summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* podman rmi: refactor logicValentin Rothberg2020-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | While this commit was initially meant to fix #5847, it has turned into a bigger refactoring which I did not manage to break into smaller pieces: * Fix #5847 by refactoring the image-removal logic. * Make the api handler for image-removal use the ABI code. This way, both (i.e., ABI and Tunnel) end up using the same code. Achieving this code share required to move some code around to prevent circular dependencies. * Everything in pkg/api (excluding pkg/api/types) must now only be accessed from code using `ABISupport`. * Avoid imports from entities on handlers to prevent circular dependencies. * Move `podman system service` logic into `cmd` to prevent circular dependencies - it depends on pkg/api. * Also remove the build header from infra/abi files. It will otherwise confuse swagger and other tools; errors we cannot fix as go doesn't expose a build-tag env variable. Fixes: #5847 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5883 from abitrolly/patch-3OpenShift Merge Robot2020-04-20
|\ | | | | Return labes in API (fixes #5882)
| * Return labes in API (fixes #5882)Anatoli Babenia2020-04-20
| | | | | | | | Signed-off-by: Anatoli Babenia <anatoli@rainforce.org>
* | Merge pull request #5862 from rhatdan/v2OpenShift Merge Robot2020-04-20
|\ \ | | | | | | Fix up handling of image data as well as setting Linux Capabilties correctly
| * | Fix podman inspect to accept -l and -s fieldsDaniel J Walsh2020-04-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman inspect has a breaking change in that it dropped --latest and --size options. This PR adds these back. Lots of tests rely on podman inspect -l. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Handle Linux Capabilities correctlyDaniel J Walsh2020-04-20
| | | | | | | | | | | | | | | | | | | | | | | | If user sets capabilities list we need handle minimal capabilities. Also handle seccomp-policy being passed in. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | Add functions to return image informationsDaniel J Walsh2020-04-20
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #5899 from jwhonce/wip/treeOpenShift Merge Robot2020-04-20
|\ \ \ | | | | | | | | V2 podman image tree
| * | | V2 podman image treeJhon Honce2020-04-20
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | * Basic port of V1 podman image tree ID TODO: Refactor to return tree from service and format in presentation layer TODO: Support tunneling mode Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #5889 from giuseppe/rootless-fd-joinOpenShift Merge Robot2020-04-20
|\ \ \ | |/ / |/| | rootless: move join namespace inside child process
| * | rootless: move join namespace inside child processGiuseppe Scrivano2020-04-20
| | | | | | | | | | | | | | | | | | | | | | | | open the namespace file descriptors inside of the child process. Closes: https://github.com/containers/libpod/issues/5873 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | rootless: skip looking up parent user nsGiuseppe Scrivano2020-04-20
| |/ | | | | | | | | | | | | | | since we join directly the conmon user namespace, there is no need to look up its parent user namespace, as we can safely assume it is the init namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #5872 from jwhonce/wip/optionsOpenShift Merge Robot2020-04-20
|\ \ | | | | | | V2 Fix support for tcp://[::]<port> connections
| * | V2 Fix support for tcp://[::]<port> connectionsJhon Honce2020-04-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix support for socket activation, on remote and service $ systemd-socket-activate -l 8083 --fdname=podman bin/podman system service --log-level=debug --time=30 $ bin/podman-remote --remote=tcp://[::]:8083 image ls Or, use the podman.{socket,service} unit files $ bin/podman-remote --remote=unix:///run/podman/podman.sock image ls Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Update pod inspect report to hold current pod status.Sujil022020-04-20
| |/ |/| | | | | | | | | | | Added status field in pod inspect report. Fixed pod tests to use it. Signed-off-by: Sujil02 <sushah@redhat.com>
* | Add pod prune for api v2.Sujil022020-04-17
|/ | | | | | | | Add the ability to prune pods for api v2, Includes the addition of force flag, for client side prompt. Update test suite to support this use case. Signed-off-by: Sujil02 <sushah@redhat.com>
* Merge pull request #5868 from baude/v2t2OpenShift Merge Robot2020-04-17
|\ | | | | Fixes for system tests
| * Fixes for system testsBrent Baude2020-04-17
| | | | | | | | | | | | Various fixes to protect against regressions in system tests Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5819 from vrothberg/v2-buildOpenShift Merge Robot2020-04-17
|\ \ | |/ |/| podmanV2: implement build
| * podmanV2: implement buildValentin Rothberg2020-04-17
| | | | | | | | | | | | | | | | Implement `podman build` for the local client. The remote client will require some rather large work in the backend and a new build endpoint for the libpod rest API. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Fix bug where two configurations had been createdJhon Honce2020-04-16
|/ | | | | | * registry.PodmanConfig() new returns a pointer to the source of truth Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Podman V2 birthBrent Baude2020-04-16
| | | | | | remote podman v1 and replace with podman v2. Signed-off-by: Brent Baude <bbaude@redhat.com>
* V2 Enable rootlessJhon Honce2020-04-16
