| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
It's a NOP since Podman v2.0 (#5738).
[NO NEW TESTS NEEDED] - does not change behavior.
Fixes: #15185
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Refactor common options in man pages
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman-create and -run have many options in common. To date,
these are copy-pasted and haphazardly maintained.
Solution: add an include mechanism, '@@option foo', such
that multiple md source files can fetch from one common file.
This is a Phase One commit, a very small subset of what's
possible. Purpose of this commit is ease of review. If this
passes review, much more (trickier stuff) will be forthcoming.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| |/
|/| |
Add rm --filter option
|
| | |
| |
| |
| |
| |
| | |
--filter : remove the filtered container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The "podman kube down" reads in a structured file of
Kubernetes YAML and removes pods based on the Kubernetes kind described in the YAML,
similiar to "podman play kube --down". Users will still be able to use
"podman play kube --down" and "podman kube play --down" to
perform the same function.
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] man podman-volume-import: Clarify that merge happens
|
| | | |
| | |
| | | |
Signed-off-by: Felix Stupp <me+github@banananet.work>
|
| | |/
| |
| |
| |
| | |
Current directories and files stay the same with the current implementation as long as the tarball does not contain a directories or files with the same name.
Signed-off-by: Felix Stupp <me+github@banananet.work>
|
| |\ \
| | |
| | | |
Sigstore sign
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Allow creating sigstore signatures via --sign-by-sigstore-private-key .
Like existing --sign-by, it does not work remote (in this case
because we would have to copy the private key to the server).
- Allow passing a passphrase (which is mandatory for sigstore private keys)
via --sign-passphrase-file; if it is not provided, prompt interactively.
- Also, use that passphrase for --sign-by as well, allowing non-interactive
GPG use. (But --sign-passphrase-file can only be used with _one of_
--sign-by and --sign-by-sigstore-private-key.)
Note that unlike the existing code, (podman build) does not yet
implement sigstore (I'm not sure why it needs to, it seems not to
push images?) because Buildah does not expose the feature yet.
Also, (podman image sign) was not extended to support sigstore.
The test for this follows existing (podman image sign) tests
and doesn't work rootless; that could be improved by exposing
a registries.d override option.
The test for push is getting large; I didn't want to
start yet another registry container, but that would be an
alternative. In the future, Ginkgo's Ordered/BeforeAll
would allow starting a registry once and using it for two
tests.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
local/remote mode.
Also Fix usage of flag "--compression-format" for remote "podman image push". Fix usage of flags "--format", "--remove-signatures" in remote "podman manifest push".
Closes #15109.
Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
|
| |
|
|
|
|
| |
* Replace typo 'personaity' with 'personality' in several man pages
Signed-off-by: Ewout van Mansom <ewout@vanmansom.name>
|
| |\
| |
| | |
[CI:DOCS] podman-generate-systemd.1.md: document --sdnotify
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Document why the default value for --sdnotify is overridden.
Some was included text from
https://github.com/containers/podman/issues/15029#issuecomment-1192244755
* Document that --sdnotify=ignore is overridden.
Fixes #15029
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
for podman pod create, when we are not sharing any namespaces there is no point for the infra container.
This is especially true since resources have also been decoupled from the container recently.
handle this on the cmd level so that we can still create infra if set explicitly
resolves #15048
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] docs: remove CNI word where it is not applicable
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Most network commands/features work with both netavark and CNI. When
we added added netavark most docs were not vetted and thus still use CNI
network, it should just say network.
Fixes #14990
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
Add pause/unpause --latest, --cidfile, --filter
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
--latest : pause/unpause the latest container.
--filter : pause/unpause the filtered container.
--cidfile : Read container ID from the specified file and pause/unpause the container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \ \
| |_|/
|/| | |
Makefile: use order-only prereq for podman-remote
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman-remote has a dependency on $(SRCBINDIR), because on
Mac and Windows that's a special dir that may not exist.
But depending on a directory means depending on its mtime,
which changes every time a file in it is updated, which
means running 'make' twice in a row will rebuild podman-remote
for no good reason.
Solution: GNU Make has the concept of "order-only" prerequisites,
precisely for this situation. Use it. Since it's an obscure
feature, document it.
UPDATE: This exposed some nasty duplication wrt podman-remote rules.
Clean those up, and add comments to some confusing sections.
