add {generate,play} kube

Add the `podman generate kube` and `podman play kube` command.  The code
has largely been copied from Podman v1 but restructured to not leak the
K8s core API into the (remote) client.

Both commands are added in the same commit to allow for enabling the
tests at the same time.

Move some exports from `cmd/podman/common` to the appropriate places in
the backend to avoid circular dependencies.

Move definitions of label annotations to `libpod/define` and set the
security-opt labels in the frontend to make kube tests pass.

Implement rest endpoints, bindings and the tunnel interface.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>

pkg/api/handlers/libpod/generate.go

@@ -0,0 +1,38 @@
+package libpod
+
+import (
+	"net/http"
+
+	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/api/handlers/utils"
+	"github.com/containers/libpod/pkg/domain/entities"
+	"github.com/containers/libpod/pkg/domain/infra/abi"
+	"github.com/gorilla/schema"
+	"github.com/pkg/errors"
+)
+
+func GenerateKube(w http.ResponseWriter, r *http.Request) {
+	runtime := r.Context().Value("runtime").(*libpod.Runtime)
+	decoder := r.Context().Value("decoder").(*schema.Decoder)
+	query := struct {
+		Service bool `schema:"service"`
+	}{
+		// Defaults would go here.
+	}
+
+	if err := decoder.Decode(&query, r.URL.Query()); err != nil {
+		utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest,
+			errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String()))
+		return
+	}
+
+	containerEngine := abi.ContainerEngine{Libpod: runtime}
+	options := entities.GenerateKubeOptions{Service: query.Service}
+	report, err := containerEngine.GenerateKube(r.Context(), utils.GetName(r), options)
+	if err != nil {
+		utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "error generating YAML"))
+		return
+	}
+
+	utils.WriteResponse(w, http.StatusOK, report.Reader)
+}

pkg/api/handlers/libpod/play.go

@@ -0,0 +1,64 @@
+package libpod
+
+import (
+	"io"
+	"io/ioutil"
+	"net/http"
+	"os"
+
+	"github.com/containers/image/v5/types"
+	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/api/handlers/utils"
+	"github.com/containers/libpod/pkg/domain/entities"
+	"github.com/containers/libpod/pkg/domain/infra/abi"
+	"github.com/gorilla/schema"
+	"github.com/pkg/errors"
+)
+
+func PlayKube(w http.ResponseWriter, r *http.Request) {
+	runtime := r.Context().Value("runtime").(*libpod.Runtime)
+	decoder := r.Context().Value("decoder").(*schema.Decoder)
+	query := struct {
+		Network   string `schema:"reference"`
+		TLSVerify bool   `schema:"tlsVerify"`
+	}{
+		TLSVerify: true,
+	}
+
+	if err := decoder.Decode(&query, r.URL.Query()); err != nil {
+		utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest,
+			errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String()))
+		return
+	}
+
+	// Fetch the K8s YAML file from the body, and copy it to a temp file.
+	tmpfile, err := ioutil.TempFile("", "libpod-play-kube.yml")
+	if err != nil {
+		utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "unable to create tempfile"))
+		return
+	}
+	defer os.Remove(tmpfile.Name())
+	if _, err := io.Copy(tmpfile, r.Body); err != nil && err != io.EOF {
+		tmpfile.Close()
+		utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "unable to write archive to temporary file"))
+		return
+	}
+	if err := tmpfile.Close(); err != nil {
+		utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "error closing temporary file"))
+		return
+	}
+
+	containerEngine := abi.ContainerEngine{Libpod: runtime}
+	options := entities.PlayKubeOptions{Network: query.Network, Quiet: true}
+	if _, found := r.URL.Query()["tlsVerify"]; found {
+		options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
+	}
+
+	report, err := containerEngine.PlayKube(r.Context(), tmpfile.Name(), options)
+	if err != nil {
+		utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "error playing YAML file"))
+		return
+	}
+
+	utils.WriteResponse(w, http.StatusOK, report)
+}

pkg/api/handlers/swagger/swagger.go

@@ -56,6 +56,13 @@ type swagLibpodImagesRemoveResponse struct {
 	Body handlers.LibpodImagesRemoveReport
 }
 
