summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* create: support images with invalid platformValentin Rothberg2021-06-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Much to my regret, there is a number of images in the wild with invalid platforms breaking the platform checks in libimage that want to make sure that a local image is matching the expected platform. Imagine a `podman run --arch=arm64 fedora` with a local amd64 fedora image. We really shouldn't use the local one in this case and pull down the arm64 one. The strict platform checks in libimage in combination with invalid platforms in images surfaced in Podman being able to pull an image but failing to look it up in subsequent presence checks. A `podman run` would hence pull such an image but fail to create the container. Support images with invalid platforms by vendoring the latest HEAD from containers/common. Also remove the partially implemented pull-policy logic from Podman and let libimage handle that entirely. However, whenever --arch, --os or --platform are specified, the pull policy will be forced to "newer". This way, we pessimistically assume that the local image has an invalid platform and we reach out to the registry. If there's a newer image (i.e., one with a different digest), we'll pull it down. Please note that most of the logic has either already been implemented in libimage or been moved down which allows for removing some clutter from Podman. [NO TESTS NEEDED] since c/common has new tests. Podman can rely on the existing tests. Fixes: #10648 Fixes: #10682 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fix documentation of the --format option of podman pushMiloslav Trmač2021-06-17
| | | | | | | | It affects all transports; and without --format, we try several manifest formats. [NO TESTS NEEDED] Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Merge pull request #10683 from Luap99/exec-resizeOpenShift Merge Robot2021-06-16
|\ | | | | Fix resize race with podman exec -it
| * Fix resize race with podman exec -itPaul Holzinger2021-06-16
| | | | | | | | | | | | | | | | | | | | | | When starting a process with `podman exec -it` the terminal is resized after the process is started. To fix this allow exec start to accept the terminal height and width as parameter and let it resize right before the process is started. Fixes #10560 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10588 from cdoern/imgDocsOpenShift Merge Robot2021-06-16
|\ \ | | | | | | [CI:DOCS] converted query parameter for credentials to header parameter.
| * | Docs Switch from Query Param to Headercdoern2021-06-15
| | | | | | | | | | | | | | | | | | credentials switched from query param to header x-reg due to podman parsing the header for credentials not the query itself. Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | Merge pull request #10595 from boaz0/closes_10539OpenShift Merge Robot2021-06-15
|\ \ \ | | | | | | | | Add podman-restart systemd unit file
| * | | Restart all containers with restart-policy=always on bootBoaz Shuster2021-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add podman-restart systemd unit file and add it to podman RPM package * Fix podman start to filter all containers + unit test Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | | Merge pull request #10622 from cdoern/imgImportFeatureOpenShift Merge Robot2021-06-15
|\ \ \ \ | | | | | | | | | | compat import imageFromSrc support for platform query parameter
| * | | | Image import fromSrc now supports OS/Archcdoern2021-06-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | added handling in entities and compat to support passing a specified OS/Arch while importing from SRC. fixes #10566 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | | Merge pull request #10668 from zhangguanzhang/panic-cgroupOpenShift Merge Robot2021-06-15
|\ \ \ \ \ | |_|_|_|/ |/| | | | [NO TESTS NEEDED] Fixes panic condition in cgroups.getAvailableControllers
| * | | | Fix panic condition in cgroups.getAvailableControllerszhangguanzhang2021-06-15
| | | | | | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | | Merge pull request #10651 from rhatdan/buildOpenShift Merge Robot2021-06-14
|\ \ \ \ \ | | | | | | | | | | | | Add support for podman remote build -f - .
