| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman and podman-remote do not exactly match as the lower layer code
checks if the output is destined for a TTY before creating the progress
bars. A future PR for containers/images could change this behavior.
Fixes #7543
Tested with:
$ (echo '# start'; podman-remote pull nginx ) 2>&1 | ts '[%Y-%m-%d %H:%M:%.S]'
$ (echo '# start'; podman pull nginx ) 2>&1 | ts '[%Y-%m-%d %H:%M:%.S]'
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
Supports import&run--signature-policy
|
| |
| |
| |
| |
| |
| | |
Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* API-Version header now Major.Minor to support tools parsing this
header
* Libpod Version updated to 2.0.0 to reflect changes in API field
values
* API-Version and Libpod-API-Version headers are now included in all
results
Fixes #7327
* Header support tested against goland 2020.2 and
https://www.jetbrains.com/help/idea/docker.html plugin
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
events endpoint: header: do not wait for events
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not wait for events to occur before writing the OK header.
Events can take an unknown amount of time to occur and clients
do not need to wait until then to know if the connection is
good.
Fixes: #7263
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Refactor/Rename channel.WriteCloser() to encapsulate the channel
* Refactor build endpoint to "live" stream buildah output channels
over API rather then buffering output
* Refactor bindings/tunnel build because endpoint changes
* building tar file now in bindings rather then depending on
caller
* Cleanup initiating extra image engine
* Remove setting fields to zero values (less noise in code)
* Update tests to support remote builds
Fixes #7136
Fixes #7137
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
APIv2 Add network list filtering
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the filter option to the libpod endpoint.
Add support for the name filter on the docker endpoint.
Add apiv2 tests for the network list endpoints.
Enable podman network integration tests for remote.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| | |
| | | |
remote kill: don't wait for the container to stop
|
| | |
| | |
| | |
| | |
| | |
| | | |
Docker does not wait unconditionally.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Invert the branch logic to match the comment. Docker seems to wait for
the container while Podman does not.
Enable the remote-disabled system test as well.
Fixes: #7135
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
fix APIv2 pods top of non-exist pod gets two response value
|
| |/
| |
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Support loading and saving tarballs with more than one image.
Add a new `/libpod/images/export` endpoint to the rest API to
allow for exporting/saving multiple images into an archive.
Note that a non-release version of containers/image is vendored.
A release version must be vendored before cutting a new Podman
release. We force the containers/image version via a replace in
the go.mod file; this way go won't try to match the versions.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for generating systemd units
via the api and podman-remote.
Change the GenerateSystemdReport type to return the
units as map[string]string with the unit name as key.
Add `--format` flag to `podman generate systemd`
to allow the output to be formatted as json.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\
| |
| | |
Add support for image pull overrides
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
The APIv2 pod endpoints that operate on multiple containers, such
as Start, Kill, Pause, Unpause, do not report errors encountered
by individual containers, because they incorrectly assume that
any error is fatal. The documentation for the Libpod API calls
notes, however, that ErrPodPartialFail will *always* be returned
if any container failed; so we need to ignore that error and
continue to collating and returning container errors.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
Send HTTP Hijack headers after successful attach
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Our previous flow was to perform a hijack before passing a
connection into Libpod, and then Libpod would attach to the
container's attach socket and begin forwarding traffic.
A problem emerges: we write the attach header as soon as the
attach complete. As soon as we write the header, the client
assumes that all is ready, and sends a Start request. This Start
may be processed *before* we successfully finish attaching,
causing us to lose output.
The solution is to handle hijacking inside Libpod. Unfortunately,
this requires a downright extensive refactor of the Attach and
HTTP Exec StartAndAttach code. I think the result is an
improvement in some places (a lot more errors will be handled
with a proper HTTP error code, before the hijack occurs) but
other parts, like the relocation of printing container logs, are
just *bad*. Still, we need this fixed now to get CI back into
good shape...
Fixes #7195
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|/
|
|
| |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|
|
|
|
|
|
| |
This should help alleviate races where the pod is not fully
cleaned up before subsequent API calls happen.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ListContainers API previously had a Pod parameter, which
determined if pod name was returned (but, notably, not Pod ID,
which was returned unconditionally). This was fairly confusing,
so we decided to deprecate/remove the parameter and return it
unconditionally.
To do this without serious performance implications, we need to
avoid expensive JSON decodes of pod configuration in the DB. The
way our Bolt tables are structured, retrieving name given ID is
actually quite cheap, but we did not expose this via the Libpod
API. Add a new GetName API to do this.
