summaryrefslogtreecommitdiff
path: root/pkg/domain/entities
Commit message (Collapse)AuthorAge
* Add podman image mountDaniel J Walsh2020-07-28
| | | | | | | | | | | | | There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* libpod: pass down network optionsGiuseppe Scrivano2020-07-16
| | | | | | do not pass network specific options through the network namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix container and pod create commands for remote createMatthew Heon2020-07-10
| | | | | | | | | | | | | | | | | | | | | | | In `podman inspect` output for containers and pods, we include the command that was used to create the container. This is also used by `podman generate systemd --new` to generate unit files. With remote podman, the generated create commands were incorrect since we sourced directly from os.Args on the server side, which was guaranteed to be `podman system service` (or some variant thereof). The solution is to pass the command along in the Specgen or PodSpecgen, where we can source it from the client's os.Args. This will still be VERY iffy for mixed local/remote use (doing a `podman --remote run ...` on a remote client then a `podman generate systemd --new` on the server on the same container will not work, because the `--remote` flag will slip in) but at the very least the output of `podman inspect` will be correct. We can look into properly handling `--remote` (parsing it out would be a little iffy) in a future PR. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* move go module to v2Valentin Rothberg2020-07-06
| | | | | | | | | | | | | | | With the advent of Podman 2.0.0 we crossed the magical barrier of go modules. While we were able to continue importing all packages inside of the project, the project could not be vendored anymore from the outside. Move the go module to new major version and change all imports to `github.com/containers/libpod/v2`. The renaming of the imports was done via `gomove` [1]. [1] https://github.com/KSubedi/gomove Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* APIv2: Add docker compatible volume endpointsmaybe-sybr2020-07-02
| | | | | | | | | | | | | | | | This change implements docker compatibile endpoint for interacting with volumes. The code is mostly lifted from the `libpod` API handlers but decodes and constructs data using types defined in the docker API package. Some notable support caveats with the current implementation: * we don't return the nullable `Status` or `UsageData` keys when returning volume information for inspect and create endpoints * we don't support filters when pruning * we return a fixed `0` for the `SpaceReclaimed` key when pruning since we have no insight into how much space was freed from runtime Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>
* Created timestamp returned by imagelist should be in unix formatDaniel J Walsh2020-06-30
| | | | | | | | In the API, we are currently returning the image time of creation as a string, in time.Time format. The API is for a 64 bit integer representing Unix time. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6731 from baude/toolboxjsonOpenShift Merge Robot2020-06-23
|\ | | | | Add JSON output field for ps
| * Add JSON output field for psBrent Baude2020-06-23
| | | | | | | | | | | | the toolbox team needs a field in our ps json that represents a human readable time. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | V2 podman system connectionJhon Honce2020-06-23
|/ | | | | | | | | * Implement command * Refactor podman-remote to pull from containers.conf by default * podman-remote defaults to --remote being true * Write podman-system-connection.1.md Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add --preservefds to podman runQi Wang2020-06-19
| | | | | | Add --preservefds to podman run. close https://github.com/containers/libpod/issues/6458 Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #6630 from ashley-cui/masterOpenShift Merge Robot2020-06-17
|\ | | | | Show Anon, GID, UID in v2 volumes
| * Show Anon, GID, UID in v2 volumesAshley Cui2020-06-16
| | | | | | | | | | | | Anon, GID, UID parameters previously hidden if empty in podman volume for API v2. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Fix podman inspect on overlapping/missing objectsMatthew Heon2020-06-16
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | This started as a small fix to `podman inspect` where a container and image, with the same name/tag, were present, and `podman inspect` was run on that name. `podman inspect` in 1.9 (and `docker inspect`) will give you the container; in v2.0, we gave the image. This was an easy fix (just reorder how we check for image/container). Unfortunately, in the process of testing this fix, I determined that we regressed in a different area. When you run inspect on a number of containers, some of which do not exist, `podman inspect` should return an array of inspect results for the objects that exist, then print a number of errors, one for each object that could not be found. We were bailing after the first error, and not printing output for the containers that succeeded. (For reference, this applied to images as well). This required a much more substantial set of changes to properly handle - signatures for the inspect functions in ContainerEngine and ImageEngine, plus the implementations of these interfaces, plus the actual inspect frontend code needed to be adjusted to use this. Fixes #6556 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Turn on More lintersDaniel J Walsh2020-06-15
