| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
Add support for secretRef and secretKeyRef to allow env vars to be set
from a secret. As K8S secrets are dictionaries the secret value must
be a JSON dictionary compatible with the data field of a K8S secret
object. The keys must consist of alphanumeric characters, '-', '_'
or '.', and the values must be base64 encoded strings.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In K8S the pod creation fails if an env var reference a non existing
config map key. It can be marked as optional, but per default it is
mandatory. Podman on the other hand always treat such references as
optional.
Rework envVarsFrom() and envVarValue() to additionaly return an error
and add support for the optional attribute in configMapRef and
configMapKeyRef.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
|
|
|
|
|
|
|
|
|
|
| |
Rework envVarsFromConfigMap() and envVarValue() to simplify supporting
other env sources than config maps. For this we pass the whole spec
generator options struct as parameter instead of just the config maps
list. Then we rename envVarsFromConfigMap() to envVarsFrom() and in
envVarValue() we reposition the loop over the config maps to only run
it when a configMapRef element exists.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
|\
| |
| | |
Fix list pods filter handling in libpod api
|
| |
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since podman-remote resize requests can come in at random times, this
generates a real potential for race conditions. We should only be
attempting to resize TTY on running containers, but the containers can
go from running to stopped at any time, and returning an error to the
caller is just causing noice.
This change will basically ignore requests to resize terminals if the
container is not running and return the caller to success. All other
callers will still return failure.
Fixes: https://github.com/containers/podman/issues/9831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add RequiresMountsFor= to systemd generate
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It is rare but possible that storage locations for the graphroot and the
runroot are not mounted at boot time, and therefore might race when
doing container operations. An example we've seen in the wild is that a
slow tmpfs mount for the runroot would suddenly mount over /run, causing
the container to lose all currently-running data, requiring a system
refresh to get it back.
This patch adds RequiresMountsFor= to the systemd.unit header to ensure
the paths for both the graphroot and runroot are mounted prior to
starting any generated unit files.
Signed-off-by: Robb Manes <rmanes@redhat.com>
|
|\ \ \
| | | |
| | | | |
[NO TESTS NEEDED] Rename podman machine create to init and clean up
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Rename podman machine create to init because we're initing a VM, not
really creating it
Wire up CPUs flag
Suppress QEMU GUI from popping up when not in debug mode
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix filters list/prune in image http compat/libpod api endpoints
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Correct json encoding field name for Namespace type
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO TESTS NEEDED]
* When using the Namespace type, the field Value was json encoded
with the name "string" vs "value".
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
introduce podman machine
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
clean up ci failures and add appropriate arch,os exclusion tags
Signed-off-by: baude <bbaude@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
--execute, -e allows to execute a command through ssh
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman machine allows podman to create, manage, and interact with a vm
running some form of linux (default is fcos). podman is then configured
to be able to interact with the vm automatically.
while this is usable on linux, the real push is to get this working on
both current apple architectures in macos.
Ashley Cui contributed to this PR and was a great help.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
|\ \
| | |
| | | |
fix: build endpoint for compat API
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| | |
| | | |
Fix containers list/prune http api filter behaviour
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The problem described in #9711 and followed by #9758 affects
containers as well. When user provides wrong filter input, error
message should occur, not fallback to full list/prune command.
This change fixes the issue. Additionally, there are error message
fixes for docker http api compat.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Cleanup /libpod/images/load handler
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Remove orphaned code
* Add meaningful error from LoadImageFromSingleImageArchive() when
heuristic fails to determine payload format
* Correct swagger to output correct types and headers
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
when --privileged is used, make sure to not request more capabilities
than currently available in the current context.
[NO TESTS NEEDED] since it fixes existing tests.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the continuation work started in #9711. It turns out
that list/prune commands for volumes in libpod/compat api have
very dangerous error handling when broken filter input is supplied.
Problem also affects network list/prune in libpod. This commit
unifies filter handling across libpod/compat api and adds sanity
apiv2 testcases.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| | |
| | | |
Network prune filters for http api (compat and libpod)
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In nTar(), don't return the error value when the goroutine that's
populating the error value can continue running long after nTar()
returns. Instead, wrap the Close() method of the pipe that we're
returning in a function that collects those errors, along with any error
we get from closing the pipe, and returns them from Close() wrapper.
In Build(), if the Close() method returns an error, at least log it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \
| | |
| | | |
Fix for volumes prune in http compat api when using filters
|
| |/
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| | |
| | | |
Fix array instead of one elem network http api
|
| | |
| | |
| | |
| | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \
| |_|/
|/| | |
add /auth for docker compatibility
|
| | |
| | |
| | |
| | | |
Signed-off-by: troyready <troy@troyready.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This endpoint just validates credentials:
https://github.com/moby/moby/blob/v20.10.4/api/swagger.yaml#L7936-L7977
Fixes: #9564
Signed-off-by: troyready <troy@troyready.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some packages used by the remote client imported the libpod package.
This is not wanted because it adds unnecessary bloat to the client and
also causes problems with platform specific code(linux only), see #9710.
The solution is to move the used functions/variables into extra packages
which do not import libpod.
This change shrinks the remote client size more than 6MB compared to the
current master.
[NO TESTS NEEDED]
I have no idea how to test this properly but with #9710 the cross
compile should fail.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `libpod/network` package should only be used on the backend and not the
client. The client used this package only for two functions so move them
into a new `pkg/network` package.
This is needed so we can put linux only code into `libpod/network`, see #9710.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| | |
| | | |
[NO TESTS NEEDED] create endpoint for querying libpod networks
|
| |/
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| |/
|/| |
[Compat API] Also print successfully tagging images in /build endpoint
|
| |
| |
| |
| |
| |
| | |
[NO TESTS NEEDED]
Signed-off-by: Riyad Preukschas <riyad@informatik.uni-bremen.de>
|
|\ \
| | |
| | | |
Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Also Switch to using CONTAINERS_REGISTRIES_CONF for registries.conf
overrides.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we were overwrapping error returned from removal
of a non existing container.
$ podman rm bogus -f
Error: failed to evict container: "": failed to find container "bogus" in state: no container with name or ID bogus found: no such container
Removal of wraps gets us to.
./bin/podman rm bogus -f
Error: no container with name or ID "bogus" found: no such container
Finally also added quotes around container name to help make it standout
when you get an error, currently it gets lost in the error.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|