+// PlayKube response
+// swagger:response DocsLibpodPlayKubeResponse
+type swagLibpodPlayKubeResponse struct {
+	// in:body
+	Body entities.PlayKubeReport
+}
+
 // Delete response
 // swagger:response DocsImageDeleteResponse
 type swagImageDeleteResponse struct {

pkg/api/server/register_generate.go

@@ -0,0 +1,41 @@
+package server
+
+import (
+	"net/http"
+
+	"github.com/containers/libpod/pkg/api/handlers/libpod"
+	"github.com/gorilla/mux"
+)
+
+func (s *APIServer) registerGenerateHandlers(r *mux.Router) error {
+	// swagger:operation GET /libpod/generate/{name:.*}/kube libpod libpodGenerateKube
+	// ---
+	// tags:
+	//  - containers
+	//  - pods
+	// summary: Play a Kubernetes YAML file.
+	// description: Create and run pods based on a Kubernetes YAML file (pod or service kind).
+	// parameters:
+	//  - in: path
+	//    name: name:.*
+	//    type: string
+	//    required: true
+	//    description: Name or ID of the container or pod.
+	//  - in: query
+	//    name: service
+	//    type: boolean
+	//    default: false
+	//    description: Generate YAML for a Kubernetes service object.
+	// produces:
+	// - application/json
+	// responses:
+	//   200:
+	//     description: no error
+	//     schema:
+	//      type: string
+	//      format: binary
+	//   500:
+	//     $ref: "#/responses/InternalError"
+	r.HandleFunc(VersionedPath("/libpod/generate/{name:.*}/kube"), s.APIHandler(libpod.GenerateKube)).Methods(http.MethodGet)
+	return nil
+}

pkg/api/server/register_play.go

@@ -0,0 +1,42 @@
+package server
+
+import (
+	"net/http"
+
+	"github.com/containers/libpod/pkg/api/handlers/libpod"
+	"github.com/gorilla/mux"
+)
+
+func (s *APIServer) registerPlayHandlers(r *mux.Router) error {
+	// swagger:operation POST /libpod/play/kube libpod libpodPlayKube
+	// ---
+	// tags:
+	//  - containers
+	//  - pods
+	// summary: Play a Kubernetes YAML file.
+	// description: Create and run pods based on a Kubernetes YAML file (pod or service kind).
+	// parameters:
+	//  - in: query
+	//    name: network
+	//    type: string
+	//    description: Connect the pod to this network.
+	//  - in: query
+	//    name: tlsVerify
+	//    type: boolean
+	//    default: true
+	//    description: Require HTTPS and verify signatures when contating registries.
+	//  - in: body
+	//    name: request
+	//    description: Kubernetes YAML file.
+	//    schema:
+	//      type: string
+	// produces:
+	// - application/json
+	// responses:
+	//   200:
+	//     $ref: "#/responses/DocsLibpodPlayKubeResponse"
+	//   500:
+	//     $ref: "#/responses/InternalError"
+	r.HandleFunc(VersionedPath("/libpod/play/kube"), s.APIHandler(libpod.PlayKube)).Methods(http.MethodPost)
+	return nil
+}

pkg/api/server/server.go

@@ -98,12 +98,14 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li
 		server.registerDistributionHandlers,
 		server.registerEventsHandlers,
 		server.registerExecHandlers,
+		server.registerGenerateHandlers,
 		server.registerHealthCheckHandlers,
 		server.registerImagesHandlers,
 		server.registerInfoHandlers,
 		server.registerManifestHandlers,
 		server.registerMonitorHandlers,
 		server.registerPingHandlers,
+		server.registerPlayHandlers,
 		server.registerPluginsHandlers,
 		server.registerPodsHandlers,
 		server.RegisterSwaggerHandlers,