summaryrefslogtreecommitdiff
path: root/pkg/api/handlers/compat
Commit message (Collapse)AuthorAge
* Set TLSVerify=true by default for API endpointsVladimir Kochnev2022-07-26
| | | | | | | | | | | | | | | | | | | | | Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* compat api: always turn on network isolation for networksPaul Holzinger2022-07-26
| | | | | | | | | Fix some network option parsing logic to use constants. Always use the isolate option since this is what docker does. Remove the icc option, this is different from isolate and it is not implemented. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* compat api: allow default bridge name for networksPaul Holzinger2022-07-26
| | | | | | | | | | Docker uses "bridge" as default network name so some tools expect this to work with network list or inspect. To fix this we change "bridge" to the podman default ("podman") name. Fixes #14983 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Compat API: unify pull/push and add missing progress infoJakub Guzik2022-07-26
| | | | | | | | | Progress bar in JSONMessage is missing compared to docker output both in pull and push. Additionaly, pull was not using JSONMessage while push was using the type. [NO NEW TESTS NEEDED] Signed-off-by: Jakub Guzik <jguzik@redhat.com>
* Podman stop --filter flagKarthik Elango2022-07-26
| | | | | | | Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy. Signed-off-by: Karthik Elango <kelango@redhat.com>
* pkg: switch to golang native error wrappingSascha Grunert2022-07-08
| | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* Merge pull request #14673 from idleroamer/fix-network-inspect-mainopenshift-ci[bot]2022-07-07
|\ | | | | Fix network inspect compat API discrepancy
| * Fix network inspect compat API discrepancy🤓 Mostafa Emami2022-07-05
| | | | | | | | | | | | | | | | | | - containerInspect compat API expects field value PrefixLen instead of PrefixLength for type Address for SecondaryIPAddresses - Add tests for network part of containerInspect compat api Closes: containers#14674 Signed-off-by: 🤓 Mostafa Emami <mustafaemami@gmail.com>
* | use c/common code for resize and CopyDetachablePaul Holzinger2022-07-06
| | | | | | | | | | | | | | | | | | Since conmon-rs also uses this code we moved it to c/common. Now podman should has this also to prevent duplication. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | libpod: switch to golang native error wrappingSascha Grunert2022-07-05
| | | | | | | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | Merge pull request #14534 from jakecorrenti/docker-compose-update-network-mtuopenshift-ci[bot]2022-07-05
|\ \ | | | | | | (rootful) docker-compose now updates network MTU
| * | (rootful) docker-compose now updates network MTUJake Correnti2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the following network block did not update using docker-compose: ``` networks: default: driver: bridge driver_opts: mtu: 9000 ``` In the API, the network options were previously not being handled when the network was being created. I translated the docker options into podman options, and added the options to the network. When doing `podman network inspect <network>`, the results now contain `"mtu": "9000"` Fixes: #14482 Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* | | libpod/runtime: switch to golang native error wrappingSascha Grunert2022-07-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | Merge pull request #14700 from shuttle-hq/bug/docker-compat-initializedopenshift-ci[bot]2022-06-28
|\ \ \ | | | | | | | | Docker compat returning unknown "initialized" for `status.status`
| * | | Docker compat returning unknown "initialized" for `status.status`chesedo2022-06-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some background for this PR is in discussion #14641. In short, ever so often a container inspect will return a `status.status` of `initialized` from the Docker compat socket. From the discussion I found these lines which tries to fix a "configured" status to "created". https://github.com/containers/podman/blob/c936d1e61154b6826e9d8df46e9660aba6c86cfe/pkg/api/handlers/compat/containers.go#L291-L294 However, commit 141de8686289 (Revamp Libpod state strings for Docker compat) removed the "configured" return value from the `String()` method called on line 291 above. Thus, making the `if` check redundant as it will never hit. But the same commit also introduces a return for "initialized" which this `if` should probably have been adapted for. Signed-off-by: Pieter Engelbrecht <pieter@shuttle.rs>
* | | | podman cgroup enhancementcdoern2022-06-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | currently, setting any sort of resource limit in a pod does nothing. With the newly refactored creation process in c/common, podman ca now set resources at a pod level meaning that resource related flags can now be exposed to podman pod create. cgroupfs and systemd are both supported with varying completion. cgroupfs is a much simpler process and one that is virtually complete for all resource types, the flags now just need to be added. systemd on the other hand has to be handeled via the dbus api meaning that the limits need to be passed as recognized properties to systemd. The properties added so far are the ones that podman pod create supports as well as `cpuset-mems` as this will be the next flag I work on. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Fix spelling "setup" -> "set up" and similarErik Sjölund2022-06-22
