Fix a bug when parsing the `ExposedPorts` of the image that lead to
panics when the field was set. The OCI image spec allows three valid
formats: `tcp/port`, `udp/port` and `port`
Fixes: #6490
Reported-by: @jgallucci32
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
- (minor): apiv2 tests: check for full ID
Observation made while reviewing #6461: tests were checking
only for a 12-character container/image ID in return value.
It's actually 64, and we should test for that. This should
also minimize confusion in a future maintainer.
- podman pause/unpause: new test
Runs a 'date/sleep' loop, pauses container, sleeps 3s,
restarts, then confirms that there's a 3- to 6-second
gap in the logs for the container.
- podman healthcheck: new test
run a container with healthcheck, test both healthy
and unhealthy conditions
- podman pod: check '{{.Pod}}' field in podman ps
Hey, as long as we have a pod with two running
containers, might as well confirm that 'podman ps'
returns the expected pod ID.
Signed-off-by: Ed Santiago <santiago@redhat.com>
this is step 1 to self-discovery of remote ssh connections. we add a remotesocket struct to info to detect what the socket path might be.
Co-authored-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
Namespace fields were being set with their option names
unless overriden by the user. This was causing issues
with podman-remote on userns.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The cleanup process was already running and ensuring that mounts
and networking configuration was cleaned up on container stop,
but this was async from the actual `podman stop` command which
breaks some expectations - the container is still mounted at the
end of `podman stop` and will be cleaned up soon, but not
immediately. Fortunately, it's a trivial change to resolve this.
Fixes#5747
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
We need to default to building podman. If you specify no build
tags you will not build podman, not podman-remote.
Just using remote flag to indicate podman-remote and !remote for
podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We are currently able to inspect images with
`podman container inspect` and containers with
`podman image inspect` and neither of those seem correct. This
ensures that the appropriate flags, and only the appropriate
flags, are available for each specialized exec, and they can only
inspect the specific type they were intended to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* podman --remote ssh://<user>:<password>@<host>:<port><path>
* podman --remote ssh://<user>:<password>@<host>:<port><path> \
--identity <path> --passphrase <phrase>
* ssh-add <key>
podman --remote ssh://<user>@<host><path>
* Fix `podman help` to run even if podman missing components
* Prompt for passphrase on stdin IFF key is protected and passphrase
not given via any other configuration
* cobra flags do not support optional value flags therefore refactored
--remote to be a boolean and --url will now contain the URI to Podman
service
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Podman containers can specify that they get their network
namespace from another container. This is automatic in pods, but
any container can do it.
The problem is that these containers are not guaranteed to have a
network namespace of their own; it is perfectly valid to join the
network namespace of a --net=host container, and both containers
will end up in the host namespace. The code for obtaining network
stats did not account for this, and could cause segfaults as a
result. Fortunately, the fix is simple - the function we use to
get said stats already performs appropriate checks, so we just
need to recursively call it.
Fixes#5652
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
We also need to rework container/image inspect to be separate,
but that can happen in another PR.
Fixes#6472
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
7.7 has been released for a while now, so change troubleshooting
reference to indicate that.
Fixes#6349
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
The biggest obstacle here was cleanup - we needed a way to remove
detached exec sessions after they exited, but there's no way to
tell if an exec session will be attached or detached when it's
created, and that's when we must add the exit command that would
do the removal. The solution was adding a delay to the exit
command (5 minutes), which gives sufficient time for attached
exec sessions to retrieve the exit code of the session after it
exits, but still guarantees that they will be removed, even for
detached sessions. This requires Conmon 2.0.17, which has the new
`--exit-delay` flag.
As part of the exit command rework, we can drop the hack we were
using to clean up exec sessions (remove them as part of inspect).
This is a lot cleaner, and I'm a lot happier about it.
Otherwise, this is just plumbing - we need a bindings call for
detached exec, and that needed to be added to the tunnel mode
backend for entities.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
environment variables are handled differently on windows vs linux. here we split them to be handled but no actually processing of windows environment variables was done. it can be added for future. hoowever, now we dont get errors on windows about processing them.
Signed-off-by: Brent Baude <bbaude@redhat.com>
