First, make podman diff accept optionally a second argument. This allows
the user to specify a second image/container to compare the first with.
If it is not set the parent layer will be used as before.
Second, podman container diff should only use containers and podman
image diff should only use images. Previously, podman container diff
would use the image when both an image and container with this name
exists.
To make this work two new parameters have been added to the api. If they
are not used the previous behaviour is used. The same applies to the
bindings.
Fixes#10649
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Fix a bug in `podman-cp` to forbid copying directories to files.
Previously, the directory was copied to the parent directory of the file
which is wrong.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
feat: read secret config from config file if the user hasn't entered
explicit config values
feat: allow to specify `--driver-opts opt1=val1,opt2=val2` in the secret
create command to allow overriding the default values
fix: show driver options in `podman secret inspect`
Signed-off-by: Tino Rusch <tino.rusch@gmail.com>
Added logic and handling for two new Podman pod create Flags.
--cpus specifies the total number of cores on which the pod can execute, this
is a combination of the period and quota for the CPU.
--cpuset-cpus is a string value which determines of these available cores,
how many we will truly execute on.
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Added parsing and handling for the healthCheck status within containers.go. Also modified tests
fixes#10457
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Much to my regret, there is a number of images in the wild with invalid
platforms breaking the platform checks in libimage that want to make
sure that a local image is matching the expected platform.
Imagine a `podman run --arch=arm64 fedora` with a local amd64 fedora
image. We really shouldn't use the local one in this case and pull down
the arm64 one.
The strict platform checks in libimage in combination with invalid
platforms in images surfaced in Podman being able to pull an image but
failing to look it up in subsequent presence checks. A `podman run`
would hence pull such an image but fail to create the container.
Support images with invalid platforms by vendoring the latest HEAD from
containers/common. Also remove the partially implemented pull-policy
logic from Podman and let libimage handle that entirely. However,
whenever --arch, --os or --platform are specified, the pull policy will
be forced to "newer". This way, we pessimistically assume that the
local image has an invalid platform and we reach out to the registry.
If there's a newer image (i.e., one with a different digest), we'll pull
it down.
Please note that most of the logic has either already been implemented
in libimage or been moved down which allows for removing some clutter
from Podman.
[NO TESTS NEEDED] since c/common has new tests. Podman can rely on the
existing tests.
Fixes: #10648Fixes: #10682
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
added Avg Cpu calculation and CPU up time to podman stats. Adding different feature sets in different PRs, CPU first.
resolves#9258
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
As discussed in #10710, the additional checks for podman-exec added by
commit 666f555aa52b are extremely flaky and appear in nearly every PR
I have see this week.
Let's temporarily disable the checks and reenable them on #10710 is
fixed.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
As stated in #10579 docker silently implements until filter for volume prune.
This commit adds initial support to the HTTP API, both libpod and compat.
It enables further work on that issue, such as adding cli support in the future.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
Refactor podman commands that have drifted from using
c/common report pkg. Report pkg is needed to implement
go template functions.
Removed obsolete code from podman which exists in c/common.
Latest template library added default newlines and method to
remove them. Incorporated needed changes in c/common PR below.
Depends on https://github.com/containers/common/pull/624
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1855983
Signed-off-by: Jhon Honce <jhonce@redhat.com>
When starting a process with `podman exec -it` the terminal is resized
after the process is started. To fix this allow exec start to accept the
terminal height and width as parameter and let it resize right before
the process is started.
Fixes#10560
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
runc-1.0-rc95 refuses destination paths that are not absolute.
The test was causing a mount with a destination "[/etc/foo]" causing
the OCI runtime to fail.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The container name should have the slirp interface ip set in /etc/hosts
and not the gateway ip. Commit c8dfcce6db0a introduced this regression.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1972073
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
added handling in entities and compat to support passing a specified OS/Arch while importing from SRC.
fixes#10566
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Add podman-restart systemd unit file and add it to podman RPM package
* Fix podman start to filter all containers + unit test
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
a9cb824981db3fee6b8445b29e513c89e9b9b00b changed the expectations of the
dockerfile parameter to be json data however it's a string. In order to
support both, let's attempt json and fall back to a string if the json
parsing fails.
Closes#10660
Signed-off-by: Alex Schultz <aschultz@redhat.com>
Network connect/disconnect has to call the cni plugins when the network
namespace is already configured. This is the case for `ContainerStateRunning`
and `ContainerStateCreated`. This is important otherwise the network is
not attached to this network namespace and libpod will throw errors like
`network inspection mismatch...` This problem happened when using
`docker-compose up` in attached mode.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Podman uses the volume option map to check if it has to mount the volume
or not when the container is started. Commit 28138dafcc39 added to uid
and gid options to this map, however when only uid/gid is set we cannot
mount this volume because there is no filesystem or device specified.
Make sure we do not try to mount the volume when only the uid/gid option
is set since this is a simple chown operation.
Also when a uid/gid is explicity set, do not chown the volume based on
the container user when the volume is used for the first time.
Fixes#10620
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