| * | | | | Add support for podman remote build -f - .Daniel J Walsh2021-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/10621 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Fix handling of podman-remote build --deviceDaniel J Walsh2021-06-13
| |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/10614 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #10661 from mwhahaha/issue-10660OpenShift Merge Robot2021-06-12
|\ \ \ \ \ | | | | | | | | | | | | Fall back to string for dockerfile parameter
| * | | | | Fall back to string for dockerfile parameterAlex Schultz2021-06-11
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a9cb824981db3fee6b8445b29e513c89e9b9b00b changed the expectations of the dockerfile parameter to be json data however it's a string. In order to support both, let's attempt json and fall back to a string if the json parsing fails. Closes #10660 Signed-off-by: Alex Schultz <aschultz@redhat.com>
* | | | | Merge pull request #10405 from mheon/always_cleanup_execOpenShift Merge Robot2021-06-11
|\ \ \ \ \ | | | | | | | | | | | | Always spawn a cleanup process with exec
| * | | | | Always spawn a cleanup process with execMatthew Heon2021-06-10
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We were previously only doing this for detached exec. I don't know why we did that, but I don't see any reason not to extend it to all exec sessions - it guarantees that we will always clean up exec sessions, even if the original `podman exec` process died. [NO TESTS NEEDED] because I don't really know how to test this one. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #10638 from Luap99/volumeOpenShift Merge Robot2021-06-11
|\ \ \ \ \ | |/ / / / |/| | | | Fix volumes with uid and gid options
| * | | | Fix volumes with uid and gid optionsPaul Holzinger2021-06-11
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman uses the volume option map to check if it has to mount the volume or not when the container is started. Commit 28138dafcc39 added to uid and gid options to this map, however when only uid/gid is set we cannot mount this volume because there is no filesystem or device specified. Make sure we do not try to mount the volume when only the uid/gid option is set since this is a simple chown operation. Also when a uid/gid is explicity set, do not chown the volume based on the container user when the volume is used for the first time. Fixes #10620 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #10634 from Luap99/machine-buildOpenShift Merge Robot2021-06-10
|\ \ \ \ | | | | | | | | | | Fix build tags for pkg/machine...
| * | | | Fix build tags for pkg/machine...Paul Holzinger2021-06-10
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman machine is only intended for amd64 and arm64 architectures, set the correct buildtags so that the `pkg/machine`, `pkg/machine/qemu` and `pkg/machine/libvirt` packages compile correctly. [NO TESTS NEEDED] Fixes #10625 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / / / rootless: fix fast join userns pathGiuseppe Scrivano2021-06-09
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit ab886328357184cd0a8375a5dedf816ba91789f9 changed the path for the pause.pid file but didn't update the same path in the C code. This prevented Podman to take the fast path when the userns is already created and to join it without re-execing itself. Fix the path in the C code as well so we can join the rootless user+mount namespace without having to re-exec Podman. [NO TESTS NEEDED] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #10550 from rhatdan/DockerfileOpenShift Merge Robot2021-06-09
|\ \ \ | | | | | | | | podman-remote build should handle -f option properly
| * | | podman-remote build should handle -f option properlyDaniel J Walsh2021-06-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman-remote build has to handle multiple different locations for the Containerfile. Currently this works in local mode but not when using podman-remote. Fixes: https://github.com/containers/podman/issues/9871 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | [CI:DOCS] Update swagger for inspect networkJhon Honce2021-06-08
| |/ / |/| | | | | | | | | | | | | | | | | | | | struct for swagger was pointing to wrong internal type Fixes #10559 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #10603 from cdoern/networksQueryCharlie Doern2021-06-08
|\ \ \ | |/ / |/| | implemented verbose and scope as possible
| * | fixed docs and schemascdoern2021-06-08
| | | | | | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | Merge pull request #10597 from Luap99/pruneOpenShift Merge Robot2021-06-08
|\ \ \ | | | | | | | | Fix network prune api docs
| * | | Fix network prune api docsPaul Holzinger2021-06-08
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The api doc used wrong response examples for both the compat and libpod network prune endpoints. Change the doc so that it matches the actual return values. Also fix the endpoints to return an empty array instead of null when no networks are removed. [NO TESTS NEEDED] Fixes: #10564 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #10548 from cdoern/imgFeatureOpenShift Merge Robot2021-06-08
|\ \ \ | | | | | | | | API images/create added missing parameters platform, message, repo
| * | | made requested changes, fixed api testscdoern2021-06-04
| | | | | | | | | | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | | | remote pull: cancel pull when connection is closedPaul Holzinger2021-06-08
