summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* CNI: add ipvlan driverPaul Holzinger2021-09-16
| | | | | | | | | Add support for the ipvlan cni plugin. This allows us to create, inspect and list ipvlan networks correctly. Fixes #10478 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #11322 from Luap99/network-libpodOpenShift Merge Robot2021-09-15
|\ | | | | Wire network interface into libpod
| * Drop OCICNI dependencyPaul Holzinger2021-09-15
| | | | | | | | | | | | | | | | | | | | | | We do not use the ocicni code anymore so let's get rid of it. Only the port struct is used but we can copy this into libpod network types so we can debloat the binary. The next step is to remove the OCICNI port mapping form the container config and use the better PortMapping struct everywhere. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * Wire network interface into libpodPaul Holzinger2021-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make use of the new network interface in libpod. This commit contains several breaking changes: - podman network create only outputs the new network name and not file path. - podman network ls shows the network driver instead of the cni version and plugins. - podman network inspect outputs the new network struct and not the cni conflist. - The bindings and libpod api endpoints have been changed to use the new network structure. The container network status is stored in a new field in the state. The status should be received with the new `c.getNetworkStatus`. This will migrate the old status to the new format. Therefore old containers should contine to work correctly in all cases even when network connect/ disconnect is used. New features: - podman network reload keeps the ip and mac for more than one network. - podman container restore keeps the ip and mac for more than one network. - The network create compat endpoint can now use more than one ipam config. The man pages and the swagger doc are updated to reflect the latest changes. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Set default storage from containers.conf for temporary imagesDaniel J Walsh2021-09-15
|/ | | | | | Fixes: https://github.com/containers/podman/issues/11107 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #11585 from flouthoc/bump-buildah-1-23-0OpenShift Merge Robot2021-09-15
|\ | | | | vendor: Bump github.com/containers/buildah from 1.22.3 to 1.23.0
| * build: mirror --authfile to filesystem if pointing to FD instead of fileAditya Rajan2021-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Following commit makes sure that podman mirrors --authfile to a temporary file in filesystem if arg is pointing to an FD instead of actual file as FD can be only consumed once. Reference: * https://github.com/containers/buildah/pull/3498 * https://github.com/containers/buildah/issues/3070 [NO TESTS NEEDED] Signed-off-by: Aditya Rajan <arajan@redhat.com>
* | Merge pull request #11409 from cdoern/podVolumesOpenShift Merge Robot2021-09-15
|\ \ | | | | | | Pod Volumes Support
| * | Pod Volumes Supportcdoern2021-09-14
| |/ | | | | | | | | | | | | | | | | added support for the --volume flag in pods using the new infra container design. users can specify all volume options they can with regular containers resolves #10379 Signed-off-by: cdoern <cdoern@redhat.com>
* / build: take advantage of --platform listsNalin Dahyabhai2021-09-14
|/ | | | | | | | | | | The builder can take a list of platforms in the Platforms field of its BuildOptions argument, and we should definitely take advantage of that. The `bud-multiple-platform-values` test from buildah exercises support for this, so [NO TESTS NEEDED] Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* Merge pull request #11545 from rhatdan/exitcodesOpenShift Merge Robot2021-09-13
|\ | | | | If container exits with 125 podman should exit with 125
| * If container exits with 125 podman should exit with 125Daniel J Walsh2021-09-13
| | | | | | | | | | | | fixes: https://github.com/containers/podman/issues/11540 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #11440 from ashley-cui/sshOpenShift Merge Robot2021-09-13
|\ \ | |/ |/| Use default username for podman machine ssh
| * Use default username for podman machine sshAshley Cui2021-09-03
| | | | | | | | | | | | | | When using the defaut conection for podman machine ssh, use the default username too. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #11525 from rhatdan/healthcheckOpenShift Merge Robot2021-09-11
|\ \ | | | | | | Stop outputting 'healthy' on healthcheck
| * | Stop outputting 'healthy' on healthcheckDaniel J Walsh2021-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | We should only print unhealthy if the check fails. Currently this is filling logs when users are running lots of healthchecks. Improves: https://github.com/containers/podman/issues/11157 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | podman unshare keep exit codePaul Holzinger2021-09-10
