|\ | | | | support pulling multiple images sequentially in a single podman pull
| * multiple image pull supportMehul Arora2021-07-05
| | | | | | | | Signed-off-by: Mehul Arora <aroram18@mcmaster.ca>
* | Merge pull request #10836 from Luap99/diffOpenShift Merge Robot2021-07-03
|\ \ | | | | | | podman diff accept two images or containers
| * | podman diff accept two images or containersPaul Holzinger2021-07-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First, make podman diff accept optionally a second argument. This allows the user to specify a second image/container to compare the first with. If it is not set the parent layer will be used as before. Second, podman container diff should only use containers and podman image diff should only use images. Previously, podman container diff would use the image when both an image and container with this name exists. To make this work two new parameters have been added to the api. If they are not used the previous behaviour is used. The same applies to the bindings. Fixes #10649 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #10852 from Luap99/cobraOpenShift Merge Robot2021-07-03
|\ \ \ | | | | | | | | bump cobra to v1.2.1 and update the shell completion scripts
| * | | update shell completion scriptsPaul Holzinger2021-07-02
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new cobra v1.2.0 release brings a number of bug fixes for shell completion scripts. Regenerate the scripts with `make completions` to sync them with the upstream version, currently we have some custom ones to avoid some upstream bugs. Because the new cobra version has all fixes we should use the upstream scripts. Add a check to CI to ensure we always use the up to date scripts. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / | podman service reaperPaul Holzinger2021-07-02
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new service reaper package. Podman currently does not reap all child processes. The slirp4netns and rootlesskit processes are not reaped. The is not a problem for local podman since the podman process dies before the other processes and then init will reap them for us. However with podman system service it is possible that the podman process is still alive after slirp died. In this case podman has to reap it or the slirp process will be a zombie until the service is stopped. The service reaper will listen in an extra goroutine on SIGCHLD. Once it receives this signal it will try to reap all pids that were added with `AddPID()`. While I would like to just reap all children this is not possible because many parts of the code use `os/exec` with `cmd.Wait()`. If we reap before `cmd.Wait()` things can break, so reaping everything is not an option. [NO TESTS NEEDED] Fixes #9777 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / Implement --archive flag for podman cpMatej Vasek2021-07-01
|/ | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* Handle advanced --network options in podman play kubeDaniel J Walsh2021-06-30
| | | | | | | | Since Podman create/run can support this, so should play. Fixes: https://github.com/containers/podman/issues/10807 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #10789 from flouthoc/system-reset-prune-externalOpenShift Merge Robot2021-06-30
|\ | | | | reset: remove external containers on podman system reset
| * reset: remove external containers on podman system resetflouthoc2021-06-30
| | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | Merge pull request #10761 from ↵OpenShift Merge Robot2021-06-30
|\ \ | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.32.4 Bump github.com/containers/storage from 1.32.3 to 1.32.4
| * | Bump github.com/containers/storage from 1.32.3 to 1.32.5Daniel J Walsh2021-06-29
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.3 to 1.32.5. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.32.3...v1.32.5) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Enhance system connection add URL inputJhon Honce2021-06-29
| | | | | | | | | | | | * Add support for the tcp and unix schemes in connection URLs. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Make system connection ls deterministicAshley Cui2021-06-29
|/ | | | | | Sort system connection ls by name, making the output deterministic. Previously, we were just iterating through a map, which caused CI flakes. Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #10736 from trusch/feature-use-secret-configOpenShift Merge Robot2021-06-25
|\ | | | | read secret config from config file if no user data.
