| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Fix missing options in volume's display while setting uid and gid
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
```
$ podman volume create testvol --opt o=uid=1001,gid=1001
$ ./bin/podman volume create testvol2 --opt o=uid=1001,gid=1001
$ podman volume inspect testvol
"Options": {},
$ podman volume inspect testvol2
"Options": {
"GID": "1001",
"UID": "1001",
"o": "uid=1001,gid=1001"
},
```
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|\ \
| | |
| | | |
add pod filter for ps
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
adds the ability to filter containers based on the filter "pod". the
value can be a pod name or its full or partial id.
Fixes: #8512
Signed-off-by: baude <bbaude@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when neither yaml.Args nor yaml.Command are specified, we should use the entrypoint and cmd from the image.
update the tests to cover this and another case (both args and command are specified).
use the registry image instead of redis, as it has both an entrypoint and command specified.
update the documentation around this handling to hopefully prevent regressions and confusion.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add volume filters to system prune
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change was missed in pull/8689. Now that volume pruneing supports
filters system pruneing can pass its filters down to the volume
pruneing. Additionally this change adds tests for the following components
* podman system prune subcommand with `--volumes` & `--filter` options
* apiv2 api tests for `/system/` and `/libpod/system` endpoints
Relates to #8453, #8672
Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
|
|\ \ \
| |_|/
|/| | |
Fix build for mips architecture
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
The signal SIGSTKFLT does not exists on mips architectures.
Also RTMIN and RTMAX are different.
This code is copied from docker.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|/
|
|
|
|
|
| |
convert the golang container bindings to all use options so that changes
in the future are more managable.
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
remote copy
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implement `podman-remote cp` and break out the logic from the previously
added `pkg/copy` into it's basic building blocks and move them up into
the `ContainerEngine` interface and `cmd/podman`.
The `--pause` and `--extract` flags are now deprecated and turned into
nops.
Note that this commit is vendoring a non-release version of Buildah to
pull in updates to the copier package.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
| |
add options to each pod binding for future wiggle room
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
misc bindings to podman v3
|
| |
| |
| |
| |
| |
| |
| | |
manifest, system, info, volumes, play, and generate bindings are
updated to always have binding options.
Signed-off-by: baude <bbaude@redhat.com>
|
|/
|
|
| |
Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
|
|\
| |
| | |
Podman image bindings for 3.0
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Begin the migration of the image bindings for podman 3.0. this includes
the use of options for each binding. build was intentionally not
converted as I believe it needs more discussion before migration.
specifically, the build options themselves.
also noteworthly is that the remove image and remove images bindings
were merged into one. the remove images (or batch remove) has one
downside in that the errors return no longer adhere to http return
codes. this should be discussed and reimplemented in subsequent code.
Signed-off-by: baude <bbaude@redhat.com>
|
|/
|
|
| |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\
| |
| | |
podman events allow future time for --until
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The podman events aren't read until the given timestamp if the
timestamp is in the future. It just reads all events until now
and exits afterwards.
This does not make sense and does not match docker. The correct
behavior is to read all events until the given time is reached.
This fixes a bug where the wrong event log file path was used
when running first time with a new storage location.
Fixes #8694
This also fixes the events api endpoint which only exited when
an error occurred. Otherwise it just hung after reading all events.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| | |
| | | |
podman: drop checking valid rootless UID
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
do not check whether the specified ID is valid in the user namespace.
crun handles this case[1], so the check in Podman prevents to get to
the OCI runtime at all.
$ podman run --user 10:0 --uidmap 0:0:1 --rm -ti fedora:33 sh -c 'id; cat /proc/self/uid_map'
uid=10(10) gid=0(root) groups=0(root),65534(nobody)
10 0 1
[1] https://github.com/containers/crun/pull/556
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add volume prune --filter support
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This change adds support for the `--filter` / `?filters` arguments on
the `podman volume prune` subcommand.
* Adds ParseFilterArgumentsIntoFilters helper for consistent
Filter string slice handling
* Adds `--filter` support to podman volume prune cli
* Adds `?filters...` support to podman volume prune api
* Updates apiv2 / e2e tests
Closes #8672
Signed-off-by: Baron Lenardson <lenardson.baron@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Sign multi-arch images
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
podman image sign handles muti-arch images.
--all option to create signature for each manifest from the image manifest list.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Refine public key usage when remote
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Move all public key handling into one AuthMethod. Prioritize ssh-agent
keys over identity files.
* Cache server connection when tunneling, saves one RoundTrip on ssh
handshake
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
Handle --rm when starting a container
|
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
podman start should follow the same behaviour as podman run when removing a
container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
podman logs honor stderr correctly
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Make the ContainerLogsOptions support two io.Writers,
one for stdout and the other for stderr. The logline already
includes the information to which Writer it has to be written.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Fix Wrong img name used when creating a container from an image which had multi names
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
multiple tags
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| |_|/ / / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Network create could panic when used with a json body like this:
`{"Name":"net","IPAM":{"Config":[]}}`
The network scope for list and inspect should not be empty. It can
be swarm, global or local. We only support local networks so
hardcode this field to local.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
Bindings refactor
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
this is step one of refactoring our golang binaries. we will no be
using structs to pass optional options. required options will still
arguments to the binding itself.
the structs then have a generator to create helper functions which
should then be added to the git repo.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Add --filter to podman system prune
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also document the allowable filters in podman system prune, podman image prune
and podman container prune.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |_|_|/
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The libpod images exists endpoint panics when called with
a non existing image and therefore returns 500 as status
code instead of the expected 404.
A test is added to ensure it is working.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \
| |_|_|/
|/| | | |
Do not pull if image domain is localhost
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With podman play kube, podman would always attempt to
pull if the image has the :latest tag. But this would
fail if the image was built locally and given latest
as the tag. Images build with podman and buildah have
localhost as the domain, so check if the domain is localhost.
If that is the case, then don't attempt a pull.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Properly handle --cap-add all when running with a --user flag
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Handle the ALL Flag when running with an account as a user.
Currently we throw an error when the user specifies
podman run --user bin --cap-add all fedora echo hello
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
security: honor systempaths=unconfined for ro paths
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
we must honor systempaths=unconfined also for read-only paths, as
Docker does:
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Honor the --layers flag
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Currently the --layers flag set by the user is ignored, and only the BUILDAH_LAYERS
environment variable being set is observed.
Fixes: https://github.com/containers/podman/issues/8643
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
archive endpoint massaging
|