summaryrefslogtreecommitdiff
path: root/pkg/api/handlers
Commit message (Collapse)AuthorAge
* Merge pull request #7624 from QiWang19/policy-optionOpenShift Merge Robot2020-09-16
|\ | | | | Supports import&run--signature-policy
| * Supports import&run--signature-policyQi Wang2020-09-15
| | | | | | | | | | | | Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Refactor API version valuesJhon Honce2020-09-15
|/ | | | | | | | | | | | | | | | * API-Version header now Major.Minor to support tools parsing this header * Libpod Version updated to 2.0.0 to reflect changes in API field values * API-Version and Libpod-API-Version headers are now included in all results Fixes #7327 * Header support tested against goland 2020.2 and https://www.jetbrains.com/help/idea/docker.html plugin Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7637 from vrothberg/fix-7263OpenShift Merge Robot2020-09-15
|\ | | | | events endpoint: header: do not wait for events
| * events endpoint: header: do not wait for eventsValentin Rothberg2020-09-15
| | | | | | | | | | | | | | | | | | | | Do not wait for events to occur before writing the OK header. Events can take an unknown amount of time to occur and clients do not need to wait until then to know if the connection is good. Fixes: #7263 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Refactor API build endpoint to be more compliantJhon Honce2020-09-14
|/ | | | | | | | | | | | | | | | | * Refactor/Rename channel.WriteCloser() to encapsulate the channel * Refactor build endpoint to "live" stream buildah output channels over API rather then buffering output * Refactor bindings/tunnel build because endpoint changes * building tar file now in bindings rather then depending on caller * Cleanup initiating extra image engine * Remove setting fields to zero values (less noise in code) * Update tests to support remote builds Fixes #7136 Fixes #7137 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7536 from Luap99/api-network-filterOpenShift Merge Robot2020-09-10
|\ | | | | APIv2 Add network list filtering
| * APIv2 Add network list filteringPaul Holzinger2020-09-07
| | | | | | | | | | | | | | | | | | | | Add the filter option to the libpod endpoint. Add support for the name filter on the docker endpoint. Add apiv2 tests for the network list endpoints. Enable podman network integration tests for remote. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #7572 from vrothberg/fix-7135OpenShift Merge Robot2020-09-09
|\ \ | | | | | | remote kill: don't wait for the container to stop
| * | compat kill: only wait for 0 signal and sigkillValentin Rothberg2020-09-09
| | | | | | | | | | | | | | | | | | Docker does not wait unconditionally. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | remote kill: don't wait for the container to stopValentin Rothberg2020-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Invert the branch logic to match the comment. Docker seems to wait for the container while Podman does not. Enable the remote-disabled system test as well. Fixes: #7135 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #7569 from zhangguanzhang/fix-apiv2-top-response-two-valueOpenShift Merge Robot2020-09-09
|\ \ \ | |/ / |/| | fix APIv2 pods top of non-exist pod gets two response value
| * | fix APIv2 pods top of non-exist pod gets two response valuezhangguanzhang2020-09-09
| |/ | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | support multi-image (docker) archivesValentin Rothberg2020-09-08
| | | | | | | | | | | | | | | | | | | | | | | | | | Support loading and saving tarballs with more than one image. Add a new `/libpod/images/export` endpoint to the rest API to allow for exporting/saving multiple images into an archive. Note that a non-release version of containers/image is vendored. A release version must be vendored before cutting a new Podman release. We force the containers/image version via a replace in the go.mod file; this way go won't try to match the versions. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | APIv2 add generate systemd endpointPaul Holzinger2020-09-02
|/ | | | | | | | | | | | | Add support for generating systemd units via the api and podman-remote. Change the GenerateSystemdReport type to return the units as map[string]string with the unit name as key. Add `--format` flag to `podman generate systemd` to allow the output to be formatted as json. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #7436 from rhatdan/variantOpenShift Merge Robot2020-08-28
|\ | | | | Add support for image pull overrides
| * Add support for variant when pulling imagesDaniel J Walsh2020-08-28
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Ensure pod REST API endpoints include ctr errorsMatthew Heon2020-08-27
|/ | | | | | | | | | | | The APIv2 pod endpoints that operate on multiple containers, such as Start, Kill, Pause, Unpause, do not report errors encountered by individual containers, because they incorrectly assume that any error is fatal. The documentation for the Libpod API calls notes, however, that ErrPodPartialFail will *always* be returned if any container failed; so we need to ignore that error and continue to collating and returning container errors. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #7451 from mheon/fix_7195Ed Santiago2020-08-27
