summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Merge pull request #6654 from rhatdan/keepidOpenShift Merge Robot2020-06-17
|\ | | | | Don't ignore --user flag in rootless --userns keepid
| * Don't ignore --user flag in rootless --userns keepidDaniel J Walsh2020-06-17
| | | | | | | | | | | | | | | | Currently podman run --userns keep-id --user root:root fedora id The --user flag is ignored. Removing this makes the code work correctly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Handle dropping capabilties correctly when running as non root userDaniel J Walsh2020-06-17
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6620 from jgallucci32/api-logs-separateOpenShift Merge Robot2020-06-17
|\ | | | | Move logs functionality to separate file for APIv2
| * Move logs functionality to separate file for APIv2jgallucci322020-06-17
| | | | | | | | | | | | | | | | This simply moves the function for the log handler for APIv2 to a separate file to be consistent with other parts of the code base. Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
* | Merge pull request #6634 from baude/v2buildfixesOpenShift Merge Robot2020-06-17
|\ \ | | | | | | fix misc remote build issues
| * | fix misc remote build issuesBrent Baude2020-06-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | address problem when multiple -t were sent. and rework remote build's tarball if a context dir is given other than ".". Fixes: #6578 Fixes: #6577 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #6522 from mheon/unless-stoppedOpenShift Merge Robot2020-06-17
|\ \ \ | |_|/ |/| | Add support for the unless-stopped restart policy
| * | Add support for the unless-stopped restart policyMatthew Heon2020-06-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We initially believed that implementing this required support for restarting containers after reboot, but this is not the case. The unless-stopped restart policy acts identically to the always restart policy except in cases related to reboot (which we do not support yet), but it does not require that support for us to implement it. Changes themselves are quite simple, we need a new restart policy constant, we need to remove existing checks that block creation of containers when unless-stopped was used, and we need to update the manpages. Fixes #6508 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #6630 from ashley-cui/masterOpenShift Merge Robot2020-06-17
|\ \ \ | | | | | | | | Show Anon, GID, UID in v2 volumes
| * | | Show Anon, GID, UID in v2 volumesAshley Cui2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | Anon, GID, UID parameters previously hidden if empty in podman volume for API v2. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | generate systemd: `ExecStopPost` for all unitsValentin Rothberg2020-06-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an `ExecStopPost` run even for units generated without `--new`. Although it may seem redundant to run `container/pod stop` twice at first glance, we really need the post run. If the main PID (i.e., conmon) is killed, systemd will not execute `ExecStop` but only the post one. We made this obeservation in a customer issue and could reproduce the behavior consistently. Hence, the post run is needed to properly clean up when conmon is killed and it's pretty much a NOP in all other cases. Credits to Ulrich Obergfell for throrough and detailed analyses, which ultimately lead to this fix. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #6631 from rhatdan/hooksOpenShift Merge Robot2020-06-17
|\ \ \ \ | |_|/ / |/| | | Fix handling of old oci hooks
| * | | Fix handling of old oci hooksDaniel J Walsh2020-06-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman is blowing up with oci-umount hook, because it was never rewritten to support the v1.0.0 value. This PR adds support for the older version and cleans up the hook handling. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6636 from mheon/add_warningsOpenShift Merge Robot2020-06-17
|\ \ \ \ | | | | | | | | | | Re-add resource limit warnings to Specgen
| * | | | Re-add resource limit warnings to SpecgenMatthew Heon2020-06-16
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These were part of Podman v1.9, but were lost in the transition to using Specgen to create containers. Most resource limits are checked via the sysinfo package to ensure they are safe to use (the cgroup is mounted, kernel support is present, etc) and removed if not safe. Further, bounds checks are performed to ensure that values are valid. Ensure these warnings are printed client-side when they occur. This part is a little bit gross, as it happens in pkg/infra and not cmd/podman, which is largely down to how we implemented `podman run` - all the work is done in pkg/infra and it returns only once the container has exited, and we need warnings to print *before* the container runs. The solution here, while inelegant, avoid the need to extensively refactor our handling of run. Should fix blkio-limit warnings that were identified by the FCOS test suite. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #6583 from mheon/inspect_ctr_before_imgOpenShift Merge Robot2020-06-17
|\ \ \ \ | |_|_|/ |/| | | Fix podman inspect on overlapping/missing objects
| * | | Fix podman inspect on overlapping/missing objectsMatthew Heon2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This started as a small fix to `podman inspect` where a container and image, with the same name/tag, were present, and `podman inspect` was run on that name. `podman inspect` in 1.9 (and `docker inspect`) will give you the container; in v2.0, we gave the image. This was an easy fix (just reorder how we check for image/container). Unfortunately, in the process of testing this fix, I determined that we regressed in a different area. When you run inspect on a number of containers, some of which do not exist, `podman inspect` should return an array of inspect results for the objects that exist, then print a number of errors, one for each object that could not be found. We were bailing after the first error, and not printing output for the containers that succeeded. (For reference, this applied to images as well). This required a much more substantial set of changes to properly handle - signatures for the inspect functions in ContainerEngine and ImageEngine, plus the implementations of these interfaces, plus the actual inspect frontend code needed to be adjusted to use this. Fixes #6556 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #6622 from goochjj/podman_fix_initOpenShift Merge Robot2020-06-17
|\ \ \ \ | |_|_|/ |/| | | Fix --init and --init-path
| * | | Fix --init and --init-pathJoseph Gooch2020-06-16