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | In case the command inside the podman unshare env failed podman unshare always exits with 125 and prints `Error: exit status 125`. This is a bad user experience and makes it difficult to use in scripts which could expect certain exit codes. This commit makes sure podman unshare uses the same exit code as the command and does not print the useless `exit status X` message. Also to match podman run/exec it should return 126 for EPERM and 127 for ENOENT. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11499 from flouthoc/inspect-tmpl-flush-writerOpenShift Merge Robot2021-09-09
|\ \ | | | | | | inspect: printTmpl must Flush writer
| * | inspect: printTmpl must Flush writerAditya Rajan2021-09-09
| | | | | | | | | | | | | | | | | | | | | Flush should be called after the last call to Write to ensure that any data buffered in the Writer is written to output. Any incomplete escape sequence at the end is considered complete for formatting purposes. Signed-off-by: Aditya Rajan <arajan@redhat.com>
* | | Add 'Machine %q started' message when podman machine start successfulDaniel J Walsh2021-09-08
|/ / | | | | | | | | | | | | | | | | | | | | Currently users are confused if podman machine prints warnings about whether or not podman machine was successful. Printing this message clears up the confusion. [NO TESTS NEEDED] Since we don't have a way to test podman machine in ci/cd system Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #11431 from jmguzik/secrets-ls-filtersOpenShift Merge Robot2021-09-07
|\ \ | | | | | | Add filtering functionality to http api secrets list
| * | Add filtering functionality to http api secrets listJakub Guzik2021-09-03
| |/ | | | | | | | | | | | | | | Filtering is missing in both compat API and libpod API, while docker has filtering functinality. This commit enables filtering option using name and id in both libpod and http API. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #11427 from flouthoc/kube-pod-logsOpenShift Merge Robot2021-09-07
|\ \ | | | | | | kube: Add support for `podman pod logs`.
| * | kube: Add support for podman pod logsAditya Rajan2021-09-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Following PR adds support for `kubectl` like `pod logs` to podman. Usage `podman pod logs <podIDorName` gives a stream of logs for all the containers within the pod with **containername** as a field. Just like **`kubectl`** also supports `podman pod logs -c ctrIDorName podIDorName` to limit the log stream to any of the specificied container which belongs to pod. Signed-off-by: Aditya Rajan <arajan@redhat.com>
* | | Merge pull request #11434 from coypoop/patch1OpenShift Merge Robot2021-09-07
|\ \ \ | | | | | | | | Spell "build linux darwin" as "build !windows".
| * | | Spell "build linux darwin" as "build !windows".Maya Rashish2021-09-03
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Equivalent for supported platforms, and makes it easier to support additional unix-like OSes. [NO TESTS NEEDED] Signed-off-by: Maya Rashish <maya@NetBSD.org>
* | | Merge pull request #11459 from vrothberg/fix-11438OpenShift Merge Robot2021-09-07
|\ \ \ | | | | | | | | generate systemd: handle --restart
| * | | generate systemd: handle --restartValentin Rothberg2021-09-07
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Handle custom restart policies of containers when generating the unit files; those should be set on the unit level and removed from ExecStart flags. Fixes: #11438 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #11402 from Luap99/macvlan-docOpenShift Merge Robot2021-09-07
|\ \ \ | |/ / |/| | network create: add warning for deprecated macvlan flag
| * | network create: add warning for deprecated macvlan flagPaul Holzinger2021-09-07
| |/ | | | | | | | | | | | | | | | | | | | | | | The macvlan driver is not deprecated, only the --macvlan flag is. Remove the flag from the man page since it is deprecated and add a warning to podman network create if it is used. [NO TESTS NEEDED] Fixes #11400 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / [#11408] podman help machine initjesperpedersen2021-09-02
|/ | | | | | Signed-off-by: jesperpedersen <jesper.pedersen@redhat.com> [NO TESTS NEEDED]
* generate systemd: clarify limitations of `--new`Valentin Rothberg2021-09-01
| | | | | | | | | | | | | `generate systemd --new` is looking at the "create command" of the container/pod which is simply the os.Args at creation time. It does not work on containers or pods created via the REST API since the create command is not set. `--new` does work on such containers and pods since there is no reliable way to reverse-map their configs to command-line arguments of podman. Fixes: #11370 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #11334 from jwhonce/issues/10831OpenShift Merge Robot2021-08-27
|\ | | | | Add support for mount options to API
| * Add support for mount options to APIJhon Honce2021-08-27
| | | | | | | | | | | | | | | | When creating containers the specialized mount options where not populated via the API. Fixes: #10831 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #11333 from rhatdan/http-proxyOpenShift Merge Robot2021-08-27
|\ \ | |/ |/| Globally replace http:// with https://
| * Globally replace http:// with https://Daniel J Walsh2021-08-27