|\ | | | | Send HTTP Hijack headers after successful attach
| * Send HTTP Hijack headers after successful attachMatthew Heon2020-08-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Our previous flow was to perform a hijack before passing a connection into Libpod, and then Libpod would attach to the container's attach socket and begin forwarding traffic. A problem emerges: we write the attach header as soon as the attach complete. As soon as we write the header, the client assumes that all is ready, and sends a Start request. This Start may be processed *before* we successfully finish attaching, causing us to lose output. The solution is to handle hijacking inside Libpod. Unfortunately, this requires a downright extensive refactor of the Attach and HTTP Exec StartAndAttach code. I think the result is an improvement in some places (a lot more errors will be handled with a proper HTTP error code, before the hijack occurs) but other parts, like the relocation of printing container logs, are just *bad*. Still, we need this fixed now to get CI back into good shape... Fixes #7195 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | fix apiv2 will create containers with incorrect commandszhangguanzhang2020-08-24
| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | fix /libpod/pods/json returns null when there are no podszhangguanzhang2020-08-21
|/ | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* Clean up pods before returning from Pod Stop API callMatthew Heon2020-08-17
| | | | | | | This should help alleviate races where the pod is not fully cleaned up before subsequent API calls happen. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Unconditionally retrieve pod names via APIMatthew Heon2020-08-10
| | | | | | | | | | | | | | | | | | The ListContainers API previously had a Pod parameter, which determined if pod name was returned (but, notably, not Pod ID, which was returned unconditionally). This was fairly confusing, so we decided to deprecate/remove the parameter and return it unconditionally. To do this without serious performance implications, we need to avoid expensive JSON decodes of pod configuration in the DB. The way our Bolt tables are structured, retrieving name given ID is actually quite cheap, but we did not expose this via the Libpod API. Add a new GetName API to do this. Fixes #7214 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #7215 from vrothberg/flatten-the-curveOpenShift Merge Robot2020-08-08
|\ | | | | images: speed up lists
| * image list: speed upValentin Rothberg2020-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Listing images has shown increasing performance penalties with an increasing number of images. Unless `--all` is specified, Podman will filter intermediate images. Determining intermediate images has been done by finding (and comparing!) parent images which is expensive. We had to query the storage many times which turned it into a bottleneck. Instead, create a layer tree and assign one or more images to nodes that match the images' top layer. Determining the children of an image is now exponentially faster as we already know the child images from the layer graph and the images using the same top layer, which may also be considered child images based on their history. On my system with 510 images, a rootful image list drops from 6 secs down to 0.3 secs. Also use the tree to compute parent nodes, and to filter intermediate images for pruning. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7204 from baude/issue7197OpenShift Merge Robot2020-08-04
|\ \ | | | | | | Missing return after early exit
| * | Missing return after early exitBrent Baude2020-08-03
| |/ | | | | | | | | | | | | | | the exists code was plagued by a missing return statement meant to trigger an early exit. Fixes: #7197 Signed-off-by: Brent Baude <bbaude@redhat.com>
* / docker-compose uses application/tarBrent Baude2020-08-03
|/ | | | | | | | even though the official documentation suggests that application/x-tar should be used for tar files, it seems docker-compose uses application/tar. we now accept them and issue a warning. Fixes: #7185 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #7188 from zhangguanzhang/network-404OpenShift Merge Robot2020-08-03
|\ | | | | API returns 500 in case network is not found instead of 404
| * API returns 500 in case network is not found instead of 404zhangguanzhang2020-08-02
| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | Merge pull request #7158 from rhatdan/commitOpenShift Merge Robot2020-08-03
|\ \ | | | | | | Handle single character images
| * | Handle single character imagesDaniel J Walsh2020-07-30
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently you can only specify multiple character for image names when executing podman-remote commit podman-remote commit a b Will complete, but will save the image without a name. podman-remote commit a bb Works. This PR fixes and now returns an error if the user doees not specify an image name to commit to. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Make `search --no-trunc` work for podman remoteRalf Haferkamp2020-07-31
| | | | | | | | | | | | | | The HTTP API for image search was still lacking support of the NoTrunc parameter. Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
