summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* set process labels in pkg/specValentin Rothberg2020-02-19
| | | | | | | | Set the (default) process labels in `pkg/spec`. This way, we can also query libpod.conf and disable labeling if needed. Fixes: #5087 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5247 from schubter/5242OpenShift Merge Robot2020-02-19
|\ | | | | APIv2: fixes decoder issue
| * adds missing query struct tags and exports the fieldsAndreas Schubert2020-02-18
| | | | | | | | Signed-off-by: Andreas Schubert <schubter@gmail.com>
* | Swagger: fix inconsistencies (try #2)Ed Santiago2020-02-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As I've mentioned once or twice, hand-maintained swagger docs are evil. This commit attempts to fix: * Inconsistent methods (swagger says POST but code signature says GET) * Inconsistent capitalization * Typos ("Mounter", "pood") * Completely wrong paths (/inspect vs /json) * Missing .Method() registrations * Missing /libpod in some /volumes paths * Incorrect method declaration: /libpod/containers/.../kill was correct (POST) in swagger but wrong in the code itself (http.MethodGet). Correct the latter to MethodPost This is two hours' work, even with a script I have that tries to cross-check everything. Swagger docs should not be human-maintained. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Update mux rules to allow slashes in image namesJhon Honce2020-02-18
| | | | | | | | | | | | | | | | | | %2F escaping is also supported. Return better response on bad search terms Fixes #5229 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #5158 from jwhonce/issues/5151OpenShift Merge Robot2020-02-18
|\ \ | |/ |/| Fix handler and systemd activation errors
| * Fix handler and systemd activation errorsJhon Honce2020-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On panic from handler: log warning and stack trace, report InternalServerError to client When using `podman system service` make determining the listening endpoint deterministic. // When determining _*THE*_ listening endpoint -- // 1) User input wins always // 2) systemd socket activation // 3) rootless honors XDG_RUNTIME_DIR // 4) if varlink -- adapter.DefaultVarlinkAddress // 5) lastly adapter.DefaultAPIAddress Fixes #5150 Fixes #5151 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #5237 from giuseppe/check-for-valid-conmon-processOpenShift Merge Robot2020-02-17
|\ \ | |/ |/| rootless: check if the conmon process is valid
| * rootless: check if the conmon process is validGiuseppe Scrivano2020-02-17
| | | | | | | | | | | | | | | | if the pause process doesn't exist and we try to join a conmon namespace, make sure the process still exists. Otherwise re-create the user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Refactor image tree for API usageSascha Grunert2020-02-17
|/ | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* Merge pull request #5217 from mheon/rework_label_parsingOpenShift Merge Robot2020-02-15
|\ | | | | Rework label parsing
| * Rework label parsingMatthew Heon2020-02-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We attempted to share all logic for parsing labels and environment variables, which on the surface makes lots of sense (both are formatted key=value so parsing logic should be identical) but has begun to fall apart now that we have added additional logic to environment variable handling. Environment variables that are unset, for example, are looked up against environment variables set for the process. We don't want this for labels, so we have to split parsing logic. Fixes #3854 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5214 from baude/apiv2loglibpodOpenShift Merge Robot2020-02-14
|\ \ | |/ |/| apiv2 libpod container logs
| * apiv2 libpod container logsBrent Baude2020-02-14
| | | | | | | | | | | | wire up containers logs for libpod side of the house, same as compat. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5216 from baude/bindingstestcacheOpenShift Merge Robot2020-02-14
|\ \ | | | | | | add caching for binding tests
| * | add caching for binding testsBrent Baude2020-02-14
| |/ | | | | | | | | | | | | | | add the ability to cache images instead of pull them. makes tests faster and less network use when we flip on CI. Also added list images with filter test Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5207 from rhatdan/selinuxOpenShift Merge Robot2020-02-14
|\ \ | | | | | | Fix SELinux labels of volumes
| * | Fix SELinux labels of volumesDaniel J Walsh2020-02-13
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we attempt to label a volume and the file system does not support labeling, then just warn. SELinux may or may not work, on the volume. There is no way to setup a private label on a newly created volume without using the container mountlabel. If we don't have a mount label at the time of creation of the volume, the only option we have is to create a shared label. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #5209 from vrothberg/un-dockerOpenShift Merge Robot2020-02-14
|\ \ | | | | | | Undocker part 1)
| * | add pkg/signalValentin Rothberg2020-02-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add pkg/signal to deal with parts of signal processing and translating signals from string to numeric representations. The code has been copied from docker/docker (and attributed with the copyright) but been reduced to only what libpod needs (on Linux). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | add pkg/capabilitiesValentin Rothberg2020-02-14
| |/ | | | | | | | | | | | | | | | | Add pkg/capabibilities to deal with capabilities. The code has been copied from Docker (and attributed with the copyright) but changed significantly to only do what we really need. The code has also been simplified and will perform better due to removed redundancy. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #5203 from QiWang19/disable-detach-keyOpenShift Merge Robot2020-02-14
|\ \ | |/ |/| fix bug "" disable detach keys
| * fix bug "" disable detach keysQi Wang2020-02-13
| | | | | | | | | | | | | | fix #5166 This patch enables `--detach-keys ""` to disable the feature. "ctrl-p, ctrl-q" will not work after this command. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #5190 from baude/apiv2cockpit3OpenShift Merge Robot2020-02-14
|\ \ | | | | | | filtering behavior correction
| * | filtering behavior correctionBrent Baude2020-02-12
