aboutsummaryrefslogtreecommitdiff
path: root/pkg/api/handlers
Commit message (Collapse)AuthorAge
* Merge pull request #7952 from baude/issue7934OpenShift Merge Robot2020-10-08
|\ | | | | APIv2 compatibility rootless network fix
| * APIv2 compatibility rootless network fixbaude2020-10-07
| | | | | | | | | | | | | | | | when using the compatibility mode as rootless, containers that were created were not setting their host names correctly due to the netmode not being set. Fixes: #7934 Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #7382 from mheon/pod_parallelOpenShift Merge Robot2020-10-07
|\ \ | | | | | | Move pod jobs to parallel execution
| * | Move pod jobs to parallel executionMatthew Heon2020-10-07
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make Podman pod operations that do not involve starting containers (which needs to be done in a specific order) use the same parallel operation code we use to make `podman stop` on large numbers of containers fast. We were previously stopping containers in a pod serially, which could take up to the timeout (default 15 seconds) for each container - stopping 100 containers that do not respond to SIGTERM would take 25 minutes. To do this, refactor the parallel operation code a bit to remove its dependency on libpod (damn circular import restrictions...) and use parallel functions that just re-use the standard container API operations - maximizes code reuse (previously each pod handler had a separate implementation of the container function it performed). This is a bit of a palate cleanser after fighting CI for two days - nice to be able to return to a land of sanity. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / prevent unpredictable results with network create|removebaude2020-10-07
|/ | | | | | | | | | due to a lack of "locking" on cni operations, we could get ourselves in trouble when doing rapid creation or removal of networks. added a simple file lock to deal with the collision and because it is not considered a performent path, use of the file lock should be ok. if proven otherwise in the future, some generic shared memory lock should be implemented for libpod and also used here. moved pkog/network to libpod/network because libpod is now being pulled into the package and it has therefore lost its generic nature. this will make it easier to absorb into libpod as we try to make the network closer to core operations. Fixes: #7807 Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #7918 from zhangguanzhang/apiv2-wrong-StopSignalOpenShift Merge Robot2020-10-06
|\ | | | | [apiv2] /containers/$name/json return wrong value in `.Config.StopSignal`
| * fix apiv2 /containers/$name/json return wrong value in `.Config.StopSignal`zhangguanzhang2020-10-06
| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | Merge pull request #7929 from kolyshkin/nits-errOpenShift Merge Robot2020-10-06
|\ \ | |/ |/| Nits
| * Lowercase some errorsKir Kolyshkin2020-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit is courtesy of ``` for f in $(git ls-files *.go | grep -v ^vendor/); do \ sed -i 's/\(errors\..*\)"Error /\1"error /' $f; done for f in $(git ls-files *.go | grep -v ^vendor/); do \ sed -i 's/\(errors\..*\)"Failed to /\1"failed to /' $f; done ``` etc. Self-reviewed using `git diff --word-diff`, found no issues. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | Fixes remote attach and exec to signal IdleTrackerJhon Honce2020-10-05
|/ | | | | | | | | | - Fixes issue where remote attach and exec only signaled the IdleTracker on errors. Needs to done anytime after connection has been hijacked - Fixes trying to send multiple http status codes to client - Changes pprof and API server shutdowns to run in parallel - Changes shutdown to run in sync.Once block Signed-off-by: Jhon Honce <jhonce@redhat.com>
* compat: images/create: fix tag parsingValentin Rothberg2020-10-02
| | | | | | | | The `tag` parameter of the compat `images/create` endpoint can be both, a tag and a digest. Fix parsing of the parameter to detect digests and use the appropriate `@` separator. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #7815 from jwhonce/wip/creds_remoteOpenShift Merge Robot2020-10-02
|\ | | | | Add X-Registry-Config support
| * Add X-Registry-Config supportJhon Honce2020-09-29
| | | | | | | | | | | | | | | | | | | | | | | | * Refactor auth pkg to support X-Registry-Config * Refactor build endpoint to support X-Registry-Config. Supports: * --creds * --authfile * Added X-Reference-Id Header to http.Request to support log event correlation * Log headers from http.Request Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7735 from QiWang19/manifest-inspectOpenShift Merge Robot2020-10-01
|\ \ | | | | | | fix allowing inspect manifest of non-local image
