| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Turn off 'noexec' option by default for named volumes
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We previously enforced this for security reasons, but as Dan has
explained on several occasions, it's not very valuable there
(it's trivially easy to bypass) and it does seriously annoy folks
trying to use named volumes. Flip the default from 'on' to 'off'.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \
| | |
| | | |
Fix remote integration for healthchecks
|
| | |
| | |
| | |
| | |
| | |
| | | |
the one remaining test that is still skipped do to missing exec function
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Implement detached exec
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| | | | |
| | | | | |
enable remote integration tests for init
|
| |/ / /
| | | |
| | | |
| | | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Test fixes for remote integration
|
| | |/ /
| |/| |
| | | |
| | | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
`--format` and `--filter` options for `network ls` and `network inspect` command
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
New testcase for network ls --filter and inspect --format
added. Also bash completion options updated.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
enable pod_create remote integration tests
|
| | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
govern remote attach and start
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
fixes a race where container would start before attach could occur resulting in an error.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix create_test for remote integration
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
fixes tests to pass for remote integration. the two remaining tests that are skipped are due to lack of logs command.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
specifying `-n=ctr-name` tells conmon to log CONTAINER_NAME=name if the log driver is journald
add this, and a test!
also, refactor the args slice creation to not append() unnecessarily.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |/
|/|
| |
| |
| |
| | |
enable remote integration tests
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
| |
Allow the `podman events --format` accept {{json.}} and complete small fix podman-events.1.md
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
| |
and enable events tests.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
enable rootless mount tests
|
| |
| |
| |
| |
| |
| |
| | |
Remove the annotation from the umount command to make mount tests pass
and let podman-umount run as a non-root user.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
| |
also make sure that the limits we set for rootless are not higher than
what we'd set for root containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
| |
it appears that the pod stats flake can be attributed to the fact that the container being run is not fully running when the stats call is made. because the stats call is in format of json, it fails when nil
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
container runlabel
|
| |
| |
| |
| |
| |
| | |
Implement container runlabel for v2. Local client only.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
auth pkg support emtpy argument & enable login test
|
| | |
| | |
| | |
| | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There are three different priorities for applying env variables:
1) environment/config file environment variables
2) image's config
3) user overrides (--env)
The third kind are known to the client, while the default config and image's
config is handled by the backend.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Manifest remove, push
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Implements podman manifest remove and podman manifest push.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
add podman image trust set and show
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: bbaude <bbaude@DESKTOP-SH5EG3J.localdomain>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| | |
Adds port subcommand for containers
Updates check for no args when all flag is set.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \
| | |
| | | |
add {generate,play} kube
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the `podman generate kube` and `podman play kube` command. The code
has largely been copied from Podman v1 but restructured to not leak the
K8s core API into the (remote) client.
Both commands are added in the same commit to allow for enabling the
tests at the same time.
Move some exports from `cmd/podman/common` to the appropriate places in
the backend to avoid circular dependencies.
Move definitions of label annotations to `libpod/define` and set the
security-opt labels in the frontend to make kube tests pass.
Implement rest endpoints, bindings and the tunnel interface.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
| |
All functionality these require should be ported.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
Add small fixes for 'podman run' from diffing inspect
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To try and identify differences between Podman v1.9 and master,
I ran a series of `podman run` commands with various flags
through each, then inspecting the resulting containers and diffed
the inspect JSON between each. This identified a number of issues
which are fixed in this PR.
In order of discovery:
- Podman v2 gave short names for images, where Podman v1 gave the
fully-qualified name. Simple enough fix (get image tags and use
the first one if they're available)
- The --restart flag was not being parsed correctly when a number
of retries was specified. Parsing has been corrected.
- The -m flag was not setting the swap limit (simple fix to set
swap in that case if it's not explicitly set by the user)
- The --cpus flag was completely nonfunctional (wired in its
logic)
Tests have been added for all of these to catch future
regressions.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
manifest annotate
|
| |/
| |
| |
| | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| |/
|/| |
v2 system subcommand
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add system df, info, load, renumber, and migrate
Refactor for specialized libpod engines
add the ability to prune images, volumes, containers, and pods
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
v2 podman stats
|
| |
| |
| |
| | |
Signed-off-by: baude <bbaude@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As part of this, make a major change to the type we use to
represent port mappings in SpecGen (from using existing OCICNI
structs to using our own custom one). This struct has the
advantage of supporting ranges, massively reducing traffic over
the wire for Podman commands using them (for example, the
`podman run -p 5000-6000` command will now send only one struct
instead of 1000). This struct also allows us to easily validate
which ports are in use, and which are not, which is necessary for
--expose.
Once we have parsed the ports from the new struct, we can produce
an accurate map including all currently requested ports, and use
that to determine what ports need to be exposed (some requested
exposed ports may already be included in a mapping from --publish
and will be ignored) and what open ports on the host we can map
them to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|