summaryrefslogtreecommitdiff
path: root/pkg/api
Commit message (Collapse)AuthorAge
* Remove redundant log messageErik Sjölund2022-09-26
| | | | | | | | [NO NEW TESTS NEEDED] Fixes: https://github.com/containers/podman/issues/15925 Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Fixup Buildah mergeEd Santiago2022-09-23
| | | | | | | | | | | | | Changes since 2022-09-09: - man page: add --skip-unused-stages (buildah 4249) - man page: bring in new Note for --cache-ttl (4248) - system tests: de-stutter (4205) - (internal): in skip() applier: escape asterisk, otherwise the "bud with --dns* flags" sed expression never applies. Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #15871 from cevich/replace_ioutilOpenShift Merge Robot2022-09-21
|\ | | | | Replace deprecated ioutil
| * Replace deprecated ioutilChris Evich2022-09-20
| | | | | | | | | | | | | | | | | | | | Package `io/ioutil` was deprecated in golang 1.16, preventing podman from building under Fedora 37. Fortunately, functionality identical replacements are provided by the packages `io` and `os`. Replace all usage of all `io/ioutil` symbols with appropriate substitutions according to the golang docs. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #15842 from ashley-cui/seclabelsOpenShift Merge Robot2022-09-21
|\ \ | |/ |/| Add labels to secrets
| * Add labels to secretsAshley Cui2022-09-20
| | | | | | | | | | | | | | Add --label/-l label flag to secret create, and show labels when inspecting secrets. Also allow labeling secrets via libpod/compat API. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #15812 from sstosh/checkpoint-export-rawinputOpenShift Merge Robot2022-09-16
|\ \ | | | | | | remote: checkpoint --export prints a rawInput or an error on remote
| * | remote: checkpoint --export prints a rawInput or an error on remoteToshiki Sonoda2022-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | This commit fixes `container checkpoint --export` to print a rawInput or an error. Fixes: #15743 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | stats: cap memory limit to the available memoryGiuseppe Scrivano2022-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | Docker compatibility: cap the memory limit reported by the cgroup to the maximum available memory. Closes: https://github.com/containers/podman/issues/15765 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | stats: map MaxUsage to the correct valueGiuseppe Scrivano2022-09-15
|/ / | | | | | | | | | | and make sure it is not set for cgroup v2 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #15753 from mheon/fix_15720OpenShift Merge Robot2022-09-13
|\ \ | |/ |/| Ensure that the DF endpoint updated volume refcount
| * Ensure that the DF endpoint updated volume refcountMatthew Heon2022-09-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The field was already exposed already in the `system df` output so this just required a bit of plumbing and testing. As part of this, fix `podman systemd df` volume in-use logic. Previously, volumes were only considered to be in use if the container using them was running. This does not match Docker's behavior, where a volume is considered in use as long as a container exists that uses the volume, even if said container is not running. Fixes #15720 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #15511 from rhatdan/codespellOpenShift Merge Robot2022-09-12
|\ \ | | | | | | Fix stutters
| * | Fix stuttersDaniel J Walsh2022-09-10
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Podman adds an Error: to every error message. So starting an error message with "error" ends up being reported to the user as Error: error ... This patch removes the stutter. Also ioutil.ReadFile errors report the Path, so wrapping the err message with the path causes a stutter. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / refactor: use `os.ReadDir` for lightweight directory readingEng Zer Jun2022-09-11
|/ | | | | | | | `os.ReadDir` was added in Go 1.16 as part of the deprecation of `ioutil` package. It is a more efficient implementation than `ioutil.ReadDir`. Reference: https://pkg.go.dev/io/ioutil#ReadDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
* Fix swagger documentationToshiki Sonoda2022-09-09
| | | | | | | | | * ContainerKillLibpod "signal" query default is SIGKILL. * ContainerStopLibpod "all" query doesn't exist. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* Merge pull request #15584 from sstosh/generate-systemd-envOpenShift Merge Robot2022-09-06
|\ | | | | Add generate systemd -e/--env option
