This should help use keep the codebase more consistent, and avoid sevel
whitespace related issues, or bad file permissions.
pre-commit allows us to easily introduce other linters in follow-ups,
like bashate.
Note: pre-commit tool does *not* install any git-hooks. Making commits
will will call the tool unless you deliverately tell it to install the
hooks.
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
the --force parameter should only be used for the CLI and should only
dictate whether to prompt the user for confirmation.
Fixes: #4844
Signed-off-by: baude <bbaude@redhat.com>
support a custom tag to add to each log for the container.
It is currently supported only by the journald backend.
Closes: https://github.com/containers/libpod/issues/3653
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Implement a policy for selecting a seccomp profile. In addition to the
default behaviour (default profile unless --security-opt seccomp is set)
add a second policy doing a lookup in the image annotation.
If the image has the "io.containers.seccomp.profile" set its value will be
interpreted as a seccomp profile. The policy can be selected via the
new --seccomp-policy CLI flag.
Once the containers.conf support is merged into libpod, we can add an
option there as well.
Note that this feature is marked as experimental and may change in the
future.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add a --new flag to podman-generate-systemd to create a new container
via podman-run instead of starting an existing container.
Creating a new container presents the challenge to find a reverse
mapping from a container to the CLI flags it can be created with. We
are doing this via `(Container).Config.CreateCommand` field, which
includes a copy of the process' command from procFS at creating time.
This field may not be useful when the container was not created via the
Podman CLI (e.g., via a Python script). Hence, we do not guarantee the
correctness of the generated files.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Podman now supports untagging images via the `untag` sub-command for the
root and `image` commands. Testing and documentation has been added as
well.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Two man pages had incorrect references to a nonexistent
policy.conf(5) or policy-conf(5) [dot vs dash]. Fix them.
Also checked for other broken references via:
$ for i in registries.conf storage.conf policy.json ; do grep -R $i.5 docs/source | grep -v containers-$i;done
(No further results found. That's not a guarantee that there
aren't other broken links though).
Signed-off-by: Ed Santiago <santiago@redhat.com>
Add flag --seccomp-profile-root in play kube to allow users to specify where to look for seccomp profiles
update tests
Signed-off-by: Peter Hunt <pehunt@redhat.com>
Currently the use of "*" in tables is causing go-md2man
to screw up the format of the man page.
This PR removes the "*" since it is not really necessary.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
During writing the tests I found it would be probably useful to have the
tag history part of the inspect data.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
c/psgo added a new `stime` descriptor. Mention that in the man page and
refer to podman-top(1) in podman-pod-top(1) to avoid redundancy.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
If the user specifies .Server.* on a non podman-remote,
substitute .Client for .Server and return the value.
This is for compatability with Docker.
Since prior versions documented --format {{ .Version }}, we
have to continue to support that.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This command will destroy all data created via podman.
It will remove containers, images, volumes, pods.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We leverage the containers/storage image history tracking feature to
show the previously used image names when running:
`podman images --history`
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod.
PrunePods and RemovePod should be able to remove containers without force removal of stopped pods.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Add an --ignore flag to podman rm and stop. When specified, Podman will
ignore "no such {container,pod}" errors that occur when a specified
container/pod is not present in the store (anymore). The motivation
behind adding this flag is to write more robust systemd services using
Podman. A user might have manually decided to remove a container/pod
which would lead to a failure during the `ExecStop` directive of a
systemd service referencing that container/pod.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add a --cidfile flag to podman rm/stop to pass a container ID via a
file. Podman run already provides the functionaly to store the ID
in a specified file which we now complete with rm/stop. This allows
for a better life-cycle management in systemd services. Note that
--cdifile can be specified multiple times to rm/stop.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Bump to Buildah v1.11.5. Most notably changes to the
podman build `--pull` functionality. `--pull=true` and `--pull=false` now
work as Docker does, `--pull-never` added to supply the functionality
of the old `--pull=false`.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Add missing options.
Define the use of the TMPDIR environment variable for the storing of container images
when they are being pulled to the system.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If user specifies --detach-keys="", this will disable the feature.
Adding define.DefaultDetachKeys to help screen to help identify detach keys.
Updated man pages with additonal information.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
change the default on cgroups v2 and create a new cgroup namespace.
When a cgroup namespace is used, processes inside the namespace are
only able to see cgroup paths relative to the cgroup namespace root
and not have full visibility on all the cgroups present on the
system.
The previous behaviour is maintained on a cgroups v1 host, where a
cgroup namespace is not created by default.
Closes: https://github.com/containers/libpod/issues/4363
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
In commit 52df1fa (Fix volume handling in podman) was implemented the
--volume option for podman remove. However, its behaviour changed after
83db80c (Only remove image volumes when removing containers).
This commit updates the description of this option to reflect the new
behaviour.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
change the default to -1, so that we can change the semantic of
"--tail 0" to not print any existing log line.
Closes: https://github.com/containers/libpod/issues/4396
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Refactored code and Makefile to support new docs layout
* Removed some old code packaging code
* Add Readme.md to document what we're doing
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: baude <bbaude@redhat.com>
Restructuring the docs dir to make integration with sphinx easier. man
pages now exist in docs/source/man and the sphinx make files exists in
docs.
Signed-off-by: baude <bbaude@redhat.com>
OpenShift Merge Robot
Sorin Sbarnea
baude
Mark Stosberg
Daniel J Walsh
Giuseppe Scrivano
Valentin Rothberg
Sascha Grunert
Ed Santiago
Peter Hunt
Stefan Becker
José Guilherme Vanz
Kunal Kushwaha
Qi Wang
TomSweeneyRedHat
Dmitry Smirnov
Jakub Filak
Radostin Stoyanov
Morten Linderud
Jhon Honce