| * | fix allowing inspect manifest of non-local imageQi Wang2020-09-30
| | | | | | | | | | | | | | | | | | | | | Add support of `podman manifest inspect` returning manifest list of non-local manifest. Close #https://github.com/containers/podman/issues/7726 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #7851 from zhangguanzhang/fix-apiv2-ctr-workdir-and-envOpenShift Merge Robot2020-10-01
|\ \ \ | | | | | | | | [apiv2] don't ignore the ENV and WorkDir from the image
| * | | fix: The container created by APIV2 has an incorrect Env and WorkDirzhangguanzhang2020-10-01
| | |/ | |/| | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Support --http-proxy for remote buildsJhon Honce2020-09-30
| |/ |/| | | | | | | | | | | | | | | | | * Fix misspelled parameter * add http-proxy support for builds http_proxy must be set in the podman.service unit file, for example Environment=http_proxy=<value> Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7833 from jwhonce/issues/7826OpenShift Merge Robot2020-09-30
|\ \ | | | | | | Refactor IdleTracker to handle StateIdle transitions
| * | Refactor IdleTracker to handle StateIdle transitionsJhon Honce2020-09-29
| |/ | | | | | | | | | | | | | | | | | | | | * Remove stutter naming for package and types * Stop treating StateIdle the same as StateClosed, rather transitions to StateIdle will keep API timeout window open * Remove redundate code Fixes #7826 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7840 from vrothberg/remote-untagOpenShift Merge Robot2020-09-30
|\ \ | | | | | | fix remote untag
| * | fix remote untagValentin Rothberg2020-09-30
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the remote client to untag all tags of the specified image. Instead of querying the image on the client side, support the case where both, repo and tag, are empty and remove all tags. Reuse the ABI implementation where possible. In retrospective, the libpod untag endpoint should support a slice of strings to batch remove tags rather than reaching out for each tag individually. Enable the skipped test. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / Fix handling of remove of bogus volumes, networks and PodsDaniel J Walsh2020-09-29
|/ | | | | | | | | | | | In podman containers rm and podman images rm, the commands exit with error code 1 if the object does not exists. This PR implements similar functionality to volumes, networks, and Pods. Similarly if volumes or Networks are in use by other containers, and return exit code 2. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* fix for compatibility volume creationbaude2020-09-28
| | | | | | | | in the compatibility layer, creating a volume with a name that already does not result in an error. instead a 201 response with the existing volume's information is returned. while it seems like a bug on the part of docker and they agree, no attempt has been made to fix it in five years. See https://github.com/moby/moby/issues/16068 Fixes: #7740 Signed-off-by: baude <bbaude@redhat.com>
* Properly handle podman run --pull commandDaniel J Walsh2020-09-27
| | | | | | | | | | | | | | | | | | Currently the --pull missing|always|never is ignored This PR implements this for local API. For remote we need to default to pullpolicy specified in the containers.conf file. Also fixed an issue when images were matching other images names based on prefix, causing images to always be pulled. I had named an image myfedora and when ever I pulled fedora, the system thought that it there were two images named fedora since it was checking for the name fedora as well as the prefix fedora. I changed it to check for fedora and the prefix /fedora, to prefent failures like I had. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7662 from jwhonce/issues/7535OpenShift Merge Robot2020-09-24
|\ | | | | Evict containers before removing via V2 API
| * Evict containers before removing via V2 APIJhon Honce2020-09-18
| | | | | | | | | | | | Fixes #7535 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7753 from vrothberg/fix-7689OpenShift Merge Robot2020-09-24
|\ \ | | | | | | remote stats
| * | stats: break out CLI optionsValentin Rothberg2020-09-24
| | | | | | | | | | | | | | | | | | | | | | | | Have a clear separation of concerns for the CLI-only options (and their logic) from the backend. The backend logic is now easier to understand (e.g., `stream` instead of `noStream`). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | new endpoint: /libpod/containers/statsValentin Rothberg2020-09-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new endpoint for container stats allowing for batch operations on more than one container. The new endpoint deprecates the single-container endpoint which will eventually be removed with the next major release. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #7761 from baude/interactiveOpenShift Merge Robot2020-09-24
