summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* Allow podman push to push manifest listsDaniel J Walsh2021-01-15
| | | | | | | | | | | | | | | | | | | | | | When doing a podman images, manifests lists look just like images, so it is logical that users would assume that they can just podman push them to a registry. The problem is we throw out weird errors when this happens and users need to somehow figure out this is a manifest list rather then an image, and frankly the user will not understand the difference. This PR will make podman push just do the right thing, by failing over and attempting to push the manifest if it fails to push the image. Fix up handling of manifest push Protocol should bring back a digest string, which can either be printed or stored in a file. We should not reimplement the manifest push setup code in the tunnel code but take advantage of the api path, to make sure remote and local work the same way. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Bump to containers/buildah 1.9.2Daniel J Walsh2021-01-15
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Initial implementation of renaming containersMatthew Heon2021-01-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Basic theory: We remove the container, but *only from the DB*. We leave it in c/storage, we leave the lock allocated, we leave it running (if it is). Then we create an identical container with an altered name, and add that back to the database. Theoretically we now have a renamed container. The advantage of this approach is that it doesn't just apply to rename - we can use this to make *any* configuration change to a container that does not alter its container ID. Potential problems are numerous. This process is *THOROUGHLY* non-atomic at present - if you `kill -9` Podman mid-rename things will be in a bad place, for example. Also, we can't rename containers that can't be removed normally - IE, containers with dependencies (pod infra containers, for example). The largest potential improvement will be to move the majority of the work into the DB, with a `RecreateContainer()` method - that will add atomicity, and let us remove the container without worrying about depencies and similar issues. Potential problems: long-running processes that edit the DB and may have an older version of the configuration around. Most notable example is `podman run --rm` - the removal command needed to be manually edited to avoid this one. This begins to get at the heart of me not wanting to do this in the first place... This provides CLI and API implementations for frontend, but no tunnel implementation. It will be added in a future release (just held back for time now - we need this in 3.0 and are running low on time). This is honestly kind of horrifying, but I think it will work. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Reduce general binding binary sizebaude2021-01-13
| | | | | | | | when using the bindings to *only* make a connection, the binary was rough 28MB. This PR reduces it down to 11. There is more work to do but it will come in a secondary PR. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #8957 from srcshelton/feature/issue-8945OpenShift Merge Robot2021-01-13
|\ | | | | Add 'MemUsageBytes' format option
| * Add 'MemUsageBytes' format optionStuart Shelton2021-01-12
| | | | | | | | | | | | | | | | | | | | | | | | | | Although storage is more human-readable when expressed in SI units, IEC/JEDEC (Bytes) units are more pertinent for memory-related values (and match the format of the --memory* command-line options). (To prevent possible compatibility issues, the default SI display is left unchanged) See https://github.com/containers/podman/issues/8945 Signed-off-by: Stuart Shelton <stuart@shelton.me>
* | Remove the ability to use [name:tag] in podman load commandDaniel J Walsh2021-01-12
|/ | | | | | | | | | Docker does not support this, and it is confusing what to do if the image has more then one tag. We are dropping support for this in podman 3.0 Fixes: https://github.com/containers/podman/issues/7387 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8947 from Luap99/cleanup-codeOpenShift Merge Robot2021-01-12
|\ | | | | Fix problems reported by staticcheck
| * Fix problems reported by staticcheckPaul Holzinger2021-01-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | `staticcheck` is a golang code analysis tool. https://staticcheck.io/ This commit fixes a lot of problems found in our code. Common problems are: - unnecessary use of fmt.Sprintf - duplicated imports with different names - unnecessary check that a key exists before a delete call There are still a lot of reported problems in the test files but I have not looked at those. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #8923 from Afourcat/masterOpenShift Merge Robot2021-01-12
|\ \ | | | | | | Adding json formatting to `--list-tags` option in `podman search` command.
