summaryrefslogtreecommitdiff
path: root/pkg/domain
Commit message (Collapse)AuthorAge
* Merge pull request #13995 from ashley-cui/revrootfulOpenShift Merge Robot2022-04-25
|\ | | | | Rootfull -> Rootful
| * Revert "Switch all rootful to rootfull"Ashley Cui2022-04-25
| | | | | | | | | | | | | | | | | | | | This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee. We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #13981 from rhatdan/volumeOpenShift Merge Robot2022-04-25
|\ \ | |/ |/| Add support for passing --volumepath
| * Add support for passing --volumepathDaniel J Walsh2022-04-23
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13860 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Allow filtering of "removing", it is a valid statusDaniel J Walsh2022-04-24
|/ | | | | | | | | Do not use a list of statuses outside of libpod to validate container statuses. Removing status was never added to the list. Fixes: https://github.com/containers/podman/issues/13986 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13973 from Luap99/linter-reviveOpenShift Merge Robot2022-04-23
|\ | | | | replace golint with revive linter
| * replace golint with revive linterPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | | | | golint, scopelint and interfacer are deprecated. golint is replaced by revive. This linter is better because it will also check for our error style: `error strings should not be capitalized or end with punctuation or a newline` scopelint is replaced by exportloopref (already endabled) interfacer has no replacement but I do not think this linter is important. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13881 from rhatdan/usernsOpenShift Merge Robot2022-04-22
|\ \ | |/ |/| Add support for --userns=nomap
| * Add support for --userns=nomapDaniel J Walsh2022-04-21
| | | | | | | | | | | | | | | | | | | | | | From a security point of view, it would be nice to be able to map a rootless usernamespace that does not use your own UID within the container. This would add protection against a hostile process escapping the container and reading content in your homedir. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13972 from Luap99/staticcheckOpenShift Merge Robot2022-04-22
|\ \ | | | | | | enable staticcheck linter
| * | enable staticcheck linterPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | | Fix many problems reported by the staticcheck linter, including many real bugs! Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * | move golang.org/x/crypto/ssh/terminal to golang.org/x/termPaul Holzinger2022-04-22
| |/ | | | | | | | | | | | | | | golang.org/x/crypto/ssh/terminal is deprecated. The package was moved to golang.org/x/term. golang.org/x/crypto/ssh/terminal was already just calling golang.org/x/term itslef so there are no functional changes. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13964 from rhatdan/rootfullOpenShift Merge Robot2022-04-22
|\ \ | | | | | | Switch all rootful to rootfull
| * | Switch all rootful to rootfullDaniel J Walsh2022-04-21
| |/ | | | | | | | | | | | | | | | | We are inconsistent on the name, we should stick with rootfull. [NO NEW TESTS NEEDED] Existing tests should handle this and no tests for machines exists yet. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13943 from cdoern/cloneOpenShift Merge Robot2022-04-22
|\ \ | |/ |/| podman container clone -f
| * podman container clone -fcdoern2022-04-21
| | | | | | | | | | | | | | | | add the option -f to force remove the parent container if --destory is specified resolves #13917 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Add support for checkpoint imageRadostin Stoyanov2022-04-20
|/ | | | | | | | | | | | | | | | | | | | | | | | This is an enhancement proposal for the checkpoint / restore feature of Podman that enables container migration across multiple systems with standard image distribution infrastructure. A new option `--create-image <image>` has been added to the `podman container checkpoint` command. This option tells Podman to create a container image. This is a standard image with a single layer, tar archive, that that contains all checkpoint files. This is similar to the current approach with checkpoint `--export`/`--import`. This image can be pushed to a container registry and pulled on a different system. It can also be exported locally with `podman image save` and inspected with `podman inspect`. Inspecting the image would display additional information about the host and the versions of Podman, criu, crun/runc, kernel, etc. `podman container restore` has also been extended to support image name or ID as input. Suggested-by: Adrian Reber <areber@redhat.com> Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
* Merge pull request #13616 from giuseppe/passwd-entryOpenShift Merge Robot2022-04-14