Fixes: #14756
(Also, drive-by edit to remove a stray misdocumented non-option)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
added the following flags and handling for podman pod create
--memory-swap
--cpuset-mems
--device-read-bps
--device-write-bps
--blkio-weight
--blkio-weight-device
--cpu-shares
given the new backend for systemd in c/common, all of these can now be exposed to pod create.
most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here
as well!
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] document isolate option for network create
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
[CI:DOCS]
document the podman network create -o=isolate which allows networks to cut themselves off
from external connections.
resolves #5805
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |/
|
|
|
|
| |
rme -> rm
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\
| |
| | |
Podman pull --all-tags shorthand option
|
| | |
| |
| |
| |
| |
| |
| | |
I added the shorthand option for `podman pull --all-tags`. Like Docker,
Podman can now do `podman pull -a`.
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in
getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy.
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Followup to #14906, in which a nonexistent option was found
in a man page. The xref script was designed to catch that,
but I was too lax in my parsing: the option was documented
using wrong syntax, and the script didn't catch it.
Solution: do not allow *any* unrecognized cruft in the
option description lines. And fix all improperly-written
entries to conform to the rule:
**--option**=*value(s)*
Two asterisks around option, which must have two dashes. One
asterisk around value(s).
This is going to cause headaches for some people adding new
options, but I don't think I can fix that: there are many
factors that make an unparseable line. Adding 'hint' code
would make the script even more complex than it is. I have
to assume that our contributors are smart enough to look
at surrounding context and figure out the right way to
specify options.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| |/
|/| |
Add podman events -f to be alias for --filter
|
| | |
| |
| |
| |
| |
| | |
Needed for Docker compatibility.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Add "podman kube play" cmd
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The "podman kube play" command is designed to be a replacement for the
"podman play kube" command.
It performs the same function as "play kube" while also still working with the same flags and options.
The "podman play kube" command is still functional as an alias of "kube play".
Closes #12475
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| |/
|/| |
[CI:DOCS] man pages: replace -c with --cpu-shares
|
| | |
| |
| |
| | |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Add support for -c as an alias for --cpu-shares to be compatible with
Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
| |
Closes #14906
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
* Correct spelling and typos.
* Improve language.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
| |
* Reference --uidmap in --gidmap docs for additional information
* Remove --gidmap example "groupname -> 100000 / 30000 -> 0"
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* Add example "Extracting the list of container registries with a Go template".
(The example was already present but in a much shorter form)
* Add example "Extracting the list of container registries from JSON with jq".
* Add shell completion instructions
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Make sure that the docs for pull policies is consistent with Buildah and
reflects the implementation.
Further improve the help messages and auto completions.
[NO NEW TESTS NEEDED]
Fixes: #14846
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\
| |
| | |
make 9p security model configurable; document
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This addresses:
Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784
This change does NOT exactly fix the bug, but it does allow the user to
work around it via 'podman init' option, e.g.:
podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none"
If the default security model were to be changed to 'none', then that
would fix the bug, at the possible cost of breaking any use cases that
depend on 'mapped-xattr'.
The documentation of the purpose and behavior of the different security
models seems to be rather light:
https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
From testing, it appears that the mapped-xattr security model intends to
manage symlinks such that the guest can see the symlinks but the host
only sees regular files (with extended attributes). As far as I can
tell, this behavior only makes sense when the guest is the only thing
that ever needs to create and read symlinks. Otherwise, symlinks created
on the host are unusable on the guest, and vice versa.
As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5
[NO NEW TESTS NEEDED]
Also document existing ro and rw options.
Also remove misleading statement about /mnt. By my observation, this
line is incorrect. If the intended meaning is different, then I don't
understand.
The default volume is mounted read/write and is not within /mnt.
[core@localhost ~]$ mount | grep 9p
vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio)
Signed-off-by: Corey Hickey <chickey@tagged.com>
|
| |\ \
| | |
| | | |
Podman machine info
|
| | |/
| |
| |
| |
| |
| |
| | |
Add podman machine info command, which displays infor about the machine
host as well as version info.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add support for the --uts flag in pod create, allowing users to avoid
issues with default values in containers.conf.
uts follows the same format as other namespace flags:
--uts=private (default), --uts=host, --uts=ns:PATH
resolves #13714
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
