summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Merge pull request #4772 from boaz0/closes_4628OpenShift Merge Robot2020-03-04
|\ | | | | Add the rmi flag to podman-run to delete container image
| * Add the rmi flag to podman-run to delete container imageBoaz Shuster2020-03-03
| | | | | | | | | | | | | | | | | | | | The --rmi flag will delete the container image after its execution unless that image is already been used by another container(s). This is useful when one wants to execute a container once and remove any resources attached to it. Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | Merge pull request #5206 from rhatdan/capabilitiesOpenShift Merge Robot2020-03-03
|\ \ | | | | | | Allow devs to set labels in container images for default capabilities.
| * | Allow devs to set labels in container images for default capabilities.Daniel J Walsh2020-03-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch allows users to specify the list of capabilities required to run their container image. Setting a image/container label "io.containers.capabilities=setuid,setgid" tells podman that the contained image should work fine with just these two capabilties, instead of running with the default capabilities, podman will launch the container with just these capabilties. If the user or image specified capabilities that are not in the default set, the container will print an error message and will continue to run with the default capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | consolidate env handling into pkg/envValentin Rothberg2020-03-03
| |/ |/| | | | | | | | | | | | | | | Env-variable related code is scattered across several packages making it hard to maintain and extend. Consolidate the code into a new pkg/env package. Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5371 from edsantiago/apiv2_fixesOpenShift Merge Robot2020-03-02
|\ \ | |/ |/| more swagger fixes
| * more swagger fixesEd Santiago2020-03-02
| | | | | | | | Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #5347 from baude/apiv2waitOpenShift Merge Robot2020-03-02
|\ \ | |/ |/| rework apiv2 wait endpoint|binding
| * rework apiv2 wait endpoint|bindingBrent Baude2020-02-28
| | | | | | | | | | | | | | | | added the ability to wait on a condition (stopped, running, paused...) for a container. if a condition is not provided, wait will default to the stopped condition which uses the original wait code paths. if the condition is stopped, the container exit code will be returned. also, correct a mux issue we discovered. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5343 from lsm5/fix-exists-urlOpenShift Merge Robot2020-03-02
|\ \ | | | | | | container Exists: fix URL
| * | container Exists: fix URLLokesh Mandvekar2020-02-27
| | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #5320 from sujil02/podtestOpenShift Merge Robot2020-03-02
|\ \ \ | | | | | | | | Add test to validate prune pod apiv2 binding.
| * | | Update pod bindings and Add test to validate prune pod apiv2 binding.Sujil022020-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modify the pod inspect bindings to hold current pod status. Includes test to validate on pod status and added test to check no or few pods are pruned,if the pods are in exited state. Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | Fix wrong condition in bindings testChris Evich2020-02-28
| |_|/ |/| | | | | | | | | | | | | | Thanks for Brent Baude <bbaude@redhat.com> for the fix. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #5348 from baude/cninetfixOpenShift Merge Robot2020-02-27
|\ \ \ | | | | | | | | Cninetfix
| * | | network create should use firewall pluginBrent Baude2020-02-27
| | |/ | |/| | | | | | | | | | | | | when creating a network, podman should add the firewall plugin to the config but not specify a backend. this will allow cni to determine whether it should use an iptables|firewalld backend. Signed-off-by: Brent Baude <bbaude@redhat.com>
* / | binding tests for volumesBrent Baude2020-02-27
|/ / | | | | | | | | | | | | | | add binding tests for volumes: inspect(get), create, remove, prune, and list implement filters ability for volumes Signed-off-by: Brent Baude <bbaude@redhat.com>
* | spec: allow container alias name in lookupGiuseppe Scrivano2020-02-26
| | | | | | | | | | | | | | | | Previously --uts=container: expected the full container ID. Closes: https://github.com/containers/libpod/issues/5289 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #5328 from lsm5/trivial-typo-correctionOpenShift Merge Robot2020-02-25
|\ \ | | | | | | fix trivial typo
| * | fix trivial typoLokesh Mandvekar2020-02-25
| | | | | | | | | | | | Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #5326 from jwhonce/issues/5311OpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | Remove 1 sec delay
| * | | Remove 1 sec delayJhon Honce2020-02-25
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | * Stop closing net.Listener() twice on interrupt * Do not report error if closing server twice Fixes #5311 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #3901 from cevich/support_f31OpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | Cirrus: Support testing with F31
| * | | Temp. skip "remove pause by id" bindings testChris Evich2020-02-25
| |/ / | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #5324 from giuseppe/fix-running-no-pauseOpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | rootless: raise error if the process is not found
| * | | rootless: become root only if the pause file is specifiedGiuseppe Scrivano2020-02-25
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we need to store the pause process PID file so that it can be re-used later. commit e9dc2120925d9bc32b87ed3c4122aa40f7413db5 introduced this regression. Closes: https://github.com/containers/libpod/issues/5246 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / / rootless: fix segfault when open fd >= FD_SETSIZEGiuseppe Scrivano2020-02-25
