summaryrefslogtreecommitdiff
path: root/pkg/api/handlers
Commit message (Collapse)AuthorAge
* /images/.../json: fix port parsingValentin Rothberg2020-06-04
| | | | | | | | | | Fix a bug when parsing the `ExposedPorts` of the image that lead to panics when the field was set. The OCI image spec allows three valid formats: `tcp/port`, `udp/port` and `port` Fixes: #6490 Reported-by: @jgallucci32 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Enable detached exec for remoteMatthew Heon2020-06-02
| | | | | | | | | | | | | | | | | | | | | | | The biggest obstacle here was cleanup - we needed a way to remove detached exec sessions after they exited, but there's no way to tell if an exec session will be attached or detached when it's created, and that's when we must add the exit command that would do the removal. The solution was adding a delay to the exit command (5 minutes), which gives sufficient time for attached exec sessions to retrieve the exit code of the session after it exits, but still guarantees that they will be removed, even for detached sessions. This requires Conmon 2.0.17, which has the new `--exit-delay` flag. As part of the exit command rework, we can drop the hack we were using to clean up exec sessions (remove them as part of inspect). This is a lot cleaner, and I'm a lot happier about it. Otherwise, this is just plumbing - we need a bindings call for detached exec, and that needed to be added to the tunnel mode backend for entities. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add bindings for exec and enable attached remoteMatthew Heon2020-06-01
| | | | | | | | | | | This adds bindings for starting exec sessions, and then uses them to wire up detached exec. Code is heavily based on Attach code for containers, slightly modified to handle exec sessions. Bindings are presently attached-only, detached is pending on a Conmon update landing in CI. I'll probably get to that next. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add support for format {{.Label}}Brent Baude2020-06-01
| | | | | | | | the pod ps man page says .Label is valid go template format. i dont think the function was actually ever implemented. Fixes #6448 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Fix leak of empty tarballBrent Baude2020-06-01
| | | | | | | | In cases of trying to export an image, if the image was not found, we leaked an empty tarball or directory depending on the format. Fixes: #6409 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #6356 from baude/v2copyendpointsOpenShift Merge Robot2020-05-30
|\ | | | | v2 copy endpoints
| * v2 copy endpointsBrent Baude2020-05-26
| | | | | | | | | | | | add copy endpoint inputs and outputs. these endpoints are not implemented yet, nor are any bindings. this allows us to update this later without having to change our api version. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | compat handlers: add X-Registry-Auth header supportValentin Rothberg2020-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Support the `X-Registry-Auth` http-request header. * The content of the header is a base64 encoded JSON payload which can either be a single auth config or a map of auth configs (user+pw or token) with the corresponding registries being the keys. Vanilla Docker, projectatomic Docker and the bindings are transparantly supported. * Add a hidden `--registries-conf` flag. Buildah exposes the same flag, mostly for testing purposes. * Do all credential parsing in the client (i.e., `cmd/podman`) pass the username and password in the backend instead of unparsed credentials. * Add a `pkg/auth` which handles most of the heavy lifting. * Go through the authentication-handling code of most commands, bindings and endpoints. Migrate them to the new code and fix issues as seen. A final evaluation and more tests is still required *after* this change. * The manifest-push endpoint is missing certain parameters and should use the ABI function instead. Adding auth-support isn't really possible without these parts working. * The container commands and endpoints (i.e., create and run) have not been changed yet. The APIs don't yet account for the authfile. * Add authentication tests to `pkg/bindings`. Fixes: #6384 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | V2 verify JSON output is consistent and doesn't driftJhon Honce2020-05-28
| | | | | | | | | | | | | | $ cd test/apiv2 $ python -m unittest -v test_rest_v1_0_0.TestApi Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #6407 from baude/v2eventsstreamOpenShift Merge Robot2020-05-27
|\ \ | | | | | | Add streaming ability to endpoint
| * | Add streaming ability to endpointBrent Baude2020-05-27
| |/ | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* / Fix builds on 32 bit archesDaniel J Walsh2020-05-27