| | | | | | | | | | | | | | | | | | when filtering containers, if a status= is provided as an input filter, then we should override the all to always be true. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5074 from jwhonce/wip/swagger_endpointOpenShift Merge Robot2020-02-14
|\ \ \ | |_|/ |/| | Add /swagger/ endpoint to serve swagger yaml to clients
| * | Add /swagger/ endpoint to serve swagger yaml to clientsJhon Honce2020-02-04
| | | | | | | | | | | | | | | | | | The provided yaml file will describe the current Podman REST API. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #5172 from giuseppe/api-fix-cpu-statsOpenShift Merge Robot2020-02-13
|\ \ \ | | | | | | | | api: fix the CPU stats reported
| * | | stats: add SystemUsageGiuseppe Scrivano2020-02-12
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | api: fix the CPU stats reportedGiuseppe Scrivano2020-02-11
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Fix up play kube to use image dataDaniel J Walsh2020-02-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman play kube was ignoring the imageData.Config Volumes WorkingDir Labels StopSignal Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #5183 from giuseppe/rootlessport-avoid-hangOpenShift Merge Robot2020-02-13
|\ \ \ \ | | | | | | | | | | rootlessport: fix potential hang
| * | | | rootlessport: drop Pdeathsig in favor of KillGiuseppe Scrivano2020-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | there is a race condition where the child process is immediately killed: [pid 2576752] arch_prctl(0x3001 /* ARCH_??? */, 0x7ffdf612f170) = -1 EINVAL (Invalid argument) [pid 2576752] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 2576752] --- SIGTERM {si_signo=SIGTERM, si_code=SI_USER, si_pid=2576742, si_uid=0} --- [pid 2576752] +++ killed by SIGTERM +++ this happens because the parent process here really means the "parent thread". Since there is no way of running it on the main thread, let's skip this functionality altogether and use kill(2). Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | rootlessport: fix potential hangGiuseppe Scrivano2020-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | write to the error pipe only in case of an error. Otherwise we may end up in a race condition in the select statement below as the read from errChan happens before initComplete and the function returns immediately nil. Closes: https://github.com/containers/libpod/issues/5182 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #5152 from QiWang19/device-cgroup-ruleOpenShift Merge Robot2020-02-13
|\ \ \ \ \ | |_|_|_|/ |/| | | | support device-cgroup-rule
| * | | | support device-cgroup-ruleQi Wang2020-02-12
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | fix #4876 Add `--device-cgroup-rule` to podman create and run. This enables to add device rules after the container has been created. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #5171 from baude/apiv2cockpit2OpenShift Merge Robot2020-02-12
|\ \ \ \ | | | | | | | | | | Fix container filters
| * | | | Fix container filtersBrent Baude2020-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | container filters were being double encoded (maybe triple) which resulted in the wrong encoding representation of filters being sent by the go-bindings. Also, on the server side, Filter needed to be changed to Filter to decode properly. Finally, due to the changed return type of List Containers, the go bindings return values needed to be changed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #5187 from vrothberg/pkg-seccompOpenShift Merge Robot2020-02-12
|\ \ \ \ \ | | | | | | | | | | | | add pkg/seccomp
| * | | | | add pkg/seccompValentin Rothberg2020-02-12
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add pkg/seccomp to consolidate all seccomp-policy related code which is currently scattered across multiple packages and complicating the creatconfig refactoring. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / | | | api: pull: fix reference parsingValentin Rothberg2020-02-12
|/ / / / | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #5175 from baude/apiv2eventsOpenShift Merge Robot2020-02-12
|\ \ \ \ | | | | | | | | | | apiv2 stream events
| * | | | apiv2 stream eventsBrent Baude2020-02-11
| |/ / / | | | | | | | | | | | | | | | | | | | | the events endpoint should be stream-based. it also needed to be registered to answer and not produce 404s. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | / / HTTP 304 (NotModified) is not an error!Ed Santiago2020-02-11
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Even after #5169, my test logs kept showing: ERRO[0004] unable to write json: "http: request method or response status code does not allow body" Cause: overly-helpful code trying to treat condition as an error and include a diagnostic message. This is forbidden per rfc2616. This PR fixes the faulty response, as well as three others found via: $ ack 'Error.*NotMod' (4 hits total) $ ack 'Error.*NoCont' (no hits) Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #5169 from edsantiago/apiv2_pod_status_codesOpenShift Merge Robot2020-02-11
|\ \ \ | | | | | | | | API v2: pods: fix two incorrect return codes
| * | | API v2: pods: fix two incorrect return codesEd Santiago2020-02-11
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) /pods/<X>/exists - is documented to return 204, and that's the correct value, but until now it has been returning 200. 2) /pods/create - return 409 (conflict), not 500, when pod already exists Also: in WriteResponse(), if code is 204 (No Content) or 304 (Not Modified), emit the status code only but no content-type headers nor content. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #5083 from vrothberg/v2-libpod-image-endpointsOpenShift Merge Robot2020-02-11
|\ \ \ | | | | | | | | v2 api: /libpod/images/{import,load,pull}
| * | | swagger: fix /libpod/images/{import,load,pull}Valentin Rothberg2020-02-11
| | | | | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | v2 api: /libpod/images/importValentin Rothberg2020-02-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement the /libpod/images/import endpoint Tested manually with curl: curl -X POST --data-binary "@image.tar" --header "Content-Type: application/x-tar" Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | v2 api: /libpod/images/loadValentin Rothberg2020-02-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement the /libpod/images/load endpoint. Tested manually with curl: curl -X POST --data-binary "@image.tar" --header "Content-Type: application/x-tar" Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-07 01:34:43 +0000