| * | Better test and idomatic code.Alexandre Fourcat2021-01-11
| | | | | | | | | | | | | | | | | | | | | Adding another check in the `podman search --list-tags --format json` test case. Replacing an anonymous struct by \`listEntryTag\` struct. Signed-off-by: Alexandre Fourcat <afourcat@gmail.com>
| * | Adding json formatting to `--list-tags` option in `podman search`Alexandre Fourcat2021-01-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | command. Data is formatted following this JSON structure: ```json { "Name": "...", "Tags": ["...", "...", "..."] } ``` Closes: #8740. Signed-off-by: Alexandre Fourcat <afourcat@gmail.com>
* | | Merge pull request #8905 from rhatdan/proxyOpenShift Merge Robot2021-01-12
|\ \ \ | | | | | | | | Use HTTPProxy settings from containers.conf
| * | | Use HTTPProxy settings from containers.confDaniel J Walsh2021-01-11
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR takes the settings from containers.conf and uses them. This works on the podman local but does not fix the issue for podman remote or for APIv2. We need a way to specify optionalbooleans when creating containers. Fixes: https://github.com/containers/podman/issues/8843 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8819 from chen-zhuohan/add-pre-checkpointOpenShift Merge Robot2021-01-12
|\ \ \ | |/ / |/| | Add pre-checkpoint and restore with previous
| * | add pre checkpointunknown2021-01-10
| |/ | | | | | | Signed-off-by: Zhuohan Chen <chen_zhuohan@163.com>
* | Merge pull request #8917 from mheon/actually_report_play_kube_errorsOpenShift Merge Robot2021-01-11
|\ \ | | | | | | Ensure that `podman play kube` actually reports errors
| * | Ensure that `podman play kube` actually reports errorsMatthew Heon2021-01-11
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In 2.2.x, we moved `play kube` to use the Start() API for pods, which reported errors in a different way (all containers are started in parallel, and then results reported as a block). The migration attempted to preserve compatibility by returning only one error, but that's not really a viable option as it can obscure the real reason that a pod is failing. Further, the code was not correctly handling the API's errors - Pod Start() will, on any container error, return a map of container ID to error populated for all container errors *and* return ErrPodPartialFail for overall error - the existing code did not handle the partial failure error and thus would never return container errors. Refactor the `play kube` API to include a set of errors for containers in each pod, so we can return all errors that occurred to the frontend and print them for the user, and correct the backend code so container errors are actually forwarded. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #8915 from rhatdan/remoteOpenShift Merge Robot2021-01-10
|\ \ | | | | | | Improve error message when the the podman service is not enabled
| * | Improve error message when the the podman service is not enabledDaniel J Walsh2021-01-09
| |/ | | | | | | | | | | | | | | | | | | | | Currently if server is not connected, we return an error message that is confusing users on Mac and Windows boxes. The hope here is to make it a little easier to discover that a Podman service is required. This message is similar to what Docker puts out so people might under stand it better. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add Networks format placeholder to podman ps and pod psPaul Holzinger2021-01-09
| | | | | | | | | | | | | | `podman ps --format {{.Networks}}` will show all connected networks for this container. For `pod ps` it will show the infra container networks. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Add network filter for podman ps and pod psPaul Holzinger2021-01-09
|/ | | | | | | Allow to filter on the network name or full id. For pod ps it will filter on the infra container networks. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Include named volumes in container migrationRadostin Stoyanov2021-01-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When migrating a container with associated volumes, the content of these volumes should be made available on the destination machine. This patch enables container checkpoint/restore with named volumes by including the content of volumes in checkpoint file. On restore, volumes associated with container are created and their content is restored. The --ignore-volumes option is introduced to disable this feature. Example: # podman container checkpoint --export checkpoint.tar.gz <container> The content of all volumes associated with the container are included in `checkpoint.tar.gz` # podman container checkpoint --export checkpoint.tar.gz --ignore-volumes <container> The content of volumes is not included in `checkpoint.tar.gz`. This is useful, for example, when the checkpoint/restore is performed on the same machine. # podman container restore --import checkpoint.tar.gz The associated volumes will be created and their content will be restored. Podman will exit with an error if volumes with the same name already exist on the system or the content of volumes is not included in checkpoint.tar.gz # podman container restore --ignore-volumes --import checkpoint.tar.gz Volumes associated with container must already exist. Podman will not create them or restore their content. Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
* Rework pruning to report reclaimed spaceBaron Lenardson2020-12-30
| | | | | | | | | | | | This change adds code to report the reclaimed space after a prune. Reclaimed space from volumes, images, and containers is recorded during the prune call in a PruneReport struct. These structs are collected into a slice during a system prune and processed afterwards to calculate the total reclaimed space. Closes #8658 Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* Consolidate filter logic to pkg subdirectoryBaron Lenardson2020-12-24
| | | | | | | Per the conversation on pull/8724 I am consolidating filter logic and helper functions under the pkg/domain/filters dir. Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* add --cidfile to container killbaude2020-12-23