* | API: Fix 'podman image search` missing descriptionRalf Haferkamp2020-07-31
|/ | | | | | | | | `podman image search` returned wrong results for the image "Description" as it was mapped to the wrong field ("ID") in the search results. Basically cherry-picked into the api from commit cf5c63b5c492e41d72b6e3b6d75b5f39b0a957fd. Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
* Return NamesHistory when returning remote imagesDaniel J Walsh2020-07-29
| | | | | | | We are returning bogus data in podman-remote images --format json. This change will match the same data returned my podman images --format json. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6909 from rhatdan/podmanOpenShift Merge Robot2020-07-28
|\ | | | | Switch all references to github.com/containers/libpod -> podman
| * Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | compat/info.go: TrimPrefix(CGroupsVersion, "v")Akihiro Suda2020-07-28
|/ | | | | | For compatibility with Docker: https://github.com/moby/moby/blob/846b7e24ba549a972a2672ffdd88b140da688736/api/swagger.yaml#L4528-L4534 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* API events: fix parsing errorValentin Rothberg2020-07-27
| | | | | | | | Fix an error where an absent "filters" parameter led to JSON parsing errors. Fixes: #7078 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #6742 from ↵OpenShift Merge Robot2020-07-24
|\ | | | | | | | | maybe-sybr/maybe/apiv2/fix-container-create-with-volumes APIv2:fix: Get volumes from `Binds` when creating
| * APIv2:fix: Get volumes from `Binds` when creatingmaybe-sybr2020-07-09
| | | | | | | | | | | | | | | | | | | | | | This change ensures that we pull volume bind specification strings from the correct spot in the POSTed data when creating containers. We should probably canity check that the mapping keys in `Volumes` are a superset of the binds listed in `HostConfig.Binds` but this cheap change removes an annoying behaviour where named volumes or host mount would be silently replaced with newly created anonymous volumes. Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
* | events endpoint: backwards compat to old typeValentin Rothberg2020-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The versions Docker that the compat endpoints currently support are using another type for the `filters` parameter than later versions of Docker, which the libpod/events endpoint is also using. To prevent existing deplopyments from breaking while still achieving backward compat, we now support both types for the filters parameter. Tested manually. Fixes: #6899 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | events endpoint: fix panic and race conditionValentin Rothberg2020-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a potential panic in the events endpoint when parsing the filters parameter. Values of the filters map might be empty, so we need to account for that instead of uncondtitionally accessing the first item. Also apply a similar for race conditions as done in commit f4a2d25c0fca: Fix a race that could cause read errors to be masked. Masking such errors is likely to report red herrings since users don't see that reading failed for some reasons but that a given event could not be found. Another race was the handler closing event channel, which could lead to two kinds of panics: double close, send to close channel. The backend takes care of that. However, make sure that the backend stops working in case the context has been cancelled. Fixes: #6899 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | The compat create endpoint should 404 on no such imageMatthew Heon2020-07-16
| | | | | | | | | | | | | | | | | | | | This matches Docker behavior, and will make the Docker frontend work with `podman system service` (Docker tries to create, then if that fails with 404 sends a request to pull the image). Fixes #6960 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Fix handling of entrypointDaniel J Walsh2020-07-14
| | | | | | | | | | | | | | If a user specifies an entrypoint of "" then we should not use the images entrypoint. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Fix: Correct connection counters for hijacked connectionsKorhonen Sami (Samlink)2020-07-09
| | | | | | | | | | | | | | | | | | | | This patch fixes connection counters for v2 endpoints Idletracker was moved to a new package to prevent package cycle. Hijacking code still remains in wrong place and should be moved later to isolated package Signed-off-by: Sami Korhonen <skorhone@gmail.com>
* | Fix: Hijacking v2 endpoints to follow rfc 7230 semanticsKorhonen Sami (Samlink)2020-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After this patch v2 hijacking endpoints, exec/start and containers/attach follow rfc 7230 specification. Connection will only be upgraded, if client specifies upgrade headers: For tcp connections: Connection: Upgrade Upgrade: tcp For unix socket connections: Connection: Upgrade Upgrade: sock There are currently no checks if upgrade type actually matches with available protocols. Implementation just protocol that client requested Signed-off-by: Sami Korhonen <skorhone@gmail.com>
* | Merge pull request #6835 from zhangguanzhang/masterOpenShift Merge Robot2020-07-09
|\ \ | | | | | | fix API: Create container with an invalid configuration