| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of this, make a major change to the type we use to
represent port mappings in SpecGen (from using existing OCICNI
structs to using our own custom one). This struct has the
advantage of supporting ranges, massively reducing traffic over
the wire for Podman commands using them (for example, the
`podman run -p 5000-6000` command will now send only one struct
instead of 1000). This struct also allows us to easily validate
which ports are in use, and which are not, which is necessary for
--expose.
Once we have parsed the ports from the new struct, we can produce
an accurate map including all currently requested ports, and use
that to determine what ports need to be exposed (some requested
exposed ports may already be included in a mapping from --publish
and will be ignored) and what open ports on the host we can map
them to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
Fixes for test/e2e/containers_conf_test.go
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
Implement ParseCgroupsNamespace to handle defaults.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
If user/admin specifies a different list of default capabilties
we need to honor these.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
We need to add the default devices listed in containers.conf
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Fix errors found in coverity scan
|
| | |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
And system prune feature for v2.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds podman system prune for v2.
Refactoring for code reuse from pods containers images and volume prune.
Adds and enables testcases to support the added feature.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
[CI:DOC] Bring README.md up to date
|
| | |/
| |
| |
| |
| |
| |
| | |
* Add notes on helper functions
* Update example
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| | |
| | | |
v2networking enable commands
|
| | |/
| |
| |
| |
| |
| | |
Enable the networking commands for v2.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Set up ulimits for rootless containers.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently we are setting the maximum limits for rootful podman containers,
no reason not to set them by default for rootless users as well
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
v2, podman: fix create and entrypoint tests
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
this is necessary as we expect "podman start $ID_NAME" to print the
same arguments the user passed in instead of the full ID.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ /
| |
| |
| |
| |
| | |
testv2: enable attach test
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* Fix history --quiet formatting
* Fix image inspect --format=json
* Fix image list --sort
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Change the logic in the options from tls-verify to skipping
verification. It require a constant brain yoga to translate
from doing verification (CLI logic) to skipping it (c/image logic).
As the code is using c/image, let's make it consistent.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| | |
| | | |
Enable push tests
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix --tls-verify parsing and make the associated options reflect the
correct logic. Other commands are affected as well but will be fixed
later.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
rootlessport: use two different channels
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The same channel is written to by two different goroutines.
Use a different channel for each of them so to avoid writing to a
closed channel.
Closes: https://github.com/containers/libpod/issues/6018
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
rootless: move ns open before fork
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
commit 788fdc685b00dee5ccb594bef845204250c4c123 introduced a race
where the target process dies before the child process opens the
namespace files. Move the open before the fork so if it fails the
parent process can attempt to join a different container instead of
failing.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
enable inspect tests
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A surprisingly big change. A core problem was that `podman inspect`
allows for passing containers AND images with the default `--type=all`.
This only worked partially as the data was processed in isolation which
caused various issues (e.g., two separate outputs instead of one) but it
also caused issues regarding error handling.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
generate systemd
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
Implement `podman generate systemd` for Podman v2 and enable associated
tests.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
User specified environment happen after other environments are set
|
| | |/
| |
| |
| |
| |
| |
| | |
When using varlink we want to make sure that user specified environment variables
take precedence over http-proxy environment.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
system tests must pass
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Fix typos in messages pod rm
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fix typos in pod rm messages
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |\ \ \
| | | |
| | | | |
check image media/manifest type for healthchecks
|
| | | |/
| |/|
| | |
| | |
| | |
| | | |
before looking up a healthcheck in an image, check to make sure it is a dockerv2schema image.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
v2, podman: fix create tests
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Adding system prune for podman v2
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Register system prune route, handler to support system prune,
Adds testcase to validate the system prune flow.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Add support for volumes-from, image volumes, init
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We should not be overwriting the Specgen's Command and Entrypoint
when building the final command to pass in the OCI spec. Both of
these will be provided to Libpod for use in `podman inspect` and
committing containers, and both must be set to the user's input,
not overwritten by the image if unset.
Fix this by moving command generation into OCI spec generation
and not modifying the SpecGenerator when we do so.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This should complete Podmanv2's support for volume-related flags.
Most code was sourced from the old pkg/spec implementation with
modifications to account for the split between frontend flags
(volume, mount, tmpfs) and the backend flags implemented here.
Also enables tests for podman run with volumes
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
