Add the Go bindings implementation necessary to support Artifacts.
Implement the tunnel interface that consumes the Artifacts Go bindings.
With this patch, users of the Podman remote clients will now be able to
manage OCI artifacts via the Podman CLI and Podman machine.
Jira: https://issues.redhat.com/browse/RUN-2714#
Signed-off-by: Lewis Roy <lewis@redhat.com>
- Remove redundant exact match checks in ancestor filter implementations
- Add comprehensive test coverage for both prefix and non-prefix substring matching
- Fix missing output verification in ID filter test
- Improve test reliability with proper length checks and consistent flags
- Remove unnecessary length check to ensure tests fail properly if image ID is too short
- Add -q and --no-trunc flags for consistent test output format
- Focus test on substring ID matching specifically (not image names)
- Restore image name matching functionality for existing tests
- Keep substring ID matching for Docker compatibility
- Ensure both regex matching and substring ID matching work together
The ancestor filter now supports both:
1. Image name matching (existing functionality)
2. Substring ID matching (new Docker compatibility feature)
Fixes: #26623
Signed-off-by: shiavm006 <shivammittal42006@gmail.com>
There are three copies of them, and already a shared utility, so
also define the options in a single place.
This will make it easier to add more options, and it reduces the risk
of incorrectly ordering the parameters to PrepareSigning.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
CLI options have no place in pkg/domain/entities, and these
are never set anyway.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add --creds flag to podman create and podman run commands to support
registry authentication during image pulling.
Without this flag, users must perform a separate `podman pull
--creds/--cert-dir` first and then remember to specify `--pull=never`.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
I hastily commented out some tests that were problematic
for the vendor of Buildah v1.41 into Podman main (5.6 to be)
in #26666.
@luap99 noted that I should have skipped them, this PR removes
the comments and puts the Skip into play.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Comment out the problematic "podman diff container and image with same name" test
in test/e2e/diff_test.go. This became a problem with Buildah v1.41 and
if possible, should be addressed by Podman v5.6 final.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Update the "podman diff container and image with same name" e2e test to
not expect a built image to include /etc, since newer buildah won't
include an item in a layer if it was only created in a rootfs in order
to have something mounted onto it while processing a RUN instruction.
A few exceptions are still made for the sake of conformance tests.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Drop the inheritlabels and inheritannotations flags in the description
for the compat build endpoint, because the docker engine's build
endpoint doesn't recognize them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Teach our patched version of run_buildah() to notice when a build tries
to write the output image to an oci:/oci-archive:/docker-archive:/dir:
location, and for those cases, adjust the command to commit the image to
local storage and then copy it to the desired location.
It's a hack on top of a hack. I don't love it, but here we are.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Don't force the SkipUnusedStages option one way or another when the
client doesn't specifically request one or the other, so that the server
can choose to use its default behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Don't force the CompatVolumes option one way or another when the client
doesn't specifically request one or the other, so that the server can
choose to use its default behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Don't force the IdentityLabel option one way or another when the client
doesn't specifically request one or the other, so that the server can
choose to use its default behavior.
Fixes#26669
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The "compat-volumes" setting shouldn't be provided by the compat build
endpoint, the docker daemon's isn't expected to recognize it.
It is also a conditional boolean flag, so if it isn't specified by the
caller, don't send a value from a client to the server, so that the
server will be able to apply its own default.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The inherit-labels setting is a conditional boolean flag, so if it isn't
specified either way by the caller, don't send a value from a client to
the server, so that the server will be able to apply its own default.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
When parsing an entry in /proc/sys/fs/binfmt_misc, don't return an error
if we find an empty "flags" field in the file. Wine packaged for Fedora
provides a binfmt.d file that results in such a file, so... it's normal.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Wire up the source-date-epoch, rewrite-timestamp, and created-annotation
flags so that a client can correctly ask a server to honor them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Fixed the --build-context flag to properly send files for remote builds. Previously
only the main context was sent over as a tar while additional contexts were passed as
local paths and this would cause builds to fail since the files wouldn't exist.
New changes modifies the Build API to use multipart HTTP requests allowing multiple
build contexts to be used. Each additional context is packaged and
transferred based on its type:
- Local Directories: Sent as tar archives
- Git Repositories: link sent to the server where its then cloned
- Container Images: Image reference sent to the server, it then pulls the image there
- URLs/archives: URL sent to the server, which handles the download
Fixes: #23433
Signed-off-by: Joshua Arrevillaga <2004jarrevillaga@gmail.com>
