summaryrefslogtreecommitdiff
path: root/libpod/image
Commit message (Collapse)AuthorAge
* podman-remote image treebaude2019-04-04
| | | | | | | add the ability for the podman-remote client to be able to print an image tree. Signed-off-by: baude <bbaude@redhat.com>
* Fix a potential segfault in podman searchMatthew Heon2019-04-03
| | | | | | | | | | | | | When generating headers for search, we unconditionally access element 0 of an array, and I saw this segfault in our CI. There's no reason we have to do this, we're just going through it to get field names with reflect, so just make a new copy of the struct in question. Also, move this code, which is only for CLI display, into cmd/podman from libpod/image. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Set blob cache directory based on GraphDriverDaniel J Walsh2019-03-29
| | | | | | | | | | | | Currently in rootless containers, we end up not using the blob cache. We also don't store the blob cache based on the users specified graph storage. This change will cause the cache directory to be stored with the rest of the containe images. While doing this patch, I found that we had duplicated GetSystemContext in two places in libpod. I cleaned this up. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix Bug 1688041-podman image save removes existing imageQi Wang2019-03-20
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Tree implementation for podman imagesKunal Kushwaha2019-03-14
| | | | Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
* Add event logging to libpod, even display to podmanbaude2019-03-11
| | | | | | | | | | | | | | | | | In lipod, we now log major events that occurr. These events can be displayed using the `podman events` command. Each event contains: * Type (container, image, volume, pod...) * Status (create, rm, stop, kill, ....) * Timestamp in RFC3339Nano format * Name (if applicable) * Image (if applicable) The format of the event and the varlink endpoint are to not be considered stable until cockpit has done its enablement. Signed-off-by: baude <bbaude@redhat.com>
* pull: promote debug statement to errorGiuseppe Scrivano2019-03-11
| | | | | | print an error if there is any failure pulling an image. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* podman healthcheck run (phase 1)baude2019-03-05
| | | | | | | | | Add the ability to manually run a container's healthcheck command. This is only the first phase of implementing the healthcheck. Subsequent pull requests will deal with the exposing the results and history of healthchecks as well as the scheduling. Signed-off-by: baude <bbaude@redhat.com>
* podman-remote load imagebaude2019-02-21
| | | | | | | enable the ability to load an image into remote storage using the remote client. Signed-off-by: baude <bbaude@redhat.com>
* podman-remote save [image]baude2019-02-20
| | | | | | | Add the ability to save an image from the remote-host to the remote-client. Signed-off-by: baude <bbaude@redhat.com>
* image.SearchImages: use SearchFilter typeValentin Rothberg2019-02-20
| | | | | | | Use an `image.SearchFilter` instead of a `[]string` in the SearchImages API. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman-search: refactor code to libpod/image/search.goValentin Rothberg2019-02-20
| | | | | | | | Refactor the image-search logic from cmd/podman/search.go to libpod/image/search.go and update podman-search and the Varlink API to use it. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* OpenTracing support added to start, stop, run, create, pull, and psSebastian Jug2019-02-18
| | | | | | Drop context.Context field from cli.Context Signed-off-by: Sebastian Jug <sejug@redhat.com>
* Parse fq name correctly for imagesbaude2019-02-13
| | | | | | | | | | When parsing a string name for repo and tag (for images output), we should be using parsenormalizedname and reference.Canonical to get the proper output. Resolves: #2175 Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2196 from baude/toolboxDaniel J Walsh2019-02-05
|\ | | | | Changes to container runlabel for toolbox project
| * Changes to container runlabel for toolbox projectbaude2019-01-30
| | | | | | | | | | | | | | | | | | | | The toolbox project would benefit from a few changes to more closely resembe the original atomic cli project. Changes made are: * only pull image for container runlabel if the label exists in the image * if a container image does not have the desired label, exit with non-zero Signed-off-by: baude <bbaude@redhat.com>
* | libpod/image: Use RepoDigests() in Inspect()W. Trevor King2019-01-31
|/ | | | | | | To get the more-robust handling from 0f6535cf (libpod/image: Use ParseNormalizedNamed in RepoDigests, 2019-01-08, #2106) here too. Signed-off-by: W. Trevor King <wking@tremily.us>
* podman image prune -- implement all flagbaude2019-01-29
| | | | | | | | | | | we now, by default, only prune dangling images. if --all is passed, we prune dangling images AND images that do not have an associated containers. also went ahead and enabled the podman-remote image prune side of things. Fixes: #2192 Signed-off-by: baude <bbaude@redhat.com>
* Remove imageParts.{isTagged,registry,name,tag}Miloslav Trmač2019-01-14
| | | | | | | | | | | | | Finally, these members no longer have any users. Future users should usually call referenceWithRegistry / normalizedReference, and work with the returned value, instead of reintroducing these variables. Similarly, direct uses of unnormalizedRef should be rare (only for cases where the registry and/or path truly does not matter). Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Clarify comments about isRegistry a bit.Miloslav Trmač2019-01-14
| | | | | | Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use imageParts.unnormalizedRef in GetImageBaseNameMiloslav Trmač2019-01-14
| | | | | | | | ... to remove the last user of imageParts.name. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* FIXME? Introduce imageParts.suspiciousRefNameTagValuesForSearchMiloslav Trmač2019-01-14
| | | | | | | | | | | | | | | | | | | Image.MatchRepoTag and findImageInRepoTags do some kind of heuristic search; the motivation and design of both, and how they should deal with digests, is not obvious to me. Instead of figuring that out now, just factor it out into a scary-named method and leave the "tag" value (with its "latest"/"none" value) alone. Similarly, the .registry and .name fields should typically not be used; users should use either hasRegistry or normalized reference types; so, isolate the difficult-to-understand search code, and computation of these values, into this new search-specific helper. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use imageParts.referenceWithRegistry in Image.getLocalImageMiloslav Trmač2019-01-14
| | | | | | | | ... to make sure everything uses the same code path. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Don't try to look up local images with an explicit :latest suffixMiloslav Trmač2019-01-14
| | | | | | | | | | imageruntime.getImage, through ParseStoreReference, already uses reference.TagNameOnly on the input, so this extra lookup is completely redundant to the lookup that has already happened. Should not change behavior, apart from speeding up the code a bit. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Return a reference.Named from normalizedTagMiloslav Trmač2019-01-14
| | | | | | | | | | Instead of returning a string, return a native value and convert it into the string in the caller, to make it that small bit more common to use reference types. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use reference.TagNameOnly instead of manually adding imageParts.tag in ↵Miloslav Trmač2019-01-14
| | | | | | | | | | | | | | normalizeTag Again, rely on the official API, instead of the suprising "suspiciousTagValueForSearch" value (set to :latest on untagged images, and :none on digested ones!) CHANGES BEHAVIOR, but the previous output of normalization of digested values was not even syntatically valid, so this can't really be worse. Still, maybe we should refuse to tag with digested references in the first place. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use imageParts.normalizedReference in normalizeTagMiloslav Trmač2019-01-14
| | | | | | | | This is another step to using reference values instead of strings here. CHANGES BEHAVIOR: docker.io/busybox is now normalized to docker.io/library/busybox. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Add imageParts.normalizedReference()Miloslav Trmač2019-01-14
| | | | | | | | This will be used in normalizeTag to work with references instead of strings. Not used anywhere yet, should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use imageparts.referenceWithRegistry in normalizeTagMiloslav Trmač2019-01-14
| | | | | | | | | ... instead of open-coding something similar. Eventually we will use the reference type further in here. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Remove no longer used imageParts.assemble()Miloslav Trmač2019-01-14
| | | | | | Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use getPullRefPair / getSinglePullRefPairGoal in ↵Miloslav Trmač2019-01-14
| | | | | | | | | | | | | | | | | pullGoalFromPossiblyUnqualifiedName This shortens the code a bit, but most importantly ensures that all pulls from docker.Transport are processed exactly the same way, and there is only a single store.ParseStoreReference in the pull code. It's a bit wasteful to call decompose() in getPullRefPair just after pullGoalFromPossiblyUnqualifiedName has qualified the name, but on balance only having exactly one code path seems worth it. Alternatively we could split getPullRefPairToQualifiedDestination from getPullRefPair. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use imageParts.referenceWithRegistry in pullGoalFromPossiblyUnqualifiedNameMiloslav Trmač2019-01-14
| | | | | | | | | | | | | | | | | | | CHANGES BEHAVIOR. This bypasses .assemble, and preserves the original lack of tag / original digest instead of adding :latest/:none (still subject to ParseStoreReference normalization). Using the original digest seems clearly correct; dropping the :latest suffix from .image strings, and adding /library to docker.io/shortname, only affects user-visible input; later uses of the return value of pullImageFrom... use ParseStoreReference, which calls reference.ParseNormalizedNamed and reference.TagNameOnly, so the image name should be processed the same way whether it contains a tag, or libray/, or not. This also allows us to drop the problematic hasShaInInputName heuristic/condition/helper. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Use imageParts.referenceWithRegistry in getPullRefPairMiloslav Trmač2019-01-14
| | | | | | | | | | | | | | | | CHANGES BEHAVIOR. This bypasses .assemble, and preserves the original lack of tag / original digest instead of adding :latest/:none (still subject to ParseStoreReference normalization). Using the original digest seems clearly correct; dropping the :latest suffix from .image strings only affects user-visible input; later uses of the return value of pullImageFrom... use ParseStoreReference, which calls reference.TagNameOnly, so the image name should be processed the same way whether it contains a tag or not. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Add imageParts.referenceWithRegistryMiloslav Trmač2019-01-14