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | * Replace "setup", "lookup", "cleanup", "backup" with "set up", "look up", "clean up", "back up" when used as verbs. Replace also variations of those. * Improve language in a few places. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | / api: show the memory limit specified for the containerGiuseppe Scrivano2022-06-21
| |/ |/| | | | | | | | | | | | | | | | | | | use the memory limit specified for the container instead of reading it from the cgroup. It is not reliable to read it from the cgroup since the container could have been moved to a different cgroup and in general the OCI runtime might create a sub-cgroup (like crun does). Closes: https://github.com/containers/podman/issues/14676 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #14585 from Luap99/nolintopenshift-ci[bot]2022-06-14
|\ \ | | | | | | golangci-lint: enable nolintlint
| * | golangci-lint: enable nolintlintPaul Holzinger2022-06-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The nolintlint linter does not deny the use of `//nolint` Instead it allows us to enforce a common nolint style: - force that a linter name must be specified - do not add a space between `//` and `nolint` - make sure nolint is only used when there is actually a problem Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #14561 from rhatdan/VENDORopenshift-ci[bot]2022-06-14
|\ \ \ | |/ / |/| | Update vendor of containers/buildah
| * | Update vendor of containers/buildahDaniel J Walsh2022-06-13
| | | | | | | | | | | | | | | | | | | | | | | | Changes since 2022-05-31: - add --omit-history option (buildah PR 4028) Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #14580 from jakecorrenti/stats-on-non-running-containeropenshift-ci[bot]2022-06-14
|\ \ \ | |/ / |/| | Non-running containers now report statistics via the `podman stats`
| * | Non-running containers now report statistics via the `podman stats`Jake Correnti2022-06-13
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | command Previously, if a container was not running, and the user ran the `podman stats` command, an error would be reported: `Error: container state improper`. Podman now reports stats as the fields' default values for their respective type if the container is not running: ``` $ podman stats --no-stream demo ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU % 4b4bf8ce84ed demo 0.00% 0B / 0B 0.00% 0B / 0B 0B / 0B 0 0s 0.00% ``` Closes: #14498 Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* / compat api: fix regressions from "Swagger refactor/cleanup"Paul Holzinger2022-06-09
|/ | | | | | | | | | | | | | | | | | | | For some reason commit 5b79cf15a022 moved the container create options parsing from cmd/podman/common to pkg/api/handlers. However it did not remove the old code. Unfortunately it moved the code from an outdated version and did not update it before this commit was merged. Therefore a couple of regressions were introduced. I manually compared both versions and found three missing bugfixes. I fixed the network test again that was changed in bce97a3b5dd1. We want bridge as default even as rootless. Sine the test is not run as rootless in CI the regression was not caught. Also the no hosts test never worked since it was missing the import check if the hosts file exists. I don't think we can check for the volume parsing change since this only works on windows/wsl. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* podman-remote: enable support for additional build-context on macOS, remoteAditya R2022-06-02
| | | | | | | | Feature of additional build context added here https://github.com/containers/buildah/pull/3978 already exists on `podman` following PR just enables this feature of `podman-remote` and `podman on macOS` setups. Signed-off-by: Aditya R <arajan@redhat.com>
* Merge pull request #14393 from jwhonce/wip/archive_todoOpenShift Merge Robot2022-05-27
|\ | | | | Add API support for NoOverwriteDirNonDir
| * Add API support for NoOverwriteDirNonDirJhon Honce2022-05-26
| | | | | | | | | | | | | | | | | | | | | | | | Update method signatures and structs to pass option to buildah code ```release-note NONE ``` [NO NEW TESTS NEEDED] Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | vendor: bump buildah to v1.26.1-0.20220524184833-5500333c2e06Aditya R2022-05-26
|/ | | | | | Bump buildah to v1.26.1-0.20220524184833-5500333c2e06 Signed-off-by: Aditya R <arajan@redhat.com>
* Merge pull request #14358 from vrothberg/todo-part-2OpenShift Merge Robot2022-05-25
|\ | | | | Todo part 2
| * pkg/api/handlers/compat/images.go: drop TODO messageValentin Rothberg2022-05-25
| | | | | | | | | | | | An undefined "this" or "that" is terrible. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Fix codespell errorsDaniel J Walsh2022-05-25
|/ | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* compat, build: suppress step errors when quiet is setAditya R2022-05-24
| | | | | | | | Match with docker API and suppress step errors when field quiet is set. Closes: https://github.com/containers/podman/issues/14315 Signed-off-by: Aditya R <arajan@redhat.com>
* Swagger refactor/cleanupJhon Honce2022-05-19
| | | | | | | | | | | | | | | | | | * Remove duplicate or unused types and constants * Move all documetation-only models and responses into swagger package * Remove all unecessary names, go-swagger will determine names from struct declarations * Use Libpod suffix to differentiate between compat and libpod models and responses. Taken from swagger:operation declarations. * Models and responses that start with lowercase are for swagger use only while uppercase are used "as is" in the code and swagger comments * Used gofumpt on new code ```release-note ``` Signed-off-by: Jhon Honce <jhonce@redhat.com>
* linter: enable unconvert linterValentin Rothberg2022-05-19
