summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Unification of until filter across list/prune endpointsJakub Guzik2021-03-29
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Unification of label filter across list/prune endpointsJakub Guzik2021-03-29
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* fixupMatej Vasek2021-03-29
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* fix: build endpoint for compat APIMatej Vasek2021-03-29
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* Support multi doc yaml for generate/play kubeEduardo Vega2021-03-29
| | | | | | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com> <MH: Fixed cherry-pick conflicts> Signed-off-by: Matthew Heon <mheon@redhat.com>
* Correct json field nameJhon Honce2021-03-29
| | | | | | | | | [NO TESTS NEEDED] * When using the Namespace type, the field Value was json encoded with the name "string" vs "value". Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Fix filters in image http compat/libpod api endpointsJakub Guzik2021-03-29
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* podman generate systemd --new do not duplicate paramsPaul Holzinger2021-03-29
| | | | | | | | | | | | | | | | | podman generate systemd --new inserts extra idfile arguments. The generated unit can break when the user did provide their own idfile arguments as they overwrite the arguments added by generate systemd. This also happens when a user tries to generate the systemd unit on a container already create with a --new unit. This should now create a identical unit. The solution is to remove all user provided idfile arguments. This commit also ensures that we do not remove arguments that are part off the containers entrypoint. Fixes #9776 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Fix podman build --pull-neverDaniel J Walsh2021-03-29
| | | | | | | | | | | | | | | Currently pull policy is set incorrectly when users set --pull-never. Also pull-policy is not being translated correctly when using podman-remote. Fixes: #9573 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> <MH: Fixed cherry-pick conflict> Signed-off-by: Matthew Heon <mheon@redhat.com>
* [NO TESTS NEEDED] Use same function podman-remote rmi as podmanDaniel J Walsh2021-03-29
| | | | | | | | | | Make sure fixes that go into local podman commands also work in podman-remote, by using the same function. Since this is just a rewrite of existing code, existing tests should handle it. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add problematic volume name to kube play error messagesJordan Christiansen2021-03-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When kube play fails to create a volume, it should say which volume had the problem so the user doesn't have to guess. For the following pod spec: apiVersion: v1 kind: Pod metadata: name: mypod spec: containers: - name: myfrontend image: nginx volumeMounts: - mountPath: "/var/www/html" name: mypd volumes: - name: mypd hostPath: path: /var/blah podman will now report: Error: failed to create volume "mypd": error in parsing HostPath in YAML: error checking path "/var/blah": stat /var/blah: no such file or directory Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* Fix list pods filter handling in libpod apiJakub Guzik2021-03-29
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Remove resize race conditionDaniel J Walsh2021-03-29
| | | | | | | | | | | | | | | | | | | | Since podman-remote resize requests can come in at random times, this generates a real potential for race conditions. We should only be attempting to resize TTY on running containers, but the containers can go from running to stopped at any time, and returning an error to the caller is just causing noice. This change will basically ignore requests to resize terminals if the container is not running and return the caller to success. All other callers will still return failure. Fixes: https://github.com/containers/podman/issues/9831 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> <MH: Fixed cherry-pick conflicts> Signed-off-by: Matthew Heon <mheon@redhat.com>
* Add RequiresMountsFor= to systemd generateRobb Manes2021-03-29
| | | | | | | | | | | | | | | It is rare but possible that storage locations for the graphroot and the runroot are not mounted at boot time, and therefore might race when doing container operations. An example we've seen in the wild is that a slow tmpfs mount for the runroot would suddenly mount over /run, causing the container to lose all currently-running data, requiring a system refresh to get it back. This patch adds RequiresMountsFor= to the systemd.unit header to ensure the paths for both the graphroot and runroot are mounted prior to starting any generated unit files. Signed-off-by: Robb Manes <rmanes@redhat.com>
* Fix swapped dimensions from terminal.GetSizeAnders F Björklund2021-03-29
| | | | | | | | Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com> <MH: Fixed cherry-pick conflicts> Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #9757 from jwhonce/wip/loadOpenShift Merge Robot2021-03-22
|\ | | | | Cleanup /libpod/images/load handler
| * Cleanup /libpod/images/load handlerJhon Honce2021-03-19
| | | | | | | | | | | | | | | | | | * Remove orphaned code * Add meaningful error from LoadImageFromSingleImageArchive() when heuristic fails to determine payload format * Correct swagger to output correct types and headers Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | security: use the bounding caps with --privilegedGiuseppe Scrivano2021-03-19
|/ | | | | | | | | when --privileged is used, make sure to not request more capabilities than currently available in the current context. [NO TESTS NEEDED] since it fixes existing tests. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix volumes and networks list/prune filters in http apiJakub Guzik2021-03-19
| | | | | | | | | | | This is the continuation work started in #9711. It turns out that list/prune commands for volumes in libpod/compat api have very dangerous error handling when broken filter input is supplied. Problem also affects network list/prune in libpod. This commit unifies filter handling across libpod/compat api and adds sanity apiv2 testcases. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Merge pull request #9710 from jmguzik/network-prune-filters-http-apiOpenShift Merge Robot2021-03-18
|\ | | | | Network prune filters for http api (compat and libpod)
| * network prune filters for http compat and libpod apiJakub Guzik2021-03-18
| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | pkg/bindings/images.Build(): fix a race condition in error reportingNalin Dahyabhai2021-03-16
