aboutsummaryrefslogtreecommitdiff
path: root/pkg/domain/entities/engine_image.go
Commit message (Collapse)AuthorAge
* podman image scp never enter podman user NScdoern2021-12-23
| | | | | | | | | | | Podman image scp should never enter the Podman UserNS unless it needs to. This allows for a sudo exec.Command to transfer images to and from rootful storage. If this command is run using sudo, the simple sudo podman save/load does not work, machinectl/su is necessary here. This modification allows for both rootful and rootless transfers, and an overall change of scp to be more of a wrapper function for different load and save calls as well as the ssh component Signed-off-by: cdoern <cdoern@redhat.com>
* Podman Image SCP rootful to rootless transfercdoern2021-11-05
| | | | | | | | | | | Added functionality for users to transfer images from root storage to rootless storage without using sshd. This is done through rootful podman by running `sudo podman image scp root@localhost::image user@localhost:: the user is needed in order to find and use their uid/gid to exec a new process. added necessary tests, and functions for this implementation. Created new image function Transfer so that the underlying code is majorly removed from CLI Signed-off-by: cdoern <cdoern@redhat.com>
* podman diff accept two images or containersPaul Holzinger2021-07-02
| | | | | | | | | | | | | | | | | | | First, make podman diff accept optionally a second argument. This allows the user to specify a second image/container to compare the first with. If it is not set the parent layer will be used as before. Second, podman container diff should only use containers and podman image diff should only use images. Previously, podman container diff would use the image when both an image and container with this name exists. To make this work two new parameters have been added to the api. If they are not used the previous behaviour is used. The same applies to the bindings. Fixes #10649 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Add support for podman manifest rm commandDaniel J Walsh2021-05-19
| | | | | | This is mainly to match command line of Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* bump go module to v3Valentin Rothberg2021-02-22
| | | | | | | | | We missed bumping the go module, so let's do it now :) * Automated go code with github.com/sirkon/go-imports-rename * Manually via `vgrep podman/v2` the rest Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podman manifest existsPaul Holzinger2021-01-22
| | | | | | Add podman manifest exists command with remote support. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Allow podman push to push manifest listsDaniel J Walsh2021-01-15
| | | | | | | | | | | | | | | | | | | | | | When doing a podman images, manifests lists look just like images, so it is logical that users would assume that they can just podman push them to a registry. The problem is we throw out weird errors when this happens and users need to somehow figure out this is a manifest list rather then an image, and frankly the user will not understand the difference. This PR will make podman push just do the right thing, by failing over and attempting to push the manifest if it fails to push the image. Fix up handling of manifest push Protocol should bring back a digest string, which can either be printed or stored in a file. We should not reimplement the manifest push setup code in the tunnel code but take advantage of the api path, to make sure remote and local work the same way. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Rework pruning to report reclaimed spaceBaron Lenardson2020-12-30
| | | | | | | | | | | | This change adds code to report the reclaimed space after a prune. Reclaimed space from volumes, images, and containers is recorded during the prune call in a PruneReport struct. These structs are collected into a slice during a system prune and processed afterwards to calculate the total reclaimed space. Closes #8658 Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
* misc bindings to podman v3baude2020-12-17
| | | | | | | manifest, system, info, volumes, play, and generate bindings are updated to always have binding options. Signed-off-by: baude <bbaude@redhat.com>
* Add podman image mountDaniel J Walsh2020-07-28