| * Add generate systemd -e/--env optionToshiki Sonoda2022-09-06
| | | | | | | | | | | | | | | | -e/--env option sets environment variables to the systemd unit files. Fixes: #15523 Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | Fix swagger documentationToshiki Sonoda2022-09-02
|/ | | | | | | | | | | * ContainerKillLibpod "signal" query default is SIGKILL. * ContainerListLibpod "namespace" query is failed to show. * SecretListLibpod parameters is duplicated. * SecretList parameters is duplicated. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* implement podman updateCharlie Doern2022-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman update allows users to change the cgroup configuration of an existing container using the already defined resource limits flags from podman create/run. The supported flags in crun are: this command is also now supported in the libpod api via the /libpod/containers/<CID>/update endpoint where the resource limits are passed inthe request body and follow the OCI resource spec format –memory –cpus –cpuset-cpus –cpuset-mems –memory-swap –memory-reservation –cpu-shares –cpu-quota –cpu-period –blkio-weight –cpu-rt-period –cpu-rt-runtime -device-read-bps -device-write-bps -device-read-iops -device-write-iops -memory-swappiness -blkio-weight-device resolves #15067 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Merge remote-tracking branch 'upstream/main' into api_compat_containersJosh Patterson2022-08-29
|\
| * remote: fix implementation of build with --userns=auto for APIAditya R2022-08-26
| | | | | | | | | | | | | | | | | | | | | | `podman-remote` and Libpod API does not supports build with `--userns=auto` since `IDMappingOptions` were not implemented for API and bindings, following PR implements passing `IDMappingOptions` via bindings to API. Closes: https://github.com/containers/podman/issues/15476 Signed-off-by: Aditya R <arajan@redhat.com>
| * Compat API image remove events now have 'delete' statusMatthew Heon2022-08-25
| | | | | | | | | | | | | | | | | | Change only the compat API, so we don't force a breaking change on Libpod API users. Partial fix for #15485 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Merge pull request #15443 from flouthoc/env-merge-supportOpenShift Merge Robot2022-08-24
| |\ | | | | | | run,create: add support for `--env-merge` for preprocessing default environment variables
| | * run,create: add support for --env-merge for preprocessing varsAditya R2022-08-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow end users to preprocess default environment variables before injecting them into container using `--env-merge` Usage ``` podman run -it --rm --env-merge some=${some}-edit --env-merge some2=${some2}-edit2 myimage sh ``` Closes: https://github.com/containers/podman/issues/15288 Signed-off-by: Aditya R <arajan@redhat.com>
| * | Use request Context() in API handlersVladimir Kochnev2022-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | Request object has its own context which must be used during a request lifetime instead of just context.Background() [NO NEW TESTS NEEDED] Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
| * | Simplify ImagesPull for when Quiet flag is onVladimir Kochnev2022-08-18
| |/ | | | | | | | | | | | | | | | | Refactor ImagesPull the same way the ImagesPush and ManifestPush are done. [NO NEW TESTS NEEDED] Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
| * Merge pull request #15368 from m0duspwnens/api_sort_hc_bindsOpenShift Merge Robot2022-08-17
| |\ | | | | | | sort hc.Binds returned from compat api
| | * sort hc.Binds returned from compat apiJosh Patterson2022-08-17
| | | | | | | | | | | | Signed-off-by: Josh Patterson <josh.patterson@securityonionsolutions.com>
| * | podman manifest create: accept --amend and --insecure flagsNalin Dahyabhai2022-08-16
| |/ | | | | | | | | | | | | | | Accept a --amend flag in `podman manifest create`, and treat `--insecure` as we would `--tls-verify=false` in `podman manifest`'s "add", "create", and "push" subcommands. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* / api: return imageID instead of imageName, for "Image" when Podman API is queriedJosh Patterson2022-08-17
|/ | | | Signed-off-by: Josh Patterson <josh.patterson@securityonionsolutions.com>
* Merge pull request #15270 from nicrowe00/kubegenerateOpenShift Merge Robot2022-08-16
|\ | | | | Add "podman kube generate" command
| * Add "podman kube generate" commandNiall Crowe2022-08-11
