summaryrefslogtreecommitdiff
path: root/pkg/adapter
Commit message (Collapse)AuthorAge
* Set default seccomp.json file for podman play kubeDaniel J Walsh2019-10-29
| | | | | | | Currently podman play kube is not using the system default seccomp.json file. This PR will use the default or override location for podman play. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* API: report multiple digests for imagesNalin Dahyabhai2019-10-29
| | | | | | | | Be prepared to report multiple image digests for images which contain multiple manifests but, because they continue to have the same set of layers and the same configuration, are considered to be the same image. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* bump containers/image to v5.0.0, buildah to v1.11.4Nalin Dahyabhai2019-10-29
| | | | | | | | | Move to containers/image v5 and containers/buildah to v1.11.4. Replace an equality check with a type assertion when checking for a docker.ErrUnauthorizedForCredentials in `podman login`. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* Merge pull request #4360 from rhatdan/spellOpenShift Merge Robot2019-10-29
|\ | | | | Fix spelling mistakes
| * Fix spelling mistakesDaniel J Walsh2019-10-29
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4187 from baude/dnspluginenableOpenShift Merge Robot2019-10-29
|\ \ | |/ |/| enable dnsplugin for network create
| * enable dnsplugin for network createbaude2019-10-28
| | | | | | | | | | | | | | | | | | | | | | when users create a new network and the dnsname plugin can be found by podman, we will enable container name resolution on the new network. there is an option to opt *out* as well. tests cannot be added until we solve the packaging portion of the dnsname plugin. Signed-off-by: baude <bbaude@redhat.com>
* | Log warn instead of error for removing nonexistant containerTyler Ramer2019-10-25
|/ | | | | | | | | | In event of a container removal that is no longer in database, log a warning instead of an error, as there is not any problem continuing execution. Resolves #4314 Signed-off-by: Tyler Ramer <tyaramer@gmail.com>
* Add parsing for UID, GID in volume "o" optionMatthew Heon2019-10-22
| | | | | | | Everything else is a flag to mount, but "uid" and "gid" are not. We need to parse them out of "o" and handle them separately. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #4287 from mheon/anonymous_volumesOpenShift Merge Robot2019-10-22
|\ | | | | Add support for anonymous volumes to `podman run -v`
| * Add support for anonymous volumes to `podman run -v`Matthew Heon2019-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, when `podman run` encountered a volume mount without separate source and destination (e.g. `-v /run`) we would assume that both were the same - a bind mount of `/run` on the host to `/run` in the container. However, this does not match Docker's behavior - in Docker, this makes an anonymous named volume that will be mounted at `/run`. We already have (more limited) support for these anonymous volumes in the form of image volumes. Extend this support to allow it to be used with user-created volumes coming in from the `-v` flag. This change also affects how named volumes created by the container but given names are treated by `podman run --rm` and `podman rm -v`. Previously, they would be removed with the container in these cases, but this did not match Docker's behaviour. Docker only removed anonymous volumes. With this patch we move to that model as well; `podman run -v testvol:/test` will not have `testvol` survive the container being removed by `podman rm -v`. The sum total of these changes let us turn on volume removal in `--rm` by default. Fixes: #4276 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #4284 from mheon/fix_vol_inspectOpenShift Merge Robot2019-10-21
|\ \ | | | | | | Show volume options in 'volume inspect'
| * | Rewrite backend for remote 'volume inspect'Matthew Heon2019-10-21
| |/ | | | | | | | | | | | | | | | | | | We need to use the new Inspect() endpoint instead of trying to JSON the actual volume structs. Currently, the output seems completely nonsensical; it seems like we're JSONing the struct for the Varlink connection itself? This should restore sanity and match the format of remote and local inspect on volumes. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #4125 from baude/remotestdinOpenShift Merge Robot2019-10-20
|\ \ | | | | | | Add ability to redirect bash for run -i
| * | Add ability to redirect bash for run -ibaude2019-10-15
| | | | | | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #4271 from tylarb/stdin_attachOpenShift Merge Robot2019-10-17
|\ \ \ | |_|/ |/| | Attach to container if it was created with --interactive
| * | Attach stdin to container at start if it was created with --interactiveTyler Ramer2019-10-15
| |/ | | | | | | | | | | | | | | | | Check to see if the container's start config includes the interactive flag when determining to attach or ignore stdin stream. This is in line with behavior of Docker CLI and engine Signed-off-by: Tyler Ramer <tyaramer@gmail.com>
* / start: print full container IDbklimenko2019-10-16
|/ | | | | | | Now the "podman start" command prints the full ID and has the same behaviour as other commands. Signed-off-by: Boris Klimenko <2@borisklimenko.ru>
* Move OCI runtime implementation behind an interfaceMatthew Heon2019-10-10
| | | | | | | | | | | | For future work, we need multiple implementations of the OCI runtime, not just a Conmon-wrapped runtime matching the runc CLI. As part of this, do some refactoring on the interface for exec (move to a struct, not a massive list of arguments). Also, add 'all' support to Kill and Stop (supported by runc and used a bit internally for removing containers). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Update c/image to v4.0.1 and buildah to 1.11.3Miloslav Trmač2019-10-04
| | | | | | | | | | | | | | This requires updating all import paths throughout, and a matching buildah update to interoperate. I can't figure out the reason for go.mod tracking github.com/containers/image v3.0.2+incompatible // indirect ((go mod graph) lists it as a direct dependency of libpod, but (go list -json -m all) lists it as an indirect dependency), but at least looking at the vendor subdirectory, it doesn't seem to be actually used in the built binaries. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Merge pull request #3549 from marcov/evict-containerOpenShift Merge Robot2019-10-04
|\ | | | | Add ability to evict a container
| * rm: add containers eviction with `rm --force`Marco Vedovati2019-09-25
| | | | | | | | | | | | | | | | | | Add ability to evict a container when it becomes unusable. This may happen when the host setup changes after a container creation, making it impossible for that container to be used or removed. Evicting a container is done using the `rm --force` command. Signed-off-by: Marco Vedovati <mvedovati@suse.com>
* | Apply changes also to the windows implementationAnders F Björklund2019-10-02
| | | | | | | | Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | Avoid hard-coding path to varlink and podmanAnders F Björklund2019-10-01
| | | | | | | | Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | Allow changing IdentityFile and to IgnoreHostsAnders F Björklund2019-10-01
| | | | | | | | Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | Merge pull request #4117 from mheon/pod_no_nameOpenShift Merge Robot2019-09-26
|\ \ | | | | | | Add an error for pods without a name
| * | Add an error for pods without a nameMatthew Heon2019-09-26
| |/ | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #4102 from baude/remotestdinOpenShift Merge Robot2019-09-25
|\ \ | | | | | | conditionally send stdin on remote run
| * | conditionally send stdin on remote runbaude2019-09-24
| |/ | | | | | | | | | | | | | | | | when running a container remotely, we should only be sending stdin when running with --interactive; otherwise use nil. Fixes: #4095 Signed-off-by: baude <bbaude@redhat.com>
* / play kube: Only support pod kind in k8s yamlPeter Hunt2019-09-24
|/ | | | | | Since we only really support playing pods, and no other kubernetes types Signed-off-by: Peter Hunt <pehunt@redhat.com>
* support non-standard ssh port for remote-clientbaude2019-09-17
| | | | | | | | | | when using the remote client, users may need to specify a non-standard port for ssh connections. we can do so on the command line and within the remote-client configuration file. Fixes: #3987 Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #3934 from rhatdan/waitOpenShift Merge Robot2019-09-13
|\ | | | | Podman-remote run should wait for exit code
| * Podman-remote run should wait for exit codeDaniel J Walsh2019-09-12
| | | | | | | | | | | | | | | | This change matches what is happening on the podman local side and should eliminate a race condition. Also exit commands on the server side should start to return to client. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Use exit code constantsDaniel J Walsh2019-09-12
