summaryrefslogtreecommitdiff
path: root/pkg/api/server
Commit message (Collapse)AuthorAge
* podman network label supportPaul Holzinger2020-11-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add label support for podman network create. Use the `args` field in the cni config file to store the podman labels. Use `podman_labels` as key name and store the labels as map[string]string. For reference: https://github.com/containernetworking/cni/blob/master/CONVENTIONS.md#args-in-network-config https://github.com/containernetworking/cni/blob/spec-v0.4.0/SPEC.md#network-configuration Example snippet: ``` ... "args": { "podman_labels": { "key1":"value1", "key2":"value2" } } ... ``` Make podman network list support several filters. Supported filters are name, plugin, driver and label. Filters with different keys work exclusive. Several label filters work exclusive and the other filter keys are working inclusive. Also adjust the compat api to support labels in network create and list. Breaking changes: - podman network ls -f shortform is used for --filter instead --format This matches docker and other podman commands (container ps, volume ps) - libpod network list endpoint filter parameter is removed. Instead the filters paramter should be used as json encoded map[string][]string. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* REST API v2 - ping - fix typo in headerRiyad Preukschas2020-11-25
| | | | Signed-off-by: Riyad Preukschas <riyad@informatik.uni-bremen.de>
* Make podman service log eventsJhon Honce2020-11-19
| | | | | | | | | * Log endpoint calls at level Info * Ensure API server started at level Info Fixes #8390 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* add network connect|disconnect compat endpointsbaude2020-11-19
| | | | | | | | | | | this enables the ability to connect and disconnect a container from a given network. it is only for the compatibility layer. some code had to be refactored to avoid circular imports. additionally, tests are being deferred temporarily due to some incompatibility/bug in either docker-py or our stack. Signed-off-by: baude <bbaude@redhat.com>
* Add an option to control if play kube should start the podAlban Bedel2020-11-17
| | | | | | | | | | Having play kube start the pod is not always appropriate, one might for example like to have the pod running as a set of systemd services. Add a `start` option to the command line and API to control if the pod should be started or not; it defaults to true for backward compatibility. Signed-off-by: Alban Bedel <albeu@free.fr>
* Add --log-driver to play kubeAndy Librian2020-11-08
| | | | | | addresses #6604 Signed-off-by: Andy Librian <andylibrian@gmail.com>
* Change http ConnState actions between new and activeAlex Schultz2020-10-31
| | | | | | | | | | | | Currently it double counts connections because it's incrementing the total for both the new and active states. Based on the comments, we should only count new connections for the total count and perform the timer stop actions when the connection has transitioned to an active state. Closes #8208 Signed-off-by: Alex Schultz <aschultz@redhat.com>
* APIv2 compatibility network connect|disconnectbaude2020-10-22
| | | | | | Add endpoints for the compat layer for network connect and disconnect. As of now, these two endpoints do nothing to change the network state of a container. They do some basic data verification and return the proper 200 response. This at least allows for scripts to work on the compatibility layer instead of getting 404s. Signed-off-by: baude <bbaude@redhat.com>
* Enforce LIFO ordering for shutdown handlersMatthew Heon2020-10-13
| | | | | | | | | | | This allows us to run both the Libpod and Server handlers at the same time without unregistering one. Also, pass the signal that killed us into the handlers, in case they want to use it to determine what to do (e.g. what exit code to set). Signed-off-by: Matthew Heon <mheon@redhat.com>
* Enable masking stop signals within container creationMatthew Heon2020-10-12
| | | | | | | | | | | | | | | | | Expand the use of the Shutdown package such that we now use it to handle signals any time we run Libpod. From there, add code to container creation to use the Inhibit function to prevent a shutdown from occuring during the critical parts of container creation. We also need to turn off signal handling when --sig-proxy is invoked - we don't want to catch the signals ourselves then, but instead to forward them into the container via the existing sig-proxy handler. Fixes #7941 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Add a shutdown handler packageMatthew Heon2020-10-12
| | | | | | | | | | | | | We need a unified package for handling signals that shut down Libpod and Podman. We need to be able to do different things on receiving such a signal (`system service` wants to shut down the service gracefully, while most other commands just want to exit) and we need to be able to inhibit this shutdown signal while we are waiting for some critical operations (e.g. creating a container) to finish. This takes the first step by defining the package that will handle this. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Search repository tags using --list-tagsQi Wang2020-10-09
| | | | | | | For fix of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1684263 Add --list-tags to podman search to return a table the repository tags. Signed-off-by: Qi Wang <qiwan@redhat.com>
* add compatibility endpoint for exporting multiple imagesbaude2020-10-08
| | | | | | | | with the recent inclusion of dealing with multiple images in a tar archive, we can now add a compatibility endpoint that was missing images/get?names=one,two. Fixes: #7950 Signed-off-by: baude <bbaude@redhat.com>
* Fixes remote attach and exec to signal IdleTrackerJhon Honce2020-10-05
