summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* Implement SecretsAshley Cui2021-02-09
| | | | | | | | | | | Implement podman secret create, inspect, ls, rm Implement podman run/create --secret Secrets are blobs of data that are sensitive. Currently, the only secret driver supported is filedriver, which means creating a secret stores it in base64 unencrypted in a file. After creating a secret, a user can use the --secret flag to expose the secret inside the container at /run/secrets/[secretname] This secret will not be commited to an image on a podman commit Signed-off-by: Ashley Cui <acui@redhat.com>
* Improve ContainerEngine.ContainerWait()Matej Vasek2021-02-03
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* Merge pull request #9174 from bitstrings/masterOpenShift Merge Robot2021-02-03
|\ | | | | Make slirp MTU configurable (network_cmd_options)
| * Make slirp MTU configurable (network_cmd_options)bitstrings2021-02-02
| | | | | | | | | | | | | | | | The mtu default value is currently forced to 65520. This let the user control it using the config key network_cmd_options, i.e.: network_cmd_options=["mtu=9000"] Signed-off-by: bitstrings <pino.silvaggio@gmail.com>
* | Merge pull request #9116 from iwita/ls-volumes-before-pruningOpenShift Merge Robot2021-02-02
|\ \ | | | | | | List volumes before pruning
| * | list volumes before pruningAchilleas Tzenetopoulos2021-01-31
| | | | | | | | | | | | Signed-off-by: Achilleas Tzenetopoulos <atzenetopoulos@gmail.com>
* | | Merge pull request #9168 from Luap99/fix-pod-create-network-parsingOpenShift Merge Robot2021-02-01
|\ \ \ | | | | | | | | Fix --network parsing for podman pod create
| * | | Fix --network parsing for podman pod createPaul Holzinger2021-01-31
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `--network` flag is parsed differently for `podman pod create`. This causes confusion and problems for users. The extra parsing logic ignored unsupported network options such as `none`, `container:...` and `ns:...` and instead interpreted them as cni network names. Tests are added to ensure the correct errors are shown. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #9051 from rhatdan/rmOpenShift Merge Robot2021-02-01
|\ \ \ | | | | | | | | Switch podman stop/kill/wait handlers to use abi
| * | | Switch podman stop/kill/wait handlers to use abiDaniel J Walsh2021-01-29
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change API Handlers to use the same functions that the local podman uses. At the same time: implement remote API for --all and --ignore flags for podman stop implement remote API for --all flags for podman stop Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / / Docker ignores mount flags that begin with constencyDaniel J Walsh2021-01-30
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1915332 ``` According to the Docker docs, the consistency option should be ignored on Linux. the possible values are 'cached', 'delegated', and 'consistent', but they should be ignored equally. This is a widely used option in scripts run by developer machines, as this makes file I/O less horribly slow on MacOS. ``` Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9144 from vrothberg/fix-9134OpenShift Merge Robot2021-01-29
|\ \ | | | | | | Revert "podman build --pull: use correct policy"
| * | podman build --pull: refine help message and docsValentin Rothberg2021-01-28
| | | | | | | | | | | | | | | | | | | | | Refine and correct the wording of the `--pull` flag in the help message and the docs. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | Revert "podman build --pull: use correct policy"Valentin Rothberg2021-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 15caebfe561952eaadd4896b7efb56f26724cce5. The previous behaviour of `--pull` to *always* attempt to pull the image and error out if the pull failed aligns with Docker. Since Podman aims at feature parity with Docker, the `--pull` behaviour must match. Fixes: #9134 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Podman-remote push can support --formatDaniel J Walsh2021-01-29
| | | | | | | | | | | | | | | | | | | | | | | | Fix man page to document podman push --format fully. Also found that push was not handling the tlsverify so fixed this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9115 from rhatdan/pullOpenShift Merge Robot2021-01-28
|\ \ \ | |/ / |/| | Switch podman image push handlers to use abi
| * | Switch podman image push handlers to use abiDaniel J Walsh2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change API Handlers to use the same functions that the local podman uses. At the same time: Cleanup and pass proper bindings. Remove cli options from podman-remote push. Cleanup manifest push. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | podman build --pull: use correct policyValentin Rothberg2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `--pull` flag should be using the "pull if newer" pull policy rather than "pull always". This aligns with what the help message states, what Buildah does and, according to #9111, what was done before, Also add a test to prevent future regressions. Fixes: #9111 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #9095 from rhatdan/psOpenShift Merge Robot2021-01-27
|\ \ \ | |/ / |/| | podman-remote ps --external --pod --sort do not work.
