Refactored current filter pods flow through the shared pod functions
so filter pod functionalities can be shared between api and cmd.
Signed-off-by: Sujil02 <sushah@redhat.com>
Add support to auto-update containers running in systemd units as
generated with `podman generate systemd --new`.
`podman auto-update` looks up containers with a specified
"io.containers.autoupdate" label (i.e., the auto-update policy).
If the label is present and set to "image", Podman reaches out to the
corresponding registry to check if the image has been updated. We
consider an image to be updated if the digest in the local storage is
different than the one of the remote image. If an image must be
updated, Podman pulls it down and restarts the container. Note that the
restarting sequence relies on systemd.
At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT"
environment variables and stores it verbatim in the container's label.
This variable is now set by all systemd units generated by
`podman-generate-systemd` and is set to `%n` (i.e., the name of systemd
unit starting the container). This data is then being used in the
auto-update sequence to instruct systemd (via DBUS) to restart the unit
and hence to restart the container.
Note that this implementation of auto-updates relies on systemd and
requires a fully-qualified image reference to be used to create the
container. This enforcement is necessary to know which image to
actually check and pull. If we used an image ID, we would not know
which image to check/pull anymore.
Fixes: #3575
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
when building images, we can now add the os and arch of the image using overrides from the commandline. the commandline options set sane defaults so we use those as well.
Fixes: #5503
Signed-off-by: Brent Baude <bbaude@redhat.com>
the api for getting images changed to use filters but back level podman versions cannot handle it. so temporarily disabling the filtering for remote clients until the restful approach can be used.
Signed-off-by: Brent Baude <bbaude@redhat.com>
calculating the image size can be an expensive operation. Avoid doing
it when creating a new container since the size is not needed.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The other direction: fix or clean up elements documented in
man pages but which did/do not exist in actual podman:
* runlabel: add missing "-n" alias for --name
And, remove man page entries for nonexistent options:
* podman commit: --iidfile
* podman container runlabel: --rootfs, --storage
* podman create: --cpu-count
There are two problems I don't know how to deal with. Both
are related to main_local.go:rootCmd.PersistentFlags() :
1) podman-build.1.md documents --cni-config-dir and
--runtime options, but these are not actually options
under podman build; they are global options. The
documentation in this man page differs from that
under podman-build.
2) podman ps implements a binary --namespace option,
but this option does not (cannot?) appear in --help
because there's a global --namespace string option
and Cobra somehow gets confused about this.
Do we really intend for global options to be parsed on
the right-hand side of subcommands? This strikes me as
unintuitive and potentially confusing, although the
fact that it has taken me this long to discover it
suggests that it's not _that_ confusing.
Suggestions welcome. I can file issues for 1/2 above,
or simply teach my script to special-case ignore them.
Signed-off-by: Ed Santiago <santiago@redhat.com>
I wrote a script to cross-reference podman --help against
man pages. It found a bunch of inconsistencies fix them:
* options missing from man pages
* options misspelled or misformatted in man pages (usually
misplaced asterisks or missing dashes, but see --dns-opt)
* one spurious comma in the actual source file --help
This is a fix in which I iterate over 'podman CMD --help'
and check for presence in man pages. The other way around
(look for flags in man pages, check podman CMD --help)
is probably impossible: there are too many special cases
Signed-off-by: Ed Santiago <santiago@redhat.com>
While string variables are shown to expect a string argument, boolean
variables are not. This easily tricks users into believing they are
simple switches without arguments. Hence, explicitly mention the
default to clarify it a bit more.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
during container creation, if no network is provided, we need to add a default value so the container can be later started.
use apiv2 container creation for RunTopContainer instead of an exec to the system podman. RunTopContainer now also returns the container id and an error.
added a libpod commit endpoint.
also, changed the use of the connections and bindings slightly to make it more convenient to write tests.
Fixes: 5366
Signed-off-by: Brent Baude <bbaude@redhat.com>
Some users have small /var/tmp directories and need to be able to specify a different location
for temporary files, which includes more space.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Leave setting the "container" variable to consumers of pkg/env.
Podman is now hard-setting it to "podman" while "libpod" will
set it internally to "libpod" if it's unset.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
The --rmi flag will delete the container image after its execution
unless that image is already been used by another container(s).
This is useful when one wants to execute a container once and remove
any resources attached to it.
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
Env-variable related code is scattered across several packages making it
hard to maintain and extend. Consolidate the code into a new pkg/env
package.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
It solves a tight loop with poll as stdin will be initialized to
/dev/null in buildah/imagebuildah/StageExecutor.Run.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Stop closing net.Listener() twice on interrupt
* Do not report error if closing server twice
Fixes#5311
Signed-off-by: Jhon Honce <jhonce@redhat.com>
otherwise it triggers the config file initialization from
vendor/github.com/containers/common/pkg/config before the init() in
main.go can set correctly XDG_RUNTIME_DIR and DBUS_SESSION_BUS_ADDRESS
when they are missing.
commit 96de762eed introduced the
regression.
Closes: https://github.com/containers/libpod/issues/5314
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We can easily tell if we're going to deadlock by comparing lock
IDs before actually taking the lock. Add a few checks for this in
common places where deadlocks might occur.
This does not yet cover pod operations, where detection is more
difficult (and costly) due to the number of locks being involved
being higher than 2.
Also, add some error wrapping on the Podman side, so we can tell
people to use `system renumber` when it occurs.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
1) Help message for podman port was missing [PORT]
2) Add test for 'podman port'. And, actually, an entire
networking test that I'd written some weeks ago but
apparently didn't 'git add'.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
code was erronously misinterpretting the port as a containername.
Fixes: #1791832
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well.
Fixes: #5299
Signed-off-by: Brent Baude <bbaude@redhat.com>
* Make context keys package safe
* Add support for PODMAN_HOST and PODMAN_SSHKEY
* Add slight increasing delay when client connections fail
* Remove usages of path.Join(), added JoinURL(). '/' is not OS
dependent.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