| | | | | | | | | | - Fixes issue where remote attach and exec only signaled the IdleTracker on errors. Needs to done anytime after connection has been hijacked - Fixes trying to send multiple http status codes to client - Changes pprof and API server shutdowns to run in parallel - Changes shutdown to run in sync.Once block Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7815 from jwhonce/wip/creds_remoteOpenShift Merge Robot2020-10-02
|\ | | | | Add X-Registry-Config support
| * Add X-Registry-Config supportJhon Honce2020-09-29
| | | | | | | | | | | | | | | | | | | | | | | | * Refactor auth pkg to support X-Registry-Config * Refactor build endpoint to support X-Registry-Config. Supports: * --creds * --authfile * Added X-Reference-Id Header to http.Request to support log event correlation * Log headers from http.Request Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Support --http-proxy for remote buildsJhon Honce2020-09-30
| | | | | | | | | | | | | | | | | | | | * Fix misspelled parameter * add http-proxy support for builds http_proxy must be set in the podman.service unit file, for example Environment=http_proxy=<value> Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7833 from jwhonce/issues/7826OpenShift Merge Robot2020-09-30
|\ \ | | | | | | Refactor IdleTracker to handle StateIdle transitions
| * | Refactor IdleTracker to handle StateIdle transitionsJhon Honce2020-09-29
| |/ | | | | | | | | | | | | | | | | | | | | * Remove stutter naming for package and types * Stop treating StateIdle the same as StateClosed, rather transitions to StateIdle will keep API timeout window open * Remove redundate code Fixes #7826 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* / fix remote untagValentin Rothberg2020-09-30
|/ | | | | | | | | | | | | | Fix the remote client to untag all tags of the specified image. Instead of querying the image on the client side, support the case where both, repo and tag, are empty and remove all tags. Reuse the ABI implementation where possible. In retrospective, the libpod untag endpoint should support a slice of strings to batch remove tags rather than reaching out for each tag individually. Enable the skipped test. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* fix for compatibility volume creationbaude2020-09-28
| | | | | | | | in the compatibility layer, creating a volume with a name that already does not result in an error. instead a 201 response with the existing volume's information is returned. while it seems like a bug on the part of docker and they agree, no attempt has been made to fix it in five years. See https://github.com/moby/moby/issues/16068 Fixes: #7740 Signed-off-by: baude <bbaude@redhat.com>
* new endpoint: /libpod/containers/statsValentin Rothberg2020-09-24
| | | | | | | | | Add a new endpoint for container stats allowing for batch operations on more than one container. The new endpoint deprecates the single-container endpoint which will eventually be removed with the next major release. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Add Server header to API service responsesJhon Honce2020-09-22
| | | | | | Aids in reading logs of different services Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7642 from jwhonce/issues/7327-2OpenShift Merge Robot2020-09-16
|\ | | | | Refactor API version values
| * Refactor API version valuesJhon Honce2020-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * API-Version header now Major.Minor to support tools parsing this header * Libpod Version updated to 2.0.0 to reflect changes in API field values * API-Version and Libpod-API-Version headers are now included in all results Fixes #7327 * Header support tested against goland 2020.2 and https://www.jetbrains.com/help/idea/docker.html plugin Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Correct HTTP methods for /containers/{id}/archiveJhon Honce2020-09-15
|/ | | | | | Make methods align with Docker API Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Fix up errors found by codespellDaniel J Walsh2020-09-11
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7536 from Luap99/api-network-filterOpenShift Merge Robot2020-09-10
|\ | | | | APIv2 Add network list filtering
| * Fix typo in the remove network api docPaul Holzinger2020-09-07
| | | | | | | | Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * APIv2 Add network list filteringPaul Holzinger2020-09-07
| | | | | | | | | | | | | | | | | | | | Add the filter option to the libpod endpoint. Add support for the name filter on the docker endpoint. Add apiv2 tests for the network list endpoints. Enable podman network integration tests for remote. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | support multi-image (docker) archivesValentin Rothberg2020-09-08
| | | | | | | | | | | | | | | | | | | | | | | | | | Support loading and saving tarballs with more than one image. Add a new `/libpod/images/export` endpoint to the rest API to allow for exporting/saving multiple images into an archive. Note that a non-release version of containers/image is vendored. A release version must be vendored before cutting a new Podman release. We force the containers/image version via a replace in the go.mod file; this way go won't try to match the versions. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | APIv2 add generate systemd endpointPaul Holzinger2020-09-02
|/ | | | | | | | | | | | | Add support for generating systemd units via the api and podman-remote. Change the GenerateSystemdReport type to return the units as map[string]string with the unit name as key. Add `--format` flag to `podman generate systemd` to allow the output to be formatted as json. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add support for variant when pulling imagesDaniel J Walsh2020-08-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* [CI:DOCS] fix swagger api docsPaul Holzinger2020-08-23
| | | | | | | | | Separate the volume endpoints into compat and libpod, as it is done for the other endpoints. Move the libpod image push endpoint to images. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* podman.service: use sdnotiyValentin Rothberg2020-08-13
