| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
| |
If user does not pass in cgroup manager and running in rootless mode,
then we need to force the cgroupfs support until/unless we get support
for rootless systemd support.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1261
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When doing a podman search, the so-called NAME should be the image's
fully qualified name (not index plus shortname).
```
$ sudo podman search rhel7
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
redhat.com registry.access.redhat.com/rhel7/rhel This platform image provides a minimal runti... 0
redhat.com registry.access.redhat.com/rhel7.0 This platform image provides a minimal runti... 0
redhat.com registry.access.redhat.com/rhel7 This platform image provides a minimal runti... 0
....
```
Resolves: #1208
Resolves: Bugz #1614710
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1253
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
The "unconfined" profile must be treated specially to turn off apparmor
confinement and to avoid applying any other profile.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1241
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
first pass of podman pod inspect
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1236
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
...and some naming decisions.
This change ensures podman save doesn't incorrectly prepend localhost when saving an image.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1140
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously all calculations were done based off the container's
start time. Retrieve end time and use it to calculate time
stopped for containers.
Also, convert ps JSON output to report timestamps for create,
start, and stop times.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1228
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1196
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
io.projectatomic.podman -> io.podman
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1204
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than making a runtime each time a client hits a varlink endpoint, we now
make a single runtime when the varlink service starts up. This fixes a problem
where we hit a max inotify limit from CNI.
Resolves: #1211
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1215
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for Dockerfile.in and fixes some limits
issues on docker build
Also adds support for podman build to read Dockerfile from stdin.
cat Dockerfile | podman build -f - .
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1209
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1205
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
They are not used anywhere in the packagee.
Two of the values still have users in the CLI, but used only once.
So, use the .Transport.Name() calls in there directly, that is
likely to be cheaper (and makes the files depend directly
on the transports instead of referring to them indirectly through
libpod).
RFC: Should not change behavior in _this_ repo, but it is an
externally-observable API change. Is there any user that could
notice?
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All callers of LoadFromArchive expect the input to be in the
transport:name format, or create it that way. So, pass a
types.ImageReference instead of a string.
That requires us to add an explicit parse step in (podman pull);
in (podman load) we can, instead of pasting strings, create
native objects directly.
Changes the error behavior of (podman pull), we no longer
try heuristically parsing docker-archive:... inputs as
Docker references.
Also changes the string reported by (podman load) if all parsing
attempts fail, to be only the path instead of dir:path. The error
message itself is likely to be the same (from directory.Transport).
(While at it, update a mismatched comment.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
... so that it does not shadow the libpod/image module.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Instead of searching for "docker-archive" anywhere in the input,
only accept it at the start, and require the colon separator as well.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The goal is to be very explicit about which functions try to heuristically
guess what is the expected format of the string. Not quite "shaming"
the users, but making sure they stand out.
RFC:
- Is this at all acceptable? Desirable?
- varlink ExportImage says "destination must have transport type";
should it be using alltransports.ParseImageReference
+ PushImageToReference, then?
(While touching the call in cmd/podman, also remove a commented-out
older version of the call.)
Should not change behavior (but does not add unit tests).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't really want to change the names of the CLI options just because
the transport names change (with oci-dir/docker-dir there is no
direct correspondence wanyway), and this removes a dependency.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
To do that, create the relevant ImageReference values directly
by calling ParseReference/NewReference from the relevant transport
subpackages instead of formatting strings to be parsed (and
heuristically re-parsed) by PushImage.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of creating a reference string and then checking it again
to see which kind of archive it is, just call
imageNameForSaveDestination at the place where we already know
what kind of archive it is because we are making that decision.
This also notably fixes the use of strings.CONTAINS to see
whether the just constructed strings start with one of the
transport names; that would match anywhere in the
path.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
... to make it a tiny bit easier to read.
Should not change behavior (but does not add unit tests).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
... to make their relationship clear, at the very least.
Should not change behavior (but does not add unit tests).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We will need to call it from two places in the future.
Should not change behavior, the code is pretty unchanged
(down to using confusing parameter names, which we will change
immediately) (but does not add unit tests).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
This should not change behavior; it will only make it
easier to show that future code move does not change it (but
does not add unit tets.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will allow adding the reference in the OCIArchive/DockerArchive case
in one step, instead of appending it later.
Should not change behavior, except that source-related errors
will now be reported before possible destination-related errors
(but does not add unit tests).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1176
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman umount will currently only unmount file system if not other
process is using it, otherwise the umount decrements the container
storage to indicate that the caller is no longer using the mount
point, once the count gets to 0, the file system is actually unmounted.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1184
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
|
|
|
|
| |
Added Pause() and Unpause() to libpod/pod.go
Added man pages, tests and completions
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1126
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
Now, for commands that have --latest and --all, the context flags are checked, and pods are grabbed in a single function
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1161
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1167
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, getRuntimeSpec always fails on non-Linux because
spec.CreateConfigToOCISpec always fails, because the podman CLI
sets up a seccomp path, and processing that on non-Linux is not supported. This
breaks testing of entirely unrelated options.
We can either skip the tests on non-Linux, or explicitly disable seccomp
inside the tests. Linux testing matters much more than other platforms,
and the tests are more reliable when they don't change supposedly
unrelated options; so, skip the tests on non-Linux.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1115
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
| |
None of the functions are used within the package, and it does not build
on non-Linux systems.
(Similar code continues to exist in pkg/chrootuser, and is unaffected.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1115
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
With tests, man page, and completions.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1125
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
With tests, man page and completions.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1152
Approved by: rhatdan
|
|\
| |
| | |
Add Pod and Container namespaces
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Allows joining libpod to a specific namespace when running a
Podman command.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
|/
|
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1145
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
Make this clear in the docs and Command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1138
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Addresses a regression in `podman mount` due to our mount changes
to allow concurrency by letting c/storage handle mounting and
unmounting.
Combine Mounted() and Mountpoint() into one function and query
c/storage directly to ensure we get accurate information.
Fixes: #1143
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1144
Approved by: baude
|
|
|
|
|
|
|
|
|
| |
Check at runtime if AppArmor is enabled on the host.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1128
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
| |
Trying to play with podman top, I had a hard time
finding info on format options.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1134
Approved by: umohnani8
|
|
|
|
|
|
|
|
|
| |
Before, errors in containers would never be printed, and a generic error would only be shown.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1132
Approved by: mheon
|
|\
| |
| | |
Add pod start and stop
|
| |
| |
| |
| |
| |
| |
| | |
As well as added tests, man pages, and completions.
Also reformatted and refactored a couple of other small things in the other pod commands.
Signed-off-by: haircommander <pehunt@redhat.com>
|
|\ \
| | |
| | | |
Pod ps now uses pod.Status()
|
| |/
| |
| |
| |
| |
| | |
It used to call ctr.State() to figure out what the pod status was, which certainly locked/unlocked excessively. Status now uses the libpod/pod function that bypasses this.
Signed-off-by: haircommander <pehunt@redhat.com>
|
|\ \
| | |
| | | |
Podman load/tag/save prepends localhost when no registry is present
|
| |/
| |
| |
| |
| |
| | |
Instead of having docker.io/library as its repository. Test included.
Signed-off-by: haircommander <pehunt@redhat.com>
|