summaryrefslogtreecommitdiff
path: root/pkg/specgen/generate
Commit message (Collapse)AuthorAge
* Do not join pod namespaces without an infra ctrMatthew Heon2020-04-24
| | | | | | | | | | | We do not want to join pod namespaces if no infra container is present. A pod may claim it shares namespaces without an infra container (I'll take an action item to fix that - it really should not be allowed), which was tripping up our default namespace code and forcing us to try and join the namespaces of the nonexistant infra container. Signed-off-by: Matthew Heon <mheon@redhat.com>
* podman: handle namespaces specified on the CLIGiuseppe Scrivano2020-04-23
| | | | | | | and handle differently the user namespace as it supports additional options. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Enable basic volumes support in Podmanv2Matthew Heon2020-04-22
| | | | | | | | This enables the --volume, --mount, and --tmpfs flags in Podmanv2. It does not enable init-related flags, image volumes, and --volumes-from. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Modify namespace generation code for specgenMatthew Heon2020-04-21
| | | | | | | | | | | | Namespaces have now been changed to properly handle all cases. Spec handling code for namespaces was consolidated in a single function. Still missing: - Image ports - Pod namespaces likely still broken in Podmanv2 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #5921 from baude/v2imageepOpenShift Merge Robot2020-04-21
|\ | | | | add entrypoint from image where needed
| * add entrypoint from image where neededBrent Baude2020-04-21
| | | | | | | | | | | | if the image specifies both the image and entrypoint, we need to account for that and preprend the entrypoint to the command. this only happens if no user command and entrypoint were supplied. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5912 from giuseppe/v2-rlimitsOpenShift Merge Robot2020-04-21
|\ \ | |/ |/| v2, pkg: implement rlimits
| * pkg: implement rlimitsGiuseppe Scrivano2020-04-21
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Handle annotations passed in via the clientDaniel J Walsh2020-04-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #5875 from rhatdan/networkOpenShift Merge Robot2020-04-21
|\ \ | |/ |/| Cleanup network option parsing
| * Cleanup network option parsingDaniel J Walsh2020-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We were not handling the parsing of --ip. This pr adds validation checks and now will support the flag. Move validation to the actual parsing of the network flags. We should only parse the dns flags if the user changed them. We don't want to pass default options if set in containers.conf to the server. Potential for duplicating defaults. Add support for --dns-opt flag passing Begin handling of --network flag, although we don't have a way right now to translate a string into a specgen.Namespace. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Handle Linux Capabilities correctlyDaniel J Walsh2020-04-20
| | | | | | | | | | | | | | | | If user sets capabilities list we need handle minimal capabilities. Also handle seccomp-policy being passed in. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add functions to return image informationsDaniel J Walsh2020-04-20
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman v2 remove bloat v2Brent Baude2020-04-16
| | | | | | rid ourseleves of libpod references in v2 client Signed-off-by: Brent Baude <bbaude@redhat.com>
* Fix up SELinux labelingDaniel J Walsh2020-04-15
| | | | | | SELinux label options processing fixes, should allow system tests to pass. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* v2specgen prune libpodBrent Baude2020-04-14
| | | | | | use libpod only in the specgen/generate package so that the remote clients do not inherit libpod bloat. Signed-off-by: Brent Baude <bbaude@redhat.com>
* v2podman container createBrent Baude2020-04-03
create a container in podmanv2 using specgen approach. this is the core implementation and still has quite a bit of code commented out specifically around volumes, devices, and namespaces. need contributions from smes on these parts. Signed-off-by: Brent Baude <bbaude@redhat.com>