| | | | | | | | | | | | | | We have leaked the exit number codess all over the code, this patch removes the numbers to constants. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | enhance podman network rmbaude2019-09-12
|/ | | | | | | | | | when removing a podman network, we need to make sure we delete the network interface if one was ever created (by running a container). also, when removing networks, we check if any containers are using the network. if they are, we error out unless the user provides a 'force' option which will remove the containers in question. Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #3896 from mheon/volume_lookupOpenShift Merge Robot2019-09-09
|\ | | | | Add ability to look up volumes by unambiguous partial name
| * Add function for looking up volumes by partial nameMatthew Heon2019-09-09
| | | | | | | | | | | | | | | | | | | | This isn't included in Docker, but seems handy enough. Use the new API for 'volume rm' and 'volume inspect'. Fixes #3891 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3862 from baude/networkcreateOpenShift Merge Robot2019-09-09
|\ \ | |/ |/| podman network create
| * podman network createbaude2019-09-09
| | | | | | | | | | | | | | initial implementation of network create. we only support bridging networks with this first pass. Signed-off-by: baude <bbaude@redhat.com>
* | build: pass down the cgroup manager to buildahGiuseppe Scrivano2019-09-06
|/ | | | | | | | Pass down the cgroup manager to use to buildah. Closes: https://github.com/containers/libpod/issues/3938 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #3958 from haircommander/play-kube-secOpenShift Merge Robot2019-09-06
|\ | | | | play kube: fix segfault
| * play kube: fix segfaultPeter Hunt2019-09-06
| | | | | | | | | | | | | | when securityContext wasn't specified in yaml. add a test as well Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | Add ability for volumes with options to mount/umountMatthew Heon2019-09-05
|/ | | | | | | | | | | | | When volume options and the local volume driver are specified, the volume is intended to be mounted using the 'mount' command. Supported options will be used to volume the volume before the first container using it starts, and unmount the volume after the last container using it dies. This should work for any local filesystem, though at present I've only tested with tmpfs and btrfs. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3800 from vrothberg/generate-podOpenShift Merge Robot2019-08-22
|\ | | | | generate systemd pod
| * generate systemd: support pods and geneartig filesValentin Rothberg2019-08-21
| | | | | | | | | | | | | | | | | | | | | | Support generating systemd unit files for a pod. Podman generates one unit file for the pod including the PID file for the infra container's conmon process and one unit file for each container (excluding the infra container). Note that this change implies refactorings in the `pkg/systemdgen` API. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * generate systemd: drop support for remote clientsValentin Rothberg2019-08-21
| | | | | | | | | | | | | | | | | | | | | | | | Drop the support for remote clients to generate systemd-service files. The generated files are machine-dependent and hence relate only to the a local machine. Furthermore, a proper service management when using a remote-client is not possible as systemd has no access to a process. Dropping the support will also reduce the risk of making users believe that the generated services are usable in a remote scenario. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Add --digestfile option to pushTomSweeneyRedHat2019-08-21
|/ | | | | | | | | | Add the digestfile option to the push command so the digest can be stored away in a file when requested by the user. Also have added a debug statement to show the completion of the push. Emulates Buildah's https://github.com/containers/buildah/pull/1799/files Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Implement healthcheck for remote clientAshley Cui2019-08-19
| | | | | | Previously unimplemented. Works the same way the local one does, except its remote. Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
* Merge pull request #3848 from giuseppe/enable-all-tests-crunOpenShift Merge Robot2019-08-19
|\ | | | | tests: enable all tests for crun
| * libpod, pkg: lookup also for crun failuresGiuseppe Scrivano2019-08-19
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>