| | | | | | | | | This is the primary goal of decompose()+assemble(), to support qualifying an image name. Does not have any users yet, so does not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Don't use imageParts.assemble when pulling from a qualified nameMiloslav Trmač2019-01-14
| | | | | | | | | | | | | | | | | | | | | | | CHANGES BEHAVIOR. If the name is qualified, instead of decomposing it into components and re-assembling, just use the input name unmodified: - For name:tag values, .assemble() just recreates the input. - For untagged values, .assemble() adds ":latest"; we keep the input as is, but both docker.ParseReference and storage.Transport.ParseStoreReference use reference.TagNameOnly() already. - For digested references, .assemble() adds ":none", but the code was already bypassing .assemble() on that path already - for the source reference. For the destination, this replaces a :none destination with a the @digest reference, as expected. Note that while decompose() has already parsed the input, it (intentionally) bypassed the docker.io/library normalization; therefore we parse the input again (via docker.ParseReference) to ensure that the reference is normalized. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Reorganize normalizeTagMiloslav Trmač2019-01-14
| | | | | | | | Move the registry defaulting before tag defaulting. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Simplify pullGoalFromPossiblyUnqualifiedNameMiloslav Trmač2019-01-14
| | | | | | | | | | Both imageParts and this function implicitly assume docker.Transport troughout, so instead of pretending to be flexible about DefaultTransport, just hard-code docker.ParseReference directly. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Remove imageParts.transportMiloslav Trmač2019-01-14
| | | | | | | | | | It is only ever set to DefaulTransport, and all of the code is docker/reference-specific anyway, so there's no point in making this a variable. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Simplify pullGoalFromPossiblyUnqualifiedNameMiloslav Trmač2019-01-14
| | | | | | | | | | After inlining assembleWithTransport, we have two branches with the same prepending of decomposedImage.transport; move that out of the branches. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Inline imageParts.assembleWithTransport into callersMiloslav Trmač2019-01-14
| | | | | | | | | | | | | imageParts.transport is a constant, and the design of imageParts is not transport-independent in any sense; we will want to eliminate the transport member entirely. As a first step, drop assembleWithTransport and inline an exact equivalent into all callers. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Record the original reference.Named in imagePartsMiloslav Trmač2019-01-14
| | | | | | | | | | | | We will eventually want to eliminate most members of imageParts in favor of using the c/image/docker/reference API directly. For now, just record the reference.Named value, and we will replace uses of the other members before removing them. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Drop image.DecomposeString, make image.Parts private imageParts againMiloslav Trmač2019-01-14
| | | | | | | | | Now that DecomposeString has no users, make the type private again. Any new users of it should come with a rationale - and new users of the "none"/"latest" handling of untagged/digested names that is currently implemented should have an exceptionaly unusual rationale. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* remote-client support for imagesbaude2019-01-10
| | | | Signed-off-by: baude <bbaude@redhat.com>
* libpod/image: Use ParseNormalizedNamed in RepoDigestsW. Trevor King2019-01-09
| | | | | | | | | | | | | | | | Avoid generating quay.io/openshift-release-dev/ocp-release@sha256@sha256:239... and similar when the image name is already digest-based [1]. It's not clear exactly how we get into this state, but as shown by the unit tests, the new code handles this case correctly (while the previous code does not). [1]: https://github.com/containers/libpod/issues/2086 Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #2106 Approved by: rhatdan
* container runlabel NAME implementationbaude2019-01-04
| | | | | | | | | | | when using container runlabel, if a --name is not provided, we must deduce the container name from the base name of the image to maintain parity with the atomic cli. fixed small bug where we split the cmd on " " rather than using fields could lead to extra spaces in command output. Signed-off-by: baude <bbaude@redhat.com>
* Switch all referencs to image.ContainerConfig to image.ConfigDaniel J Walsh2018-12-21
| | | | | | This will more closely match what Docker is doing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Support podman image trust commandQi Wang2018-12-19
| | | | | | Display the trust policy of the host system. The trust policy is stored in the /etc/containers/policy.json file and defines a scope of registries or repositories. Signed-off-by: Qi Wang <qiwan@redhat.com>
* Fix reporting the registries.conf path on errorMiloslav Trmač2018-12-06
| | | | | | | i.e. actually reflect the environment variable and/or rootless mode instead of always using the default path. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Remove manual handling of insecure registries in doPullImageMiloslav Trmač2018-12-06
| | | | | | Instead, just set SystemRegistriesConfPath and let the transport do it. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Remove the forceSecure parameter on the pull call stackMiloslav Trmač2018-12-06
| | | | | | | DockerRegistryOptions.DockerInsecureSkipTLSVerify as an types.OptionalBool can now represent that value, so forceSecure is redundant. Signed-off-by: Miloslav Trmač <mitr@redhat.com>