| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit includes:
* Handlers for generate systemd unit
with manually defined dependencies such as:
Wants=, After= and Requires=
* The new unit and e2e tests for checking generated systemd units
for container and pod with custom dependencies
* Documented descriptions for custom dependencies options
Signed-off-by: Eugene (Evgenii) Shubin <esendjer@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Automated for .go files via gomove [1]:
`gomove github.com/containers/podman/v3 github.com/containers/podman/v4`
Remaining files via vgrep [2]:
`vgrep github.com/containers/podman/v3`
[1] https://github.com/KSubedi/gomove
[2] https://github.com/vrothberg/vgrep
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
Use CONTAINERS_CONF cgroups flag for remote API.
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Remove two GetImages functions from API
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED] This is just code cleanup.
The remote API has three different GetImages functions, which I believe
can be handled by just one function.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update method/function signatures use the manifest list name and
images associated with the operation explicitly, in general
func f(ctx context.Context, manifestListName string,
ImageNames []string, options *fOptions)
* Leverage gorilla/mux Subrouters to support API v3.x and v4.x for
manifests
* Make manifest API endpoints more RESTful
* Add PUT /manifest/{id} to update existing manifests
* Add manifests.Annotate to go bindings, uncommented unit test
* Add DELETE /manifest/{Id} to remove existing manifest list, use
PUT /manifest/{id} to remove images from a list
* Deprecated POST /manifest/{id}/add and /manifest/{id}/remove, use
PUT /manifest/{id} instead
* Corrected swagger godoc and updated to cover API changes
* Update podman manifest commands to use registry.Context()
* Expose utils.GetVar() to obtain query parameters by name
* Unexpose server.registerSwaggerHandlers, not sure why this was ever
exposed.
* Refactored code to use http.Header instead of map[string]string when
operating on HTTP headers.
* Add API-Version header support in bindings to allow calling explicate
versions of the API. Header is _NOT_ forwarded to the API service.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
|
| |
Make sure we add support for allplatforms and unsetenv to both local and
remote podman.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
| |
Make sure buildah uses the new network stack.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
| |
The libpod/network packages were moved to c/common so that buildah can
use it as well. To prevent duplication use it in podman as well and
remove it from here.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This option causes Podman to not only remove the specified containers
but all of the containers that depend on the specified
containers.
Fixes: https://github.com/containers/podman/issues/10360
Also ran codespell on the code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Remove hard code use of the DefaultInfraImage and rely on
getting this from containers.conf.
Fixes: https://github.com/containers/podman/issues/12771
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Fix HTTP credentials passing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Almost every caller is using it only to wrap an error
in exactly the same way, so move that error context into GetCredentials
and simplify the users.
(The one other caller, build, was even wrapping the error incorrectly
talking about query parameters; so let it use the same text as the others.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
|\ \
| | |
| | | |
Pod Security Option support and Infra Inheritance changes
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added support for pod security options. These are applied to infra and passed down to the
containers as added (unless overridden).
Modified the inheritance process from infra, creating a new function Inherit() which reads the config, and marshals the compatible options into an intermediate struct `InfraInherit`
This is then unmarshaled into a container config and all of this is added to the CtrCreateOptions. Removes the need (mostly) for special additons which complicate the Container_create
code and pod creation.
resolves #12173
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix Container List API call to return mount info
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We are hard coding mounts to return nil in compat API,
since we have the data, we should return it.
Fixes: https://github.com/containers/podman/issues/12734
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
legacy events: also set Action="die"
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For Status = "die", Docker sets the exit code of the container
to a field "exitCode". Podman uses "containerExitCode".
Copy the value into "exitCode" as well, for compatibility.
Signed-off-by: Leah Neukirchen <leah@vuxu.org>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Since #10168, on the event "died", the Status is set to "die"
for compatibility with the Docker API. Docker also sets
the field Action to "died", so do the same here.
Signed-off-by: Leah Neukirchen <leah@vuxu.org>
|
| |/ /
|/| |
| | |
| | |
| | |
| | | |
test for compat API ImageId
Signed-off-by: Oliver Thallmair <oliver.thallmair@mailbox.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It has been deprecated and is no longer supported. Fully remove it and
only print a warning if a user uses it.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2011695
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Podman run --passwd
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
added support for a new flag --passwd which, when false prohibits podman from creating entries in
/etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint
resolves #11805
Signed-off-by: cdoern <cdoern@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When normalizing image names on the compat API, make sure to take the
`sha256:` prefix into account when matching against the image ID.
