| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
fix #4950
add selinux options from --security-opt of the container to generate kube result
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\
| |
| | |
Fix linting
|
| | |
| |
| |
| |
| |
| |
| | |
`gocritic` is a powerful linter that helps in preventing certain kinds
of errors as well as enforcing a coding style.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
| |
Fix all errors found by codespell
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Dmitry Smirnov <onlyjob@member.fsf.org>
|
| |
|
|
|
|
|
|
|
|
| |
Currently podman generate kube does not generate the correct RunAsUser and RunAsGroup
options in the yaml file. This patch fixes this.
This patch also make `podman play kube` use the RunAdUser and RunAsGroup options if
they are specified in the yaml file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
| |
Take capabilities written in a kube and add to a container
adapt test suite and write cap-add/drop tests
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |
|
|
|
|
| |
capabilities that were added and dropped were several times duplicated. Fix this
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |
|
|
|
|
|
| |
this is the third round of preparing to use the golangci-lint on our
code base.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
clean up and prepare to migrate to the golangci-linter
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
clean up code identified as problematic by golands inspection
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
Specifically, we were needlessly doing a double lookup to find which config mounts were user volumes. Improve this by refactoring a bit of code from inspect
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |
|
|
|
|
| |
for containers that share volumes, so the pod section doesn't list copies
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |
|
|
| |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |
|
|
| |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\
| |
| | |
remove libpod from main
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
the compilation demands of having libpod in main is a burden for the
remote client compilations. to combat this, we should move the use of
libpod structs, vars, constants, and functions into the adapter code
where it will only be compiled by the local client.
this should result in cleaner code organization and smaller binaries. it
should also help if we ever need to compile the remote client on
non-Linux operating systems natively (not cross-compiled).
Signed-off-by: baude <bbaude@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
This likely broke when we made containers able to detect that
they shared a network namespace and grab ports from the
dependency container - prior to that, we could grab ports without
concern for conflict, only the infra container had them. Now, all
containers in a pod will return the same ports, so we have to
work around this.
Fixes #3408
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
|
|
|
|
|
|
| |
All IDs in libpod are stored as a full container ID. We can get a
container by full ID faster with GetContainer (which directly
retrieves) than LookupContainer (which finds a match, then
retrieves). No reason to use Lookup when we have full IDs present
and available.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
|
|
|
|
|
|
| |
in cases where a container is part of a network namespace, we should
show the network namespace's ports when dealing with ports. this
impacts ps, kube, and port.
fixes: #846
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
when checking for a container's mountpoint, you must lock and sync
the container or the result may be "".
Fixes: #2304
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
podman play kube adds the ability for the user to recreate pods and containers
from a Kubernetes YAML file in libpod.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
Using the default capabilities, we can determine which caps were
added and dropped. Now added them to the security context structure.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
add the ability to generate kubernetes pod and service yaml representations
of libpod containers and pods.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
| |
Whe running unittests on newer golang versions, we observe failures with some
formatting types when no declared correctly.
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
scope out new kube subcommand where we can add generate. you can now generate kubernetes
YAML that will allow you to run the container in a kubernetes environment. When
The YAML description will always "wrap" a container in a simple v1.Pod description.
Tests and further documentation will be added in additional PRs.
This function should be considered very much "under heavy development" at
this point.
Signed-off-by: baude <bbaude@redhat.com>
|
