Add support for loading images directly from machine paths to avoid
unnecessary file transfers when the image archive is already accessible
on the running machine through mounted directories.
Changes include:
- New /libpod/local/images/load API endpoint for direct machine loading
- Machine detection and path mapping functionality
- Fallback in tunnel mode to try optimized loading first
This optimization significantly speeds up image loading operations
when working with remote Podman machines by eliminating redundant
file transfers for already-accessible image archives.
Fixes: https://issues.redhat.com/browse/RUN-3249
Fixes: https://github.com/containers/podman/issues/26321
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
Prior to this commit `artifact remove --all` was not supported on remote
clients.
This patch adds a new artifact API endpoint `artifact/remove` which can
either take a list of artifacts to remove or remove all artifacts by
setting all=true.
This patch removes the temporary warning message in the tunnel interface
implementation of ArtifactRm if `--all` was passed on the command line
and uses the new `artifact/remove` endpoint.
This patch also updates the `artifact remove` command both remote and
local to accept a list of artifacts to remove rather than limiting to
just one.
Signed-off-by: Lewis Roy <lewis@redhat.com>
Since compat version 1.43 the VirtualSize field in the
GET /images/{name}/json, GET /images/json, and
GET /system/df responses is deprecated and will no
longer be included in API v1.44. Use the Size field
instead, which contains the same information.
Signed-off-by: Nicola Sella <nsella@redhat.com>
Add the Go bindings implementation necessary to support Artifacts.
Implement the tunnel interface that consumes the Artifacts Go bindings.
With this patch, users of the Podman remote clients will now be able to
manage OCI artifacts via the Podman CLI and Podman machine.
Jira: https://issues.redhat.com/browse/RUN-2714#
Signed-off-by: Lewis Roy <lewis@redhat.com>
Don't force the SkipUnusedStages option one way or another when the
client doesn't specifically request one or the other, so that the server
can choose to use its default behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Don't force the CompatVolumes option one way or another when the client
doesn't specifically request one or the other, so that the server can
choose to use its default behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Don't force the IdentityLabel option one way or another when the client
doesn't specifically request one or the other, so that the server can
choose to use its default behavior.
Fixes#26669
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Wire up the source-date-epoch, rewrite-timestamp, and created-annotation
flags so that a client can correctly ask a server to honor them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Fixed the --build-context flag to properly send files for remote builds. Previously
only the main context was sent over as a tar while additional contexts were passed as
local paths and this would cause builds to fail since the files wouldn't exist.
New changes modifies the Build API to use multipart HTTP requests allowing multiple
build contexts to be used. Each additional context is packaged and
transferred based on its type:
- Local Directories: Sent as tar archives
- Git Repositories: link sent to the server where its then cloned
- Container Images: Image reference sent to the server, it then pulls the image there
- URLs/archives: URL sent to the server, which handles the download
Fixes: #23433
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
An HTTP response with Content-Type application/json does not need
to be HTML escaped. Doing this causes encoding issues in the Podman
REST API output as seen in the issue:
Fixes#17769
Remove the HTML escaping from Content-Type: application/json responses.
Signed-off-by: Stef Walter <stef@thewalter.net>
Co-Authored-By: Claude <noreply@anthropic.com>
One might think Close() should be called but we are already using
Shutdown() which is the graceful way to stop the server so we don't
actually need Close().
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Deadcode should that the ShouldRestart() API endpoint was never wired
into the router so the endpoint did not existed and the bindings called
a non existing endpoint which returnd 404 which the binding code
assumed means no restart.
As such remove all this code as it didn't do anything useful. And IMO
exposing a shouldrestart API always feeled wrong to me. The client
should not have to deal with this.
This commit does not change the behavior but it also does not make an
attempt to fix the broken restart handling with the rmeote client. Given
we do not seem to have any user reports about this it seems it is not
used.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
As with `volume export`, this was coded up exclusively in cmd/
instead of in libpod. Move it into Libpod, add a REST endpoint,
add bindings, and now everything talks using the ContainerEngine
wiring.