| | | | | | | | | | | | | * Enable running podman V2 rootless * Fixed cobra.PersistentPreRunE usage in all the commands * Leveraged cobra.PersistentPreRunE/cobra.PersistentPostRunE to manage: * rootless * trace (--trace) * profiling (--cpu-profile) * initializing the registry copies of Image/Container engines * Help and Usage templates autoset for all sub-commands Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #5842 from baude/v2bloat2OpenShift Merge Robot2020-04-16
|\ | | | | podman v2 remove bloat v2
| * podman v2 remove bloat v2Brent Baude2020-04-16
| | | | | | | | | | | | rid ourseleves of libpod references in v2 client Signed-off-by: Brent Baude <bbaude@redhat.com>
* | allow filters to work when listing containersBrent Baude2020-04-16
|/ | | | | | | | enable filters when listing containers on the libpod endpoint. Fixes: #5841 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5690 from rhatdan/selinuxOpenShift Merge Robot2020-04-16
|\ | | | | Add support for selecting kvm and systemd labels
| * Add support for selecting kvm and systemd labelsDaniel J Walsh2020-04-15
| | | | | | | | | | | | | | | | | | | | | | | | In order to better support kata containers and systemd containers container-selinux has added new types. Podman should execute the container with an SELinux process label to match the container type. Traditional Container process : container_t KVM Container Process: containre_kvm_t PID 1 Init process: container_init_t Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #5827 from baude/v2bloatOpenShift Merge Robot2020-04-15
|\ \ | | | | | | v2 bloat pruning phase 2
| * | v2 bloat pruning phase 2Brent Baude2020-04-15
| | | | | | | | | | | | | | | | | | this is second phase of removing unneeded bloat in the remote client. this is important to be able to reduce the client size as well as possible native compilation for windows/mac. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5817 from rhatdan/selinux1OpenShift Merge Robot2020-04-15
|\ \ \ | | | | | | | | Fix up SELinux labeling
| * | | Fix up SELinux labelingDaniel J Walsh2020-04-15
| | |/ | |/| | | | | | | | | | | | | SELinux label options processing fixes, should allow system tests to pass. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #5830 from baude/v2runtimeOpenShift Merge Robot2020-04-15
|\ \ \ | |_|/ |/| | podmanv2 fix runtime assignment
| * | podmanv2 fix runtime assignmentBrent Baude2020-04-15
| | | | | | | | | | | | | | | | | | when provided by the command line, the runtime assignment needs to send the right attribute Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5775 from sujil02/v2-container-pruneOpenShift Merge Robot2020-04-15
|\ \ \ | |_|/ |/| | Ability to prune container in api V2
| * | Ability to prune container in api V2Sujil022020-04-15
| | | | | | | | | | | | | | | | | | | | | Adds ability to prune containers for v2. Adds client side prompt with force flag and filters options to prune. Signed-off-by: Sujil02 <sushah@redhat.com>
* | | Merge pull request #5671 from edsantiago/swagger-checkOpenShift Merge Robot2020-04-15
|\ \ \ | | | | | | | | swagger-check: new CI tool to cross-check swagger
| * | | swagger-check: new CI tool to cross-check swaggerEd Santiago2020-04-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New script cross-references r.Handle() and r.HandleFunc() calls against the preceding '// swagger:operation' comments, and exits failure (with descriptive error messages) if any comments do not match the code. This script should not be necessary: the swagger comments should be autogenerated from the source code. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #5776 from vrothberg/auOpenShift Merge Robot2020-04-15
|\ \ \ \ | |_|_|/ |/| | | auto update: skip non-image policies
| * | | auto update: skip non-image policiesValentin Rothberg2020-04-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a bug in the auto-update logic causing all images to be checked and not only the ones of containers with the specific auto-update policy. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #5770 from baude/v2eventsOpenShift Merge Robot2020-04-15
|\ \ \ \ | |_|_|/ |/| | | podmanv2 events
| * | | podmanv2 eventsBrent Baude2020-04-15
| | | | | | | | | | | | | | | | | | | | | | | | add the ability to monitor events Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5814 from baude/v2specgenprunelibpodOpenShift Merge Robot2020-04-15
|\ \ \ \ | |/ / / |/| | | v2specgen prune libpod
| * | | v2specgen prune libpodBrent Baude2020-04-14
| | |/ | |/| | | | | | | | | | | | | use libpod only in the specgen/generate package so that the remote clients do not inherit libpod bloat. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | More system test fixes on regressionsBrent Baude2020-04-14
| | | | | | | | | | | | | | | | | | Fix more regressions between v1 and v2 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Add support for the global flags and config filesJhon Honce2020-04-14
|/ / | | | | | | | | | | | | Note: This PR doesn't provide full rootless support that will be addressed in a future PR Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #5808 from baude/v2psformat2OpenShift Merge Robot2020-04-14
|\ \ | | | | | | v2podman ps revert structure changes
| * | v2podman ps revert structure changesBrent Baude2020-04-14
| | | | | | | | | | | | | | | | | | reverting name changes to the listcontainer structure because it negatively impacted the direct consumption of the restful API. instead we now use a local structure in the CLI to modify the output as needed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5801 from baude/v2mountOpenShift Merge Robot2020-04-14
|\ \ \ | | | | | | | | podmanv2 mount and umount
| * | | podmanv2 mount and umountBrent Baude2020-04-14
| |/ / | | | | | | | | | | | | | | | add the ability to mount and unmount containers for the local client only Signed-off-by: Brent Baude <bbaude@redhat.com>