| | | | | | | | | Add the ability to read container ids from one or more files for the kill command. Fixes: #8443 Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #8787 from jsoref/spellingOpenShift Merge Robot2020-12-23
|\ | | | | Spelling
| * SpellingJosh Soref2020-12-22
| | | | | | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* | Fix podman build --logfileHironori Shiina2020-12-22
|/ | | | | | | | A opened file object of a logfile gets lost because the variable `logfile` is redefined in a `if` block. This fix stops redefining the variable. Signed-off-by: Hironori Shiina <Hironori.Shiina@fujitsu.com>
* Add volume filters to system pruneBaron Lenardson2020-12-21
| | | | | | | | | | | | | This change was missed in pull/8689. Now that volume pruneing supports filters system pruneing can pass its filters down to the volume pruneing. Additionally this change adds tests for the following components * podman system prune subcommand with `--volumes` & `--filter` options * apiv2 api tests for `/system/` and `/libpod/system` endpoints Relates to #8453, #8672 Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* remote copyValentin Rothberg2020-12-18
| | | | | | | | | | | | | | Implement `podman-remote cp` and break out the logic from the previously added `pkg/copy` into it's basic building blocks and move them up into the `ContainerEngine` interface and `cmd/podman`. The `--pause` and `--extract` flags are now deprecated and turned into nops. Note that this commit is vendoring a non-release version of Buildah to pull in updates to the copier package. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #8752 from baude/bindings3volumesOpenShift Merge Robot2020-12-17
|\ | | | | misc bindings to podman v3
| * misc bindings to podman v3baude2020-12-17
| | | | | | | | | | | | | | manifest, system, info, volumes, play, and generate bindings are updated to always have binding options. Signed-off-by: baude <bbaude@redhat.com>
* | Close the stdin/tty when using podman as a restAPI.Daniel J Walsh2020-12-17
|/ | | | | | | | Currently the service is attempting to prompt on shortname expansion if you run with a terminal. This change will cause the service to default to no terminal and not prompt. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Allow users to specify TMPDIR in containers.confDaniel J Walsh2020-12-15
| | | | | | | | | | | Currently we hard code TMPDIR environment variable to /var/tmp if it is not set in the Environment. This causes TMPDIR environment variable to be ignored if set in containers.conf. This change now uses the host environment TMPDIR, followed by containers.conf and then hard codes TMPDIR, if it was not set. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8693 from giuseppe/drop-valid-id-in-userns-checkOpenShift Merge Robot2020-12-14
|\ | | | | podman: drop checking valid rootless UID
| * podman: drop checking valid rootless UIDGiuseppe Scrivano2020-12-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | do not check whether the specified ID is valid in the user namespace. crun handles this case[1], so the check in Podman prevents to get to the OCI runtime at all. $ podman run --user 10:0 --uidmap 0:0:1 --rm -ti fedora:33 sh -c 'id; cat /proc/self/uid_map' uid=10(10) gid=0(root) groups=0(root),65534(nobody) 10 0 1 [1] https://github.com/containers/crun/pull/556 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #8689 from bblenard/issue-8672-volume-pruneOpenShift Merge Robot2020-12-14
|\ \ | | | | | | Add volume prune --filter support
| * | Add volume prune --filter supportBaron Lenardson2020-12-12
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds support for the `--filter` / `?filters` arguments on the `podman volume prune` subcommand. * Adds ParseFilterArgumentsIntoFilters helper for consistent Filter string slice handling * Adds `--filter` support to podman volume prune cli * Adds `?filters...` support to podman volume prune api * Updates apiv2 / e2e tests Closes #8672 Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* | Merge pull request #8699 from Luap99/network-flag-completionOpenShift Merge Robot2020-12-14
|\ \ | | | | | | shell completion for the network flag
| * | shell completion for the network flagPaul Holzinger2020-12-12
| | | | | | | | | | | | | | | | | | Complete all the options e.g. `container:`,`ns:`,`host`, etc... Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Merge pull request #7718 from QiWang19/sign-multi-archOpenShift Merge Robot2020-12-12
|\ \ \ | | | | | | | | Sign multi-arch images
| * | | Sign multi-arch imagesQi Wang2020-12-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | podman image sign handles muti-arch images. --all option to create signature for each manifest from the image manifest list. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #8676 from jwhonce/issues/7806OpenShift Merge Robot2020-12-11
|\ \ \ \ | |/ / / |/| | | Refine public key usage when remote
| * | | Refine public key usage when remoteJhon Honce2020-12-10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | * Move all public key handling into one AuthMethod. Prioritize ssh-agent keys over identity files. * Cache server connection when tunneling, saves one RoundTrip on ssh handshake Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #8686 from Luap99/logs-stderrOpenShift Merge Robot2020-12-11
|\ \ \ | |/ / |/| | podman logs honor stderr correctly
| * | podman logs honor stderr correctlyPaul Holzinger2020-12-10
| |/ | | | | | | | | | | | | | | Make the ContainerLogsOptions support two io.Writers, one for stdout and the other for stderr. The logline already includes the information to which Writer it has to be written. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* / Add --filter to podman system pruneDaniel J Walsh2020-12-09
|/ | | | | | | Also document the allowable filters in podman system prune, podman image prune and podman container prune. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8653 from rhatdan/buildahOpenShift Merge Robot2020-12-09
|\ | | | | Honor the --layers flag
| * Honor the --layers flagDaniel J Walsh2020-12-09
| | | | | | | | | | | | | | | | | | Currently the --layers flag set by the user is ignored, and only the BUILDAH_LAYERS environment variable being set is observed. Fixes: https://github.com/containers/podman/issues/8643 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>