|\ | | | | run, create: add --passwd-entry
| * run, create: add --passwd-entryGiuseppe Scrivano2022-04-14
| | | | | | | | | | | | | | | | | | It allows to customize the entry that is written to the `/etc/passwd` file when --passwd is used. Closes: https://github.com/containers/podman/issues/13185 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Revert "images --size"Valentin Rothberg2022-04-14
|/ | | | | | | | | | | | This reverts commit e133a06d2f4a3e94bfbd60b647046f2f515c9c24. @nalind found a proper fix in c/storage [1] to address the performance issue. So we really don't need the flag anymore. Note the flag has never made it into any release. [1] https://github.com/containers/storage/commit/d76b3606fc9ca975bf436379f91105f0fac1555f Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* images --sizeValentin Rothberg2022-04-08
| | | | | | | | | | Add a --size option to podman images to allow for disabling computing the size of listed images. If listing images is critical to performance, user may chose to turn off size computation to speed things up. Context: #13755 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #13490 from gcalin/13266OpenShift Merge Robot2022-04-04
|\ | | | | pod logs enhancements: option to color logs
| * Add option for pod logs to display different colors per container.gcalin2022-03-29
| | | | | | | | | | Signed-off-by: Krzysztof Baran <krysbaran@gmail.com> Signed-off-by: gcalin <caling@protonmail.com>
* | Merge pull request #13765 from giuseppe/do-not-set-oom-score-adjOpenShift Merge Robot2022-04-04
|\ \ | | | | | | specgen: do not set OOMScoreAdj by default
| * | specgen: do not set OOMScoreAdj by defaultGiuseppe Scrivano2022-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | do not force a value of OOMScoreAdj=0 if it is wasn't specified by the user. Closes: https://github.com/containers/podman/issues/13731 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #13594 from cdoern/podVolumesOpenShift Merge Robot2022-04-01
|\ \ \ | |/ / |/| | fix pod volume passing and alter infra inheritance
| * | fix pod volume passing and alter infra inheritancecdoern2022-03-29
| |/ | | | | | | | | | | | | | | | | | | | | | | | | the infra Inherit function was not properly passing pod volume information to new containers alter the inherit function and struct to use the new `ConfigToSpec` function used in clone pick and choose the proper entities from a temp spec and validate them on the spegen side rather than passing directly to a config resolves #13548 Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* / kube: configmap volume should be reused if already existsAditya R2022-03-31
|/ | | | | | | | `podman play kube` creates a new volume for configmap, if same configmap is applied again volume can be re-used, there is no need to remove and re-create the volume again Signed-off-by: Aditya R <arajan@redhat.com>
* Switch all calls to filepath.Walk to filepath.WalkDirDaniel J Walsh2022-03-27
| | | | | | | | | WalkDir should be faster the Walk, since we often do not need to stat files. [NO NEW TESTS NEEDED] Existing tests should find errors. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #13653 from jmontleon/fix-manifest-push-headerOpenShift Merge Robot2022-03-27
|\ | | | | Resolves #13629 Add RegistryAuthHeader to manifest push
| * Resolves #13629 Add RegistryAuthHeader to manifest pushjason2022-03-26
| | | | | | | | Signed-off-by: Jason Montleon <jmontleo@redhat.com>
* | Remove error stutterDaniel J Walsh2022-03-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When podman gets an error it prints out "Error: " before printing the error string. If the error message starts with error, we end up with Error: error ... This PR Removes all of these stutters. logrus.Error() also prints out that this is an error, so no need for the error stutter. [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13587 from giuseppe/clone-to-podOpenShift Merge Robot2022-03-24
|\ \ | |/ |/| container: allow clone to an existing pod
| * container: allow clone to an existing podGiuseppe Scrivano2022-03-24
| | | | | | | | | | | | Closes: https://github.com/containers/podman/issues/3979 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | play: kube: use in-memory kubefile and remove tempfileChristian Stewart2022-03-24
|/ | | | | | | | | | | | | | | | | | | | | The PlayKube and PlayKubeDown commands accepted a "path" argument to a YAML file to play. This requires the caller to write the YAML to a file path. The downside of this is apparent in the HTTP handlers which have to use a temporary file on disk to store the YAML file. The file is opened & used as the body of the HTTP request. It's possible to instead pass a io.Reader and use a fully in-memory request body. Add backwards-compatible changes to bindings to allow passing either a filepath or a io.Reader body. Refactor the podman bindings to use a io.Reader instead of a filepath. Simplify the HTTP handlers for PlayKube by removing the now unneeded tempfile. [NO NEW TESTS NEEDED] Signed-off-by: Christian Stewart <christian@paral.in>
