| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cleanup command creation logic is made public as part of this
and wired such that we can call it both within SpecGen (to make
container exit commands) and from the ABI detached exec handler.
Exit commands are presently only used for detached exec, but
theoretically could be turned on for all exec sessions if we
wanted (I'm declining to do this because of potential overhead).
I also forgot to copy the exit command from the exec config into
the ExecOptions struct used by the OCI runtime, so it was not
being added.
There are also two significant bugfixes for exec in here. One is
for updating the status of running exec sessions - this was
always failing as I had coded it to remove the exit file *before*
reading it, instead of after (oops). The second was that removing
a running exec session would always fail because I inverted the
check to see if it was running.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to be able to use cleanup processes to remove exec
sessions as part of detached exec. This PR adds that ability. A
new flag is added to `podman container cleanup`, `--exec`, to
specify an exec session to be cleaned up.
As part of this, ensure that `ExecCleanup` can clean up exec
sessions that were running, but have since exited. This ensures
that we can come back to an exec session that was running but has
since stopped, and clean it up.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add a new ContainerEngine method for creating a detached exec
session, and wire in the frontend code to do this. As part of
this, move Streams out of ExecOptions to the function signature
in an effort to share the struct between both methods.
Fixes #5884
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
Print container state when erroring that it is improper
|
| | |
| |
| |
| |
| |
| |
| | |
This is a nice little convenience - lets people know why we won't
let them attach to a container.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update blang/semver to allow ParseTolerant() support
* Provide helper functions for API handlers to obtain client's 'version'
path variable focused on API endpoint tree: libpod vs. compat
* Introduce new errors:
* version not given in path, endpoints may determine if this is a hard
error (ErrVersionNotGiven)
* given version not supported (ErrVersionNotSupported), only a soft
error if the handler is going to hijack the connection
* Added unit tests for version parsing
* bindings check version on connect:
* client <= Server API version connection is continued
* client >= Server API version connection fails
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
| |
when trying to get an image tree for a missing image, it should return a 404. doc fix only.
Fixes: #6289
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
enable remote integration tests
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\
| |
| | |
V2 Implement terminal handling in bindings attach
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add support for /exec/{id}/resize
* Add support for ErrSessionNotFound
* Resize container TTY as stdin changes size
* Refactor all resize functions into one handler
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| | |
| | | |
Give `auto-update` ability to use per-container authfile specified by label.
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Ondřej Kraus <neverberlerfellerer@gmail.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| | |
To terminate a connection of varlink, say after sending a file, we need to send a message containing a delimiter of ':' so the client knows to hang up.
Fixes: #6237
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
the endpoint for single image removal (on the libpod side) should be as follows:
versionedPath/libpod/images/IMAGENAME
The DELETE method then signifies the removal of the image.
Fixes: #6261
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\
| |
| | |
APIv2 ExecStart (Attached Only)
|
| | |
| |
| |
| |
| |
| |
| | |
Jhon is working on an alternative version that will combine
container and exec session resize, so we'll wait for that.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Most importantly, note the pruning behavior of compat Inspect.
Less importantly, note that the Tty parameter to Start is only
ignored, as opposed to being not supported.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| | |
Oops. Misread the docs when I initially implemented this. Nice
and easy fix, at least.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The usual flow for exec is going to be:
- Create exec session
- Start and attach to exec session
- Exec session exits, attach session terminates
- Client does an exec inspect to pick up exit code
The safest point to remove the exec session, without doing any
database changes to track stale sessions, is to remove during the
last part of this - the single inspect after the exec session
exits.
This is definitely different from Docker (which would retain the
exec session for up to 10 minutes after it exits, where we will
immediately discard) but should be close enough to be not
noticeable in regular usage.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
This is still very early not not well tested, and missing resize
capability, but it does provide the first bits of exec.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
for the remote client, add the ability to attach to a container, start a container, and run a container.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Use the containers.conf cni_config_dir option for inspect and delete
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The pkg/network/files.go methods currently use the constant '/etc/cni/net.d'
for network handling. This results in the unability of podman-network-inspect
and podman-network-rm to locate the cni network configuration files.
This commit propagates the libpod.Runtime through the networking methods and
finally makes use of its configuration (config.Network.NetworkConfigDir).
Closes #6212
Signed-off-by: Maximilian Müller <maxm123@techie.com>
|
| |\ \
| | |
| | | |
Fix checkpoint --leave-running
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
There was typo in the variable name and in one place it was not
correctly passed to the next layer.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | |/
|/|
| |
| |
| |
| |
| | |
* changed PFalse to &false
* changed PTrue to &true
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |/
|
|
|
|
|
|
| |
* Change function call to use readers/writers in place channels
* Support stdin for pushing data from client to container
* Add bindings test
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\
| |
| | |
enable remote image tree
|
| | |
| |
| |
| | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
V2 attach bindings and test
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
* Add ErrLostSync to report lost of sync when de-mux'ing stream
* Add logus.SetLevel(logrus.DebugLevel) when `go test -v` given
* Add context to debugging messages
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| |/
|/| |
enable podman v2 networking for remote client
|
| | |
| |
| |
| | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |/
|
|
|
|
|
|
| |
There exists a chance for a node to be booted in v1, but have reminents of v2. An example is this CRI-O ci run: https://deck-ci.apps.ci.l2s4.p1.openshiftapps.com/view/gcs/origin-federated-results/pr-logs/pull/cri-o_cri-o/3565/test_pull_request_crio_critest_fedora/11243/
We fail because we are incorrectly writing to the unified path, because we are v1. We should not write to the unified path if we are v1
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\
| |
| | |
add podman remote system df
|
| | |
| |
| |
| | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
v2podman image sign
|
| | | |
| | |
| | |
| | |
| | |
| | | |
this is a straight port to add the podman image sign command. no improvements or refactoring done
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
add port to podman remote command
|
| | |/
| |
| |
| | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Adds tunnel routes for system reset.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds tunnel routes for system reset.
Makes forces flag local as options are not propogated down the stack.
Adds relevant test cases and swagger docs.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| | |
Support using custom authfiles for auto updates by adding a new
`--authfile` flag and passing it down into the backend.
Also do some minor fixes in the help text and the man page.
Fixes: #6159
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
also make sure that the limits we set for rootless are not higher than
what we'd set for root containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| |/
|/| |
bindings tests for container remove and inspect
|
| | |
| |
| |
| | |
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \
| | |
| | | |
V2 Implement tunnelled podman version
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