| * make DriverOpts name consistent.Tino Rusch2021-06-25
| | | | | | | | Signed-off-by: Tino Rusch <tino.rusch@gmail.com>
| * read secret config from config file if no user data.Tino Rusch2021-06-24
| | | | | | | | | | | | | | | | | | | | | | | | feat: read secret config from config file if the user hasn't entered explicit config values feat: allow to specify `--driver-opts opt1=val1,opt2=val2` in the secret create command to allow overriding the default values fix: show driver options in `podman secret inspect` Signed-off-by: Tino Rusch <tino.rusch@gmail.com>
* | Merge pull request #10774 from vrothberg/registriesOpenShift Merge Robot2021-06-25
|\ \ | | | | | | remove `pkg/registries`
| * | remove `pkg/registries`Valentin Rothberg2021-06-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pull the trigger on the `pkg/registries` package which acted as a proxy for `c/image/pkg/sysregistriesv2`. Callers should be using the packages from c/image directly, if needed at all. Also make use of libimage's SystemContext() method which returns a copy of a system context, further reducing the risk of unintentionally altering global data. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10768 from xabinapal/issue-10767OpenShift Merge Robot2021-06-25
|\ \ \ | |/ / |/| | [NO TESTS NEEDED] Swap private and shared mount relabel options
| * | fix: swapped volume relabel option valuesXabier Napal2021-06-24
| |/ | | | | | | Signed-off-by: Xabier Napal <xabiernapal@pm.me>
* | Merge pull request #10771 from infiniteregrets/cliOpenShift Merge Robot2021-06-24
|\ \ | | | | | | [NO TESTS NEEDED] Suggestions for typos/ incorrect commands for Podman CLI
| * | [NO TESTS NEEDED] suggestions for incorrect cmdsMehul Arora2021-06-24
| |/ | | | | | | Signed-off-by: Mehul Arora <aroram18@mcmaster.ca>
* / cp: do not allow dir->file copyingValentin Rothberg2021-06-24
|/ | | | | | | | Fix a bug in `podman-cp` to forbid copying directories to files. Previously, the directory was copied to the parent directory of the file which is wrong. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #10747 from jwhonce/wip/reportOpenShift Merge Robot2021-06-23
|\ | | | | Add --format to connection list
| * Add --format to connection listJhon Honce2021-06-22
| | | | | | | | | | | | Add support for the --format option to podman system connection list. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #10716 from cdoern/podFlagsOpenShift Merge Robot2021-06-23
|\ \ | | | | | | Podman Pod Create --cpus and --cpuset-cpus flags
| * | Podman Pod Create --cpus and --cpuset-cpus flagscdoern2021-06-23
| |/ | | | | | | | | | | | | | | | | | | | | | | Added logic and handling for two new Podman pod create Flags. --cpus specifies the total number of cores on which the pod can execute, this is a combination of the period and quota for the CPU. --cpuset-cpus is a string value which determines of these available cores, how many we will truly execute on. Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #10696 from cdoern/libpodStatsOpenShift Merge Robot2021-06-23
|\ \ | | | | | | Podman Stats additional features
| * | Podman Stats additional featurescdoern2021-06-23
| | | | | | | | | | | | | | | | | | | | | | | | added Avg Cpu calculation and CPU up time to podman stats. Adding different feature sets in different PRs, CPU first. resolves #9258 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | create: support images with invalid platformValentin Rothberg2021-06-23
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Much to my regret, there is a number of images in the wild with invalid platforms breaking the platform checks in libimage that want to make sure that a local image is matching the expected platform. Imagine a `podman run --arch=arm64 fedora` with a local amd64 fedora image. We really shouldn't use the local one in this case and pull down the arm64 one. The strict platform checks in libimage in combination with invalid platforms in images surfaced in Podman being able to pull an image but failing to look it up in subsequent presence checks. A `podman run` would hence pull such an image but fail to create the container. Support images with invalid platforms by vendoring the latest HEAD from containers/common. Also remove the partially implemented pull-policy logic from Podman and let libimage handle that entirely. However, whenever --arch, --os or --platform are specified, the pull policy will be forced to "newer". This way, we pessimistically assume that the local image has an invalid platform and we reach out to the registry. If there's a newer image (i.e., one with a different digest), we'll pull it down. Please note that most of the logic has either already been implemented in libimage or been moved down which allows for removing some clutter from Podman. [NO TESTS NEEDED] since c/common has new tests. Podman can rely on the existing tests. Fixes: #10648 Fixes: #10682 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Fix documentation of the --format option of podman pushMiloslav Trmač2021-06-17
| | | | | | | | | | | | | | | | It affects all transports; and without --format, we try several manifest formats. [NO TESTS NEEDED] Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* | Scrub podman commands to use report packageJhon Honce2021-06-16
