Adds a `--no-trunc` flag to `podman kube generate` preventing the
annotations from being trimmed at 63 characters. However, due to
the fact the annotations will not be trimmed, any annotation that is
longer than 63 characters means this YAML will no longer be Kubernetes
compatible. However, these YAML files can still be used with `podman
kube play` due to the addition of the new flag below.
Adds a `--no-trunc` flag to `podman kube play` supporting YAML files with
annotations that were not truncated to the Kubernetes maximum length of
63 characters.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Previous tests have worked by pure chance since the client and server
ran on the same host; the server picked up the credentials created by
the client login.
Extend the gating tests and add a new integration test which is further
capable of exercising the remote code.
Note that fixing authentication support requires adding a new
`--authfile` CLi flag to `manifest inspect`. This will at least allow
for passing an authfile to be bindings. Username and password are not
yet supported.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This endpoint queried the same package versions twice causing it to be
slower than info. Because it already called info we can just reuse the
package versions from there.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Users may want to replace the secret used within containers, without
destroying the secret and recreating it.
Partial fix for https://github.com/containers/podman/issues/18667
Make sure podman --remote secret inspect and podman secret inspect
return the same error message.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This adds the 'system service' command to the build on FreeBSD and
suppresses the call to servicereaper.Start which is only needed to
support slirp4netns on Linux. A stub for compat.StatsContainer is also
added - stats are still supported via the libpod.StatsContainer API
call.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
It is pretty complicated to display the secret on the host, but is
not really secured. This patch makes it easier to examine the secret.
Partial fix for https://github.com/containers/podman/issues/18667
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Somehow my error message in top was never printed for the compat API,
the libpod one using the same code worked fine. Turns out the compat one
is using this buffered writter instaed but never made sure to flush it
before closing the connection.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Wait before sending status code 200 for the first top call and if that
fails return a proper error code.
This was leading to some confusion in [1] because podman just reported
200 but did not wirte anything back.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2215572
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Support two new wait conditions, "healthy" and "unhealthy". This
further paves the way for integrating sdnotify with health checks which
is currently being tracked in #6160.
Fixes: #13627
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Massage the internal APIs to use a string slice instead of a state slice
for passing wait conditions. This paves the way for waiting on
non-state conditions such as "healthy".
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Make sure that the create endpoint does not always return 200 even in
case of a failure. Some of the code had to be massaged since encoding a
report implies sending a 200.
Fixes: #15828
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Make sure that the push endpoint does not always return 200 even in case
of a push failure. Some of the code had to be massaged since encoding a
report implies sending a 200.
Fixes: #18751
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The platform parameter has been ignored such that images have been
looked up by name only.
Fixes: #18951
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The "removed" condition mapped to an undefined state which ultimately
rendered the wait endpoint to return an incorrect exit code. Instead,
map "removed" to "exited" to make sure Podman returns the expected
exit code.
Fixes: #18889
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This probably should have been in the API since the beginning,
but it's not too late to start now.
The extra information is returned (both via the REST API, and to
the CLI handler for `podman rm`) but is not yet printed - it
feels like adding it to the output could be a breaking change?
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Fixes: https://github.com/containers/podman/issues/18239
[NO NEW TESTS NEEDED]
@test "podman build -f test" in test/system/070-build.bats
Will test this. This was passing when run on a local system since
the remote end was using the clients path to read the Containerfile
The issue is it would not work in a podman machine since the
Containerfile would/should be a different path.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Also reflect removed/deprecated fields in the compat API.
[NO NEW TESTS NEEDED]
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Accept a tag in the compat api endpoint. For the fromImage param we
already parse it but for fromSrc we did not.
Fixes#18597
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Make sure that the directory formats are not just substituted with their
archive counterparts but actually tar'ed up directories. Also make sure
that the clients don't get chown errors by setting rootless user and
group ID instead of O when running in the user namespace.
Fixes: #15897
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The logic which checks for duplicated volumes here did not work
correctly because it used filepath.Clean(). However the writes to the
volDestinations map did not thus the string no longer matched when you
included a final slash for example.
So we can either call Clean() on all or no paths. I decided to call it
on no path because this is what we do right now. Just the check did it.
Fixed#18454
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Podman and Docker clients split the filter map slightly different, so
account for that when parsing the filters in the image-listing endpoint.
Fixes: #18092
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Wire in support for writing the digest of the pushed image to a
user-specified file. Requires some massaging of _internal_ APIs
and the extension of the push endpoint to integrate the raw manifest
(i.e., in bytes) in the stream.
Closes: #18216
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The Report will be used in a future change as a new return value for the
internal Push API.
Note: this change is only breaking internal APIs while user-facing
external ones remain unchanges.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
PR #15093 implemented support for NoPrune in the ImageRemoveOptions,
this PR simply brings that also to the compat API along with
regression tests.
Signed-off-by: Andreas Kohn <andreas.kohn@gmail.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Podman is attempting to split the headers returned by the ps
command into a list of headers. Problem is that some headers
are multi-word, and headers are not guaranteed to be split via
a tab. This PR splits the headers bases on white space, and for
the select group of CAPS headers which are multi-word, combines
them back together.
Fixes: https://github.com/containers/podman/issues/17524
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When using the docker REST API to wait for a container to be removed,
for example, WaitContainerDocker uses a one microsecond interval between
poll requests. This ends up being effectively a busy-wait, with the
podman system service spinning at > 100% CPU time.
The equivalent Podman method uses a 250ms default. Use that for the
docker variant, too.
I'm going to optimistically assert [NO NEW TESTS NEEDED] - given there's
no functional change here, and a test will require some form of mocking
or strac'ing the binary for evidence that it's polling less frequently,
unless someone who is familiar with podman can briefly explain what kind
of test would be appropriate here.
Signed-off-by: Peter Edwards <peadar@arista.com>
Fixes: #18150
Use the kube_generate_type from the containers.conf as
the default value for the --type flag for kube generate.
Override the default when userexplicitly sets the --type
flag.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
The standard lib states that server handlers don't need to close the
body, so let's not do that to avoid any unforeseen side effect.
[NO TESTS NEEDED] - existing tests should suffice.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add the command along with the abi and tunnel support
Add e2e tests
Add man page
Add apiv2 test to ensure return codes
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
The podman kube generate command can now generate a
Deployment kind when the --ype flag is set to deployment.
By default, a Pod spec will be generated if --type flag is
not set.
Add --replicas flag to kube generate to allow users to set
the value of replicas in the generated yaml when generating a
Deployment kind.
Add e2e and minikube tests for this feature.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
We use the same endpoint for libpod and docker compat API. However as
reported docker returns "id" lowercase. Because we cannot break the
libpod API right now keep the output for the libpod endpoint and only
change the docker one.
To do so simply use two types that we can cast with different JSON tags.
Fixes#17869
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The default_ulimits field is currently ignored in podman run commands.
This PR fixes this.
Fixes: https://github.com/containers/podman/issues/17396
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
