| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
networking: use firewall plugin
|
| | |
| |
| |
| |
| |
| |
| | |
drop the pkg/firewall module and start using the firewall CNI plugin.
It requires an updated package for CNI plugins.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| |/
|/| |
Fix directory pull image name for OCI images
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a breaking change and modifies the resulting image name when
pulling from an directory via `oci:...`.
Without this patch, the image names pulled via a local directory got
processed incorrectly, like this:
```
> podman pull oci:alpine
> podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/oci alpine 4fa153a82426 5 weeks ago 5.85 MB
```
We now use the same approach as in the corresponding [buildah fix][1] to
adapt the behavior for correct `localhost/` prefixing.
[1]: https://github.com/containers/buildah/pull/1800
After applying the patch the same OCI image pull looks like this:
```
> ./bin/podman pull oci:alpine
> podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/alpine latest 4fa153a82426 5 weeks ago 5.85 MB
```
End-to-end tests have been adapted as well to cover the added scenario.
Relates to: https://github.com/containers/buildah/issues/1797
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Udica is adding new features to allow users to define container process
and file types. This would allow us to setup trusted communications channels
between multiple security domains. ContainerA -> ContainerB -> ContainerC
Add tests to make sure users can change file types
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
| |
* Ignore ro mount options in btrfs and windows drivers
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
| |
As the title says, vendor Buildah v1.10.1
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\
| |
| | |
Touch up XDG, add rootless links
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Touch up a number of formating issues for XDG_RUNTIME_DIRS in a number
of man pages. Make use of the XDG_CONFIG_HOME environment variable
in a rootless environment if available, or set it if not.
Also added a number of links to the Rootless Podman config page and
added the location of the auth.json files to that doc.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* progress bar: use spinners for unknown blob sizes
* use 'containers_image_ostree' as build tag
* ostree: default is no OStree support
* Add "Env" to ImageInspectInfo
* config.go: improve debug message
* config.go: log where credentials come from
* Fix typo in docs/containers-registries.conf.5.md
* docker: delete: support all MIME types
* Try harder in storageImageDestination.TryReusingBlob
* docker: allow deleting OCI images
* ostree: improve error message
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we first began writing Podman, we ran into a major issue
when implementing Inspect. Libpod deliberately does not tie its
internal data structures to Docker, and stores most information
about containers encoded within the OCI spec. However, Podman
must present a CLI compatible with Docker, which means it must
expose all the information in 'docker inspect' - most of which is
not contained in the OCI spec or libpod's Config struct.
Our solution at the time was the create artifact. We JSON'd the
complete CreateConfig (a parsed form of the CLI arguments to
'podman run') and stored it with the container, restoring it when
we needed to run commands that required the extra info.
Over the past month, I've been looking more at Inspect, and
refactored large portions of it into Libpod - generating them
from what we know about the OCI config and libpod's (now much
expanded, versus previously) container configuration. This path
comes close to completing the process, moving the last part of
inspect into libpod and removing the need for the create
artifact.
This improves libpod's compatability with non-Podman containers.
We no longer require an arbitrarily-formatted JSON blob to be
present to run inspect.
Fixes: #3500
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
clean up code identified as problematic by golands inspection
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
Vendor latest OCICNI version
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This is needed for dual stack IPv6 support within CRI-O. Because the API
changed within OCICNI, we have to adapt the internal linux networking as
well.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |/
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
| |
this is phase 2 for the removal of libpod from main.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
| |
Ran a `go get -u` and bumped K8s deps to 1.15.0.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
| |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
|
| |
vendor cs with overlay caching
cs also carries a dep on github.com/DataDog/zstd
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
Vendor in logrus v1.4.2
|
| | |
| |
| |
| |
| |
| | |
Fixes #3346
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |/
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
In c/image, this adds the the mirror-by-digest-only option to mirrors, and
moves the search order to an independent list.
A synchronized buildah update is necessary to deal with the c/image API change.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
podman-remote.conf enablement
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add the ability for the podman remote client to use a configuration file
which describes its connections. users can now define a connection the
configuration and then call it by name like:
podman-remote -c connection1
and the destination and user will be derived from the configuration
file. if no -c is provided, we look for a connection in the
configuration file designated as 'default'. If the configuration file
has only one connection, it will be deemed the 'default'.
Signed-off-by: baude <bbaude@redhat.com>
|
| |/
|
|
|
|
| |
Vendor in Buildah v1.8.3
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |
|
|
| |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Mainly add support for podman build using --overlay mounts.
Updates containers/image also adds better support for new registries.conf
file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
| |
allow the user to define a remote host and remote username for their
remote podman sessions. this is then feed to the varlink "bridge" as
the ssh credentials and endpoint.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
As the title suggests.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\
| |
| | |
Update c/storage to v1.12.6
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|
|
|
|
| |
As the title suggests.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |
|
|
|
|
|
| |
build a podman-remote binary for windows that allows users to use the
remote client on windows and interact with podman on linux system.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
| |
Should fix the issue on Windows platform.
Lots of other fixes and enhancements.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
| |
* move to go modules
* fix ErrUnkownDescriptor typo
* catch errors of Setns()
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
journald event logging
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
add the ability for podman to read and write events to journald instead
of just a logfile. This can be controlled in libpod.conf with the
`events_logger` attribute of `journald` or `file`. The default will be
set to `journald`.
Signed-off-by: baude <bbaude@redhat.com>
|
