Check to see if we are recording the version of buildah
used to build the image as a label in the image.
Also we should make sure the filter "since" works.
We are only testing "after", which we don't document.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If you don't use --now or also run systemctl --user start podman.socket
then the socket won't start until a reboot. Much easier to just start
the socket at the same time as enabling it.
Signed-off-by: Benjamin Porter <FreedomBen@users.noreply.github.com>
One last tweak to the man page for 'build --pull' and after
further testing against Docker, one slight change to the
pull policy. First I changed `--pull=false` from PullNever
to PullIfMissing. This matches Docker and will pull the
image if it's not present rather than erroring. We've
the `--pull-never` option if someone wants the pull to
not do an actual pull and to error if the image isn't
local.
Then for the man page, I'd a much bigger change, in the
initial PR, I've backed most of that out and just
added a tweak.
Hopefully this puts this portion of the pull work behind
us for a while.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
The namespace options for pid,ipc,uts were completely ignored.
The network namespace did not accept `none`.
This commit fixes these issues simply by calling `parse.NamespaceOptions`
from buildah instead of implementing our own logic.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Make the order of short and long flag names in the documentation
consistent. Also adjust the man page validaten script to only allow
the `**--long**, **-s**` syntax.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Add a new make target (completion) to generate the shell
completion scripts. This will generate the scripts for bash,
zsh and fish for both podman and podman-remote with `podman completion`.
The scripts are put into the completions directory and can be
installed system wide with `sudo make install.completions`.
This commit replaces the current handwritten scripts for bash and zsh.
The `validate.completion` target has been adjusted to make sure nobody
edits these scripts directly.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Allow automatic generation for shell completion scripts
with the internal cobra functions (requires v1.0.0+).
This should replace the handwritten completion scripts
and even adds support for fish. With this approach it is
less likley that completions and code are out of sync.
We can now create the scripts with
- podman completion bash
- podman completion zsh
- podman completion fish
To test the completion run:
source <(podman completion bash)
The same works for podman-remote and podman --remote and
it will complete your remote containers/images with
the correct endpoints values from --url/--connection.
The completion logic is written in go and provided by the
cobra library. The completion functions lives in
`cmd/podman/completion/completion.go`.
The unit test at cmd/podman/shell_completion_test.go checks
if each command and flag has an autocompletion function set.
This prevents that commands and flags have no shell completion set.
This commit does not replace the current autocompletion scripts.
Closes#6440
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
This is only temporary until the cobra following PRs are merged:
- PR#1258 Custom completion handle multiple shorhand flags together
- PR#1249 Fix fish handling of "ShellCompDirectiveNoSpace" and file completion
- PR#1213 Fix zsh completion handling of nospace and file completion
- PR#1146 Bash completion V2 with completion descriptions
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Convert the existing network aliases set/remove code to network
connect and disconnect. We can no longer modify aliases for an
existing network, but we can add and remove entire networks. As
part of this, we need to add a new function to retrieve current
aliases the container is connected to (we had a table for this
as of the first aliases PR, but it was not externally exposed).
At the same time, remove all deconflicting logic for aliases.
Docker does absolutely no checks of this nature, and allows two
containers to have the same aliases, aliases that conflict with
container names, etc - it's just left to DNS to return all the
IP addresses, and presumably we round-robin from there? Most
tests for the existing code had to be removed because of this.
Convert all uses of the old container config.Networks field,
which previously included all networks in the container, to use
the new DB table. This ensures we actually get an up-to-date list
of in-use networks. Also, add network aliases to the output of
`podman inspect`.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
When making containers, we want to lock all named volumes we are
adding the container to, to ensure they aren't removed from under
us while we are working. Unfortunately, this code did not account
for a container having the same volume mounted in multiple places
so it could deadlock. Add a map to ensure that we don't lock the
same name more than once to resolve this.
Fixes#8221
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
The error message reported is overlay complicated and the added test does not
really help the user.
Currently the error looks like:
podman run -p 80:80 fedora echo hello
Error: failed to expose ports via rootlessport: "cannot expose privileged port 80, you might need to add "net.ipv4.ip_unprivileged_port_start=0" (currently 1024) to /etc/sysctl.conf, or choose a larger port number (>= 1024): listen tcp 0.0.0.0:80: bind: permission denied\n"
After this change
./bin/podman run -p 80:80 fedora echo hello
Error: cannot expose privileged port 80, you might need to add "net.ipv4.ip_unprivileged_port_start=0" (currently 1024) to /etc/sysctl.conf, or choose a larger port number (>= 1024): listen tcp 0.0.0.0:80: bind: permission denied
Control chars have been eliminated.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Somewhere in the CIv2 migration we lost the man page vs --help
cross-checker. Add it back, by adding it into the man-page-check
Makefile target; this is part of 'make validate', which is run
in CI even on CI:DOCS PRs.
As happens when CI doesn't run, things broke. Man pages got out
of sync with --help. This PR:
1) Fixes hack/xref-helpmsgs-manpages to deal with the new
"Options" (instead of "Flags") form of podman help. #8034
did part of that, but one of my review comments was
accidentally left out.
2) Fixes hack/xref-helpmsgs-manpages to deal with the new
option syntax in man pages, post- #8292, in which each
option is preceded by four hashes so as to make them
HTML <h4> elements with named anchors.
3) Fixes man pages that #8292 accidentally missed.
4) Adds man page entries for two flags that got added
to podman but not documented (pod create --network-alias,
play kube --log-driver)
Fixes: #8296
Signed-off-by: Ed Santiago <santiago@redhat.com>
Recent changes in networking require that the cni network driver be set.
If the user provides no driver, we set the driver to the
defaultnetworkdriver which currently is "bridge".
Fixes: #8294
Signed-off-by: baude <bbaude@redhat.com>
Change the docs markdown so that flag names will be h4 headers.
Sphinx will automatically add anchors to headers. Add css to
make sure the flag names are not to big compared to the text.
The man pages also still renders fine but it looks a bit different.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
we need to migrate play kube away from using the old container creation
method. the new approach is specgen and this aligns play kube with
container creation in the rest of podman.
Signed-off-by: baude <bbaude@redhat.com>
A fairly common mistake users are hitting is running rootless podman without
installing fuse-overlay. Then they want to reset storage. Sometimes they
modify storage.conf first and `podman system reset` fails.
This PR attempts to explain how to convert properly.
Fixes: https://github.com/containers/podman/issues/7446
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The IPv6 e2e tests on the CI for rootles mode fails because
it needs the ip6tables modules loaded.
Example error:
stdout="", stderr="failed to list chains: running [/sbin/ip6tables -t nat -S --wait]: exit status 3: modprobe: can't change directory to '/lib/modules': No such file or directory\nip6tables v1.8.4 (legacy): can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)\nPerhaps ip6tables or your kernel needs to be upgraded.\n\n"
Signed-off-by: Antonio Ojea <aojea@redhat.com>
add e2e test that checks that is not possible to create
different networks with the same subnet, in IPv6 neither
in IPv4
Signed-off-by: Antonio Ojea <aojea@redhat.com>
OpenShift Merge Robot
Daniel J Walsh
Benjamin Porter
TomSweeneyRedHat
Paul Holzinger
Jhon Honce
dependabot-preview[bot]
Matthew Heon
Ed Santiago
Chris Evich
baude
Antonio Ojea