| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Use cleaned destination path for indexing image volumes
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We use filepath.Clean() to remove trailing slashes to ensure that
when we supercede image mounts with mounts from --volume and
--mount, paths are consistent when we compare. Unfortunately,
while we used the cleaned path for the destination in the mount,
it was accidentally not used to index the maps that we use to
identify what to supercede, so our comparisons might be thrown
off by trailing slashes and similar.
Fixes #5219
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Make context keys package safe
* Add support for PODMAN_HOST and PODMAN_SSHKEY
* Add slight increasing delay when client connections fail
* Remove usages of path.Join(), added JoinURL(). '/' is not OS
dependent.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
Add test to validate the pod bindings api
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Include test to validate pod create, start, stop, restart,
pause, unpause, list, and inspect api bindings.
Also includes bug fixes that resulted in invalid api responses.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add network opts to pods
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Enables most of the network-related functionality from
`podman run` in `podman pod create`. Custom CNI networks can be
specified, host networking is supported, DNS options can be
configured.
Also enables host networking in `podman play kube`.
Fixes #2808
Fixes #3837
Fixes #4432
Fixes #4718
Fixes #4770
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
PR #5235 updated a bunch of entrypoints from {name} to {name:.*},
requiring matching changes to swagger comments. Looks like one
got missed due to the manual nature of this work.
Have I mentioned lately that manual maintenance of duplicate
information is not a great idea?
Discrepancy caught by my script, which I would really like to
look into getting into CI, but is gating on #5238. (I would
actually not like to get this script into CI, I would prefer
to have the duplicate information be autogenerated from
the function calls themselves, but I seem to have lost
that battle)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
this uses the specgen structure to create containers rather than the outdated createconfig. right now, only the apiv2 create is wired up. eventually the cli will also have to be done.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
APIv2: Fixed CreateImageFromImage not respecting supplied Tag parameter
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
config: use built-in TOML merge and adhere to label setting
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Set the (default) process labels in `pkg/spec`. This way, we can also
query libpod.conf and disable labeling if needed.
Fixes: #5087
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ / / /
| | | |
| | | |
| | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
APIv2: fixes decoder issue
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As I've mentioned once or twice, hand-maintained swagger docs
are evil. This commit attempts to fix:
* Inconsistent methods (swagger says POST but code signature
says GET)
* Inconsistent capitalization
* Typos ("Mounter", "pood")
* Completely wrong paths (/inspect vs /json)
* Missing .Method() registrations
* Missing /libpod in some /volumes paths
* Incorrect method declaration: /libpod/containers/.../kill
was correct (POST) in swagger but wrong in the code itself
(http.MethodGet). Correct the latter to MethodPost
This is two hours' work, even with a script I have that
tries to cross-check everything.
Swagger docs should not be human-maintained.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
%2F escaping is also supported.
Return better response on bad search terms
Fixes #5229
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Fix handler and systemd activation errors
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On panic from handler: log warning and stack trace, report
InternalServerError to client
When using `podman system service` make determining the listening endpoint deterministic.
// When determining _*THE*_ listening endpoint --
// 1) User input wins always
// 2) systemd socket activation
// 3) rootless honors XDG_RUNTIME_DIR
// 4) if varlink -- adapter.DefaultVarlinkAddress
// 5) lastly adapter.DefaultAPIAddress
Fixes #5150
Fixes #5151
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
rootless: check if the conmon process is valid
|
| |/
| |
| |
| |
| |
| |
| |
| | |
if the pause process doesn't exist and we try to join a conmon
namespace, make sure the process still exists. Otherwise re-create
the user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
| |
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\
| |
| | |
Rework label parsing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We attempted to share all logic for parsing labels and
environment variables, which on the surface makes lots of sense
(both are formatted key=value so parsing logic should be
identical) but has begun to fall apart now that we have added
additional logic to environment variable handling. Environment
variables that are unset, for example, are looked up against
environment variables set for the process. We don't want this for
labels, so we have to split parsing logic.
Fixes #3854
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
apiv2 libpod container logs
|
| |
| |
| |
| |
| |
| | |
wire up containers logs for libpod side of the house, same as compat.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
add caching for binding tests
|
| |/
| |
| |
| |
| |
| |
| |
| | |
add the ability to cache images instead of pull them. makes tests faster and less network use when we flip on CI.
Also added list images with filter test
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Fix SELinux labels of volumes
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If we attempt to label a volume and the file system
does not support labeling, then just warn. SELinux
may or may not work, on the volume.
There is no way to setup a private label on a newly
created volume without using the container mountlabel.
If we don't have a mount label at the time of creation of
the volume, the only option we have is to create a shared
label.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Undocker part 1)
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add pkg/signal to deal with parts of signal processing and translating
signals from string to numeric representations. The code has been
copied from docker/docker (and attributed with the copyright) but been
reduced to only what libpod needs (on Linux).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Add pkg/capabibilities to deal with capabilities. The code has been
copied from Docker (and attributed with the copyright) but changed
significantly to only do what we really need. The code has also been
simplified and will perform better due to removed redundancy.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| |/
|/| |
fix bug "" disable detach keys
|
| |
| |
| |
| |
| |
| |
| | |
fix #5166
This patch enables `--detach-keys ""` to disable the feature. "ctrl-p, ctrl-q" will not work after this command.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| | |
| | | |
filtering behavior correction
|
| | |
| | |
| | |
| | |
| | |
| | | |
when filtering containers, if a status= is provided as an input filter, then we should override the all to always be true.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Add /swagger/ endpoint to serve swagger yaml to clients
|
| | |
| | |
| | |
| | |
| | |
| | | |
The provided yaml file will describe the current Podman REST API.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | | |
api: fix the CPU stats reported
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman play kube was ignoring the
imageData.Config
Volumes
WorkingDir
Labels
StopSignal
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
rootlessport: fix potential hang
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
there is a race condition where the child process is immediately
killed:
[pid 2576752] arch_prctl(0x3001 /* ARCH_??? */, 0x7ffdf612f170) = -1 EINVAL (Invalid argument)
[pid 2576752] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
[pid 2576752] --- SIGTERM {si_signo=SIGTERM, si_code=SI_USER, si_pid=2576742, si_uid=0} ---
[pid 2576752] +++ killed by SIGTERM +++
this happens because the parent process here really means the "parent
thread".
Since there is no way of running it on the main thread,
let's skip this functionality altogether and use kill(2).
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
write to the error pipe only in case of an error. Otherwise we may
end up in a race condition in the select statement below as the read
from errChan happens before initComplete and the function returns
immediately nil.
Closes: https://github.com/containers/libpod/issues/5182
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
support device-cgroup-rule
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
fix #4876
Add `--device-cgroup-rule` to podman create and run. This enables to add device rules after the container has been created.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix container filters
|