Fixes #7214
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
images: speed up lists
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Listing images has shown increasing performance penalties with an
increasing number of images. Unless `--all` is specified, Podman
will filter intermediate images. Determining intermediate images
has been done by finding (and comparing!) parent images which is
expensive. We had to query the storage many times which turned it
into a bottleneck.
Instead, create a layer tree and assign one or more images to nodes that
match the images' top layer. Determining the children of an image is
now exponentially faster as we already know the child images from the
layer graph and the images using the same top layer, which may also be
considered child images based on their history.
On my system with 510 images, a rootful image list drops from 6 secs
down to 0.3 secs.
Also use the tree to compute parent nodes, and to filter intermediate
images for pruning.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Missing return after early exit
|
| |/
| |
| |
| |
| |
| |
| |
| | |
the exists code was plagued by a missing return statement meant to trigger an early exit.
Fixes: #7197
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
even though the official documentation suggests that application/x-tar should be used for tar files, it seems docker-compose uses application/tar. we now accept them and issue a warning.
Fixes: #7185
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
API returns 500 in case network is not found instead of 404
|
| |
| |
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|\ \
| | |
| | | |
Handle single character images
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently you can only specify multiple character for image names
when executing podman-remote commit
podman-remote commit a b
Will complete, but will save the image without a name.
podman-remote commit a bb
Works.
This PR fixes and now returns an error if the user doees not specify an
image name to commit to.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
The HTTP API for image search was still lacking support of the NoTrunc
parameter.
Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
|
|/
|
|
|
|
|
|
|
| |
`podman image search` returned wrong results for the image "Description" as
it was mapped to the wrong field ("ID") in the search results.
Basically cherry-picked into the api from
commit cf5c63b5c492e41d72b6e3b6d75b5f39b0a957fd.
Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
|
|
|
|
|
|
|
| |
We are returning bogus data in podman-remote images --format json.
This change will match the same data returned my podman images --format json.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Switch all references to github.com/containers/libpod -> podman
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
| |
For compatibility with Docker: https://github.com/moby/moby/blob/846b7e24ba549a972a2672ffdd88b140da688736/api/swagger.yaml#L4528-L4534
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
|
|
|
|
|
|
|
|
| |
Fix an error where an absent "filters" parameter led to JSON parsing
errors.
Fixes: #7078
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| |
| |
| | |
maybe-sybr/maybe/apiv2/fix-container-create-with-volumes
APIv2:fix: Get volumes from `Binds` when creating
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change ensures that we pull volume bind specification strings from
the correct spot in the POSTed data when creating containers. We should
probably canity check that the mapping keys in `Volumes` are a superset
of the binds listed in `HostConfig.Binds` but this cheap change removes
an annoying behaviour where named volumes or host mount would be
silently replaced with newly created anonymous volumes.
Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The versions Docker that the compat endpoints currently support are
using another type for the `filters` parameter than later versions
of Docker, which the libpod/events endpoint is also using.
To prevent existing deplopyments from breaking while still achieving
backward compat, we now support both types for the filters parameter.
Tested manually.
Fixes: #6899
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a potential panic in the events endpoint when parsing the filters
parameter. Values of the filters map might be empty, so we need to
account for that instead of uncondtitionally accessing the first item.
Also apply a similar for race conditions as done in commit f4a2d25c0fca:
Fix a race that could cause read errors to be masked. Masking
such errors is likely to report red herrings since users don't
see that reading failed for some reasons but that a given event
could not be found.
Another race was the handler closing event channel, which could lead to
two kinds of panics: double close, send to close channel. The backend
takes care of that. However, make sure that the backend stops working
in case the context has been cancelled.
Fixes: #6899
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This matches Docker behavior, and will make the Docker frontend
work with `podman system service` (Docker tries to create, then
if that fails with 404 sends a request to pull the image).
Fixes #6960
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| | |
If a user specifies an entrypoint of "" then we should not use the images
entrypoint.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch fixes connection counters for v2 endpoints
Idletracker was moved to a new package to prevent package cycle.
Hijacking code still remains in wrong place and should be moved
later to isolated package
Signed-off-by: Sami Korhonen <skorhone@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
After this patch v2 hijacking endpoints, exec/start and
containers/attach follow rfc 7230 specification.
Connection will only be upgraded, if client specifies upgrade
headers:
For tcp connections:
Connection: Upgrade
Upgrade: tcp
For unix socket connections:
Connection: Upgrade
Upgrade: sock
There are currently no checks if upgrade type actually matches with
available protocols. Implementation just protocol that client
requested
Signed-off-by: Sami Korhonen <skorhone@gmail.com>
|