summaryrefslogtreecommitdiff
path: root/pkg/domain
Commit message (Collapse)AuthorAge
* stats refactorValentin Rothberg2020-09-23
| | | | | | | | | | | | Refactor the entities' stats API to simplify using it and reduce the risk of running into concurrency issues at the call sites. Further simplify the stats code by de-spaghetti-ing the logic and reducing duplicate code. `ContainerStats` now returns a data channel and an error. If the error is nil, callers can read from the channel. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #7717 from rhatdan/attachOpenShift Merge Robot2020-09-22
|\ | | | | Fix up attach tests for podman remote
| * Fix up attach tests for podman remoteDaniel J Walsh2020-09-22
| | | | | | | | | | | | | | | | | | | | | | When we execute podman-remote attach, we were not checking if the container was in the correct state, this is leading to timeouts and we had turned off remote testing. Also added an IfRemote() function so we can turn on more tests when using the "-l" flag for local, but use container name for remote. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7691 from rhatdan/mountOpenShift Merge Robot2020-09-22
|\ \ | |/ |/| Fix podman image unmount to only report images unmounted
| * Fix podman image unmount to only report images unmountedDaniel J Walsh2020-09-21
| | | | | | | | | | | | | | Currently `podman image unmount` report every image that is mounted when it unmounts them. We should only report unmounted actually mounted images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Restore 'id' stanza in pull resultsJhon Honce2020-09-21
|/ | | | | | | | | | | | | id is the last image id from the set of id's returned via the images stanza. id may be deprecated in a future version of the API Created test_rest_v2_0_0.py to reflect the bump in the API Version. Fixes #7686 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7697 from rhatdan/ignoreOpenShift Merge Robot2020-09-21
|\ | | | | Fix handling of podman-remote stop --ignore
| * Fix handling of podman-remote stop --ignoreDaniel J Walsh2020-09-19
| | | | | | | | | | | | This patch simplifies the hanlding of rhe --ignore flag, for podman stop, rm Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Refactor version handling in cmd treeJhon Honce2020-09-18
|/ | | | | | | * Move from simple string to semver objects * Change client API Version from '1' to 2.0.0 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7679 from baude/remoteiidfileOpenShift Merge Robot2020-09-18
|\ | | | | enable --iidfile for podman-remote build
| * enable --iidfile for podman-remote buildbaude2020-09-17
| | | | | | | | | | | | for podman-remote build operations, the iidfile, when used, needs to write the file to the client's local filesystem. Signed-off-by: baude <bbaude@redhat.com>
* | handle the play kube and generate kube for with restartPolicyzhangguanzhang2020-09-18
| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | update github.com/docker/docker and relevant depsAkihiro Suda2020-09-18
|/ | | | Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* Merge pull request #7647 from jwhonce/issues/7543OpenShift Merge Robot2020-09-17
|\ | | | | Refactor remote pull to provide progress
| * Refactor remote pull to provide progressJhon Honce2020-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman and podman-remote do not exactly match as the lower layer code checks if the output is destined for a TTY before creating the progress bars. A future PR for containers/images could change this behavior. Fixes #7543 Tested with: $ (echo '# start'; podman-remote pull nginx ) 2>&1 | ts '[%Y-%m-%d %H:%M:%.S]' $ (echo '# start'; podman pull nginx ) 2>&1 | ts '[%Y-%m-%d %H:%M:%.S]' Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7654 from vrothberg/fix-7651OpenShift Merge Robot2020-09-17
|\ \ | | | | | | image list: return all associated names
| * | image list: return all associated namesValentin Rothberg2020-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Always return all associated names / repo tags of an image and fix a bug with malformed repo tags. Previously, Podman returned all names only with `--all` but this flag only instructs to list intermediate images and should not alter associated names. With `--all` Podman queried the repo tags of an image which splits all *tagged* names into repository and tag which is then reassembled to eventually be parsed again in the frontend. Lot's of redundant CPU heat and buggy as the reassembly didn't consider digests which ultimately broke parsing in the frontend. Fixes: #7651 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Add labels to a pod created via play kubeJordan Christiansen2020-09-16
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using `podman play kube` with a YAML file that has pod labels, apply those labels to the pods that podman makes. For example, this Deployment spec has labels on a pod: apiVersion: apps/v1 kind: Deployment metadata: name: myapp labels: app: myapp spec: selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: web image: nginx ports: - containerPort: 80 The pods that podman creates will have the label "app" set to "myapp" so that these pods can be found with `podman pods ps --filter label=app`. Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* / Fix podman pod create --infra-command and --infra-imageDaniel J Walsh2020-09-16
