summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* Merge pull request #9593 from vrothberg/cp-tmpOpenShift Merge Robot2021-03-05
|\ | | | | podman cp: support copying on tmpfs mounts
| * podman cp: support copying on tmpfs mountsValentin Rothberg2021-03-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Traditionally, the path resolution for containers has been resolved on the *host*; relative to the container's mount point or relative to specified bind mounts or volumes. While this works nicely for non-running containers, it poses a problem for running ones. In that case, certain kinds of mounts (e.g., tmpfs) will not resolve correctly. A tmpfs is held in memory and hence cannot be resolved relatively to the container's mount point. A copy operation will succeed but the data will not show up inside the container. To support these kinds of mounts, we need to join the *running* container's mount namespace (and PID namespace) when copying. Note that this change implies moving the copy and stat logic into `libpod` since we need to keep the container locked to avoid race conditions. The immediate benefit is that all logic is now inside `libpod`; the code isn't scattered anymore. Further note that Docker does not support copying to tmpfs mounts. Tests have been extended to cover *both* path resolutions for running and created containers. New tests have been added to exercise the tmpfs-mount case. For the record: Some tests could be improved by using `start -a` instead of a start-exec sequence. Unfortunately, `start -a` is flaky in the CI which forced me to use the more expensive start-exec option. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #9607 from mheon/fix_9523OpenShift Merge Robot2021-03-04
|\ \ | | | | | | Respect NanoCpus in Compat Create
| * | Respect NanoCpus in Compat CreateMatthew Heon2021-03-04
| |/ | | | | | | | | | | | | | | | | | | The NanoCpus field in HostConfig was not wired up. It conflicts with CPU period and quota (it hard-codes period to a specific value and then sets the user-specified value as Quota). Fixes #9523 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / Compat API: create volume source dirs on the hostMatthew Heon2021-03-03
|/ | | | | | | | | | | | | | | | | It took a lot to figure out exactly how this should work, but I think I finally have it. My initial versions of this created the directory with the same owner as the user the container was run with, which was rather complicated - but after review against Docker, I have determined that is incorrect, and it's always made as root:root 0755 (Ubuntu's Docker, which I was using to try and test, is a snap - and as such it was sandboxed, and not actually placing directories it made in a place I could find?). This makes things much easier, since I just need to parse out source directories for binds and ensure they exist. Fixes #9510 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Fix possible panic with podman build --iidfilePaul Holzinger2021-03-03
| | | | | | | | | | Make sure we check for errors before trying to write the iidfile. [NO TESTS NEEDED] Ref #9594 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #9580 from rhatdan/timestampDaniel J Walsh2021-03-03
|\ | | | | Fix support for podman build --timestamp
| * Fix support for podman build --timestampDaniel J Walsh2021-03-02
| | | | | | | | | | | | | | | | | | Currently podman is ignoreing the build --timestamp flag. This PR fixes this for local and remote clients. Fixes: https://github.com/containers/podman/issues/9569 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9512 from mheon/fix_9511OpenShift Merge Robot2021-03-02
|\ \ | |/ |/| Fix parsing of Tmpfs field in compat create
| * Fix parsing of Tmpfs field in compat createMatthew Heon2021-02-25
| | | | | | | | | | | | | | | | | | | | | | Create is not formatted as `key=value` but rather `key:value` (technically `path:option1,option2`). As such we can't use the stringMapToArray function, and instead need to generate it manually. Fixes #9511 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Enable no_hosts from containers.confDaniel J Walsh2021-02-26
| | | | | | | | | | | | | | | | | | | | Since we have no good way to enable this on the server side, we will just allow it to be set on the client side. This should solve almost all cases. Partially fixes: https://github.com/containers/podman/issues/9500 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Updated based on Jhonce commentsParker Van Roy2021-02-24