| * | podman-remote ps --external --pod --sort do not work.Daniel J Walsh2021-01-27
| |/ | | | | | | | | | | | | | | | | | | Fixup the bindings and the handling of the --external --por and --sort flags. The --storage option was renamed --external, make sure we use external up and down the stack. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9025 from mheon/add_support_volumes_fieldOpenShift Merge Robot2021-01-27
|\ \ | | | | | | Ensure the Volumes field in Compat Create is honored
| * | Ensure the Volumes field in Compat Create is honoredMatthew Heon2021-01-26
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker has, for unclear reasons, three separate fields in their Create Container struct in which volumes can be placed. Right now we support two of those - Binds and Mounts, which (roughly) correspond to `-v` and `--mount` respectively. Unfortunately, we did not support the third, `Volumes`, which is used for anonymous named volumes created by `-v` (e.g. `-v /test`). It seems that volumes listed here are *not* included in the remaining two from my investigation, so it should be safe to just append them into our handling of the `Binds` (`-v`) field. Fixes #8649 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #9122 from Luap99/fix-9120OpenShift Merge Robot2021-01-27
|\ \ | |/ |/| Fix podman history --no-trunc for the CREATED BY field
| * Fix podman history --no-trunc for the CREATED BY fieldPaul Holzinger2021-01-27
| | | | | | | | | | | | Fixes #9120 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9084 from rhatdan/overrideOpenShift Merge Robot2021-01-26
|\ \ | |/ |/| Fix --arch and --os flags to work correctly
| * Fix --arch and --os flags to work correctlyDaniel J Walsh2021-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently podman implements --override-arch and --overide-os But Podman has made these aliases for --arch and --os. No reason to have to specify --override, since it is clear what the user intends. Currently if the user specifies an --override-arch field but the image was previously pulled for a different Arch, podman run uses the different arch. This PR also fixes this issue. Fixes: https://github.com/containers/podman/issues/8001 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Pass DefaultMountsFile to podman buildDaniel J Walsh2021-01-25
|/ | | | | | | The --default-mounts-file path was not being handled in podman build. This will enable it to use for testing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman manifest existsPaul Holzinger2021-01-22
| | | | | | Add podman manifest exists command with remote support. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #9027 from Luap99/podman-volume-existsOpenShift Merge Robot2021-01-21
|\ | | | | Podman volume exists
| * podman volume existsPaul Holzinger2021-01-21
| | | | | | | | | | | | Add podman volume exists command with remote support. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9036 from baude/composelogOpenShift Merge Robot2021-01-21
|\ \ | | | | | | Set log driver for compatibility containers
| * | Set log driver for compatability containersbaude2021-01-20
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | when using the compatibility api to create containers, now reflect the use of k8s-file as json-file so that clients, which are unaware of k8s-file, can work. specifically, if the container is using k8s-file as the log driver, we change the log type in container inspection to json-file. These terms are used interchangably in other locations in libpod/podman. this fixes log messages in compose as well. [NO TESTS NEEDED] Signed-off-by: baude <bbaude@redhat.com>
* / Fix handling of container removeDaniel J Walsh2021-01-20
|/ | | | | | | | | | | | | | | | | | | | I found several problems with container remove podman-remote rm --all Was not handled podman-remote rm --ignore Was not handled Return better errors when attempting to remove an --external container. Currently we return the container does not exists, as opposed to container is an external container that is being used. This patch also consolidates the tunnel code to use the same code for removing the container, as the local API, removing duplication of code and potential problems. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman network existsPaul Holzinger2021-01-19
| | | | | | Add podman network exists command with remote support. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #8942 from rhatdan/pushOpenShift Merge Robot2021-01-17
|\ | | | | Allow podman push to push manifest lists
| * Allow podman push to push manifest listsDaniel J Walsh2021-01-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When doing a podman images, manifests lists look just like images, so it is logical that users would assume that they can just podman push them to a registry. The problem is we throw out weird errors when this happens and users need to somehow figure out this is a manifest list rather then an image, and frankly the user will not understand the difference. This PR will make podman push just do the right thing, by failing over and attempting to push the manifest if it fails to push the image. Fix up handling of manifest push Protocol should bring back a digest string, which can either be printed or stored in a file. We should not reimplement the manifest push setup code in the tunnel code but take advantage of the api path, to make sure remote and local work the same way. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Rename AutocompletePortCommand funcPaul Holzinger2021-01-16