|/ | | | | | | | Currently infr-command and --infra-image commands are ignored from the user. This PR instruments them and adds tests for each combination. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Supports import&run--signature-policyQi Wang2020-09-15
| | | | | | Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang <qiwan@redhat.com>
* Refactor API build endpoint to be more compliantJhon Honce2020-09-14
| | | | | | | | | | | | | | | | | * Refactor/Rename channel.WriteCloser() to encapsulate the channel * Refactor build endpoint to "live" stream buildah output channels over API rather then buffering output * Refactor bindings/tunnel build because endpoint changes * building tar file now in bindings rather then depending on caller * Cleanup initiating extra image engine * Remove setting fields to zero values (less noise in code) * Update tests to support remote builds Fixes #7136 Fixes #7137 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #7604 from vrothberg/fix-7406OpenShift Merge Robot2020-09-11
|\ | | | | system df: fix image-size calculations
| * system df: fix image-size calculationsValentin Rothberg2020-09-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the image-size calculations of system-df, where the shared size is the actual shared size with other images (including children) and the (total) size is the sum of the shared and unique size [1]. To calculate parent/child relations, make use of the recently added layer tree which allows for quick (and cached!) calculations. Break calculating image disk usages into the image runtime to a) access the layer tree, and b) make the code easier to maintain and extend. [1] https://docs.docker.com/engine/reference/commandline/system_df/ Fixes: #7406 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7600 from rhatdan/codespellOpenShift Merge Robot2020-09-11
|\ \ | | | | | | Fix up errors found by codespell
| * | Fix up errors found by codespellDaniel J Walsh2020-09-11
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7403 from QiWang19/runtime-flagOpenShift Merge Robot2020-09-11
|\ \ | | | | | | Add global options --runtime-flags
| * | Add global options --runtime-flagsQi Wang2020-09-04
| | | | | | | | | | | | | | | | | | Add global options --runtime-flags for setting options to container runtime. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #7561 from vrothberg/fix-7340OpenShift Merge Robot2020-09-11
|\ \ \ | |_|/ |/| | remote run: fix error checks
| * | remote run: fix error checksValentin Rothberg2020-09-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As error types are not preserved on the client side (due to marshaling), we cannot use `errors.Cause(...)` and friends but, unfortunately, have to fall back to looking for substring the error messages. Change the error checks in remote run to do substring matches and fix issue #7340. Fixes: #7340 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #7591 from haircommander/play-kube-process-namespaceOpenShift Merge Robot2020-09-11
|\ \ \ | |/ / |/| | play/generate: support shareProcessNamespace
| * | play/generate: support shareProcessNamespacePeter Hunt2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | this is an option that allows a user to specify whether to share PID namespace in the pod for play kube and generate kube associated test added Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | Merge pull request #7586 from ashley-cui/rokubeOpenShift Merge Robot2020-09-11
|\ \ \ | |/ / |/| | Add read-only volume mount to play kube
| * | Add read-only mount to play kubeAshley Cui2020-09-10
| | | | | | | | | | | | | | | | | | add support for read-only volume mounts in podman play kube Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #7577 from rhatdan/runlabel1OpenShift Merge Robot2020-09-10
|\ \ \ | | | | | | | | podman container runlabel should pull the image if it does not exist
| * | | podman container runlabel should pull the image if it does not existDaniel J Walsh2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since --pull is deprecated, remove it from help and hide if from --help Also set it to true by default. Share image pull code betweern podman image pull and podman container runlabel. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1877181 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #7460 from AkihiroSuda/allow-rootless-cniOpenShift Merge Robot2020-09-10
|\ \ \ \ | | | | | | | | | | rootless: support `podman network create` (CNI-in-slirp4netns)
| * | | | rootless: support `podman network create` (CNI-in-slirp4netns)Akihiro Suda2020-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Usage: ``` $ podman network create foo $ podman run -d --name web --hostname web --network foo nginx:alpine $ podman run --rm --network foo alpine wget -O - http://web.dns.podman Connecting to web.dns.podman (10.88.4.6:80) ... <h1>Welcome to nginx!</h1> ... ``` See contrib/rootless-cni-infra for the design. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* | | | | Merge pull request #7574 from vrothberg/fix-7117OpenShift Merge Robot2020-09-10
|\ \ \ \ \ | | | | | | | | | | | | remote run: consult events for exit code
