... to centralize the conversion from entities.PodmanConfig
to bindings.Options, we will add more code there.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Right now, this correctly handles pullOptions.credentials
which were ignored previously (admittedly that field is never set
by anything...); in the future, it will ensure the two c/image users
won't get out of sync again.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This will make it easier to add one more option,
and removes a risk of passing options in an incorrect order.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add a per-volume 'nocreate' option that prevents automatic creation of
named volumes when they don't exist. When specified, Podman will fail
if the volume is not found instead of creating it automatically.
Usage: -v myvolume:/data:nocreate
--mount type=volume,src=myvolume,dst=/data,nocreate
See: #27862
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
The client and server version can mismatch in which case the client may
fail on something the newer server can understand or the other way
around. Given the server has to parse and validate that output no matter
what there does not seem to be a strong argument for doing this on the
client side again.
Also this means we do leak the sourcepolicy package into the remote
client.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Pass --mount settings and the contents of the --source-policy-file
argument to remote builds.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
As I outlined in the design docs this is broken, there are several
data races here because we write to the config files that can be read by
other goroutines in parallel which violates the go memory model and
thus can lead to runtime panics and undefined behavior.
One could fix with a mutex but that would make the whole code base much
more ugly and there is still the risk that something would access this
field without the mutex held.
I am not sure we have any users using this, it never worked for the
storage side and since the service is a not a daemon any user could just
stop and start it again to re-read the files without having to stop
running containers.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
runWslCommand never returns err != nil because if there's an error, it
calls Fail (which panics, so the code after it is unreachable).
Remove error returning and checking.
Inspired by the following linter warning:
> pkg/machine/e2e/config_windows_test.go:59:56: runWslCommand - result 1 (error) is always nil (unparam)
> func runWslCommand(cmdArgs []string) (*machineSession, error) {
> ^
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Rather than append LocalhostSSHArgs to args, prepend it, assuming the
order doesn't matter here.
This fixes the following prealloc warning (without decreasing
readability):
> cmd/podman/machine/cp.go:130:2: Consider preallocating args (prealloc)
> args := []string{"-r", "-i", sshConfig.IdentityPath, "-P", strconv.Itoa(sshConfig.Port)}
> ^
This commit is part of series fixing issues reported by prealloc linter
from golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Instead of creating a slice and then appending to it, let's inline the
initial slice into append. This may or may not result in less slice
reallocations, but it is silencing the prealloc linter warnings.
This commit is part of series fixing issues reported by prealloc linter
from golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Copying the slice is not necessary here since registeredBinfmtMisc
always creates the slice from scratch.
This commit is part of series fixing issues reported by prealloc linter
from golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
When we already know the resulting slice size but still need/want to use
append, it makes sense to preallocate the slice by using make with the
capacity argument.
This commit is part of series fixing issues reported by prealloc linter
from golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Calling append can lead to resizing the slice. In case we have all
elements beforehand, it is not necessary to call append in the first
place and this avoid resizing.
This is the first part of fixing issues reported by prealloc linter from
golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
now that we use `bootc switch` for changing out-of-band updates, we can
consider also using some of their supported transports.
* containers-storage
* oci
* oci-archive
* registry
RUN-3963
Signed-off-by: Brent Baude <bbaude@redhat.com>
Remove CNI-specific conditional logic and update comments throughout
the libpod networking code:
- Simplified DNS configuration logic in container_internal_common.go
to always use netavark behavior (removed backend checks)
- Removed CNI-specific iptables chain error regex pattern
- Updated all comments referencing 'CNI' to use 'netavark' or
'network backend'
- Renamed variable 'cniNet' to 'netInfo' for clarity
- Updated field and type documentation to remove CNI references
All networking code now assumes netavark as the sole backend.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
Remove runtime configuration options for CNI network backend:
Runtime options:
- Remove WithNetworkBackend() runtime option function
- Function allowed setting network backend programmatically
Flag handling:
- Remove --network-backend flag change detection
- Remove call to WithNetworkBackend() when flag changed
- Remove TODO comment about CNI plugins directory flag
The network backend configuration is now handled entirely by the
vendored common/libnetwork code, which will default to Netavark.
There is no longer any way to configure CNI as the network backend
through Podman's runtime initialization.
Note: libpod/info.go keeps existing NetworkBackend reporting logic
which will automatically report "netavark" as the only backend since
configuration defaults to netavark and cannot be changed to CNI.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
Remove user-facing CLI options for CNI network backend:
CLI flags:
- Keep --network-backend global flag as hidden and deprecated for
backward compatibility with cleanup commands from 5.x containers
- Map flag to a throwaway variable (value is ignored)
- Remove shell completion for network backend values
Shell completions:
- Remove AutocompleteNetworkBackend() function
- Remove references to CNI and Netavark type constants
Backward compatibility:
- Remove --rootless-cni flag alias for podman unshare
- Remove SetNormalizeFunc that mapped rootless-cni to rootless-netns
- Update --rootless-netns flag description to mention only netavark
The --network-backend flag remains as a hidden deprecated flag to
prevent failures when upgrading from 5.x where containers may have
cleanup commands that include this flag. The flag is accepted but
ignored. Users can no longer specify CNI as a network backend option.
The --rootless-cni alias is removed; users must use --rootless-netns.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
