Add the Go bindings implementation necessary to support Artifacts.
Implement the tunnel interface that consumes the Artifacts Go bindings.
With this patch, users of the Podman remote clients will now be able to
manage OCI artifacts via the Podman CLI and Podman machine.
Jira: https://issues.redhat.com/browse/RUN-2714#
Signed-off-by: Lewis Roy <lewis@redhat.com>
The "compat-volumes" setting shouldn't be provided by the compat build
endpoint, the docker daemon's isn't expected to recognize it.
It is also a conditional boolean flag, so if it isn't specified by the
caller, don't send a value from a client to the server, so that the
server will be able to apply its own default.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Wire up the source-date-epoch, rewrite-timestamp, and created-annotation
flags so that a client can correctly ask a server to honor them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Prevent `podman volume export` from showing raw tar contents directly to the terminal (STDOUT). If not redirected and without output flag, error message is expected.
Fixes: #26506
Signed-off-by: Arthur Wu <lion811004@gmail.com>
Given container logs end up in syslog by default, somewhat-clarify that `--syslog` is about podman logs, not container logs.
Signed-off-by: Chris Hofstaedtler <zeha@users.noreply.github.com>
Make use of our custom ChoiceValue flag type instead of using yet
another type. With that we can remove the StringSet type.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The functionwas added but never wired into the cli option so there never
where shell completions for this.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Allow users to target the most recently created container with
`podman update --latest` (short `-l`). The same option already exists
on many other commands, so this brings update in line with the rest of
the CLI and saves users from typing or looking up the newest container.
Fixes: #26380
Signed-off-by: Hayato Kihara <kai.21banana@gmail.com>
As with `volume export`, this was coded up exclusively in cmd/
instead of in libpod. Move it into Libpod, add a REST endpoint,
add bindings, and now everything talks using the ContainerEngine
wiring.
Also similar to `volume export` this also makes things work much
better with volumes that require mounting - we can now guarantee
they're actually mounted, instead of just hoping.
Includes some refactoring of `volume export` as well, to simplify
its implementation and ensure both Import and Export work with
readers/writers, as opposed to just files.
Fixes#26409
Signed-off-by: Matt Heon <mheon@redhat.com>
In order to use parallel.Enqueue() it is required to call
parallel.SetMaxThreads() first. However in our main call we have been
doing this after we setup the initial runtime so just move this up.
And while at it move up the cpu and memory profile setup as well so we
can capture the earlier parts as well.
This was most likely introduced by commit 46d874aa52 ("Refactor graph
traversal & use for pod stop") which started using parallel.Enqueue() in
removePod() which then can get called from refresh() when a container
has autoremoval configured.
I tried many hard resets in VMs to reproduce but was unable to do so.
I always got "retrieving temporary directory for container xxx: no such
container" erros instead and it failed to autoremove but no panics.
Besides that many times c/storage was corrupted which made the image I
used unusable and it had to be deleted which is concerning in itself.
Fixes#26469
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
they allow to override the owner of the volume. Differently from
-o=uid= and -o=gid= they are not passed down to the mount operation.
Closes: https://issues.redhat.com/browse/RHEL-76452
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Previously, our approach was to inspect the volume, grab its
mountpoint, and tar that up, all in the CLI code. There's no
reason why that has to be in the CLI - if we move it into
Libpod, and add a REST endpoint to stream the tar, we can
enable it for the remote client as well.
As a bonus, previously, we could not properly handle volumes that
needed to be mounted. Now, we can mount the volume if necessary,
and as such export works with more types of volumes, including
volume drivers.
Signed-off-by: Matt Heon <mheon@redhat.com>
this patch changes how the detection of wsl works.
The old way of using wsl --status command output to detect some missing features required by WSL is not fully reliable.
WSL checks if the wsl feature is enabled and if the vmcompute service do exist. However, this is not enough to identify if the virtual machine platform feature is enabled. The vmcompute service could exist because it has been installed by other tools or it could exist but being stopped.
The way proposed by this patch is to try execute the import command and,
if it fails, check the error and if it is related to the Host Compute
Service try to install all features required by WSL.
The flow is the same as before, the user is asked to execute the podman
machine init command with elevated privileges. Eventually, after
enabling WSL and VMP features, the user is asked to reboot the machine.
When the machine restarts, the powershell gets invoked again and execute
the command init.
The code also fixes some issues that could cause misbehaviors when
invoking recursively the elevated shell, like an unreleased lock, or a
missing file.
Signed-off-by: lstocchi <lstocchi@redhat.com>
This patch adds a new endpoint to the REST API called "artifacts" with
the following methods:
- Add
- Extract
- Inspect
- List
- Pull
- Push
- Remove
This API will be utilised by the Podman bindings to add OCI Artifact
support to our remote clients.
Jira: https://issues.redhat.com/browse/RUN-2711
Signed-off-by: Lewis Roy <lewis@redhat.com>
podman's logic to parse excludes from `--ignorefile` is not consistent
with buildah, use code directly from imagebuilder.
Closes: https://github.com/containers/podman/issues/25746
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
Added support for "podman buildx inspect". The goal was to replicate the default output from "docker buildx inspect" as
much as possible but a problem encountered was podman not supporting BuildKit. To replicate the output I resorted to
printing the statements with default values but only changed the driver name to use podman instead of docker. Since
there was no buildkit, gave it the value of "N/A" to depict it's not supported. For Platforms, I resorted to using
the emulated architectures found on your linux system + the host architecture of your local machine or podman server. The
bootstrap flag was also added but is considered a NOP since there is no buildkit container to run before running inspect.
An extra field was added to the HostInfo struct so when you run "podman info" the emulated architectures will show, this
was used so you can grab the information from the podman engine.
Fixes#13014
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
Previously there is a minor logic error, which causes podman system
check to do the check twice although there is no repair flag.
Signed-off-by: Sonny Sasaka <sonnysasaka@gmail.com>
When a container has no image, i.e. using rootfs like our new infra
containers then the Image function crashed trying to show the first 12
image ID chars. If there is no image simply show nothing there.
Fixes: #26224
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The conditions are always true so they can be removed. And in the case
of exportCheckpoint() the scope means addToTarFiles was overwritten and
thus when it looped over it later the slice was always empty.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Previously, the HealthCheck exec session would not terminate on timeout, allowing the healthcheck to run indefinitely.
Fixes: https://issues.redhat.com/browse/RHEL-86096
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
Add `--swap` argument to `podman machine init` command.
Passing an int64 value to this flag will trigger the Podman machine
ignition file to be generated with a zram-generator.conf file containing
the --swap value as the zram-size argument.
This file is read by the zram-generator systemd service on boot
resulting in a zram swap device being created.
Fixes: https://github.com/containers/podman/issues/15980
Signed-off-by: Lewis Roy <lewis@redhat.com>
Add the inherit-labels option to the build API and tweak the go.mod
after some unhappiness in my sandbox.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
