These options are now fully supported in the remote API and should no
longer be hidden and/or documented as non supported.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
People who use docker scripts with Podman see failures
if they use disable-content-trust flag. This flag already
existed for podman build, adding it to pull/push/create/run.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
With the advent of Podman 2.0.0 we crossed the magical barrier of go
modules. While we were able to continue importing all packages inside
of the project, the project could not be vendored anymore from the
outside.
Move the go module to new major version and change all imports to
`github.com/containers/libpod/v2`. The renaming of the imports
was done via `gomove` [1].
[1] https://github.com/KSubedi/gomove
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
...plus a few others. And fixes to actual parsing.
If a command's usage message includes '...' in the
argument list, assume it can take unlimited arguments.
Nothing we can check.
For all others, though, the ALL-CAPS part on the
right-hand side of the usage message will define
an upper bound on the number of arguments accepted
by the command. So in our 'podman --help' test,
generate N+1 args and run that command. We expect
a 125 exit status and a suitably helpful error message.
Not all podman commands or subcommands were checking,
so I fixed that. And, fixed some broken usage messages
(all-caps FLAGS, and '[flags]' at the end of 'ARGS').
Add new checks to the help test to prevent those in
the future.
Plus a little refactoring/cleanup where necessary.
Signed-off-by: Ed Santiago <santiago@redhat.com>
* Support the `X-Registry-Auth` http-request header.
* The content of the header is a base64 encoded JSON payload which can
either be a single auth config or a map of auth configs (user+pw or
token) with the corresponding registries being the keys. Vanilla
Docker, projectatomic Docker and the bindings are transparantly
supported.
* Add a hidden `--registries-conf` flag. Buildah exposes the same
flag, mostly for testing purposes.
* Do all credential parsing in the client (i.e., `cmd/podman`) pass
the username and password in the backend instead of unparsed
credentials.
* Add a `pkg/auth` which handles most of the heavy lifting.
* Go through the authentication-handling code of most commands, bindings
and endpoints. Migrate them to the new code and fix issues as seen.
A final evaluation and more tests is still required *after* this
change.
* The manifest-push endpoint is missing certain parameters and should
use the ABI function instead. Adding auth-support isn't really
possible without these parts working.
* The container commands and endpoints (i.e., create and run) have not
been changed yet. The APIs don't yet account for the authfile.
* Add authentication tests to `pkg/bindings`.
Fixes: #6384
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Fix --tls-verify parsing and make the associated options reflect the
correct logic. Other commands are affected as well but will be fixed
later.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Daniel J Walsh
Valentin Rothberg
Ed Santiago
Brent Baude