| | | | | | | | | | | | | | This function is now used for the port and rename command. Rename it to AutocompleteContainerOneArg. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #8982 from Luap99/container-rename-bindingsOpenShift Merge Robot2021-01-15
|\ \ | |/ |/| Container rename bindings
| * Container rename bindingsPaul Holzinger2021-01-15
| | | | | | | | | | | | Add bindings and podman-remote support for container rename. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Bump to containers/buildah 1.9.2Daniel J Walsh2021-01-15
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Initial implementation of renaming containersMatthew Heon2021-01-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Basic theory: We remove the container, but *only from the DB*. We leave it in c/storage, we leave the lock allocated, we leave it running (if it is). Then we create an identical container with an altered name, and add that back to the database. Theoretically we now have a renamed container. The advantage of this approach is that it doesn't just apply to rename - we can use this to make *any* configuration change to a container that does not alter its container ID. Potential problems are numerous. This process is *THOROUGHLY* non-atomic at present - if you `kill -9` Podman mid-rename things will be in a bad place, for example. Also, we can't rename containers that can't be removed normally - IE, containers with dependencies (pod infra containers, for example). The largest potential improvement will be to move the majority of the work into the DB, with a `RecreateContainer()` method - that will add atomicity, and let us remove the container without worrying about depencies and similar issues. Potential problems: long-running processes that edit the DB and may have an older version of the configuration around. Most notable example is `podman run --rm` - the removal command needed to be manually edited to avoid this one. This begins to get at the heart of me not wanting to do this in the first place... This provides CLI and API implementations for frontend, but no tunnel implementation. It will be added in a future release (just held back for time now - we need this in 3.0 and are running low on time). This is honestly kind of horrifying, but I think it will work. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Reduce general binding binary sizebaude2021-01-13
| | | | | | | | when using the bindings to *only* make a connection, the binary was rough 28MB. This PR reduces it down to 11. There is more work to do but it will come in a secondary PR. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #8957 from srcshelton/feature/issue-8945OpenShift Merge Robot2021-01-13
|\ | | | | Add 'MemUsageBytes' format option
| * Add 'MemUsageBytes' format optionStuart Shelton2021-01-12
| | | | | | | | | | | | | | | | | | | | | | | | | | Although storage is more human-readable when expressed in SI units, IEC/JEDEC (Bytes) units are more pertinent for memory-related values (and match the format of the --memory* command-line options). (To prevent possible compatibility issues, the default SI display is left unchanged) See https://github.com/containers/podman/issues/8945 Signed-off-by: Stuart Shelton <stuart@shelton.me>
* | Remove the ability to use [name:tag] in podman load commandDaniel J Walsh2021-01-12
|/ | | | | | | | | | Docker does not support this, and it is confusing what to do if the image has more then one tag. We are dropping support for this in podman 3.0 Fixes: https://github.com/containers/podman/issues/7387 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8947 from Luap99/cleanup-codeOpenShift Merge Robot2021-01-12
|\ | | | | Fix problems reported by staticcheck
| * Fix problems reported by staticcheckPaul Holzinger2021-01-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | `staticcheck` is a golang code analysis tool. https://staticcheck.io/ This commit fixes a lot of problems found in our code. Common problems are: - unnecessary use of fmt.Sprintf - duplicated imports with different names - unnecessary check that a key exists before a delete call There are still a lot of reported problems in the test files but I have not looked at those. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #8923 from Afourcat/masterOpenShift Merge Robot2021-01-12
|\ \ | | | | | | Adding json formatting to `--list-tags` option in `podman search` command.
| * | Better test and idomatic code.Alexandre Fourcat2021-01-11
| | | | | | | | | | | | | | | | | | | | | Adding another check in the `podman search --list-tags --format json` test case. Replacing an anonymous struct by \`listEntryTag\` struct. Signed-off-by: Alexandre Fourcat <afourcat@gmail.com>
| * | Adding json formatting to `--list-tags` option in `podman search`Alexandre Fourcat2021-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | command. Data is formatted following this JSON structure: ```json { "Name": "...", "Tags": ["...", "...", "..."] } ``` Closes: #8740. Signed-off-by: Alexandre Fourcat <afourcat@gmail.com>