| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
The --trace has helped in early stages analyze Podman code. However,
it's contributing to dependency and binary bloat. The standard go
tooling can also help in profiling, so let's turn `--trace` into a NOP.
[NO TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
| |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\
| |
| | |
podman cp: support copying on tmpfs mounts
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Traditionally, the path resolution for containers has been resolved on
the *host*; relative to the container's mount point or relative to
specified bind mounts or volumes.
While this works nicely for non-running containers, it poses a problem
for running ones. In that case, certain kinds of mounts (e.g., tmpfs)
will not resolve correctly. A tmpfs is held in memory and hence cannot
be resolved relatively to the container's mount point. A copy operation
will succeed but the data will not show up inside the container.
To support these kinds of mounts, we need to join the *running*
container's mount namespace (and PID namespace) when copying.
Note that this change implies moving the copy and stat logic into
`libpod` since we need to keep the container locked to avoid race
conditions. The immediate benefit is that all logic is now inside
`libpod`; the code isn't scattered anymore.
Further note that Docker does not support copying to tmpfs mounts.
Tests have been extended to cover *both* path resolutions for running
and created containers. New tests have been added to exercise the
tmpfs-mount case.
For the record: Some tests could be improved by using `start -a` instead
of a start-exec sequence. Unfortunately, `start -a` is flaky in the CI
which forced me to use the more expensive start-exec option.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Respect NanoCpus in Compat Create
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The NanoCpus field in HostConfig was not wired up. It conflicts
with CPU period and quota (it hard-codes period to a specific
value and then sets the user-specified value as Quota).
Fixes #9523
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It took a lot to figure out exactly how this should work, but I
think I finally have it. My initial versions of this created the
directory with the same owner as the user the container was run
with, which was rather complicated - but after review against
Docker, I have determined that is incorrect, and it's always made
as root:root 0755 (Ubuntu's Docker, which I was using to try and
test, is a snap - and as such it was sandboxed, and not actually
placing directories it made in a place I could find?). This makes
things much easier, since I just need to parse out source
directories for binds and ensure they exist.
Fixes #9510
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
|
|
| |
Make sure we check for errors before trying to write the iidfile.
[NO TESTS NEEDED]
Ref #9594
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\
| |
| | |
Fix support for podman build --timestamp
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently podman is ignoreing the build --timestamp flag.
This PR fixes this for local and remote clients.
Fixes: https://github.com/containers/podman/issues/9569
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Fix parsing of Tmpfs field in compat create
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Create is not formatted as `key=value` but rather `key:value`
(technically `path:option1,option2`). As such we can't use the
stringMapToArray function, and instead need to generate it
manually.
Fixes #9511
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since we have no good way to enable this on the server side, we will
just allow it to be set on the client side. This should solve almost all
cases.
Partially fixes: https://github.com/containers/podman/issues/9500
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added ID to default
removed outdated imports
slight refactor
Test Network Headers added to network_test.go
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
moved --format to templateOut()
Rm parse package except JSON
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
|\ \
| | |
| | | |
podman cp: /dev/std{in,out} fixes
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
/dev/stdin should not be treated as "-" to remain compatible with Docker
and to have a more consistent and idiomatic interface.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
/dev/stdout should not be treated as "-" to remain compatible with
Docker and to have a more consistent and idiomatic interface.
Fixes: #9362
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
No header info for systemd generation
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \
| |_|/
|/| | |
[NO TESTS NEEDED] Allow podman play kube to read yaml file from stdin
|
| |/
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/8996
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
We missed bumping the go module, so let's do it now :)
* Automated go code with github.com/sirkon/go-imports-rename
* Manually via `vgrep podman/v2` the rest
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
Fix segfault in run with memory-swap
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when unlimited (-1) was being passed to memory-swap, podman threw a
segfault.
Fixes #9429
Signed-off-by: baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Make sure to treat "." and "/." correctly. Both cases imply to copy the
contents of a directory in contrast to the directory. This implies to
unset the KeepDirectoryNames options of the copiah package.
Previously, the code was performing a simple string suffix check which
is not enough since it would match files and directories ending with
".".
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman -s crashes when the user specifies the '{{ .Size }}` format
on the podman ps command, without specifying the --size option.
This PR will stop the crash and print out a logrus.Error stating that
the caller should add the --size option.
Fixes: https://github.com/containers/podman/issues/9408
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
| |
Docker always reports back the users input, not the full
id, we should do the same.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
When stopping a container, print rawInput
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When we stop a container we are printing the full id,
this does not match Docker behaviour or the start behavior.
We should be printing the users rawInput when we successfully
stop the container.
Fixes: https://github.com/containers/podman/issues/9386
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Docker [APIv2] create container: handle empty host port
|
| |/
| |
| |
| | |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
The error message when failing to create an image engine unconditionally
pointed to the Podman socket which is quite confusing when running
locally.
Move the error message to the point where the first ping to the service
fails.
[NO TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
|
| |
change from unixnano to unix for ps created --format json
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
Enable more golangci-lint linters
|
| |
| |
| |
| |
| |
| |
| |
| | |
Use the whitespace linter and fix the reported problems.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Use the golint linter and fix the reported problems.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Use the stylecheck linter and fix the reported problems.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|/
|
|
|
|
|
|
|
|
| |
when printing out json format, we mistakenly changed the Created field
output to be a time.time in a different commit. This allows for
override of the Created field to be a unix ts as type int64.
Fixes: #9315
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
| |
Add the SECRET keyword to the shell completion test. Also update the
use line for podman secret create to use `NAME` instead of `SECRET`.
This matches the other commands such as network/volume create.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\
| |
| | |
Implement Secrets
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implement podman secret create, inspect, ls, rm
Implement podman run/create --secret
Secrets are blobs of data that are sensitive.
Currently, the only secret driver supported is filedriver, which means creating a secret stores it in base64 unencrypted in a file.
After creating a secret, a user can use the --secret flag to expose the secret inside the container at /run/secrets/[secretname]
This secret will not be commited to an image on a podman commit
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \
| | |
| | | |
Allow path completion for podman create/run --rootfs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the --rootfs flag is set podman create/run expect a host
path as first argument. The shell completion should provide
path completion in that case.
[NO TESTS NEEDED]
This can manually be verified with `podman run --rootfs [TAB]`.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fix handling of --iidfile to happen on the client side.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Implement missing arguments for podman build
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Buildah bud passes a bunch more flags then podman build.
We need to implement hook up all of these flags to get full functionality.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
add the ability to prune unused cni networks. filters are not implemented
but included both compat and podman api endpoints.
Fixes :#8673
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
|
| |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\
| |
| | |
Make slirp MTU configurable (network_cmd_options)
|