| | | | | | | | | - misspell - prealloc - unparam - nakedret Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6415 from vrothberg/systemd-new-podOpenShift Merge Robot2020-06-11
|\ | | | | podman-generate-systemd --new for pods
| * pod create: add `--infra-conmon-pidfile`Valentin Rothberg2020-06-11
| | | | | | | | | | | | | | | | | | | | | | Add an `--infra-conmon-pidfile` flag to `podman-pod-create` to write the infra container's conmon process ID to a specified path. Several container sub-commands already support `--conmon-pidfile` which is especially helpful to allow for systemd to access and track the conmon processes. This allows for easily tracking the conmon process of a pod's infra container. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #6256 from theunrealgeek/play_kube_deploymentOpenShift Merge Robot2020-06-11
|\ \ | |/ |/| Support k8s Deployment in play kube
| * Fix missing doc for field in PlayKubePodtheunrealgeek2020-06-04
| | | | | | | | Signed-off-by: Aditya Kamath <theunrealgeek@gmail.com>
| * Modify PlayKubeReport to preserve pod->container mappingtheunrealgeek2020-06-02
| | | | | | | | Signed-off-by: Aditya Kamath <theunrealgeek@gmail.com>
| * supporting k8s Deployment objectstheunrealgeek2020-06-02
| | | | | | | | Signed-off-by: Aditya Kamath <theunrealgeek@gmail.com>
* | Fix Id->ID where possible for lintDaniel J Walsh2020-06-10
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Fixup issues found by golintDaniel J Walsh2020-06-10
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add parallel operation to `podman stop`Matthew Heon2020-06-05
| | | | | | | | | | | | | | | | | | | | | | | | This is the other command that benefits greatly from being run in parallel, due to the potential 15-second timeout for containers that ignore SIGTERM. While we're at it, also clean up how stop timeout is set. This needs to be an optional parameter, so that the value set when the container is created with `--stop-timeout` will be respected. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | V2 Add support for ssh authentication methodsJhon Honce2020-06-03
|/ | | | | | | | | | | | | | | | | * podman --remote ssh://<user>:<password>@<host>:<port><path> * podman --remote ssh://<user>:<password>@<host>:<port><path> \ --identity <path> --passphrase <phrase> * ssh-add <key> podman --remote ssh://<user>@<host><path> * Fix `podman help` to run even if podman missing components * Prompt for passphrase on stdin IFF key is protected and passphrase not given via any other configuration * cobra flags do not support optional value flags therefore refactored --remote to be a boolean and --url will now contain the URI to Podman service Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add support for format {{.Label}}Brent Baude2020-06-01
| | | | | | | | the pod ps man page says .Label is valid go template format. i dont think the function was actually ever implemented. Fixes #6448 Signed-off-by: Brent Baude <bbaude@redhat.com>
* compat handlers: add X-Registry-Auth header supportValentin Rothberg2020-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Support the `X-Registry-Auth` http-request header. * The content of the header is a base64 encoded JSON payload which can either be a single auth config or a map of auth configs (user+pw or token) with the corresponding registries being the keys. Vanilla Docker, projectatomic Docker and the bindings are transparantly supported. * Add a hidden `--registries-conf` flag. Buildah exposes the same flag, mostly for testing purposes. * Do all credential parsing in the client (i.e., `cmd/podman`) pass the username and password in the backend instead of unparsed credentials. * Add a `pkg/auth` which handles most of the heavy lifting. * Go through the authentication-handling code of most commands, bindings and endpoints. Migrate them to the new code and fix issues as seen. A final evaluation and more tests is still required *after* this change. * The manifest-push endpoint is missing certain parameters and should use the ABI function instead. Adding auth-support isn't really possible without these parts working. * The container commands and endpoints (i.e., create and run) have not been changed yet. The APIs don't yet account for the authfile. * Add authentication tests to `pkg/bindings`. Fixes: #6384 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* V2 verify JSON output is consistent and doesn't driftJhon Honce2020-05-28
