summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* pkg/specgen: parse default network mode on serverPaul Holzinger2022-06-14
| | | | | | | | | | | | | | | | | | | | | When podman-remote is used we should not resolve the default network mode on the client. Defaults should be set on the server. In this case this is important because we have different defaults for root/rootless. So when the client is rootless and the server is root we must pick the root default. Note that this already worked when --network was set since we did not parsed the flag in this case. To reproduce you need --network=default. Also removed a unused function. [NO NEW TESTS NEEDED] I tested it manually but I am not sure how I can hook a test like this up in CI. The client would need to run as rootless and the server as root or the other way around. Fixes #14368 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* podman pod create --uidmap patchcdoern2022-06-14
| | | | | | | | | | | | | podmans remote API does not marshal infra's spec due to the fact that if it did, all of those options would be available to the users on the command line. This means we need to manually map "backwards" some container spec items -> pod spec items before calling PodCreate, this was one of them that was forgotten resolves #14233 Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* fix bad import path for cmd/podman/utilsPaul Holzinger2022-06-14
| | | | | | | | | Libpod or packages under /pkg should never import from /cmd/... This will quickly result in import cycles and weird code paths. Also there is no reason to use this special code we can just use syscall.SIGHUB as SIGNAL. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Removed `imageStream` hardcoded valueJake Correnti2022-06-14
| | | | | | | | [NO NEW TESTS NEEDED] Removed `imageStream` hardcoded value that was set to testing. Since podman4 is in the fcos trees, it should be removed. The respective comments have also been removed. Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
* Podman no-new-privileges formatNiall Crowe2022-06-14
| | | | | | | | | | | | In docker, the format of no-new-privileges is "no-new-privileges:true". However, for Podman all that's required is "no-new-privileges", leading to issues when attempting to use features desgined for docker in podman. Adding support for the ":" format to be used along with the "=" format, depedning on which one is entered by the user. fixes #14133 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* Support running podman under a root v2 cgroupJason T. Greene2022-06-14
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Use containers/common/pkg/util.StringToSliceDaniel J Walsh2022-06-14
| | | | | | [NO NEW TESTS NEEDED] Just code cleanup for better reuse Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* compat, build: suppress step errors when quiet is setAditya R2022-06-14
| | | | | | | | Match with docker API and suppress step errors when field quiet is set. Closes: https://github.com/containers/podman/issues/14315 Signed-off-by: Aditya R <arajan@redhat.com>
* auto update: create an eventValentin Rothberg2022-06-14
| | | | | | | | | Create an auto-update event for each invocation, independent if images and containers are updated or not. Those events will be indicated in the events already but users will now know why. Fixes: #14283 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Swagger refactor/cleanupJhon Honce2022-06-14
| | | | | | | | | | | | | | | | | | * Remove duplicate or unused types and constants * Move all documetation-only models and responses into swagger package * Remove all unecessary names, go-swagger will determine names from struct declarations * Use Libpod suffix to differentiate between compat and libpod models and responses. Taken from swagger:operation declarations. * Models and responses that start with lowercase are for swagger use only while uppercase are used "as is" in the code and swagger comments * Used gofumpt on new code ```release-note ``` Signed-off-by: Jhon Honce <jhonce@redhat.com>
* linter: enable unconvert linterValentin Rothberg2022-06-14
| | | | | | | Detects unneccessary type conversions and helps in keeping the code base cleaner. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Deleting an n use image should return conflict not system errorDaniel J Walsh2022-06-14
| | | | | | Fixes: https://github.com/containers/podman/issues/14208 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Update WSL machine OS to enable user lingeringJason T. Greene2022-06-14
| | | | | | Also migrate old machines that were missing this setting Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Add more machine testsAshley Cui2022-06-14
| | | | | | Add more machine tests for flags in init, inspect, and list. Signed-off-by: Ashley Cui <acui@redhat.com>
* play kube log tag handlingcdoern2022-06-14
| | | | | | | | | currently tags cause a panic due to an uninitialized map. Initialize the map and add parsing to make sure we are only tagging with journald resolves #13356 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* fix compat image resolutionValentin Rothberg2022-05-24
