summaryrefslogtreecommitdiff
path: root/libpod/image
Commit message (Collapse)AuthorAge
* Add podman image mountDaniel J Walsh2020-07-28
| | | | | | | | | | | | | There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix saving in oci formatQi Wang2020-07-09
| | | | | | | | - fix saving&loading oci format. Close #6544 - support loading using image name without "localhost/" prefix when reading from ociarchive/dir saved from this semantics Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Qi Wang <qiwan@redhat.com>
* move go module to v2Valentin Rothberg2020-07-06
| | | | | | | | | | | | | | | With the advent of Podman 2.0.0 we crossed the magical barrier of go modules. While we were able to continue importing all packages inside of the project, the project could not be vendored anymore from the outside. Move the go module to new major version and change all imports to `github.com/containers/libpod/v2`. The renaming of the imports was done via `gomove` [1]. [1] https://github.com/KSubedi/gomove Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman untag: error if tag doesn't existValentin Rothberg2020-06-24
| | | | | | | | | | | Throw an error if a specified tag does not exist. Also make sure that the user input is normalized as we already do for `podman tag`. To prevent regressions, add a set of end-to-end and systemd tests. Last but not least, update the docs and add bash completions. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* search: allow wildcardsValentin Rothberg2020-06-19
| | | | | | | | | | | | | | | | | | Allow wildcards in the search term. Note that not all registries support wildcards and it may only work with v1 registries. Note that searching implies figuring out if the specified search term includes a registry. If there's not registry detected, the search term will be used against all configured "unqualified-serach-registries" in the registries.conf. The parsing logic considers a registry to be the substring before the first slash `/`. With these changes we now not only support wildcards but arbitrary input; ultimately it's up to the registries to decide whether they support given input or not. Fixes: bugzilla.redhat.com/show_bug.cgi?id=1846629 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fix podman-remote imagesDaniel J Walsh2020-06-16
| | | | | | Looks like we went too far with the linters. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Turn on More lintersDaniel J Walsh2020-06-15
| | | | | | | | | - misspell - prealloc - unparam - nakedret Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fixup issues found by golintDaniel J Walsh2020-06-10
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* compat handlers: add X-Registry-Auth header supportValentin Rothberg2020-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Support the `X-Registry-Auth` http-request header. * The content of the header is a base64 encoded JSON payload which can either be a single auth config or a map of auth configs (user+pw or token) with the corresponding registries being the keys. Vanilla Docker, projectatomic Docker and the bindings are transparantly supported. * Add a hidden `--registries-conf` flag. Buildah exposes the same flag, mostly for testing purposes. * Do all credential parsing in the client (i.e., `cmd/podman`) pass the username and password in the backend instead of unparsed credentials. * Add a `pkg/auth` which handles most of the heavy lifting. * Go through the authentication-handling code of most commands, bindings and endpoints. Migrate them to the new code and fix issues as seen. A final evaluation and more tests is still required *after* this change. * The manifest-push endpoint is missing certain parameters and should use the ABI function instead. Adding auth-support isn't really possible without these parts working. * The container commands and endpoints (i.e., create and run) have not been changed yet. The APIs don't yet account for the authfile. * Add authentication tests to `pkg/bindings`. Fixes: #6384 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fix remote handling of podman images callsDaniel J Walsh2020-05-21
| | | | | | | Enable three more tests Fix handling of image filters Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* manifest annotateQi Wang2020-05-05
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Fixes podman save fails when specifying an image using a digest #5234Sujil022020-04-28
| | | | | | | Adds check to parse normalized name and create docker archive dst reference for tagged untagged image. Relevant test case added. Signed-off-by: Sujil02 <sushah@redhat.com>
* Add --os to manifest addQi Wang2020-04-24
| | | | | | Add --os to manifest add for overriding the os field. Signed-off-by: Qi Wang <qiwan@redhat.com>
* remove blank lineLes Aker2020-04-23
| | | | Signed-off-by: Les Aker <me@lesaker.org>
* set bigfilestemporarydir for pullLes Aker2020-04-23
| | | | Signed-off-by: Les Aker <me@lesaker.org>
* Stop wrapping pull messagesDaniel J Walsh2020-04-23
| | | | | | | | | | The length and size of our error messages on failure to pull is huge. This patch at least eliminates some of the wrapping. But I think eventually we need to look at containers/image and see if we can modify the error messages to something a little more human friendly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add functions to return image informationsDaniel J Walsh2020-04-20
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* image prune skips images with child images.Kunal Kushwaha2020-04-15
| | | | | | | | While image build process, intermediate images are created. These images are also used as cache images, used in rebuilding same images. This fix the deletion of cache images. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* podmanv2 loadBrent Baude2020-04-01
| | | | | | | | | | enable podman load for v2 add reexec into main add systemd build flag to v2 makefile Signed-off-by: Brent Baude <bbaude@redhat.com>
* apiv2 addition of manifestsBrent Baude2020-03-16
| | | | | | | | add endpoints for create, add, remove, inspect, and push. this allows manifests to be managed through the restful interfaces. also added go-bindings and tests Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5469 from giuseppe/no-size-create-containerOpenShift Merge Robot2020-03-12
|\ | | | | create: do not calculate image size
| * create: do not calculate image sizeGiuseppe Scrivano2020-03-12