| | | | | | | | | | | | | | | | | | Added ID to default removed outdated imports slight refactor Test Network Headers added to network_test.go Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | Refactored fileParker Van Roy2021-02-24
| | | | | | | | | | | | | | | | moved --format to templateOut() Rm parse package except JSON Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | Merge pull request #9469 from vrothberg/cp-stdoutOpenShift Merge Robot2021-02-22
|\ \ | | | | | | podman cp: /dev/std{in,out} fixes
| * | podman cp: test /dev/stdin correctlyValentin Rothberg2021-02-22
| | | | | | | | | | | | | | | | | | | | | /dev/stdin should not be treated as "-" to remain compatible with Docker and to have a more consistent and idiomatic interface. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | podman cp: treat /dev/stdout correctlyValentin Rothberg2021-02-22
| | | | | | | | | | | | | | | | | | | | | | | | /dev/stdout should not be treated as "-" to remain compatible with Docker and to have a more consistent and idiomatic interface. Fixes: #9362 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #9445 from jmguzik/no-header-info-for-systemd-generationOpenShift Merge Robot2021-02-22
|\ \ \ | | | | | | | | No header info for systemd generation
| * | | --no-header flag implementation for generate systemdJakub Guzik2021-02-22
| | |/ | |/| | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | Merge pull request #9420 from rhatdan/kubeOpenShift Merge Robot2021-02-22
|\ \ \ | |_|/ |/| | [NO TESTS NEEDED] Allow podman play kube to read yaml file from stdin
| * | Allow podman play kube to read yaml file from stdinDaniel J Walsh2021-02-19
| |/ | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/8996 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / bump go module to v3Valentin Rothberg2021-02-22
|/ | | | | | | | | We missed bumping the go module, so let's do it now :) * Automated go code with github.com/sirkon/go-imports-rename * Manually via `vgrep podman/v2` the rest Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #9430 from baude/issue9429OpenShift Merge Robot2021-02-19
|\ | | | | Fix segfault in run with memory-swap
| * Fix segfault in run with memory-swapbaude2021-02-19
| | | | | | | | | | | | | | | | | | when unlimited (-1) was being passed to memory-swap, podman threw a segfault. Fixes #9429 Signed-off-by: baude <bbaude@redhat.com>
* | cp: treat "." and "/." correctlyValentin Rothberg2021-02-18
|/ | | | | | | | | | | | Make sure to treat "." and "/." correctly. Both cases imply to copy the contents of a directory in contrast to the directory. This implies to unset the KeepDirectoryNames options of the copiah package. Previously, the code was performing a simple string suffix check which is not enough since it would match files and directories ending with ".". Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman ps --format '{{ .Size }}' requires --size optionDaniel J Walsh2021-02-17
| | | | | | | | | | | | Podman -s crashes when the user specifies the '{{ .Size }}` format on the podman ps command, without specifying the --size option. This PR will stop the crash and print out a logrus.Error stating that the caller should add the --size option. Fixes: https://github.com/containers/podman/issues/9408 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman kill should report rawInput not container idDaniel J Walsh2021-02-16
| | | | | | | Docker always reports back the users input, not the full id, we should do the same. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #9396 from rhatdan/stopOpenShift Merge Robot2021-02-16
|\ | | | | When stopping a container, print rawInput
| * When stopping a container, print rawInputDaniel J Walsh2021-02-16
| | | | | | | | | | | | | | | | | | | | | | When we stop a container we are printing the full id, this does not match Docker behaviour or the start behavior. We should be printing the users rawInput when we successfully stop the container. Fixes: https://github.com/containers/podman/issues/9386 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9372 from matejvasek/fix_host_portOpenShift Merge Robot2021-02-16
|\ \ | | | | | | Docker [APIv2] create container: handle empty host port
| * | fix create container: handle empty host portMatej Vasek2021-02-16
| |/ | | | | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* / correct startup error messageValentin Rothberg2021-02-16
