| Commit message (Collapse) | Author | Age |
|\
| |
| | |
container runlabel
|
| |
| |
| |
| |
| |
| | |
Implement container runlabel for v2. Local client only.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There are three different priorities for applying env variables:
1) environment/config file environment variables
2) image's config
3) user overrides (--env)
The third kind are known to the client, while the default config and image's
config is handled by the backend.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Manifest remove, push
|
| | |
| | |
| | |
| | |
| | |
| | | |
Implements podman manifest remove and podman manifest push.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
add podman image trust set and show
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: bbaude <bbaude@DESKTOP-SH5EG3J.localdomain>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the `podman generate kube` and `podman play kube` command. The code
has largely been copied from Podman v1 but restructured to not leak the
K8s core API into the (remote) client.
Both commands are added in the same commit to allow for enabling the
tests at the same time.
Move some exports from `cmd/podman/common` to the appropriate places in
the backend to avoid circular dependencies.
Move definitions of label annotations to `libpod/define` and set the
security-opt labels in the frontend to make kube tests pass.
Implement rest endpoints, bindings and the tunnel interface.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
Add small fixes for 'podman run' from diffing inspect
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To try and identify differences between Podman v1.9 and master,
I ran a series of `podman run` commands with various flags
through each, then inspecting the resulting containers and diffed
the inspect JSON between each. This identified a number of issues
which are fixed in this PR.
In order of discovery:
- Podman v2 gave short names for images, where Podman v1 gave the
fully-qualified name. Simple enough fix (get image tags and use
the first one if they're available)
- The --restart flag was not being parsed correctly when a number
of retries was specified. Parsing has been corrected.
- The -m flag was not setting the swap limit (simple fix to set
swap in that case if it's not explicitly set by the user)
- The --cpus flag was completely nonfunctional (wired in its
logic)
Tests have been added for all of these to catch future
regressions.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
manifest annotate
|
| |/
| |
| |
| | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| |/
|/| |
v2 system subcommand
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add system df, info, load, renumber, and migrate
Refactor for specialized libpod engines
add the ability to prune images, volumes, containers, and pods
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
v2 podman stats
|
| | |
| | |
| | |
| | | |
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
image removal: refactor part 2
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Continue the refactoring of image removal. I didn't manage to break all
the following changes into smaller and easier to digest commits due to
time constraints:
* Return an error slice instead of a single error. Use multierror only
in the client/frontend. Reflect that in the types.
* Use the batch image removal in the client while preserving the more
rest-idiomatic single-image removal endpoint.
* Add a new handler for the single-image removal endpoint to make it
share the same code as the batch endpoint.
* Expose bindings for the single and batch endpoints, so we can
properly test them.
* Add several convenience functions for error handling to
pkg/errorhandling.
* Set the correct error type in libpod to set the exit code to 2 when
one or more containers are using an image.
* Massage the bindings tests a bit and tackle compilation errors.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As part of this, make a major change to the type we use to
represent port mappings in SpecGen (from using existing OCICNI
structs to using our own custom one). This struct has the
advantage of supporting ranges, massively reducing traffic over
the wire for Podman commands using them (for example, the
`podman run -p 5000-6000` command will now send only one struct
instead of 1000). This struct also allows us to easily validate
which ports are in use, and which are not, which is necessary for
--expose.
Once we have parsed the ports from the new struct, we can produce
an accurate map including all currently requested ports, and use
that to determine what ports need to be exposed (some requested
exposed ports may already be included in a mapping from --publish
and will be ignored) and what open ports on the host we can map
them to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Fixes for test/e2e/containers_conf_test.go
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Implement ParseCgroupsNamespace to handle defaults.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If user/admin specifies a different list of default capabilties
we need to honor these.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
We need to add the default devices listed in containers.conf
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix errors found in coverity scan
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
And system prune feature for v2.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds podman system prune for v2.
Refactoring for code reuse from pods containers images and volume prune.
Adds and enables testcases to support the added feature.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
[CI:DOC] Bring README.md up to date
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
* Add notes on helper functions
* Update example
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |_|/
|/| | |
v2networking enable commands
|
| |/
| |
| |
| |
| |
| | |
Enable the networking commands for v2.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Set up ulimits for rootless containers.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently we are setting the maximum limits for rootful podman containers,
no reason not to set them by default for rootless users as well
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
v2, podman: fix create and entrypoint tests
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
this is necessary as we expect "podman start $ID_NAME" to print the
same arguments the user passed in instead of the full ID.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
testv2: enable attach test
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
* Fix history --quiet formatting
* Fix image inspect --format=json
* Fix image list --sort
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Change the logic in the options from tls-verify to skipping
verification. It require a constant brain yoga to translate
from doing verification (CLI logic) to skipping it (c/image logic).
As the code is using c/image, let's make it consistent.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Enable push tests
|
| | |
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix --tls-verify parsing and make the associated options reflect the
correct logic. Other commands are affected as well but will be fixed
later.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
rootlessport: use two different channels
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The same channel is written to by two different goroutines.
Use a different channel for each of them so to avoid writing to a
closed channel.
Closes: https://github.com/containers/libpod/issues/6018
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
rootless: move ns open before fork
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
commit 788fdc685b00dee5ccb594bef845204250c4c123 introduced a race
where the target process dies before the child process opens the
namespace files. Move the open before the fork so if it fails the
parent process can attempt to join a different container instead of
failing.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
enable inspect tests
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A surprisingly big change. A core problem was that `podman inspect`
allows for passing containers AND images with the default `--type=all`.
This only worked partially as the data was processed in isolation which
caused various issues (e.g., two separate outputs instead of one) but it
also caused issues regarding error handling.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|