| | | | | | | | | | | | | There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix podman inspect on overlapping/missing objectsMatthew Heon2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | This started as a small fix to `podman inspect` where a container and image, with the same name/tag, were present, and `podman inspect` was run on that name. `podman inspect` in 1.9 (and `docker inspect`) will give you the container; in v2.0, we gave the image. This was an easy fix (just reorder how we check for image/container). Unfortunately, in the process of testing this fix, I determined that we regressed in a different area. When you run inspect on a number of containers, some of which do not exist, `podman inspect` should return an array of inspect results for the objects that exist, then print a number of errors, one for each object that could not be found. We were bailing after the first error, and not printing output for the containers that succeeded. (For reference, this applied to images as well). This required a much more substantial set of changes to properly handle - signatures for the inspect functions in ContainerEngine and ImageEngine, plus the implementations of these interfaces, plus the actual inspect frontend code needed to be adjusted to use this. Fixes #6556 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Fix Id->ID where possible for lintDaniel J Walsh2020-06-10
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* v2podman image signBrent Baude2020-05-11
| | | | | | this is a straight port to add the podman image sign command. no improvements or refactoring done Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5961 from QiWang19/manifest-remove-pushOpenShift Merge Robot2020-05-07
|\ | | | | Manifest remove, push
| * Manifest remove, pushQi Wang2020-05-06
| | | | | | | | | | | | Implements podman manifest remove and podman manifest push. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | v2trust set and showbaude2020-05-07
|/ | | | | | | | add podman image trust set and show Signed-off-by: baude <bbaude@redhat.com> Signed-off-by: bbaude <bbaude@DESKTOP-SH5EG3J.localdomain> Signed-off-by: Brent Baude <bbaude@redhat.com>
* manifest annotateQi Wang2020-05-05
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* image removal: refactor part 2Valentin Rothberg2020-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Continue the refactoring of image removal. I didn't manage to break all the following changes into smaller and easier to digest commits due to time constraints: * Return an error slice instead of a single error. Use multierror only in the client/frontend. Reflect that in the types. * Use the batch image removal in the client while preserving the more rest-idiomatic single-image removal endpoint. * Add a new handler for the single-image removal endpoint to make it share the same code as the batch endpoint. * Expose bindings for the single and batch endpoints, so we can properly test them. * Add several convenience functions for error handling to pkg/errorhandling. * Set the correct error type in libpod to set the exit code to 2 when one or more containers are using an image. * Massage the bindings tests a bit and tackle compilation errors. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* enable inspect testsValentin Rothberg2020-04-29
| | | | | | | | | | A surprisingly big change. A core problem was that `podman inspect` allows for passing containers AND images with the default `--type=all`. This only worked partially as the data was processed in isolation which caused various issues (e.g., two separate outputs instead of one) but it also caused issues regarding error handling. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5946 from jwhonce/wip/shutdownOpenShift Merge Robot2020-04-23
|\ | | | | V2 restore libpod.Shutdown() when exiting podman commands
| * V2 restore libpod.Shutdown() when exiting podman commandsJhon Honce2020-04-22
| | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | manifest create,add,inspectQi Wang2020-04-22
|/ | | | | | Implememts manifest subcommands create, add, inspect. Signed-off-by: Qi Wang <qiwan@redhat.com>
* podman rmi: refactor logicValentin Rothberg2020-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | While this commit was initially meant to fix #5847, it has turned into a bigger refactoring which I did not manage to break into smaller pieces: * Fix #5847 by refactoring the image-removal logic. * Make the api handler for image-removal use the ABI code. This way, both (i.e., ABI and Tunnel) end up using the same code. Achieving this code share required to move some code around to prevent circular dependencies. * Everything in pkg/api (excluding pkg/api/types) must now only be accessed from code using `ABISupport`. * Avoid imports from entities on handlers to prevent circular dependencies. * Move `podman system service` logic into `cmd` to prevent circular dependencies - it depends on pkg/api. * Also remove the build header from infra/abi files. It will otherwise confuse swagger and other tools; errors we cannot fix as go doesn't expose a build-tag env variable. Fixes: #5847 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* V2 podman image treeJhon Honce2020-04-20