| | | | | | | | | | | | Fix a bug in the resolution of images in the Docker compat API. When looking up an image by a short name, the name may match an image that does not live on Docker Hub. The resolved name should be used for normalization instead of the input name to make sure that `busybox` can resolve to `registry.com/busybox` if present in the local storage. Fixes: #14291 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* [BZ #2083997] pod: build pause image in custom user NSValentin Rothberg2022-05-18
| | | | | | | | | | | | Use the host UID and host GID mapping when building the local pause image for a Pod with a custom mapping. Otherwise, the mappings are off and the build fails. Propagating the mapping to the build container is not needed since the pause image ships merely a copied `catatonit` from the host. Backport-of: commit c45d51899a8190bd3797cdee71b74b912a634c71 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Add support for machine events on WindowsJason T. Greene2022-05-15
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* pass networks to container clonecdoern2022-05-05
| | | | | | | | | since the network config is a string map, json.unmarshal does not recognize the config and spec as the same entity, need to map this option manually resolves #13713 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Add more unit testsBrent Baude2022-05-05
| | | | | | Improve "code coverage" with more unit-tests. Signed-off-by: Brent Baude <bbaude@redhat.com>
* play kube default log driverNiall Crowe2022-05-05
| | | | | | | | | The default log driver is not used when using play kube without --log-driver. The LogDriver function needs to be called in order to use the default log driver. fixes #13781 Signed-off-by: Niall Crowe <nicrowe@redhat.com>
* Vendor in containers/buildah@v1.26.1Daniel J Walsh2022-05-05
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #14119 from ↵OpenShift Merge Robot2022-05-05
|\ | | | | | | | | openshift-cherrypick-robot/cherry-pick-14037-to-v4.1 [v4.1] Report correct RemoteURI
| * Report correct RemoteURIDaniel J Walsh2022-05-04
| | | | | | | | | | | | | | | | | | | | | | | | Rather than assuming a filesystem path, the API service URI is recorded in the libpod runtime configuration and then reported as requested. Note: All schemes other than "unix" are hard-coded to report URI exists. Fixes #12023 Signed-off-by: Jhon Honce <jhonce@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | podman system reset removed machines incorrectlyAshley Cui2022-05-04
|/ | | | | | | podman system reset did not clean up machines fully, leaving some config files, and breaking machines. Now it removes all machines files fully. Signed-off-by: Ashley Cui <acui@redhat.com>
* Implement --format for machine inspectJhon Honce2022-05-04
| | | | | | * Fix issue of nil pointer derefence Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Implement machine inspect for WSLJason T. Greene2022-05-03
| | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* pkg/api: do not register decoder in endpoint handlerPaul Holzinger2022-05-03
| | | | | | | | | | | | Since the decoder is shared registering the decoder inside a single endpoint will also register it for all others. Also the problem with that is the it will register it everytime this endpoint is called which is wrong. Instead we should register it once like the other custom decoder functions. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* enable errcheck linterPaul Holzinger2022-05-03
| | | | | | | | The errcheck linter makes sure that errors are always check and not ignored by accident. It spotted a lot of unchecked errors, mostly in the tests but also some real problem in the code. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Refactor machine inspectBrent Baude2022-05-03
| | | | | | | | | | I was asked to refactor machine inspect output to represent more common and basic information. machine inspect now has information that would be appropriate for different machines. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* podman machine starting testcdoern2022-05-03
| | | | | | | | | | | | add a test to make sure machines are not running while still starting in order to do this, I added a parameter to `run()` to delineate whether or not the command should block or not. The non blocking run allows for tests to get and use the `machineSession` pointer and check the exit code to see if it has finished. also fix a bug (created by #13996) that before started, the machines would always say "LastUp" and "Created" Less than one second ago Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* volume: add new option -o o=noquotaGiuseppe Scrivano2022-05-03
| | | | | | | | | | | | | | | | | add a new option to completely disable xfs quota usage for a volume. xfs quota set on a volume, even just for tracking disk usage, can cause weird errors if the volume is later re-used by a container with a different quota projid. More specifically, link(2) and rename(2) might fail with EXDEV if the source file has a projid that is different from the parent directory. To prevent such kind of issues, the volume should be created beforehand with `podman volume create -o o=noquota $ID` Closes: https://github.com/containers/podman/issues/14049 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Produce better test error messagesBrent Baude2022-05-03
| | | | | | | As Ed has pointed out, the form of Expect(session).To(Exit(0)) provides much better error messages. Let's make Ed happy. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Allow changing of CPUs, Memory, and Disk SizeAshley Cui2022-05-03