| | | | | | | | | | | | | | | | | | | | | | | | In nTar(), don't return the error value when the goroutine that's populating the error value can continue running long after nTar() returns. Instead, wrap the Close() method of the pipe that we're returning in a function that collects those errors, along with any error we get from closing the pipe, and returns them from Close() wrapper. In Build(), if the Close() method returns an error, at least log it. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | Merge pull request #9711 from jmguzik/volume-prune-fix-http-compatOpenShift Merge Robot2021-03-16
|\ \ | | | | | | Fix for volumes prune in http compat api when using filters
| * | Fix for volumes prune in http compat apiJakub Guzik2021-03-15
| |/ | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #9695 from jmguzik/array-inspect-network-fixOpenShift Merge Robot2021-03-16
|\ \ | | | | | | Fix array instead of one elem network http api
| * | Fix array instead of one elem network http apiJakub Guzik2021-03-12
| | | | | | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | Merge pull request #9589 from troyready/add_compat_auth_endpointOpenShift Merge Robot2021-03-16
|\ \ \ | |_|/ |/| | add /auth for docker compatibility
| * | fix use with localhost (testing)troyready2021-03-12
| | | | | | | | | | | | Signed-off-by: troyready <troy@troyready.com>
| * | add /auth for docker compatibilitytroyready2021-03-12
| | | | | | | | | | | | | | | | | | | | | | | | This endpoint just validates credentials: https://github.com/moby/moby/blob/v20.10.4/api/swagger.yaml#L7936-L7977 Fixes: #9564 Signed-off-by: troyready <troy@troyready.com>
* | | Do not leak libpod package into the remote clientPaul Holzinger2021-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some packages used by the remote client imported the libpod package. This is not wanted because it adds unnecessary bloat to the client and also causes problems with platform specific code(linux only), see #9710. The solution is to move the used functions/variables into extra packages which do not import libpod. This change shrinks the remote client size more than 6MB compared to the current master. [NO TESTS NEEDED] I have no idea how to test this properly but with #9710 the cross compile should fail. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Split libpod/network packagePaul Holzinger2021-03-15
|/ / | | | | | | | | | | | | | | | | | | | | | | The `libpod/network` package should only be used on the backend and not the client. The client used this package only for two functions so move them into a new `pkg/network` package. This is needed so we can put linux only code into `libpod/network`, see #9710. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9703 from jmguzik/endpoint-networksOpenShift Merge Robot2021-03-12
|\ \ | | | | | | [NO TESTS NEEDED] create endpoint for querying libpod networks
| * | create endpoint for querying libpod networksJakub Guzik2021-03-12
| |/ | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #9524 from riyad/apiv3-print-tags-when-buildingOpenShift Merge Robot2021-03-11
|\ \ | |/ |/| [Compat API] Also print successfully tagging images in /build endpoint
| * [Compat API] Also print successfully tagging images in /build endpointRiyad Preukschas2021-02-25
| | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Riyad Preukschas <riyad@informatik.uni-bremen.de>
* | Merge pull request #9668 from rhatdan/manOpenShift Merge Robot2021-03-10
|\ \ | | | | | | Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables
| * | Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variablesDaniel J Walsh2021-03-10
| | | | | | | | | | | | | | | | | | | | | Also Switch to using CONTAINERS_REGISTRIES_CONF for registries.conf overrides. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Removing a non existing container API should return 404Daniel J Walsh2021-03-10
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we were overwrapping error returned from removal of a non existing container. $ podman rm bogus -f Error: failed to evict container: "": failed to find container "bogus" in state: no container with name or ID bogus found: no such container Removal of wraps gets us to. ./bin/podman rm bogus -f Error: no container with name or ID "bogus" found: no such container Finally also added quotes around container name to help make it standout when you get an error, currently it gets lost in the error. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | rm pkg/api/handlers/libpod/copy.goValentin Rothberg2021-03-09
| | | | | | | | | | | | | | | | | | | | | | Remove the file since it only contains dead code. The archive endpoints are shared between the libpod and the compat API and both use the compat package. [NO TESTS NEEDED] since we're removing dead code. Fixes: #9670 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | allow the removal of storage imagesDaniel J Walsh2021-03-08
| | | | | | | | | | | | | | | | Sometimes if the system crashes while an image is being pulled containers/storage can get into a bad state. This PR allows the user to call into container storage to remove the image. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #9592 from rhatdan/timestampOpenShift Merge Robot2021-03-08
|\ \ | | | | | | Numerous buildah fixes found by Ed's testing of buildah tests against podman.
| * | Handle podman build --dns-searchDaniel J Walsh2021-03-07
| | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/9574 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | turn hidden --trace into a NOPValentin Rothberg2021-03-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --trace has helped in early stages analyze Podman code. However, it's contributing to dependency and binary bloat. The standard go tooling can also help in profiling, so let's turn `--trace` into a NOP. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | pkg/terminal: use c/storage/pkg/homedirValentin Rothberg2021-03-08
| | | | | | | | | | | | | | | | | | This also prunes the dependency on `k8s.io/client-go`. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #9647 from mlegenovic/masterOpenShift Merge Robot2021-03-07
|\ \ \ | | | | | | | | Compat API: Fix the response of 'push image' endpoint
| * | | Correct compat images/{name}/push responseMilivoje Legenovic2021-03-07
| | | | | | | | | | | | | | | | Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
* | | | replace local mount consts with libpod/defineJakub Guzik2021-03-07
| |/ / |/| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | | podman-remote stop -time 0 does not workDaniel J Walsh2021-03-05
| | | | | | | | | | | | | | | | | | | | | | | | This patch will allow users to pass in the time 0. Currently the timeout will take 10 seconds if user passes in the 0 flag. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #9622 from jmguzik/network-rm-fixOpenShift Merge Robot2021-03-05
|\ \ \ | | | | | | | | Fix podman network rm (-f) workflow
| * | | Fix for podman network rm (-f) workflowJakub Guzik2021-03-05
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>