| | | | | | | | | | | | | | calculating the image size can be an expensive operation. Avoid doing it when creating a new container since the size is not needed. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | golangci: enable goimportsValentin Rothberg2020-03-05
|/ | | | | | Enable the goimports linter and fix reports. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5236 from marusak/filter_by_idOpenShift Merge Robot2020-02-21
|\ | | | | apiv2: Image filtering and fixup docs
| * apiv2: Enable filtering images by IDMatej Marusak2020-02-17
| | | | | | | | | | | | | | It is more practical for API usage and also it is more in sync how filtering of containers works. Signed-off-by: Matej Marusak <mmarusak@redhat.com>
* | podman images: add --filter=since=XXEd Santiago2020-02-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Looks like a bit of a misunderstanding from early on. Docker implements --filter=since=IMAGE. Podman implements 'after' instead of 'since'. Add an equivalent case statement to handle both, keeping 'after' because we have no way of knowing if it is used in the field. Update documentation ... and fix what looks like a complete misinterpretation of what the code actually does: the man page claimed that these were time fields, but I don't see any possible incantation in which a time value works or could work. Updated docs to reflect IMAGE usage. Also changed nonworking '==' to single '='. Added tests. [UPDATE: skip with broken podman-remote] Fixes: #5040 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Refactor image tree for API usageSascha Grunert2020-02-17
|/ | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* use quay.io/libpod/fedora-minimal for reliabilityBrent Baude2020-02-12
| | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* Modify Runtime.getImage to return a storage.ImageMiloslav Trmač2020-02-07
| | | | | | | ... because both callers only care about that aspect of the return value. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Document an aspect of newFromStorage behaviorMiloslav Trmač2020-02-07
| | | | | | Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Introduce a Runtime.newImage constructorMiloslav Trmač2020-02-07
| | | | | | | | | ... so that _all_ Image objects are created in a single place that is easy to update. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Move Image.getLocalImage to Runtime.getLocalImageMiloslav Trmač2020-02-07
| | | | | | | | | | | Instead of the function updating image.InputName (the only reason for it to need an image), have it return the updated value separately. This will allow simplifying the constructors of Image further. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Remove the getLocalImage() call from Image.SizeMiloslav Trmač2020-02-07
| | | | | | | | | All ways to create an Image{} have a non-nil .image field, and it is never set to nil, so this is dead code. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use Runtime.NewFromLocal instead of open-coded copiesMiloslav Trmač2020-02-07
| | | | | | | | | All code creating an Image by looking up a name now uses Runtime.NewFromLocal. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Trivial simplificationMiloslav Trmač2020-02-07
| | | | | | Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Create two separate newImage instances in Runtime.NewMiloslav Trmač2020-02-07
| | | | | | | | | | This is not _trivially_ safe because newImage.getLocalImage() modifies newImage.ImageName, but we overwrite that value anyway. So, this should not change behavior, and it will make future refactoring easier to verify. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Call NewImageRuntimeFromStore from NewImageRuntimeFromOptionsMiloslav Trmač2020-02-07
| | | | | | | | ... so that there ultimately is only one constructor. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Close tarSource when finished using itDaniel J Walsh2020-02-04
| | | | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1797599 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Wrap error for failing ImageSize callsSascha Grunert2020-02-04
| | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* history: fix size computingValentin Rothberg2020-01-29
| | | | | | | | | Get the layer's size whether it relates to the first history entry or not. This fixes issues where the first entry would always be shown to be of size 0. Fixes: #4916 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* honor pull policy in play kubeBrent Baude2020-01-28
| | | | | | | | When a container specification has a pull policy, we should honor it when recreating the pods/containers from yaml. furthermore, ini kube, if a tag is :latest, then the always pull policy is automatically instituted. Fixes: #4880 Signed-off-by: Brent Baude <bbaude@redhat.com>
* inspect image healthchecksBrent Baude2020-01-27
| | | | | | | when a docker image has a defined healthcheck, it should be displayed with inspect. this is only valid for docker images as oci images are not aware of healthchecks. Fixes: #4799 Signed-off-by: Brent Baude <bbaude@redhat.com>
* make lint: include unit testsValentin Rothberg2020-01-14
| | | | | | | Include the unit tests (i.e., _test.go files) for linting to make the tests more robust and enforce the linters' coding styles etc. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #4850 from vrothberg/fix-lintingOpenShift Merge Robot2020-01-13
|\ | | | | Fix linting
| * make lint: enable gocriticValentin Rothberg2020-01-13
| | | | | | | | | | | | | | `gocritic` is a powerful linter that helps in preventing certain kinds of errors as well as enforcing a coding style. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #4817 from rhatdan/codespellOpenShift Merge Robot2020-01-13
|\ \ | |/ |/| Add codespell to validate spelling mistakes in code.
| * Add codespell to validate spelling mistakes in code.Daniel J Walsh2020-01-11
| | | | | | | | | | | | Fix all errors found by codespell Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4694 from openSUSE/history-names-in-inspectOpenShift Merge Robot2020-01-13
|\ \ | |/ |/| Add history names to image inspect data
| * Add history names to image inspect dataSascha Grunert2019-12-13
| | | | | | | | | | | | | | During writing the tests I found it would be probably useful to have the tag history part of the inspect data. Signed-off-by: Sascha Grunert <sgrunert@suse.com>