the way machine was written was very adjunct and as such is in dire need
of refactoring to better structures and structure methods where
appropriate. the weekest part is specifically around all the files that
machine requires and how some are just dynamically built on the fly.
this pr defines a new machinefile type which allows us to work with the
file and also takes into account the use of symlinks which are going to
be needed on macos due to its relatively short file length restriction.
also, added unit tests for new methods as well as anywhere else I saw a
need.
Signed-off-by: Brent Baude <bbaude@redhat.com>
WalkDir should be faster the Walk, since we often do
not need to stat files.
[NO NEW TESTS NEEDED] Existing tests should find errors.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When podman gets an error it prints out "Error: " before
printing the error string. If the error message starts with
error, we end up with
Error: error ...
This PR Removes all of these stutters.
logrus.Error() also prints out that this is an error, so no need for the
error stutter.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The PlayKube and PlayKubeDown commands accepted a "path" argument to a YAML file
to play. This requires the caller to write the YAML to a file path. The downside
of this is apparent in the HTTP handlers which have to use a temporary file on
disk to store the YAML file.
The file is opened & used as the body of the HTTP request. It's possible to
instead pass a io.Reader and use a fully in-memory request body.
Add backwards-compatible changes to bindings to allow passing either a filepath
or a io.Reader body.
Refactor the podman bindings to use a io.Reader instead of a filepath.
Simplify the HTTP handlers for PlayKube by removing the now unneeded tempfile.
[NO NEW TESTS NEEDED]
Signed-off-by: Christian Stewart <christian@paral.in>
Use logrus.IsLevelEnabled because this will cover all levels below it as
well. Currently this condition would fail for the trace log level.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We store the full path to qemu in the machine config. When the path
changes on the host the machine can longer be started. To fix it we get
the path again when we fail to start the machine due the missing binary.
We want to store and use the full path first because otherwise existing
machines can break when the qemu version changed.
[NO NEW TESTS NEEDED] We still have no machine tests.
Fixes#13394
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When starting a VM that has been configured with volume mounts, the
podman client attempts to connect via TCP to localhost, which runs
gvproxy to proxy an ephemeral port to the VM's ssh port. Previously,
gvproxy was listening on all interfaces and IP addresses, but this
behavior has changed to listening only on the IPv4 loopback address.
Without this change, if a newer build of gvproxy is used, a podman
machine configured with volume mounts will hang forever after "podman
machine start" with "Waiting for VM ...".
[NO NEW TESTS NEEDED]
Signed-off-by: Burt Holzman <burt@fnal.gov>
[NO NEW TESTS NEEDED]
* Branch forced 4.0 only endpoints, which broke bindings
* Fix lint error, in new code
Signed-off-by: Jhon Honce <jhonce@redhat.com>
The kernel never sets the inheritable capabilities for a process, they
are only set by userspace. Emulate the same behavior.
Closes: CVE-2022-27649
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Allows users to set `--os` , `--arch` and `--variant` of the image
created from the custom import.
Following is useful when user is already aware of the values which are
correct for their generated rootfs
Signed-off-by: Aditya R <arajan@redhat.com>
When you run podman stats, the first interval always shows the wrong cpu
usage. To calculate cpu percentage we get the cpu time from the cgroup
and compare this against the system time between two stats. Since the
first time we do not have a previous stats an empty struct is used
instead. Thus we do not use the actual running time of the container but
the current unix timestamp (time since Jan 1 1970).
To fix this we make sure that the previous stats time is set to the
container start time, when it is empty.
[NO NEW TESTS NEEDED] No idea how I could create a test which would have
a predictable cpu usage.
See the linked bugzilla for a reproducer.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2066145
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
podman build fails on remote build when using a relative context directory.
This is because the context dir was not being added to the tar, so when remote
the compat build function would not be able to stat the contextDir.
resolves#13293
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Still an unknown number remains but I am running out of patience.
Adding dots is not the best use of my time.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* supports Go 1.18
* disable a number of new linters
* fix minor stylecheck issues
[NO NEW TESTS NEEDED]
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add an `--ignore` flag to `podman image rm` to instruct ignoring image
if a specified image does not exist and to not throw an error. Other
commands (e.g., `podman container rm`) already support this flag.
Such an `--ignore` flag can come in handy in clean-up scripcts such as
the teardown phases in the Podman tests.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Make sure to ignore local {container,docker}ignore files when building a
local pause image. Otherwise, we may mistakenly not be able to copy
catatonit into the build container.
Fixes: #13529
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
When podman generate systemd is invoked, it previously did not check if
container-prefix or pod-prefix are empty. When these are empty, the file name
starts with the separator, which is hyphen by default. This results in files
like '-containername.service'.
The code now checks if these prefixes are empty. If they are, the filename no
longer adds a separator. Instead, it uses name or ID of the container or pod.
Closes#13272
Signed-off-by: Nirmal Patel <npate012@gmail.com>
This commit set the containers RawImageName to default image name
specified in Pod YAML, so the containers could be used via autoupdate
feature, which needs the RawImageName to be set.
Currently RawImageName is set only for the create/run/clone podman
commands.
[NO NEW TESTS NEEDED]
Signed-off-by: Ondra Machacek <omachace@redhat.com>
pkg/bindings is considered stable. We cannot make changes that would
break any users. If someone uses this field their code would fail to
compile. Since the fix is obviously correct we will keep it but also
add the old field back in to keep compatibility with old code.
When both fields are set ImportArchive is preferred over ImportAchive.
Fixes changes from commit 217197340c
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