Also similar to `volume export` this also makes things work much
better with volumes that require mounting - we can now guarantee
they're actually mounted, instead of just hoping.
Includes some refactoring of `volume export` as well, to simplify
its implementation and ensure both Import and Export work with
readers/writers, as opposed to just files.
Fixes#26409
Signed-off-by: Matt Heon <mheon@redhat.com>
they allow to override the owner of the volume. Differently from
-o=uid= and -o=gid= they are not passed down to the mount operation.
Closes: https://issues.redhat.com/browse/RHEL-76452
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Previously, our approach was to inspect the volume, grab its
mountpoint, and tar that up, all in the CLI code. There's no
reason why that has to be in the CLI - if we move it into
Libpod, and add a REST endpoint to stream the tar, we can
enable it for the remote client as well.
As a bonus, previously, we could not properly handle volumes that
needed to be mounted. Now, we can mount the volume if necessary,
and as such export works with more types of volumes, including
volume drivers.
Signed-off-by: Matt Heon <mheon@redhat.com>
Two incomptable changes, they removed the BridgeNfIP6tables
and BridgeNfIptables fields so we must drop them. As they are not
important ones that should not cause problems.
Second, they moved to using DockerOCIImageConfig from another new module.
The json format did not chnage so this is not an external API break.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This patch adds a new endpoint to the REST API called "artifacts" with
the following methods:
- Add
- Extract
- Inspect
- List
- Pull
- Push
- Remove
This API will be utilised by the Podman bindings to add OCI Artifact
support to our remote clients.
Jira: https://issues.redhat.com/browse/RUN-2711
Signed-off-by: Lewis Roy <lewis@redhat.com>
When using `docker compose run --entrypoint ''`, docker sends
`"Entrypoint": []` in the JSON. Podman currently treats that
as `nil` and fallback to default image entrypoint.
This is not what is expected by the user. Instead, it should
not use any entrypoint.
This commit fixes it by properly propagating the `[]` downstream
to libpod.
Fixes: #26078
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
Hard coding to none without checking containers.conf is not a good idea
as users who liked the previous behavior and the podman default behavior
of keeping the hosts entries can no longer do that.
With this commit they can set base_hosts_file = "/etc/hosts" to restore
the previous behavior.
Fixes: https://issues.redhat.com/browse/RHEL-92995
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The JSON decoder correctly cannot decode (overflow) negative values (e.g., `-1`) for fields of type `uint64`, as `-1` is used to represent `max` in `POSIXRlimit`. To handle this, we use `tmpSpecGenerator` to decode the request body. The `tmpSpecGenerator` replaces the `POSIXRlimit` type with a `tmpRlimit` type that uses the `json.Number` type for decoding values. The `tmpRlimit` is then converted into the `POSIXRlimit` type and assigned to the `SpecGenerator`.
This approach ensures compatibility with the Podman CLI and remote API, which already handle `-1` by casting it to `uint64` (`uint64(-1)` equals `MaxUint64`) to signify `max`.
Fixes: https://issues.redhat.com/browse/RUN-2859
Fixes: https://github.com/containers/podman/issues/24886
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
The Docker `-XDELETE image/$name?force=true` endpoint only removes
containers using an image if they are in a non running state.
In Podman, when forcefully removing images we also forcefully delete
containers using the image including running containers.
This patch changes the Docker image force delete compat API to act like the
Docker API while maintaining commands like `podman rmi -f $imagename`
It also corrects the API return code returned when an image is requested
to be deleted with running containers using it.
Fixes: https://github.com/containers/podman/issues/25871
Signed-off-by: Lewis Roy <lewis@redhat.com>
Add the inherit-labels option to the build API and tweak the go.mod
after some unhappiness in my sandbox.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This was added by commit 84e42877a ("make lint: re-enable revive"),
making nolintlint became almost useless.
Remove the ungodly amount of unused nolint annotations.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