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* network compatibility endpoints for APIBrent Baude2020-05-22
| | | | | | add endpoints for networking compatibility with the API. Signed-off-by: Brent Baude <bbaude@redhat.com>
* V2 enable remote logs and testingJhon Honce2020-05-22
| | | | | | | | | | * wire up bindings and handler for obtaining logs remotely * enable debug logging from podman in e2e test using DEBUG and DEBUG_SERVICE env variables * Fix error in streaming log frames * enable remote logs test Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #6345 from QiWang19/mani-push-testOpenShift Merge Robot2020-05-22
|\ | | | | remote manifest test
| * remote manifest testQi Wang2020-05-21
| | | | | | | | | | | | Enable remove manifest tests. Skip --purge test because remote does not support it. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Removes remote system reset functionality. skip e2e test for remote.Sujil022020-05-22
| | | | | | | | | | | | | | As system reset too dangerous for remote use, deleting the functionality and the test case. Signed-off-by: Sujil02 <sushah@redhat.com>
* | v2 podman-remote buildBrent Baude2020-05-21
|/ | | | | | this is a very basic implementation of build. some of the more advanced options need to be included still as well. i think the endpoints for compat and libpod will have to split given buildahs more advanced set of options. that should probably be done by someone more experienced with build internals. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #6312 from rhatdan/imageOpenShift Merge Robot2020-05-21
|\ | | | | Fix remote handling of podman images calls
| * Fix remote handling of podman images callsDaniel J Walsh2020-05-21
| | | | | | | | | | | | | | Enable three more tests Fix handling of image filters Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #6304 from baude/v2remotehctestsOpenShift Merge Robot2020-05-21
|\ \ | |/ |/| Fix remote integration for healthchecks
| * Fix remote integration for healthchecksBrent Baude2020-05-20
| | | | | | | | | | | | the one remaining test that is still skipped do to missing exec function Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #6305 from baude/v2podcreatetestOpenShift Merge Robot2020-05-20
|\ \ | | | | | | enable pod_create remote integration tests
| * | enable pod_create remote integration testsBrent Baude2020-05-20
| |/ | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #6297 from mheon/minor_fix_attachOpenShift Merge Robot2020-05-20
|\ \ | | | | | | Print container state when erroring that it is improper
| * | Print container state when erroring that it is improperMatthew Heon2020-05-20
| |/ | | | | | | | | | | | | This is a nice little convenience - lets people know why we won't let them attach to a container. Signed-off-by: Matthew Heon <mheon@redhat.com>
* / V2 API Version SupportJhon Honce2020-05-20
|/ | | | | | | | | | | | | | | | | * Update blang/semver to allow ParseTolerant() support * Provide helper functions for API handlers to obtain client's 'version' path variable focused on API endpoint tree: libpod vs. compat * Introduce new errors: * version not given in path, endpoints may determine if this is a hard error (ErrVersionNotGiven) * given version not supported (ErrVersionNotSupported), only a soft error if the handler is going to hijack the connection * Added unit tests for version parsing * bindings check version on connect: * client <= Server API version connection is continued * client >= Server API version connection fails Signed-off-by: Jhon Honce <jhonce@redhat.com>
* V2 Implement terminal handling in bindings attachJhon Honce2020-05-18
| | | | | | | | | * Add support for /exec/{id}/resize * Add support for ErrSessionNotFound * Resize container TTY as stdin changes size * Refactor all resize functions into one handler Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #5831 from mheon/exec_http_attachOpenShift Merge Robot2020-05-15
|\ | | | | APIv2 ExecStart (Attached Only)
| * Drop APIv2 resize endpointMatthew Heon2020-05-15
| | | | | | | | | | | | | | Jhon is working on an alternative version that will combine container and exec session resize, so we'll wait for that. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Fix lintMatthew Heon2020-05-14
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Parameters for ExecStart are body, not queryMatthew Heon2020-05-14