|/ | | | | | | | | | | | | | | | Refactor podman commands that have drifted from using c/common report pkg. Report pkg is needed to implement go template functions. Removed obsolete code from podman which exists in c/common. Latest template library added default newlines and method to remove them. Incorporated needed changes in c/common PR below. Depends on https://github.com/containers/common/pull/624 Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1855983 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Fix image prune --filter cmd behaviorJakub Guzik2021-06-08
| | | | | | | | | Image prune --filter is fully implemented in the api, http api yet not connected with the cli execution. User trying to use filters does not see the effect. This commit adds glue code to enable possiblity of using --filter in prune in the cli execution. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Merge pull request #10591 from mheon/fix_10569OpenShift Merge Robot2021-06-08
|\ | | | | Fix compat create with NetworkMode=default
| * Fix compat create with NetworkMode=defaultMatthew Heon2021-06-07
| | | | | | | | | | | | | | | | | | | | | | The rework of namespace handling for rootless CNI broke this, as CNI networks were being computed incorrectly. Fix handling of CNI networks for the Compat Create REST API for containers, and add a test so we don't regress again. Fixes #10569 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #10381 from adrianreber/2021-05-18-publishOpenShift Merge Robot2021-06-07
|\ \ | | | | | | Add --publish to container restore
| * | Allow changing of port forward rules on restoreAdrian Reber2021-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restored containers, until now, had the same port mappings as the original started container. This commit adds the parameter '--publish' to 'podman container restore' with the same semantic as during create/run. With this change it is possible to create a copy from a container with a '--publish' rule and replace the original '--publish' setting with a new one. # podman run -p 2345:8080 container # podman container checkpoint -l --export=dump.tar # podman container restore -p 5432:8080 --import=dump.tar The restored container will now listen on localhost:5432 instead of localhost:2345 as the original created container. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Add parameter to specify checkpoint archive compressionAdrian Reber2021-06-07
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | The checkpoint archive compression was hardcoded to `archive.Gzip`. There have been requests to make the used compression algorithm selectable. There was especially the request to not compress the checkpoint archive to be able to create faster checkpoints when not compressing it. This also changes the default from `gzip` to `zstd`. This change should not break anything as the restore code path automatically handles whatever compression the user provides during restore. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Add CORS supportBoaz Shuster2021-06-04
|/ | | | | | [NO TESTS NEEDED] Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* Enable port forwarding on hostBrent Baude2021-06-01
| | | | | | | | | | | Using the gvproxy application on the host, we can now port forward from the machine vm on the host. It requires that 'gvproxy' be installed in an executable location. gvproxy can be found in the containers/gvisor-tap-vsock github repo. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* [Techinal Debt] Cleanup ABI vs. Tunnel CLI commandsJhon Honce2021-05-27
| | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] This commit cleans up two issues: * Most commands support all EngineModes so default to that. Let outlayers declare their intent. * Use cobra.Annotations to set supported EngineMode. This simplies instantiating commands as there is now one method to communicate a commands requirements rather than two. * Combined aliased commands into one file * Fixed aliased commands where Args field did not match * Updated examples in README.md for writing commands * Remove redundant flag DisableFlagsInUseLine in cobra.Command initialization. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add the option of Rootless CNI networking by defaultMatthew Heon2021-05-26
| | | | | | | | | | | | | | | | | | | When the containers.conf field "NetNS" is set to "Bridge" and the "RootlessNetworking" field is set to "cni", Podman will now handle rootless in the same way it does root - all containers will be joined to a default CNI network, instead of exclusively using slirp4netns. If no CNI default network config is present for the user, one will be auto-generated (this also works for root, but it won't be nearly as common there since the package should already ship a config). I eventually hope to remove the "NetNS=Bridge" bit from containers.conf, but let's get something in for Brent to work with. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Add podman run --gpus flag for compatibilitySebastian Jug2021-05-25
| | | | | | | - Add log message for --gpus flag - Add test Signed-off-by: Sebastian Jug <seb@stianj.ug>
* Add support for podman manifest rm commandDaniel J Walsh2021-05-19
| | | | | | This is mainly to match command line of Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #10366 from ashley-cui/secretoptionsOpenShift Merge Robot2021-05-17
|\ | | | | Support uid,gid,mode options for secrets