| | |/ | |/| | | | | | | | | | | | | | | | Init properly passed into specgen Allow --init with --systemd=true but not --systemd=always. Signed-off-by: Joseph Gooch <mrwizard@dok.org>
* | | Merge pull request #6638 from jwhonce/issues/6548OpenShift Merge Robot2020-06-17
|\ \ \ | | | | | | | | [CI:DOCS] Fixes #6548
| * | | [CI:DOCS] Fixes #6548Jhon Honce2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | * Update swagger documentation Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Add <return> to lines returen in podman-remote logsDaniel J Walsh2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Every line is sent back individually over the APIv2 as logs, but we are not adding the '\n' to give us line breaks. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Fix podman-remote imagesDaniel J Walsh2020-06-16
| |/ / |/| | | | | | | | | | | | | | Looks like we went too far with the linters. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | handlers/compat: fix lint errorValentin Rothberg2020-06-16
| | | | | | | | | | | | | | | | | | | | | Fix a lint error of an used parameter. The error must have sneaked in with a PR that was merged after the recent linter enablement. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | auto-update: use image's archValentin Rothberg2020-06-16
| |/ |/| | | | | | | | | | | | | | | Use the architecture of the local image when looking for a new image on a registry. It seems to be common practice on ARM to tweak the architecture choice to pull the correct image. Fixes: #6613 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #6589 from rhatdan/attachOpenShift Merge Robot2020-06-15
|\ \ | | | | | | Handle errors on attach properly
| * | Handle errors on attach properlyDaniel J Walsh2020-06-15
| | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6601 from zhangguanzhang/podman-cp-dirOpenShift Merge Robot2020-06-15
|\ \ \ | | | | | | | | fix podman cp can create an extra directory when the source is the container's root directory
| * | | fix podman cp can create an extra directory levelzhangguanzhang2020-06-15
| | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | Merge pull request #6590 from zhangguanzhang/masterOpenShift Merge Robot2020-06-15
|\ \ \ \ | | | | | | | | | | Add the missing return in the API handlers' image_build method
| * | | | Add the missing returnzhangguanzhang2020-06-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | | Merge pull request #6603 from sujil02/python-testOpenShift Merge Robot2020-06-15
|\ \ \ \ \ | | | | | | | | | | | | Adds more docker py test
| * | | | | Adds more docker py testSujil022020-06-15
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Addes more docker py test Optimize test to import images from cache Rename test class and dir for python unittest framework Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | | Merge pull request #6597 from rhatdan/imageOpenShift Merge Robot2020-06-15
|\ \ \ \ \ | | | | | | | | | | | | Add some additional fields to imageinspect
| * | | | | Add some additional fields to imageinspectDaniel J Walsh2020-06-13
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #6553 from vrothberg/replaceOpenShift Merge Robot2020-06-15
|\ \ \ \ \ | |_|_|/ / |/| | | | --replace for containers and pods
| * | | | generate systemd: `--replace` on named containers/podsValentin Rothberg2020-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use `--replace` for named containers and pods. This will clean up previous containers and podsthat may not have been removed after a system crash. Fixes: #5485 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #6599 from afbjorklund/server-builtOpenShift Merge Robot2020-06-15
|\ \ \ \ \ | |/ / / / |/| | | | The string field of Built was missing from server
| * | | | The string field of Built was missing from serverAnders F Björklund2020-06-13
| |/ / / | | | | | | | | | | | | | | | | | | | | It should match the client version, but was empty Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | | | Merge pull request #6557 from rhatdan/lintOpenShift Merge Robot2020-06-15
|\ \ \ \ | | | | | | | | | | Turn on More linters
| * | | | Turn on More lintersDaniel J Walsh2020-06-15
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - misspell - prealloc - unparam - nakedret Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* / / / Reassemble filters on the server sideDaniel J Walsh2020-06-12
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | --filter label=foo=bar, was been translated on the server side to --filter label=foo --filter=bar This PR fixes this back to what the user specified. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | [CI:DOCS] Fix carriage returns in API v2 headerTomSweeneyRedHat2020-06-11
| | | | | | | | | | | | | | | | | | | | | | | | ReadTheDocs was wrapping lines and removing leading spaces unless there a blank line in between. This adds the blank lines to make the examples more readable on https://docs.podman.io/en/latest/_static/api.html Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | Merge pull request #6564 from TomSweeneyRedHat/dev/tsweeney/apidocstartOpenShift Merge Robot2020-06-11
|\ \ \ | | | | | | | | [CI:DOCS] Add quick start directions to APIv2 Dock
| * | | [CI:DOCS] Add quick start directions to APIv2 DockTomSweeneyRedHat2020-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds some quick start up directions to the top of the API v2 documentation and a few examples. This strongly leverages comments from @jgallucci32 in #6535. Fixes: #6535 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | Merge pull request #6415 from vrothberg/systemd-new-podOpenShift Merge Robot2020-06-11
|\ \ \ \ | | | | | | | | | | podman-generate-systemd --new for pods
| * | | | generate systemd: wrap pod/ctr lookup errorsValentin Rothberg2020-06-11
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | generate systemd: create pod templateValentin Rothberg2020-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Create a new template for generating a pod unit file. Eventually, this allows for treating and extending pod and container generation seprately. The `--new` flag now also works on pods. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | generate systemd: refactorValentin Rothberg2020-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the systemd-unit generation code and move all the logic into `pkg/systemd/generate`. The code was already hard to maintain but I found it impossible to wire the `--new` logic for pods in all the chaos. The code refactoring in this commit will make maintaining the code easier and should make it easier to extend as well. Further changes and refactorings may still be needed but they will easier. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>