| | | | | | | | | | | | | | Oops. Misread the docs when I initially implemented this. Nice and easy fix, at least. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Prune stale exec sessions on inspectMatthew Heon2020-05-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The usual flow for exec is going to be: - Create exec session - Start and attach to exec session - Exec session exits, attach session terminates - Client does an exec inspect to pick up exit code The safest point to remove the exec session, without doing any database changes to track stale sessions, is to remove during the last part of this - the single inspect after the exec session exits. This is definitely different from Docker (which would retain the exec session for up to 10 minutes after it exits, where we will immediately discard) but should be close enough to be not noticeable in regular usage. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add APIv2 handler for resizing exec sessionsMatthew Heon2020-05-14
| | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Wire in endpoint for ExecStartMatthew Heon2020-05-14
| | | | | | | | | | | | | | This is still very early not not well tested, and missing resize capability, but it does provide the first bits of exec. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | v2 podman remote attach, start, and runBrent Baude2020-05-15
|/ | | | | | for the remote client, add the ability to attach to a container, start a container, and run a container. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #6211 from baude/v2remoteimagetreeOpenShift Merge Robot2020-05-13
|\ | | | | enable remote image tree
| * enable remote image treeBrent Baude2020-05-13
| | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #6203 from jwhonce/wip/attachOpenShift Merge Robot2020-05-13
|\ \ | | | | | | V2 attach bindings and test
| * | WIP V2 attach bindings and testJhon Honce2020-05-13
| |/ | | | | | | | | | | | | | | * Add ErrLostSync to report lost of sync when de-mux'ing stream * Add logus.SetLevel(logrus.DebugLevel) when `go test -v` given * Add context to debugging messages Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / enable podman v2 networking for remote clientBrent Baude2020-05-12
|/ | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* add podman remote system dfBrent Baude2020-05-12
| | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* Adds tunnel routes for system reset.Sujil022020-05-11
| | | | | | | | Adds tunnel routes for system reset. Makes forces flag local as options are not propogated down the stack. Adds relevant test cases and swagger docs. Signed-off-by: Sujil02 <sushah@redhat.com>
* V2 Impliment tunnelled podman versionJhon Honce2020-05-08
| | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* add {generate,play} kubeValentin Rothberg2020-05-06
| | | | | | | | | | | | | | | | | | | Add the `podman generate kube` and `podman play kube` command. The code has largely been copied from Podman v1 but restructured to not leak the K8s core API into the (remote) client. Both commands are added in the same commit to allow for enabling the tests at the same time. Move some exports from `cmd/podman/common` to the appropriate places in the backend to avoid circular dependencies. Move definitions of label annotations to `libpod/define` and set the security-opt labels in the frontend to make kube tests pass. Implement rest endpoints, bindings and the tunnel interface. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #6080 from baude/v2statsOpenShift Merge Robot2020-05-05
|\ | | | | v2 podman stats
| * v2 podman statsbaude2020-05-05
| | | | | | | | Signed-off-by: baude <bbaude@redhat.com>
* | image removal: refactor part 2Valentin Rothberg2020-05-04
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | Continue the refactoring of image removal. I didn't manage to break all the following changes into smaller and easier to digest commits due to time constraints: * Return an error slice instead of a single error. Use multierror only in the client/frontend. Reflect that in the types. * Use the batch image removal in the client while preserving the more rest-idiomatic single-image removal endpoint. * Add a new handler for the single-image removal endpoint to make it share the same code as the batch endpoint. * Expose bindings for the single and batch endpoints, so we can properly test them. * Add several convenience functions for error handling to pkg/errorhandling. * Set the correct error type in libpod to set the exit code to 2 when one or more containers are using an image. * Massage the bindings tests a bit and tackle compilation errors. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5907 from sujil02/systemprune-v2OpenShift Merge Robot2020-04-28
|\ | | | | Adding system prune for podman v2
| * Adding system prune for podman v2Sujil022020-04-24
| | | | | | | | | | | | | | Register system prune route, handler to support system prune, Adds testcase to validate the system prune flow. Signed-off-by: Sujil02 <sushah@redhat.com>