Otherwise, the name will mistakingly be subject to docker.io
normalization.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
network db rewrite
|
| | |
| | |
| | |
| | |
| | |
| | | |
Allow the same --network options for play kube as for podman run/create.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The swagger api docs used the extra Body struct as part of the request
which is wrong. We just want the plain type.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Network connect now supports setting a static ipv4, ipv6 and mac address
for the container network. The options are added to the cli and api.
Fixes #9883
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Ananth Bhaskararaman <antsub@gmail.com>
|
|/
|
|
|
| |
Fixes: #12566
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
| |
[NO NEW TESTS NEEDED] This is just moving pkg/cgroups out so
existing tests should be fine.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Ondra Machacek <omachace@redhat.com>
|
|\
| |
| | |
compat API: push: report size of manifest
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't yet have a local registry running in the APIv2 tests.
Tested manually.
[NO NEW TESTS NEEDED]
Fixes: https://github.com/containers/podman/issues/12468
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
| |
Do not list manifest lists. Docker doesn't either.
Fixes: #12453
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
tunnel: allow `remote` and `API` to accept `--secrets`
|
| |
| |
| |
| |
| |
| |
| |
| | |
Prevents temp secrets leaking into image by moving it away from context
directory to parent builder directory. Builder directory automatically
gets cleaned up when we are done with the build.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Podman remote must treat build secrets as part of context directory. If
secret path is absolute path on host copy it to tar file and pass it to
remote server.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Following commit makes sure that `build` api can accept external
secret and allows currently `NOOP` `podman-remote build -t tag
--secret id=mysecret,src=/path/on/remote` to become functional.
Just like `docker` following api is a hidden field and only exposed to
`podman-remote` but could document it if it needs exposed on `swagger`.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Docker-compatible REST API has historically behaved just as the rest
of Podman and Buildah (and the atomic Docker in older RHEL/Fedora) where
`containers-registries.conf` is centrally controlling which registries
a short name may resolve to during pull or local image lookups. Please
refer to a blog for more details [1].
Docker, however, is only resolving short names to docker.io which has
been reported (see #12320) to break certain clients who rely on this
behavior. In order to support this scenario, `containers.conf(5)`
received a new option to control whether Podman's compat API resolves
to docker.io only or behaves as before.
Most endpoints allow for directly normalizing parameters that represent
an image. If set in containers.conf, Podman will then normalize the
references directly to docker.io. The build endpoint is an outlier
since images are also referenced in Dockerfiles. The Buildah API,
however, supports specifying a custom `types.SystemContext` in which
we can set a field that enforces short-name resolution to docker.io
in `c/image/pkg/shortnames`.
Notice that this a "hybrid" approach of doing the normalization directly
in the compat endpoints *and* in `pkg/shortnames` by passing a system
context. Doing such a hybrid approach is neccessary since the compat
and the libpod endpoints share the same `libimage.Runtime` which makes
a global enforcement via the `libimage.Runtime.systemContext`
impossible. Having two separate runtimes for the compat and the libpod
endpoints seems risky and not generally applicable to all endpoints.
[1] https://www.redhat.com/sysadmin/container-image-short-names
Fixes: #12320
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
compat: Add compatiblity with `Docker/Moby` API for scenarios where build fails.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In order to maintain compatiblity with `moby API` we must the field
`errorDetail` which is primary error reporting field with stream.
Currently podman is using `error` which is already deprecated by moby.
Check: https://github.com/moby/moby/blob/master/pkg/jsonmessage/jsonmessage.go#L147
[NO NEW TESTS NEEDED]
We can't test this in podman CI since we dont have a docker client.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|/
|
|
|
|
| |
Returning 500 when copying to read-only destination.
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\
| |
| | |
compat: Add subnet mask behind IP address to match Docker API
|
| |
| |
| |
| | |
Signed-off-by: Ambrose Chua <ambrose@hey.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a new flag to set the start timeout for a generated systemd unit.
To make naming consistent, add a new --stop-timeout flag as well and let
the previous --time map to it.
Fixes: #11618
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
Non-podman clients do not set `layers` while making request. This is
supposed to be `true` bydefault but `non-podman-clients i.e Docker` dont
know about this field as a result they end up setting this values to
`false`. Causing builds to never use cache for layers.
Adds compatiblity for `docker SDK`.
[NO NEW TESTS NEEDED]
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|
|
|
| |
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
|