| | | | | | | | | | | | | | | | Commit 2b6dd3fb4384 set the killmode of the podman.service to the systemd default which ultimately lead to the problem that systemd will kill *all* processes inside the unit's cgroup and hence kill all containers whenever the service is stopped. Fix it by setting the type to sdnotify and the killmode to process. `podman system service` will send the necessary notify messages when the NOTIFY_SOCKET is set and unset it right after to prevent the backend and container runtimes from jumping in between and send messages as well. Fixes: #7294 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Unconditionally retrieve pod names via APIMatthew Heon2020-08-10
| | | | | | | | | | | | | | | | | | The ListContainers API previously had a Pod parameter, which determined if pod name was returned (but, notably, not Pod ID, which was returned unconditionally). This was fairly confusing, so we decided to deprecate/remove the parameter and return it unconditionally. To do this without serious performance implications, we need to avoid expensive JSON decodes of pod configuration in the DB. The way our Bolt tables are structured, retrieving name given ID is actually quite cheap, but we did not expose this via the Libpod API. Add a new GetName API to do this. Fixes #7214 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #7097 from QiWang19/usagedateOpenShift Merge Robot2020-08-03
|\ | | | | [CI:DOCS] apiv2 fix volumes not included field
| * [CI:DOCS] apiv2 fix volumes not inculded fieldQi Wang2020-07-29
| | | | | | | | | | | | Do not use volume from docker since UsageData field is not need. It's nullable in docker API and expensive to add. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #7141 from rhafer/image_descr_testOpenShift Merge Robot2020-08-03
|\ \ | | | | | | Add test case for description being present in search result
| * | Make `search --no-trunc` work for podman remoteRalf Haferkamp2020-07-31
| |/ | | | | | | | | | | | | The HTTP API for image search was still lacking support of the NoTrunc parameter. Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
* / Add versioned _ping endpointJhon Honce2020-07-31
|/ | | | | | Fixes #7008 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Remove 'experimental' from API docTomSweeneyRedHat2020-07-25
| | | | | | | | | The v2.0 reference [page](http://docs.podman.io/en/latest/Reference.html) lists the API as experimental. Removed that word and reworked the first paragraph a bit based on verbiage that @mheon put together for the API intro blog. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Fix Generate API title/descriptionAshley Cui2020-07-21
| | | | | | generate kube title and descritopn was same as play kube for apiv2 docs Signed-off-by: Ashley Cui <acui@redhat.com>
* Fix: Correct connection counters for hijacked connectionsKorhonen Sami (Samlink)2020-07-09
| | | | | | | | | | This patch fixes connection counters for v2 endpoints Idletracker was moved to a new package to prevent package cycle. Hijacking code still remains in wrong place and should be moved later to isolated package Signed-off-by: Sami Korhonen <skorhone@gmail.com>
* Remove hijacked connections from active connections listKorhonen Sami (Samlink)2020-07-09
| | | | | | | | | | | | | | | | | | | | | | | StateHijacked is a terminal state. If hijacked connection is registered as an active connection, connection will never be unregistered. This causes two issues First issue is that active connection counters are off. Second issue is a resource leak caused by connection object that is stored to a map. After this patch hijacked connections are no longer visible in counters. If a counter for hijacked connections is required, podman must track connections returned by Hijacker.Hijack() It might make sense to develop abstraction layer for hijacking - and move all hijacking related code to a separate package. Hijacking code is prone to resource leaks and it should be thoroughly tested. Signed-off-by: Sami Korhonen <skorhone@gmail.com>
* move go module to v2Valentin Rothberg2020-07-06
| | | | | | | | | | | | | | | With the advent of Podman 2.0.0 we crossed the magical barrier of go modules. While we were able to continue importing all packages inside of the project, the project could not be vendored anymore from the outside. Move the go module to new major version and change all imports to `github.com/containers/libpod/v2`. The renaming of the imports was done via `gomove` [1]. [1] https://github.com/KSubedi/gomove Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* APIv2:fix: Handle docker volume force as expectedmaybe-sybr2020-07-02
| | | | | | | | | In response to input regarding the semantic difference for the `force` parameter for volume removal between Docker and us, this change ensures that we emulate the Dockr behaviour correctly when this parameter is specified. Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
* APIv2: Add docker compatible volume endpointsmaybe-sybr2020-07-02
| | | | | | | | | | | | | | | | This change implements docker compatibile endpoint for interacting with volumes. The code is mostly lifted from the `libpod` API handlers but decodes and constructs data using types defined in the docker API package. Some notable support caveats with the current implementation: * we don't return the nullable `Status` or `UsageData` keys when returning volume information for inspect and create endpoints * we don't support filters when pruning * we return a fixed `0` for the `SpaceReclaimed` key when pruning since we have no insight into how much space was freed from runtime Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
* Ensure umask is set appropriately for 'system service'Matthew Heon2020-06-26
| | | | | | | | | | | | We need a umask of 0022 to ensure containers are created correctly, but we set a different one prior to starting the server (to ensure the unix socket has the right permissions). Thus, we need to set the umask after the socket has been bound, but before the server begins accepting requests. Fixes #6787 Signed-off-by: Matthew Heon <matthew.heon@pm.me>