| | | | | | | $ cd test/apiv2 $ python -m unittest -v test_rest_v1_0_0.TestApi Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add --format to pod inspectBoaz Shuster2020-05-27
| | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* Merge pull request #6321 from Luap99/podman-generate-systemd-unit-prefixOpenShift Merge Robot2020-05-25
|\ | | | | Allow to change the generated systemd unit name prefix
| * Added new flags to 'podman generate systemd' to change the unit name prefixLuap992020-05-22
| | | | | | | | | | | | | | | | | | | | | | | | | | --container-prefix <string> - default 'container' Systemd unit name prefix for containers --pod-prefix <string> - default 'pod' Systemd unit name prefix for pods --separator <string> - default '-' Systemd unit name seperator between name/id and prefix Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #6312 from rhatdan/imageOpenShift Merge Robot2020-05-21
|\ \ | | | | | | Fix remote handling of podman images calls
| * | Handle filters correctly for podman pruneDaniel J Walsh2020-05-21
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Fix remote handling of podman images callsDaniel J Walsh2020-05-21
| |/ | | | | | | | | | | | | Enable three more tests Fix handling of image filters Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #6270 from mheon/detached_execOpenShift Merge Robot2020-05-21
|\ \ | |/ |/| Implement detached exec
| * Add ability to clean up exec sessions with cleanupMatthew Heon2020-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to be able to use cleanup processes to remove exec sessions as part of detached exec. This PR adds that ability. A new flag is added to `podman container cleanup`, `--exec`, to specify an exec session to be cleaned up. As part of this, ensure that `ExecCleanup` can clean up exec sessions that were running, but have since exited. This ensures that we can come back to an exec session that was running but has since stopped, and clean it up. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add CLI frontend for detached execMatthew Heon2020-05-20
| | | | | | | | | | | | | | | | | | | | | | Add a new ContainerEngine method for creating a detached exec session, and wire in the frontend code to do this. As part of this, move Streams out of ExecOptions to the function signature in an effort to share the struct between both methods. Fixes #5884 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #6161 from kunalkushwaha/network-inspectOpenShift Merge Robot2020-05-20
|\ \ | |/ |/| `--format` and `--filter` options for `network ls` and `network inspect` command
| * filter option added to network ls command.Kunal Kushwaha2020-05-20
| | | | | | | | | | | | | | filter option helps to filter output based on name or supported plugins by CNI networks. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | Fix checkpoint --leave-runningAdrian Reber2020-05-14
|/ | | | | | | There was typo in the variable name and in one place it was not correctly passed to the next layer. Signed-off-by: Adrian Reber <areber@redhat.com>
* enable podman v2 networking for remote clientBrent Baude2020-05-12
| | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #6154 from baude/v2signOpenShift Merge Robot2020-05-12
|\ | | | | v2podman image sign
| * v2podman image signBrent Baude2020-05-11
| | | | | | | | | | | | this is a straight port to add the podman image sign command. no improvements or refactoring done Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #6101 from sujil02/systemreset-v2OpenShift Merge Robot2020-05-12
|\ \ | | | | | | Adds tunnel routes for system reset.
| * | Adds tunnel routes for system reset.Sujil022020-05-11
| |/ | | | | | | | | | | | | | | Adds tunnel routes for system reset. Makes forces flag local as options are not propogated down the stack. Adds relevant test cases and swagger docs. Signed-off-by: Sujil02 <sushah@redhat.com>
* / auto-update: support authfilesValentin Rothberg2020-05-12
|/ | | | | | | | | | Support using custom authfiles for auto updates by adding a new `--authfile` flag and passing it down into the backend. Also do some minor fixes in the help text and the man page. Fixes: #6159 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* V2 Impliment tunnelled podman versionJhon Honce2020-05-08
| | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* v2 podman unshare commandBrent Baude2020-05-08
| | | | | | | | | | add unshare command add cp and init to container sub-command allow mount to run as rootless Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #6121 from vrothberg/v2-auto-updateOpenShift Merge Robot2020-05-08
|\ | | | | auto-update
| * auto-updateValentin Rothberg2020-05-08
| | | | | | | | | | | | | | Add the `podman auto-update` command. There have been no tests in v1, so there are no in v2 either ... for now :) Signed-off-by: Valentin Rothberg <rothberg@redhat.com>