| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While this commit was initially meant to fix #5847, it has turned into a
bigger refactoring which I did not manage to break into smaller pieces:
* Fix #5847 by refactoring the image-removal logic.
* Make the api handler for image-removal use the ABI code. This way,
both (i.e., ABI and Tunnel) end up using the same code. Achieving
this code share required to move some code around to prevent circular
dependencies.
* Everything in pkg/api (excluding pkg/api/types) must now only be
accessed from code using `ABISupport`.
* Avoid imports from entities on handlers to prevent circular
dependencies.
* Move `podman system service` logic into `cmd` to prevent circular
dependencies - it depends on pkg/api.
* Also remove the build header from infra/abi files. It will otherwise
confuse swagger and other tools; errors we cannot fix as go doesn't
expose a build-tag env variable.
Fixes: #5847
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
Return labes in API (fixes #5882)
|
| |
| |
| |
| | |
Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
|
|\ \
| | |
| | | |
Fix up handling of image data as well as setting Linux Capabilties correctly
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman inspect has a breaking change in that it dropped
--latest and --size options.
This PR adds these back. Lots of tests rely on
podman inspect -l.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If user sets capabilities list we need handle minimal capabilities.
Also handle seccomp-policy being passed in.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
V2 podman image tree
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Basic port of V1 podman image tree ID
TODO: Refactor to return tree from service and format in presentation
layer
TODO: Support tunneling mode
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
rootless: move join namespace inside child process
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
open the namespace file descriptors inside of the child process.
Closes: https://github.com/containers/libpod/issues/5873
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| | |
since we join directly the conmon user namespace, there is no need to
look up its parent user namespace, as we can safely assume it is the
init namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
V2 Fix support for tcp://[::]<port> connections
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Fix support for socket activation, on remote and service
$ systemd-socket-activate -l 8083 --fdname=podman bin/podman system service --log-level=debug --time=30
$ bin/podman-remote --remote=tcp://[::]:8083 image ls
Or, use the podman.{socket,service} unit files
$ bin/podman-remote --remote=unix:///run/podman/podman.sock image ls
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| | |
Added status field in pod inspect report.
Fixed pod tests to use it.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|/
|
|
|
|
|
|
| |
Add the ability to prune pods for api v2,
Includes the addition of force flag, for client side prompt.
Update test suite to support this use case.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\
| |
| | |
Fixes for system tests
|
| |
| |
| |
| |
| |
| | |
Various fixes to protect against regressions in system tests
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
podmanV2: implement build
|
| |
| |
| |
| |
| |
| |
| |
| | |
Implement `podman build` for the local client. The remote client will
require some rather large work in the backend and a new build endpoint
for the libpod rest API.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
| |
* registry.PodmanConfig() new returns a pointer to the source of truth
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
| |
remote podman v1 and replace with podman v2.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Enable running podman V2 rootless
* Fixed cobra.PersistentPreRunE usage in all the commands
* Leveraged cobra.PersistentPreRunE/cobra.PersistentPostRunE to manage:
* rootless
* trace (--trace)
* profiling (--cpu-profile)
* initializing the registry copies of Image/Container engines
* Help and Usage templates autoset for all sub-commands
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
podman v2 remove bloat v2
|
| |
| |
| |
| |
| |
| | |
rid ourseleves of libpod references in v2 client
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
enable filters when listing containers on the libpod endpoint.
Fixes: #5841
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
Add support for selecting kvm and systemd labels
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In order to better support kata containers and systemd containers
container-selinux has added new types. Podman should execute the
container with an SELinux process label to match the container type.
Traditional Container process : container_t
KVM Container Process: containre_kvm_t
PID 1 Init process: container_init_t
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
v2 bloat pruning phase 2
|
| | |
| | |
| | |
| | |
| | |
| | | |
this is second phase of removing unneeded bloat in the remote client. this is important to be able to reduce the client size as well as possible native compilation for windows/mac.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix up SELinux labeling
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
SELinux label options processing fixes, should allow system tests to pass.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
podmanv2 fix runtime assignment
|
| | |
| | |
| | |
| | |
| | |
| | | |
when provided by the command line, the runtime assignment needs to send the right attribute
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Ability to prune container in api V2
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds ability to prune containers for v2.
Adds client side prompt with force flag and filters options to prune.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \
| | | |
| | | | |
swagger-check: new CI tool to cross-check swagger
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
New script cross-references r.Handle() and r.HandleFunc()
calls against the preceding '// swagger:operation' comments,
and exits failure (with descriptive error messages) if any
comments do not match the code.
This script should not be necessary: the swagger comments
should be autogenerated from the source code.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
auto update: skip non-image policies
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix a bug in the auto-update logic causing all images to be checked and
not only the ones of containers with the specific auto-update policy.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
podmanv2 events
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
add the ability to monitor events
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
v2specgen prune libpod
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
use libpod only in the specgen/generate package so that the remote clients do not inherit libpod bloat.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fix more regressions between v1 and v2
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| | |
Note: This PR doesn't provide full rootless support that will be
addressed in a future PR
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
v2podman ps revert structure changes
|
| | |
| | |
| | |
| | |
| | |
| | | |
reverting name changes to the listcontainer structure because it negatively impacted the direct consumption of the restful API. instead we now use a local structure in the CLI to modify the output as needed.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
podmanv2 mount and umount
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
add the ability to mount and unmount containers for the local client only
Signed-off-by: Brent Baude <bbaude@redhat.com>
|