* Merge pull request #13597 from Luap99/statsOpenShift Merge Robot2022-03-23
|\ | | | | podman stats: calc CPU percentage correctly
| * podman stats: calc CPU percentage correctlyPaul Holzinger2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you run podman stats, the first interval always shows the wrong cpu usage. To calculate cpu percentage we get the cpu time from the cgroup and compare this against the system time between two stats. Since the first time we do not have a previous stats an empty struct is used instead. Thus we do not use the actual running time of the container but the current unix timestamp (time since Jan 1 1970). To fix this we make sure that the previous stats time is set to the container start time, when it is empty. [NO NEW TESTS NEEDED] No idea how I could create a test which would have a predictable cpu usage. See the linked bugzilla for a reproducer. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2066145 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13588 from flouthoc/import-os-archOpenShift Merge Robot2022-03-23
|\ \ | | | | | | import: allow users to set `--os`, `--arch` and `--variant` of image imports
| * | import: allow users to set os, arch and variant of importsAditya R2022-03-23
| |/ | | | | | | | | | | | | | | | | | | Allows users to set `--os` , `--arch` and `--variant` of the image created from the custom import. Following is useful when user is already aware of the values which are correct for their generated rootfs Signed-off-by: Aditya R <arajan@redhat.com>
* | Update swagger to improve compatibilityJhon Honce2022-03-22
| | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Improve swagger and handler code compatibility. Fixes #12804 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | fix a number of errcheck issuesValentin Rothberg2022-03-22
| | | | | | | | | | | | Numerous issues remain, especially in tests/e2e. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | fix a number of `godot` issuesValentin Rothberg2022-03-22
| | | | | | | | | | | | | | Still an unknown number remains but I am running out of patience. Adding dots is not the best use of my time. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | linter: enable nilerrValentin Rothberg2022-03-22
| | | | | | | | | | | | | | A number of cases looked suspicious, so I marked them with `FIXME`s to leave some breadcrumbs. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | linter: enable interfacerValentin Rothberg2022-03-22
|/ | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* podman rmi --ignoreValentin Rothberg2022-03-19
| | | | | | | | | | | Add an `--ignore` flag to `podman image rm` to instruct ignoring image if a specified image does not exist and to not throw an error. Other commands (e.g., `podman container rm`) already support this flag. Such an `--ignore` flag can come in handy in clean-up scripcts such as the teardown phases in the Podman tests. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* go fmt: use go 1.18 conditional-build syntaxValentin Rothberg2022-03-18
| | | | Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Set rawimage for containers created via play kubeOndra Machacek2022-03-16
| | | | | | | | | | | | | This commit set the containers RawImageName to default image name specified in Pod YAML, so the containers could be used via autoupdate feature, which needs the RawImageName to be set. Currently RawImageName is set only for the create/run/clone podman commands. [NO NEW TESTS NEEDED] Signed-off-by: Ondra Machacek <omachace@redhat.com>
* remove unneeded k8s codePaul Holzinger2022-03-15
| | | | | | | | | | | | | | | | | There is a lot of unneeded code, k8s is the by far the biggest dependency in podman. We should remove as much as possible so that we only have the stuff left that we use. This is just a quick skim over the code which removes a lot of the generated code and many packages that are now unused. I know that this will be impossible to properly review. I will try to make smaller changes in follow up work. Right now this reduces about 8 MB in binary size!!! [NO NEW TESTS NEEDED] Hopefully existing tests will catch any problems. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* move k8s deps into podmanPaul Holzinger2022-03-15
| | | | | | | | We only need a small part of the k8s dependencies but they are the biggest dependencies in podman by far. Moving them into podman allows us to remove the unnecessary parts. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13499 from rst0git/fix-typoOpenShift Merge Robot2022-03-14
|\ | | | | Fix typo