| | | | | | | | | | | | | | | | "podman kube generate" creates Kubernetes YAML from Podman containers, pods or volumes. Users will still be able to use "podman generate kube" as an alias of "kube generate". Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* | Merge pull request #15285 from YoitoFes/fix-15210OpenShift Merge Robot2022-08-11
|\ \ | | | | | | remote manifest push: show copy progress
| * | remote manifest push: show copy progressNaoto Kobayashi2022-08-11
| |/ | | | | | | | | | | | | | | | | | | `podman-remote manifest push` has shown absolutely no progress at all. Fix that by doing the same as the remote-push code does. Like remote-push, `quiet` parameter is true by default for backwards compatibility. Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* | Merge pull request #15157 from cdoern/apiLogOpenShift Merge Robot2022-08-11
|\ \ | |/ |/| fix LogConfig type for libpod API
| * fix LogConfig type for libpod APICharlie Doern2022-08-08
| | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] our native API was consuming the docker compat type for the API since the two have the exact same name. Fix this by renaming LogConfig to LogConfigLibpod resolves #15138 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | podman ssh work, using new c/common interfaceCharlie Doern2022-08-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implement new ssh interface into podman this completely redesigns the entire functionality of podman image scp, podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh have been moved to common as have native ssh/scp execs and the new usage of the sftp package. this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default. Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production. The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used. podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls. My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | build: implement --cache-to,--cache-from and --cache-ttlAditya R2022-08-09
|/ | | | | | | [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Signed-off-by: Aditya R <arajan@redhat.com>
* remove image podman no pruneKarthik Elango2022-08-04
| | | | Signed-off-by: Karthik Elango <kelango@redhat.com>
* switch from "kube/play" endpoint to "play/kube" endpoint.Niall Crowe2022-08-02
| | | | | | | | | When podman kube play was added the endpoint for the kube play/play kube commands was switched from the "play kube" endpoint to the new "kube play" endpoint. This caused issues with the remote client, requiring the need to use the "play kube" endpoint again in order to avoid these issues. Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* Add flag "--compression-format" to "podman manifest push" both in ↵Romain Geissler2022-07-30
| | | | | | | | | local/remote mode. Also Fix usage of flag "--compression-format" for remote "podman image push". Fix usage of flags "--format", "--remove-signatures" in remote "podman manifest push". Closes #15109. Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* Use 8k buffer to help clients w/ broken parsingJason T. Greene2022-07-29
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Set TLSVerify=true by default for API endpointsVladimir Kochnev2022-07-26
| | | | | | | | | | | | | | | | | | | | | Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
* Merge pull request #15040 from Luap99/api-umaskOpenShift Merge Robot2022-07-22
|\ | | | | API: libpod/create use correct default umask
| * API: libpod/create use correct default umaskPaul Holzinger2022-07-22
| | | | | | | | | | | | | | | | | | Make sure containers created via API have the correct umask from containers.conf set. Fixes #15036 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #15016 from Luap99/compat-netnameOpenShift Merge Robot2022-07-22
|\ \ | |/ |/| compat api: allow default bridge name for networks
| * compat api: always turn on network isolation for networksPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | | | | Fix some network option parsing logic to use constants. Always use the isolate option since this is what docker does. Remove the icc option, this is different from isolate and it is not implemented. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * compat api: allow default bridge name for networksPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | | | | | | Docker uses "bridge" as default network name so some tools expect this to work with network list or inspect. To fix this we change "bridge" to the podman default ("podman") name. Fixes #14983 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14968 from jmguzik/compatOpenShift Merge Robot2022-07-22
|\ \ | | | | | | Compat API: unify pull/push and add missing progress info