|\ \ \ | | | | | | | | set interactive mode with compat create endpoint
| * | | set interactive mode with compat create endpointbaude2020-09-23
| | | | | | | | | | | | | | | | | | | | | | | | when creating a container using the compat endpoint, the interactive bool was being hard set to false and ignoring the user's input. Signed-off-by: baude <bbaude@redhat.com>
* | | | apiv2 container limit differ from docker-apizhangguanzhang2020-09-24
| |/ / |/| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | Merge pull request #7712 from baude/killreturnOpenShift Merge Robot2020-09-22
|\ \ \ | |/ / |/| | add missing return for compat kill
| * | add missing return for compat killbaude2020-09-21
| | | | | | | | | | | | | | | | | | on an error condition in kill for the compatibility layer, we were missing a return. Signed-off-by: baude <bbaude@redhat.com>
* | | Restore 'id' stanza in pull resultsJhon Honce2020-09-21
|/ / | | | | | | | | | | | | | | | | | | | | | | | | id is the last image id from the set of id's returned via the images stanza. id may be deprecated in a future version of the API Created test_rest_v2_0_0.py to reflect the bump in the API Version. Fixes #7686 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7688 from vrothberg/fix-7521OpenShift Merge Robot2020-09-21
|\ \ | | | | | | remote stats fixes
| * | stats: log errors instead of sending 500Valentin Rothberg2020-09-21
| | | | | | | | | | | | | | | | | | As 200 is already out the door, we cannot send 500s anymore. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | stats: detect closed client connectionValentin Rothberg2020-09-18
| | | | | | | | | | | | | | | | | | | | | Detect closed client connections and stop streaming. Fixes: #7521 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | stats endpoint: write OK header onceValentin Rothberg2020-09-18
| |/ | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7660 from ashley-cui/logsOpenShift Merge Robot2020-09-18
|\ \ | |/ |/| Fix remote logs
| * WIP: Fix remote logsAshley Cui2020-09-16
| | | | | | | | | | | | Docker compatibility - logs endpoint does not write stream headers if container has a tty Signed-off-by: Ashley Cui <acui@redhat.com>
* | Refactor remote pull to provide progressJhon Honce2020-09-16
|/ | | | | | | | | | | | | | | podman and podman-remote do not exactly match as the lower layer code checks if the output is destined for a TTY before creating the progress bars. A future PR for containers/images could change this behavior. Fixes #7543 Tested with: $ (echo '# start'; podman-remote pull nginx ) 2>&1 | ts '[%Y-%m-%d %H:%M:%.S]' $ (echo '# start'; podman pull nginx ) 2>&1 | ts '[%Y-%m-%d %H:%M:%.S]' Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7624 from QiWang19/policy-optionOpenShift Merge Robot2020-09-16
|\ | | | | Supports import&run--signature-policy
| * Supports import&run--signature-policyQi Wang2020-09-15
| | | | | | | | | | | | Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Refactor API version valuesJhon Honce2020-09-15
|/ | | | | | | | | | | | | | | | * API-Version header now Major.Minor to support tools parsing this header * Libpod Version updated to 2.0.0 to reflect changes in API field values * API-Version and Libpod-API-Version headers are now included in all results Fixes #7327 * Header support tested against goland 2020.2 and https://www.jetbrains.com/help/idea/docker.html plugin Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7637 from vrothberg/fix-7263OpenShift Merge Robot2020-09-15
|\ | | | | events endpoint: header: do not wait for events
| * events endpoint: header: do not wait for eventsValentin Rothberg2020-09-15
| | | | | | | | | | | | | | | | | | | | Do not wait for events to occur before writing the OK header. Events can take an unknown amount of time to occur and clients do not need to wait until then to know if the connection is good. Fixes: #7263 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Refactor API build endpoint to be more compliantJhon Honce2020-09-14
|/ | | | | | | | | | | | | | | | | * Refactor/Rename channel.WriteCloser() to encapsulate the channel * Refactor build endpoint to "live" stream buildah output channels over API rather then buffering output * Refactor bindings/tunnel build because endpoint changes * building tar file now in bindings rather then depending on caller * Cleanup initiating extra image engine * Remove setting fields to zero values (less noise in code) * Update tests to support remote builds Fixes #7136 Fixes #7137 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>