| | | | | | | | | | | | [NO TESTS NEEDED] Hopefully existing tests will find issues. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #11102 from cdoern/infraEnhanceOpenShift Merge Robot2021-08-27
|\ \ | | | | | | InfraContainer Rework
| * | InfraContainer Reworkcdoern2021-08-26
| |/ | | | | | | | | | | | | | | | | | | InfraContainer should go through the same creation process as regular containers. This change was from the cmd level down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state) Signed-off-by: cdoern <cdoern@redhat.com>
* / Shell completion for --format with anonymous fieldsPaul Holzinger2021-08-27
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | In commit d81021ed265e I introduced shell completion for the `--format` flag. This is a very nice way to complete go template field names. However it did not work correct for anonymous fields. In this case the child fields can be accessed directly from the parent. For example: ``` type Anonymous struct { Field1 string Field2 string ... } type MyType struct { Anonymous } var s = MyType{} ``` Now if you want to access a field from the Anonymous struct you can just do `s.Field1`. The same is allowed for go templates, using `{{.Field1}}` should work. This commit adds this functionality, if the field is anonymous read the child field names recursively and add them to the suggestions. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #11298 from baude/kubeupdownOpenShift Merge Robot2021-08-26
|\ | | | | teardown play kube
| * teardown play kubeBrent Baude2021-08-24
| | | | | | | | | | | | | | | | | | add the ability for play kube to tear down based on the yaml used to play it. it is indicated by --down in the play kube command. volumes are NOT deleted during the teardown. pods and their containers are stopped and removed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #11208 from ashley-cui/streamsOpenShift Merge Robot2021-08-26
|\ \ | | | | | | [NO TESTS NEEDED] Allow setting of machine stream and image path from containers.conf
| * | Allow setting of machine stream and image path from containers.confAshley Cui2021-08-24
| |/ | | | | | | | | | | Default is "testing" Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #11218 from cdoern/untilBugOpenShift Merge Robot2021-08-26
|\ \ | | | | | | logFile until flag issue, negative duration replaced with positive
| * | logFile until flag issuecdoern2021-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | we were adding a negative duration in podman events, causing inputs like -5s to be correct and 5s to be incorrect. fixes #11158 Signed-off-by: cdoern <cdoern@redhat.com>
* | | Merge pull request #11307 from flouthoc/volume-import-externalOpenShift Merge Robot2021-08-26
|\ \ \ | | | | | | | | volumes: Add support for `volume import` which allows importing contents of external tarballs into podman volumes.
| * | | volumes: Add volume import to allow importing contents on tar into volumeflouthoc2021-08-26
| | |/ | |/| | | | | | | | | | | | | | | | Following feature makes sure that users can load contents of external tarball into the podman volumes. Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* / | Fix file descriptor leaks and add testJhon Honce2021-08-24
|/ / | | | | | | | | | | | | | | | | | | * Add response.Body.Close() where needed to release HTTP connections to API server. * Add tests to ensure no general leaks occur. 100% coverage would be required to ensure no leaks on any call. * Update code comments to be godoc correct Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Network interfacePaul Holzinger2021-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement a new network interface to abstract CNI from libpod. The interface is implemented for the CNI backend but in the future we can add more backends. The code is structured in three new packages: - `libpod/network/types`: contains the interface definition and the necessary types for it. - `libpod/network/cni` contains the interface implementation for the CNI backend. - `libpod/network/util` a set of utility functions related to networking. The CNI package uses ginkgo style unit tests. To test Setup/Teardown the test must be run as root. Each test will run in their own namespace to make the test independent from the host environment. New features with the CNI backend: - The default network will be created in memory if it does not exists on disk. - It can set more than one static IP per container network. - Networks are loaded once from disk and only if this interface is used, e.g. for commands such as `podman info` networks are not loaded. This reduces unnecessary disk IO. This commit only adds the interface it is not wired into libpod. This requires a lot of breaking changes which will be done in a followup commit. Once this is integrated into libpod the current network code under `libpod/network` should be removed. Also the dependency on OCICNI should be dropped. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #11290 from flouthoc/volume-exportOpenShift Merge Robot2021-08-23
|\ \ | | | | | | volumes: Add support for `volume export` which allows exporting content to external path.