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a client closes the http connection during image pull, the service should cancel the pull operation. [NO TESTS NEEDED] I have no idea how we could test this reliable. Fixes: #7558 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #10381 from adrianreber/2021-05-18-publishOpenShift Merge Robot2021-06-07
|\ \ \ | | | | | | | | Add --publish to container restore
| * | | Allow changing of port forward rules on restoreAdrian Reber2021-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restored containers, until now, had the same port mappings as the original started container. This commit adds the parameter '--publish' to 'podman container restore' with the same semantic as during create/run. With this change it is possible to create a copy from a container with a '--publish' rule and replace the original '--publish' setting with a new one. # podman run -p 2345:8080 container # podman container checkpoint -l --export=dump.tar # podman container restore -p 5432:8080 --import=dump.tar The restored container will now listen on localhost:5432 instead of localhost:2345 as the original created container. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | Merge pull request #10557 from vrothberg/fix-5572OpenShift Merge Robot2021-06-07
|\ \ \ \ | | | | | | | | | | systemd/generate: change type to notify
| * | | | systemd/generate: change type to notifyValentin Rothberg2021-06-04
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change the type of units generated with --new from "forking" to "notify". This brings Podman closer to systemd and opens up Podman to a number of use cases (see #5572). Units generated without --new remain with `type=forking`. I experimented a bit with adding a `--sdnotify` flag to `podman start` but it doesn't really work well since we're competing with the default sdnotify mode set during container creation. Fixes: #5572 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Add parameter to specify checkpoint archive compressionAdrian Reber2021-06-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The checkpoint archive compression was hardcoded to `archive.Gzip`. There have been requests to make the used compression algorithm selectable. There was especially the request to not compress the checkpoint archive to be able to create faster checkpoints when not compressing it. This also changes the default from `gzip` to `zstd`. This change should not break anything as the restore code path automatically handles whatever compression the user provides during restore. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | Merge pull request #10561 from vrothberg/fix-remote-events-labelOpenShift Merge Robot2021-06-07
|\ \ \ \ | | | | | | | | | | remote events: support labels
| * | | | remote events: support labelsValentin Rothberg2021-06-04
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Certain event meta data was lost when converting the remote events to libpod events and vice versa. Enable the skipped system tests for remote. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #10568 from jwhonce/issues/10562OpenShift Merge Robot2021-06-06
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Document which CNI fields are encoded
| * | | | [CI:DOCS] Document which CNI fields are encodedJhon Honce2021-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CNI configuration fields named Bytes are typed []byte which the GO JSON encoded automatically Base64 encodes. Note: Future major versions of Podman will refactor the networking endpoints to encapsulate/abstract the CNI structures which will allow better documenation and encoding. Fixes #10562 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #10549 from Luap99/fix-9859OpenShift Merge Robot2021-06-05
|\ \ \ \ \ | |/ / / / |/| | | | remote: always send resize before the container starts
| * | | | remote: always send resize before the container startsPaul Holzinger2021-06-04
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is race condition in the remote client attach logic. Because the resize api call was handled in an extra goroutine the container was started before the resize call happend. To fix this we have to call resize in the same goroutine as attach. When the first resize is done start a goroutine to listen on SIGWINCH in the background and resize again if the signal is received. Fixes #9859 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #10546 from boaz0/closes_8645OpenShift Merge Robot2021-06-04
|\ \ \ \ | | | | | | | | | | Add CORS support
| * | | | Add CORS supportBoaz Shuster2021-06-04
| |/ / / | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | | Merge pull request #10563 from Luap99/fix-10494OpenShift Merge Robot2021-06-04
|\ \ \ \ | |_|_|/ |/| | | [CI:DOCS] fix incorrect network remove api doc
| * | | [CI:DOCS] fix incorrect network remove api docPaul Holzinger2021-06-04
| |/ / | | | | | | | | | | | | | | | | | | | | | The endpoint returns an array and not a single entry. Fixes #10494 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / / remote events: fix --stream=falseValentin Rothberg2021-06-04
|/ / | | | | | | | | | | | | | | | | | | | | Fix a bug in remote events where only one event would be sent if when streaming is turned off. The source of the bug was that the handler attempted to implement the streaming logic and did it wrong. The fix is rather simple by removing this logic from the handler and let the events backend handle streaming. Fixes: #10529 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>