| | | | | | | Detects unneccessary type conversions and helps in keeping the code base cleaner. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #14228 from rhatdan/apiOpenShift Merge Robot2022-05-18
|\ | | | | Deleting an n use image should return conflict not system error
| * Deleting an n use image should return conflict not system errorDaniel J Walsh2022-05-16
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/14208 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | api: make no-op remote functional in /libpod/buildAditya R2022-05-16
|/ | | | | | | | | | | Podman API `libpod/build` accepts paramemter `remote` which overrides `dockerfile` but currently parameter is no-op. Following commit adds support for `remote` parameter in libpod API. See: https://docs.podman.io/en/v3.2.3/_static/api.html#operation/ImageBuildLibpod Closes: https://github.com/containers/podman/issues/13831 Signed-off-by: Aditya R <arajan@redhat.com>
* Vendor in containers/buildah@v1.26.1Daniel J Walsh2022-05-05
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* enable gocritic linterPaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | | | | | | | The linter ensures a common code style. - use switch/case instead of else if - use if instead of switch/case for single case statement - add space between comment and text - detect the use of defer with os.Exit() - use short form var += "..." instead of var = var + "..." - detect problems with append() ``` newSlice := append(orgSlice, val) ``` This could lead to nasty bugs because the orgSlice will be changed in place if it has enough capacity too hold the new elements. Thus we newSlice might not be a copy. Of course most of the changes are just cosmetic and do not cause any logic errors but I think it is a good idea to enforce a common style. This should help maintainability. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Pass --tls-verify option in podman -remote buildDaniel J Walsh2022-04-25
| | | | | | | | Fixes: https://github.com/containers/podman/issues/13979 [NO NEW TESTS NEEDED] Buildah has a test for this. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* replace golint with revive linterPaul Holzinger2022-04-22
| | | | | | | | | | | | golint, scopelint and interfacer are deprecated. golint is replaced by revive. This linter is better because it will also check for our error style: `error strings should not be capitalized or end with punctuation or a newline` scopelint is replaced by exportloopref (already endabled) interfacer has no replacement but I do not think this linter is important. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13872 from vrothberg/revert-sizeOpenShift Merge Robot2022-04-14
|\ | | | | Revert "images --size"
| * Revert "images --size"Valentin Rothberg2022-04-14
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit e133a06d2f4a3e94bfbd60b647046f2f515c9c24. @nalind found a proper fix in c/storage [1] to address the performance issue. So we really don't need the flag anymore. Note the flag has never made it into any release. [1] https://github.com/containers/storage/commit/d76b3606fc9ca975bf436379f91105f0fac1555f Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Allow HTTP attach to stopped containersMatthew Heon2022-04-13
|/ | | | | | | | | | | | | | | | | | There's a potential race condition where we attempt to attach to a container immediately after it's been stopped, but before the cleanup process has run on it. The existing code doesn't allow an attach to containers in the Stopped state (cleanup process has not run) but does allow an attach to containers in the Exited state (cleanup process has run). This doesn't make very much sense and there's no technical reason to restrict attach to only Exited containers, so allow attaching to Stopped containers. [NO NEW TESTS NEEDED] Testing this is very racy - we need to get in before the cleanup process runs, which isn't really deterministic when we're invoked from a script - like the CI tests. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #13687 from rhatdan/VENDOROpenShift Merge Robot2022-04-08
|\ | | | | Vendor in new opencontainers/selinux
| * Vendor in new opencontainers/selinuxDaniel J Walsh2022-04-08
| | | | | | | | | | | | | | | | Also update vendor of containers/common,buildah,storage,image Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | images --sizeValentin Rothberg2022-04-08
|/ | | | | | | | | | Add a --size option to podman images to allow for disabling computing the size of listed images. If listing images is critical to performance, user may chose to turn off size computation to speed things up. Context: #13755 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #13597 from Luap99/statsOpenShift Merge Robot2022-03-23
|\ | | | | podman stats: calc CPU percentage correctly
| * podman stats: calc CPU percentage correctlyPaul Holzinger2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you run podman stats, the first interval always shows the wrong cpu usage. To calculate cpu percentage we get the cpu time from the cgroup and compare this against the system time between two stats. Since the first time we do not have a previous stats an empty struct is used instead. Thus we do not use the actual running time of the container but the current unix timestamp (time since Jan 1 1970). To fix this we make sure that the previous stats time is set to the container start time, when it is empty. [NO NEW TESTS NEEDED] No idea how I could create a test which would have a predictable cpu usage. See the linked bugzilla for a reproducer. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2066145 Signed-off-by: Paul Holzinger <pholzing@redhat.com>