|/ / | | | | | | | | | | | | | | | | if there are more than FD_SETSIZE open fds passed down to the Podman process, the initialization code could crash as it attempts to store them into a fd_set. Use an array of fd_set structs, each of them holding only FD_SETSIZE file descriptors. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #5305 from mheon/check_for_common_deadlocksOpenShift Merge Robot2020-02-25
|\ \ | | | | | | Add basic deadlock detection for container start/remove
| * | Add basic deadlock detection for container start/removeMatthew Heon2020-02-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can easily tell if we're going to deadlock by comparing lock IDs before actually taking the lock. Add a few checks for this in common places where deadlocks might occur. This does not yet cover pod operations, where detection is more difficult (and costly) due to the number of locks being involved being higher than 2. Also, add some error wrapping on the Podman side, so we can tell people to use `system renumber` when it occurs. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #5318 from giuseppe/fix-running-without-env-variablesOpenShift Merge Robot2020-02-25
|\ \ \ | | | | | | | | build: move initialization after SetXdgDirs
| * | | utils: relax check for directory to useGiuseppe Scrivano2020-02-24
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | when we use namespaces, we set the run directory to 0711 to allow other users to access it. without this relaxation, the /run/user/$UID directory would be skipped. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / | add apiv2 tests for podman pause and stopLokesh Mandvekar2020-02-24
|/ / | | | | | | | | | | Initial ginkgo setup credit to Brent Baude <bbaude@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Merge pull request #5281 from baude/bindingsciOpenShift Merge Robot2020-02-24
|\ \ | | | | | | enable ci on go binding tests
| * | enable ci on go binding testsBrent Baude2020-02-22
| | | | | | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5301 from baude/apiv2imagetests3OpenShift Merge Robot2020-02-24
|\ \ \ | |_|/ |/| | more image binding tests
| * | more image binding testsBrent Baude2020-02-23
| | | | | | | | | | | | | | | | | | | | | | | | add two additional bindings tests for image usage. add ability to use search filter on the endpoint. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Friendly amendment: tests, and a help messageEd Santiago2020-02-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) Help message for podman port was missing [PORT] 2) Add test for 'podman port'. And, actually, an entire networking test that I'd written some weeks ago but apparently didn't 'git add'. Signed-off-by: Ed Santiago <santiago@redhat.com> Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | fix port list by container with portbaude2020-02-23
|/ / | | | | | | | | | | | | | | | | code was erronously misinterpretting the port as a containername. Fixes: #1791832 Signed-off-by: baude <bbaude@redhat.com> Signed-off-by: Brent Baude <bbaude@redhat.com>
* / add more image tests for go bindingsBrent Baude2020-02-21
|/ | | | | | adding more image tests for go bindings. one big change is that the params were converted from map[string]string to url.values to account for the ability to send []string as query params Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5280 from baude/addreturnOpenShift Merge Robot2020-02-21
|\ | | | | search endpoint failure correction
| * search endpoint failure correctionBrent Baude2020-02-21
| | | | | | | | | | | | | | | | when returning an invalid search, a return was omitted triggering a null on the consumer end. Fixes: #5228 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | disable generation of cni firewall pluginBrent Baude2020-02-21
|/ | | | | | | | it turns out that when the firewall plugin is not provided as part of the configuration, then the firewall cni plugin will dynamically figure out if it should use firewalld or iptables. also removing this from the default configuration file Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5213 from mheon/remove_db_imagevolOpenShift Merge Robot2020-02-21
|\ | | | | Remove ImageVolumes from database
| * Remove ImageVolumes from databaseMatthew Heon2020-02-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Before Libpod supported named volumes, we approximated image volumes by bind-mounting in per-container temporary directories. This was handled by Libpod, and had a corresponding database entry to enable/disable it. However, when we enabled named volumes, we completely rewrote the old implementation; none of the old bind mount implementation still exists, save one flag in the database. With nothing remaining to use it, it has no further purpose. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #5263 from baude/logsizeOpenShift Merge Robot2020-02-21
|\ \ | | | | | | implement reverse reader for log reads
| * | implement reverse reader for log readsBrent Baude2020-02-20
| | | | | | | | | | | | | | | | | | | | | | | | in cases where the log file exceeds the available memory of a system, we had a bug that triggered an oom because the entire logfile was being read when the tail parameter was given. this reads in chunks and is more or less memory safe. fixes: #5131 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5236 from marusak/filter_by_idOpenShift Merge Robot2020-02-21
|\ \ \ | | | | | | | | apiv2: Image filtering and fixup docs
| * | | apiv2: Fixup /containers/json filters documentationMatej Marusak2020-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Mention what is the input format plus put literals into quotation marks for better readability (plus it seems that some tags were not rendered). Signed-off-by: Matej Marusak <mmarusak@redhat.com>
| * | | apiv2: Enable filtering images by IDMatej Marusak2020-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It is more practical for API usage and also it is more in sync how filtering of containers works. Signed-off-by: Matej Marusak <mmarusak@redhat.com>
* | | | Merge pull request #5178 from marusak/expose_cpuOpenShift Merge Robot2020-02-21
|\ \ \ \ | | | | | | | | | | stats: Expose CPU usage in API