In the SystemCheck HTTP handler, when parsing the
unreferenced_layer_max_age query parameter fails, the error response is
sent but execution continues to `unreferencedLayerMaximumAge = &duration`
where `duration` is the zero value. This causes the system check to run
with a zero duration instead of returning the 400 error to the client.
Add the missing `return` after the error response.
Fixes#28350
Signed-off-by: crawfordxx <crawfordxx@users.noreply.github.com>
Docker treats EndpointSettings.IPAddress as operational/state, not desired create input.
Static address requests should come from IPAMConfig fields. Using both can duplicate
the same IPv4 request and trigger already allocated IPAM errors in compose scenarios.
Ref: moby/moby#46183 (daemon validation), docker/cli#4493 (CLI IPAMConfig), moby/moby#19001 (static IP feature).
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
The Docker API spec defines HTTP 409 for POST /containers/create when
the requested name is already in use. The handler was returning 500 for
all errors from ContainerCreate, including ErrCtrExists.
This mismatch breaks buildx parallel builds on Podman: buildx checks
for a conflict response to safely converge multiple concurrent builders
onto the already-running BuildKit container. With 500 it treats the
conflict as a fatal error instead, causing all but the first parallel
build to fail.
The fix follows the same pattern already used in the rename handler,
which correctly returns 409 for ErrCtrExists. The swagger annotation
for this endpoint already documents the 409 response.
Signed-off-by: Jordan Rodgers <com6056@gmail.com>
Add documentation for undocumented API parameters across multiple endpoints:
System:
- POST /libpod/system/prune: all, volumes, external, build, filters
Pods:
- DELETE /libpod/pods/{name}: timeout
- GET /libpod/pods/stats: stream, delay
Volumes:
- DELETE /volumes/{name}: timeout
- DELETE /libpod/volumes/{name}: timeout
Containers:
- GET /libpod/containers/stats: all
- POST /libpod/containers/{name}/restart: timeout
- POST /libpod/containers/{name}/resize: running
Images:
- POST /images/create: retry, retryDelay
- GET /images/json: shared-size
Exec:
- POST /libpod/exec/{id}/resize: running
Generate:
- GET /libpod/generate/{name}/systemd: templateUnitFile
Signed-off-by: Tim Zhou <tizhou@redhat.com>
Fix a few new issues reported by the linter update.
There is no need to copy the capAdd/capDrop slice in the compat create
endpoint as they are only read and not modified.
For the other code preallocate the slices so we safe memory allocations.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The JSONProgress is not part of moby/moby API anymore:
f4127d76c5
To stay compatible with the previous client version, this commit backports
the jsonmessage.JSONProgress.String() and uses it to genereate
the progress report.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
Replace github.com/docker/docker API imports with github.com/moby/moby
across compat handlers, swagger models, and tests to align with upstream
type definitions.
Fixes: #27536.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
Require (linux || freebsd), because the code already does that, in practice.
This just means macOS users of IDEs aren't hit with thousands of compilation
errors (and then the IDE can open an Linux-specific file and then process it
under the Linux assumption, which works much better).
This commit ONLY replaces
//go:build !remote
with
//go:build !remote && (linux || freebsd)
and is split from the rest to allow mechanically verifying that fact,
and focusing a review on the other kinds of changes.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Pass --mount settings and the contents of the --source-policy-file
argument to remote builds.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Instead of creating a slice and then appending to it, let's inline the
initial slice into append. This may or may not result in less slice
reallocations, but it is silencing the prealloc linter warnings.
This commit is part of series fixing issues reported by prealloc linter
from golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
When we already know the resulting slice size but still need/want to use
append, it makes sense to preallocate the slice by using make with the
capacity argument.
This commit is part of series fixing issues reported by prealloc linter
from golangci-lint v2.8.0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This also then bumps github.com/opencontainers/runtime-spec to v1.3.0
which contains breaking changes of the pid type as such we had to update
all the podman callers.
And tags.cncf.io/container-device-interface also used some changed
types from it and they have been updated in main so bump to the latest
commit there as well in order to get podman to compile properly.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This reverts commit 2b848cca36.
The official Docker API documentation was misleading here.
Testing shown that old podman behaviour was correct.
In docker copyUIDGID=true means that primary container uid/gid is used,
not the uid/gid from the tar stream.
Signed-off-by: Matej Vašek <matejvasek@gmail.com>
image got converted to the new docker modules which were finally renamed
to moby[1]. Podman however still uses docker so now the swagger lookup
seems to find duplicated types which in general breaks the generation so
exclude the new module for now until we convert podman and fix the new
type issues swagger found.
[1] https://github.com/containers/container-libs/pull/459
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
