summaryrefslogtreecommitdiff
path: root/cmd
Commit message (Collapse)AuthorAge
* implement podman updateCharlie Doern2022-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman update allows users to change the cgroup configuration of an existing container using the already defined resource limits flags from podman create/run. The supported flags in crun are: this command is also now supported in the libpod api via the /libpod/containers/<CID>/update endpoint where the resource limits are passed inthe request body and follow the OCI resource spec format –memory –cpus –cpuset-cpus –cpuset-mems –memory-swap –memory-reservation –cpu-shares –cpu-quota –cpu-period –blkio-weight –cpu-rt-period –cpu-rt-runtime -device-read-bps -device-write-bps -device-read-iops -device-write-iops -memory-swappiness -blkio-weight-device resolves #15067 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Allow to override default username via command lineArthur Sengileyev2022-08-30
| | | | Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
* service: make move to sub-cgroup non fatalGiuseppe Scrivano2022-08-26
| | | | | | | | | | | | | if we are running in a container in the root cgroup, Podman tries to move itself to a sub-cgroup. This could be a problem in a setup where the cgroups are not writeable, so just log a debug message and continue, since anyway it is a best-effort operation. Closes: https://github.com/containers/podman/issues/15498 [NO NEW TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cmd/podman: Enable --syslog on FreeBSDDoug Rabson2022-08-26
| | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
* Merge pull request #15466 from mtrmac/image-trust-sigstoreDaniel J Walsh2022-08-25
|\ | | | | podman image trust overhaul, incl. sigstore
| * Add support for sigstoreSigned in (podman image trust set)Miloslav Trmač2022-08-25
| | | | | | | | | | | | | | | | NOTE: This does not edit the use-sigstore-attachments value in registries.d, similarly to how (podman image trust set) didn't set the lookaside paths for simple signing. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* | Allow colons in windows file pathsBrent Baude2022-08-24
|/ | | | | | | | | | | | the `podman save` command was failing on windows due to the use of a colon between the drive letter and first directory. the check was intended for Linux and not windows. Fixes #15247 [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #15443 from flouthoc/env-merge-supportOpenShift Merge Robot2022-08-24
|\ | | | | run,create: add support for `--env-merge` for preprocessing default environment variables
| * run,create: add support for --env-merge for preprocessing varsAditya R2022-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow end users to preprocess default environment variables before injecting them into container using `--env-merge` Usage ``` podman run -it --rm --env-merge some=${some}-edit --env-merge some2=${some2}-edit2 myimage sh ``` Closes: https://github.com/containers/podman/issues/15288 Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #15351 from marshall-lee/images-pull-simpleOpenShift Merge Robot2022-08-24
|\ \ | |/ |/| Simplify ImagesPull for when Quiet flag is on
| * Add ProgressWriter to PullOptionsVladimir Kochnev2022-08-19
| | | | | | | | Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
| * Pass io.Writer when pushing images/manifests from command lineVladimir Kochnev2022-08-18
| | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* | Merge pull request #15372 from arixmkii/win_compatOpenShift Merge Robot2022-08-23
|\ \ | | | | | | Improved Windows compatibility
| * | Improved Windows compatibilityArthur Sengileyev2022-08-23
| | | | | | | | | | | | Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
* | | Merge pull request #15421 from sstosh/refactor-rawinputOpenShift Merge Robot2022-08-23
|\ \ \ | | | | | | | | Refactor: About the RawInput process
| * | | Refactor: About the RawInput processToshiki Sonoda2022-08-23
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the RawInput process of the `rm` and `start` subcommands, like the other subcommands such as `restart, stop, etc`. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #15426 from nicrowe00/14955OpenShift Merge Robot2022-08-23
|\ \ \ | | | | | | | | podman kube play/down --read from URL
| * | | podman kube play/down --read from URLNiall Crowe2022-08-23
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `podman kube play` can create pods and containers from YAML read from a URL poiniting to a YAML file. For example: `podman kube play https://example.com/demo.yml`. `podman kube down` can also teardown pods and containers created from that YAML file by also reading YAML from a URL, provided the YAML file the URL points to has not been changed or altered since it was used to create pods and containers Closes #14955 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* / / inspect, image: alias .Config.HealthCheck to .HealthCheck for compatibilityAditya R2022-08-23
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Support inspecting image healthcheck using docker supported `.Config.HealthCheck` by aliasing field to `.HealthCheck` Now supports ```Console podman image inspect -f "{{.Config.Healthcheck}}" imagename ``` Closes: https://github.com/containers/podman/issues/14661 Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #15392 from ashley-cui/quietOpenShift Merge Robot2022-08-22
|\ \ | | | | | | Add quiet/q flag to podman secret ls
| * | Add quiet/q flag to podman secret lsAshley Cui2022-08-22
| |/ | | | | | | | | | | | | Add quiet/q flag to podman secret ls, which will print only the secret ID. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #15363 from rhatdan/secretOpenShift Merge Robot2022-08-22
|\ \ | | | | | | podman secret create -d alias --driver, inspect -f alias --format: Docker compatibity
| * | Add podman secret inspect -f alias for --format: Docker compatibilityDaniel J Walsh2022-08-17
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Add podman secret create -d as alias for --driver for Docker compatibilityDaniel J Walsh2022-08-17
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #15369 from ht-vo/podman-save-validationOpenShift Merge Robot2022-08-22
|\ \ \ | | | | | | | | podman save: update --compress validation
| * | | podman save: update --compress validationHoang Thanh VO2022-08-18
| | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Hoang Thanh VO <111461555+ht-vo@users.noreply.github.com>
* | | | cmd/podman: Enable ABI and Tunnel mode for freebsdDoug Rabson2022-08-22
| |_|/ |/| | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
* | | Merge pull request #15364 from rhatdan/statsOpenShift Merge Robot2022-08-17
|\ \ \ | | | | | | | | Add podman stats --no-trunc option
| * | | Add podman stats --no-trunc optionDaniel J Walsh2022-08-17
| |/ / | | | | | | | | | | | | | | | | | | | | | This is for compatibility with Docker. Partial fix for https://github.com/containers/podman/issues/14917 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / / Add podman manifest create -a. Alias for --amend:Docker compatibilityDaniel J Walsh2022-08-17
|/ / | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #15341 from rhatdan/kubeOpenShift Merge Robot2022-08-17
|\ \ | |/ |/| Fix podman kube generate --help to show correct help message
| * Fix podman kube generate --help to show correct help messageDaniel J Walsh2022-08-16
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #14999 from sstosh/restart-optionOpenShift Merge Robot2022-08-17
|\ \ | | | | | | Add restart --cidfile, --filter
| * | Update cmd/podman/containers/restart.goTom Sweeney2022-08-12
| | | | | | | | | | | | | | | Co-authored-by: Tom Sweeney <tsweeney@redhat.com> Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
| * | Add restart --cidfile, --filterToshiki Sonoda2022-08-12
| | | | | | | | | | | | | | | | | | | | | --cidfile : Read container ID from the specified file and restart the container. --filter : restart the filtered container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | podman manifest create: accept --amend and --insecure flagsNalin Dahyabhai2022-08-16
| |/ |/| | | | | | | | | | | | | Accept a --amend flag in `podman manifest create`, and treat `--insecure` as we would `--tls-verify=false` in `podman manifest`'s "add", "create", and "push" subcommands. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | Merge pull request #15317 from rhatdan/debugOpenShift Merge Robot2022-08-16
|\ \ | | | | | | Add compatibility support for --debug flag from docker
| * | Add compatibility support for --debug -D flag from dockerDaniel J Walsh2022-08-15
| |/ | | | | | | | | | | This is another fix for https://github.com/containers/podman/issues/14917 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #15270 from nicrowe00/kubegenerateOpenShift Merge Robot2022-08-16
|\ \ | | | | | | Add "podman kube generate" command
| * | Add "podman kube generate" commandNiall Crowe2022-08-11
| |/ | | | | | | | | | | | | | | "podman kube generate" creates Kubernetes YAML from Podman containers, pods or volumes. Users will still be able to use "podman generate kube" as an alias of "kube generate". Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* / Add Docker compatibility for --dns-option to --dns-optDaniel J Walsh2022-08-15
|/ | | | | Fixes one of the issues found in https://github.com/containers/podman/issues/14917 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* kube play: sd-notify integrationValentin Rothberg2022-08-10
| | | | | | | | | | | | | | | | | Integrate sd-notify policies into `kube play`. The policies can be configured for all contianers via the `io.containers.sdnotify` annotation or for indidivual containers via the `io.containers.sdnotify/$name` annotation. The `kube play` process will wait for all containers to be ready by waiting for the individual `READY=1` messages which are received via the `pkg/systemd/notifyproxy` proxy mechanism. Also update the simple "container" sd-notify test as it did not fully test the expected behavior which became obvious when adding the new tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #14926 from cdoern/generateSpecOpenShift Merge Robot2022-08-10
|\ | | | | podman generate spec
| * podman generate specCharlie Doern2022-08-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | implement a new command `podman generate spec` which can formulate a json specgen to be consumed by both the pod and container creation API. supported flags are --verbose (default true) print output to the terminal --compact print the json output in a single line format to be piped to the API --filename put the output in a file --clone rename the pod/ctr in the spec so it won't conflict w/ an existing entity Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | Merge pull request #15094 from cdoern/sshOpenShift Merge Robot2022-08-10
|\ \ | | | | | | podman ssh work, using new c/common interface
| * | podman ssh work, using new c/common interfaceCharlie Doern2022-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implement new ssh interface into podman this completely redesigns the entire functionality of podman image scp, podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh have been moved to common as have native ssh/scp execs and the new usage of the sftp package. this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default. Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production. The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used. podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls. My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | Merge pull request #15199 from baude/addapplehvOpenShift Merge Robot2022-08-09
|\ \ \ | |/ / |/| | Add interface for apple hypervisor
| * | Add interface for apple hypervisorBrent Baude2022-08-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new apple silicon processesors (m1/m2) are capable of using a performent apple hypervisor (included in macos). Our "virtual providers" for podman machine are part of an interface design. This PR provides an implementation of the interface to begin the work for supporting the apple hypervisor. It is basically only a skeletal PR. The actual code for using the hypervisor and launching a machine will come as several new PRs following the inclusion of this one. There will likely be code reuse between the applehv and qemu code; but none of that code is being moved at this time. It will be moved "on demand" during development. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #15246 from TomSweeneyRedHat/dev/tsweeney/buildah1.27.0OpenShift Merge Robot2022-08-09
|\ \ \ | | | | | | | | Bump to Buildah v1.27.0
| * | | build: implement --cache-to,--cache-from and --cache-ttlAditya R2022-08-09
| |/ / | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>