|/ | | | | | | | | | | | | The error message when failing to create an image engine unconditionally pointed to the Podman socket which is quite confusing when running locally. Move the error message to the point where the first ping to the service fails. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* change ps Created to unixbaude2021-02-12
| | | | | | | | change from unixnano to unix for ps created --format json [NO TESTS NEEDED] Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #9331 from Luap99/lintOpenShift Merge Robot2021-02-12
|\ | | | | Enable more golangci-lint linters
| * Enable whitespace linterPaul Holzinger2021-02-11
| | | | | | | | | | | | | | | | Use the whitespace linter and fix the reported problems. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Enable golint linterPaul Holzinger2021-02-11
| | | | | | | | | | | | | | | | Use the golint linter and fix the reported problems. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * Enable stylecheck linterPaul Holzinger2021-02-11
| | | | | | | | | | | | | | | | Use the stylecheck linter and fix the reported problems. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | container ps json format miscuebaude2021-02-11
|/ | | | | | | | | | when printing out json format, we mistakenly changed the Created field output to be a time.time in a different commit. This allows for override of the Created field to be a unix ts as type int64. Fixes: #9315 Signed-off-by: baude <bbaude@redhat.com>
* Add shell completion tests for secretsPaul Holzinger2021-02-10
| | | | | | | | Add the SECRET keyword to the shell completion test. Also update the use line for podman secret create to use `NAME` instead of `SECRET`. This matches the other commands such as network/volume create. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #9125 from ashley-cui/secretswiringOpenShift Merge Robot2021-02-09
|\ | | | | Implement Secrets
| * Implement SecretsAshley Cui2021-02-09
| | | | | | | | | | | | | | | | | | | | | | Implement podman secret create, inspect, ls, rm Implement podman run/create --secret Secrets are blobs of data that are sensitive. Currently, the only secret driver supported is filedriver, which means creating a secret stores it in base64 unencrypted in a file. After creating a secret, a user can use the --secret flag to expose the secret inside the container at /run/secrets/[secretname] This secret will not be commited to an image on a podman commit Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #9269 from Luap99/rootfs-shell-completionOpenShift Merge Robot2021-02-09
|\ \ | | | | | | Allow path completion for podman create/run --rootfs
| * | Allow path completion for podman create/run --rootfsPaul Holzinger2021-02-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the --rootfs flag is set podman create/run expect a host path as first argument. The shell completion should provide path completion in that case. [NO TESTS NEEDED] This can manually be verified with `podman run --rootfs [TAB]`. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Bump containers/buildah to v1.19.4Daniel J Walsh2021-02-08
| | | | | | | | | | | | | | | | | | Fix handling of --iidfile to happen on the client side. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9246 from rhatdan/buildOpenShift Merge Robot2021-02-08
|\ \ \ | |/ / |/| | Implement missing arguments for podman build
| * | Implement missing arguments for podman buildDaniel J Walsh2021-02-08
| |/ | | | | | | | | | | | | | | Buildah bud passes a bunch more flags then podman build. We need to implement hook up all of these flags to get full functionality. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / add network prunebaude2021-02-06
|/ | | | | | | | | add the ability to prune unused cni networks. filters are not implemented but included both compat and podman api endpoints. Fixes :#8673 Signed-off-by: baude <bbaude@redhat.com>
* Improve ContainerEngine.ContainerWait()Matej Vasek2021-02-03
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* Merge pull request #9174 from bitstrings/masterOpenShift Merge Robot2021-02-03
|\ | | | | Make slirp MTU configurable (network_cmd_options)
| * Make slirp MTU configurable (network_cmd_options)bitstrings2021-02-02
| | | | | | | | | | | | | | | | The mtu default value is currently forced to 65520. This let the user control it using the config key network_cmd_options, i.e.: network_cmd_options=["mtu=9000"] Signed-off-by: bitstrings <pino.silvaggio@gmail.com>
* | Merge pull request #9116 from iwita/ls-volumes-before-pruningOpenShift Merge Robot2021-02-02
|\ \ | | | | | | List volumes before pruning