| * | | | | remote run: consult events for exit codeValentin Rothberg2020-09-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After attaching to a container, we wait for the container to finish and return its exit code. Waiting for the container may not always succeed, for instance, when the container has been force removed by another process. In such case, we have to look at the *last* container-exit event. Also refactor the `ContainerRun` method a bit to return early on errors and de-spaghetti the code. Enable the remote-disabled system test. Fixes: #7117 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | Merge pull request #7576 from openSUSE/manifest-add-extend-flagsOpenShift Merge Robot2020-09-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | Extend the flags of the `manifest add` command
| * | | | | | manifest push: handle cert-dir flagFlavio Castelli2020-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this commit the value of the `--cert-dir` flag specified for `podman manifest push` was not handled by the internal code. That resulted in `podman manifest push` not reading the certificates stored inside of the directory specified by the user. Signed-off-by: Flavio Castelli <fcastelli@suse.com>
| * | | | | | Extend flags of `manifest add`Flavio Castelli2020-09-09
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Extend the flags of `podman manifest add` to include also: * cert-dir * auth-file * creds * tls-verify These options are useful when adding to a manifest an image that is not part of the local image store. The image resides on a remote registry that falls into one of these cases: it's not using tls termination, it requires authentication or it's secured with an unknown tls certificate. Consider the following scenario: a multi architecture manifest is created as part of a multi-step CI pipeline running in a containerized way. All the images referenced by the manifest live inside of a registry secured with a self-signed tls certificate. Without this patch the manifest creation step would have to pull all the multi-architecture images locally via `podman pull`. With this patch the usage of `podman pull` would not be needed because the images' digests can be requested straight to the registry. That means the execution of manifest creation step would be faster and result in less disk space and network bandwidth being used. Finally, this is a propagation of a similar fix done inside of buildah via https://github.com/containers/buildah/pull/2593 Signed-off-by: Flavio Castelli <fcastelli@suse.com>
* | | | | | Merge pull request #7536 from Luap99/api-network-filterOpenShift Merge Robot2020-09-10
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | APIv2 Add network list filtering
| * | | | | APIv2 Add network list filteringPaul Holzinger2020-09-07
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the filter option to the libpod endpoint. Add support for the name filter on the docker endpoint. Add apiv2 tests for the network list endpoints. Enable podman network integration tests for remote. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | Merge pull request #7575 from rhatdan/runlabelOpenShift Merge Robot2020-09-09
|\ \ \ \ \ | | | | | | | | | | | | Fix podman container runlabel --display
| * | | | | Fix podman container runlabel --displayDaniel J Walsh2020-09-09
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Current podman container runlabel --display is being ignored. This is just supposed to display the command that would be run, and then exit, but instead is actually running the command. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1877186 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #7290 from rhatdan/externalOpenShift Merge Robot2020-09-09
|\ \ \ \ \ | | | | | | | | | | | | Show c/storage (Buildah/CRI-O) containers in ps
| * | | | | Show c/storage (Buildah/CRI-O) containers in psDaniel J Walsh2020-09-09
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `podman ps --all` command will now show containers that are under the control of other c/storage container systems and the new `ps --storage` option will show only containers that are in c/storage but are not controlled by libpod. In the below examples, the '*working-container' entries were created by Buildah. ``` podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9257ef8c786c docker.io/library/busybox:latest ls /etc 8 hours ago Exited (0) 8 hours ago gifted_jang d302c81856da docker.io/library/busybox:latest buildah 30 hours ago storage busybox-working-container 7a5a7b099d33 localhost/tom:latest ls -alF 30 hours ago Exited (0) 30 hours ago hopeful_hellman 01d601fca090 localhost/tom:latest ls -alf 30 hours ago Exited (1) 30 hours ago determined_panini ee58f429ff26 localhost/tom:latest buildah 33 hours ago storage alpine-working-container podman ps --external CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d302c81856da docker.io/library/busybox:latest buildah 30 hours ago external busybox-working-container ee58f429ff26 localhost/tom:latest buildah 33 hours ago external alpine-working-container ``` Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Fix podman ps -lDaniel J Walsh2020-09-09
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the --latest flag is ignored by podman ps command. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1877182 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6811 from vrothberg/multi-image-archivesOpenShift Merge Robot2020-09-09
|\ \ \ \ | |/ / / |/| | | podman load/save: support multi-image docker archive