In a systemd unit dollar and percent signs are used for variables. A backslash
is used for escape sequences. If any of these characters are used in the create
command we have to properly escape them so systemd does not try to interpret them.
Fixes#9176
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
If the container create command contains an argument with double
curly braces the golang template parsing can fail since it tries
to interpret the value as variable. To fix this change the default
delimiter for the internal template to `{{{{`.
Fixes#9034
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
First, use the pflag library to parse the flags. With this we can
handle all corner cases such as -td or --detach=false.
Second, preserve the root args with --new. They are used for all podman
commands in the unit file. (e.g. podman --root /tmp run alpine)
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
`KillMode=none` has been deprecated in systemd and is now throwing big
warnings when being used. Users have reported the issues upstream
(see #8615) and on the mailing list.
This deprecation was mainly motivated by an abusive use of third-party
vendors causing all kinds of undesired side-effects. For instance, busy
mounts that delay reboot.
After talking to the systemd team, we came up with the following plan:
**Short term**: we can use TimeoutStopSec and remove KillMode=none which
will default to cgroup.
**Long term**: we want to change the type to sdnotify. The plumbing for
Podman is done but we need it for conmon. Once sdnotify is working, we
can get rid of the pidfile handling etc. and let Podman handle it.
Michal Seklatar came up with a nice idea that Podman increase the time
out on demand. That's a much cleaner way than hard-coding the time out
in the unit as suggest in the short-term solution.
This change is executing the short-term plan and sets a minimum timeout
of 60 seconds. User-specified timeouts are added to that.
Fixes: #8615
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Allow automatic generation for shell completion scripts
with the internal cobra functions (requires v1.0.0+).
This should replace the handwritten completion scripts
and even adds support for fish. With this approach it is
less likley that completions and code are out of sync.
We can now create the scripts with
- podman completion bash
- podman completion zsh
- podman completion fish
To test the completion run:
source <(podman completion bash)
The same works for podman-remote and podman --remote and
it will complete your remote containers/images with
the correct endpoints values from --url/--connection.
The completion logic is written in go and provided by the
cobra library. The completion functions lives in
`cmd/podman/completion/completion.go`.
The unit test at cmd/podman/shell_completion_test.go checks
if each command and flag has an autocompletion function set.
This prevents that commands and flags have no shell completion set.
This commit does not replace the current autocompletion scripts.
Closes#6440
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Make sure that arguments with whitespace are properly quoted so they are
interpreted as one (and not multiple ones) by systemd.
Now `-e tz="america/new york"` will be generated as `-e "tz=america/new york"`.
The quotes are moving but the argument is still correct.
Fixes: #7285
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
When generating systemd unit for pods, we need to remove certain
pod-related flags from the containers' create commands. Make sure
to account for all the syntax including a single argument with key and
value being split by `=`.
Fixes: #6766
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Create a new template for generating a pod unit file. Eventually, this
allows for treating and extending pod and container generation
seprately.
The `--new` flag now also works on pods.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Refactor the systemd-unit generation code and move all the logic into
`pkg/systemd/generate`. The code was already hard to maintain but I
found it impossible to wire the `--new` logic for pods in all the chaos.
The code refactoring in this commit will make maintaining the code
easier and should make it easier to extend as well. Further changes and
refactorings may still be needed but they will easier.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