| | | | | | | | | Allow podman machine set to change CPUs, Memory and Disk size of a QEMU machine after its been created. Disk size can only be increased. If one setting fails to be changed, the other settings will still be applied. Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #13698 from Luap99/versionOpenShift Merge Robot2022-04-27
|\ | | | | Bump version to v4.1.0-dev
| * manifest endpoints fix orderingPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | OK this is a pretty bad design IMO. We have to endpoints: manifest create: `POST /{name}` manifest push: `POST /{name}/registry/{destination}` So basically all push requests are valid create requests. Fortunately we can change the order in which the endpoints are matched. If the logic matches push first it will fall back to create if the request does not have the `/registry/{}` part. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * pkg/bindings: manifest remove 3.X API support conditionalPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | | | Since the minimum API version is set to 4.0.0 the endpoint will not talk to the 3.X endpoint. Therefore this logic is broken and should just be removed. 4.0 bindings should only talk to 4.0 server. This is already the case for many other endpoints. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * fix manifest modify endpoint to respect tlsverify paramPaul Holzinger2022-04-27
| | | | | | | | Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * Bump version to v4.1.0-devPaul Holzinger2022-04-27
| | | | | | | | | | | | | | | | I think we forgot to bump the version in the main branch. It should be v4.1.0-dev now. Also set the min api version to 4.0.0 as on the podman 4.0 branch. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14023 from rhatdan/kubeOpenShift Merge Robot2022-04-27
|\ \ | | | | | | Truncate annotations when generating kubernetes yaml files
| * | Truncate annotations when generating kubernetes yaml filesDaniel J Walsh2022-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kubernetes only allows 63 characters in an annotation. Make sure that we only add 63 or less charaters when generating kube. Warn if containers or pods have longer length and truncate. Discussion: https://github.com/containers/podman/discussions/13901 Fixes: https://github.com/containers/podman/issues/13962 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | play kube respect hostNetworkPaul Holzinger2022-04-27
| |/ |/| | | | | | | | | | | | | | | | | | | We need to use the host network when it is set in the config and --network was not used. This regression was added in 3e9af2029f1f. Fixes #14015 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13997 from Luap99/gocriticOpenShift Merge Robot2022-04-27
|\ \ | |/ |/| enable gocritic linter
| * play kube: do not skip containers by namePaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | We should not exclude contianers by name. If a users has a container with the name "inf" it is currently skipped. This is wrong. The k8s yaml does not contain infra containers so we do not have to skip them. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
| * enable gocritic linterPaul Holzinger2022-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The linter ensures a common code style. - use switch/case instead of else if - use if instead of switch/case for single case statement - add space between comment and text - detect the use of defer with os.Exit() - use short form var += "..." instead of var = var + "..." - detect problems with append() ``` newSlice := append(orgSlice, val) ``` This could lead to nasty bugs because the orgSlice will be changed in place if it has enough capacity too hold the new elements. Thus we newSlice might not be a copy. Of course most of the changes are just cosmetic and do not cause any logic errors but I think it is a good idea to enforce a common style. This should help maintainability. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14010 from vrothberg/remote-rootlessOpenShift Merge Robot2022-04-26
|\ \ | |/ |/| remote: do not join user NS
| * remote: do not join user NSValentin Rothberg2022-04-26
| | | | | | | | | | | | | | | | | | As noticed while debugging #13992, do not join the rootless user NS as a Linux remote client. [NO NEW TESTS NEEDED] as existing tests should continue to work. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #13996 from cdoern/machineOpenShift Merge Robot2022-04-26
|\ \ | |/ |/| machine starting status
| * machine starting statuscdoern2022-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman machine was using the file modification time to get the running status add three new config entries Starting (bool) Created (time) LastUp (time) to actually keep track of when these events happened. This means we can use the config file to actually store this data and not mess up the created/last-up time. This fixes the issues where the machine would report running 15 seconds before it was up. Also fixes the issue of modifying the file manually and saying the machine is "up" [NO NEW TESTS NEEDED] resolves #13711 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #13908 from n1hility/win-mountsOpenShift Merge Robot2022-04-26
|\ \ | | | | | | Implement Windows volume/mount support