| | | | | | | | | | * Basic port of V1 podman image tree ID TODO: Refactor to return tree from service and format in presentation layer TODO: Support tunneling mode Signed-off-by: Jhon Honce <jhonce@redhat.com>
* podmanV2: implement buildValentin Rothberg2020-04-17
| | | | | | | | Implement `podman build` for the local client. The remote client will require some rather large work in the backend and a new build endpoint for the libpod rest API. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* V2 Enable rootlessJhon Honce2020-04-16
| | | | | | | | | | | | | * Enable running podman V2 rootless * Fixed cobra.PersistentPreRunE usage in all the commands * Leveraged cobra.PersistentPreRunE/cobra.PersistentPostRunE to manage: * rootless * trace (--trace) * profiling (--cpu-profile) * initializing the registry copies of Image/Container engines * Help and Usage templates autoset for all sub-commands Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add support for the global flags and config filesJhon Honce2020-04-14
| | | | | | | Note: This PR doesn't provide full rootless support that will be addressed in a future PR Signed-off-by: Jhon Honce <jhonce@redhat.com>
* podmanV2: implement searchValentin Rothberg2020-04-09
| | | | | | | | Also implement a new libpod endpoint to add more parameters and to prevent us from converting between slices and maps and make use of the filter parsing in the image backend. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* V2 podman diff(changes) supportJhon Honce2020-04-07
| | | | | | | | | * Ported CLI command * Added API endpoint * Added bindings * Updated swagger (TODO: n endpoints, one handler) Signed-off-by: Jhon Honce <jhonce@redhat.com>
* podmanv2 save imageBrent Baude2020-04-03
| | | | | | add ability to save an image for podman v2 Signed-off-by: Brent Baude <bbaude@redhat.com>
* podmanV2: implement pushValentin Rothberg2020-04-02
| | | | | | | | | | | | | | | | | * Implement `podman-push` and `podman-image-push` for the podmanV2 client. * Tests for `pkg/bindings` are not possible at the time of writing as we don't have a local registry running. * Implement `/images/{name}/push` compat endpoint. Tests are not implemented for this v2 endpoint. It has been tested manually. General note: The auth config extraction from the http header is not implement for push. Since it's not yet supported for other endpoints either, I deferred it to future work. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* podmanv2 importBrent Baude2020-04-01
| | | | | | add the ability to import a container image from a container export Signed-off-by: Brent Baude <bbaude@redhat.com>
* podmanv2 loadBrent Baude2020-04-01
| | | | | | | | | | enable podman load for v2 add reexec into main add systemd build flag to v2 makefile Signed-off-by: Brent Baude <bbaude@redhat.com>
* V2 podman inspectJhon Honce2020-04-01
| | | | | | | * Expose podman container inspect * Expose podman image inspect Signed-off-by: Jhon Honce <jhonce@redhat.com>
* podman v2 image tag and untagBrent Baude2020-03-31
| | | | | | add the ability to tag and untag images in podmanv2 Signed-off-by: Brent Baude <bbaude@redhat.com>
* podmanV2: implement pullValentin Rothberg2020-03-31
| | | | | | | | | | | | | Implement pulling images for the v2 client. What I _really_ don't like is the fact that we are now having a near identical code clone among `pkg/domain/infra/abi` and `pkg/api/handlers/libpod`. Partly because we don't yet have a higher-level pull function and partly because we have redudancy among `pkg/domain` and `pkg/api`. Pull might be a high outlier but I am concerned already by the potential of introducing more redundancy. I'd love to `infra/abi` and `pkg/abi` to really use the same code in the future. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* V2 podman image rm | podman rmi [IMAGE]Jhon Honce2020-03-25
| | | | | | | | | | | * Add support for rm and rmi commands * Support for registry.ExitCode * Support for N-errors from domain layer * Add log-level support * Add syslog support Signed-off-by: Jhon Honce <jhonce@redhat.com>
* V2 podman imageJhon Honce2020-03-25
| | | | | | * Exists() Signed-off-by: Jhon Honce <jhonce@redhat.com>
* V2 podman images/image listJhon Honce2020-03-24
| | | | | | | | | | * Updated entities to support flags/options * Updated bindings caused by entities changes * Removed handlers.ImageSummary in favor of entities.ImageSummary * Introduced StringSet() container object to simply error checking Signed-off-by: Jhon Honce <jhonce@redhat.com>
* V2 podman commandJhon Honce2020-03-18
Signed-off-by: Jhon Honce <jhonce@redhat.com>