Lock access to and modification of the index.json file, to ensure
concurrent addition/removal does not result in lost state. Use a
standard c/storage lockfile, making use of its r/w locking
ability to support concurrent access, only serializing writes.
This is not a very efficient locking scheme around artifact
removal and - especially - addition. I view this as the first
step, establishing any sort of mutual exclusion to prevent state
corruption. Step 2 is to adapt the staged removal work being
done to make image removal require only minimal use of locks,
ensuring it works with artifact addition. This staged addition
means we won't have to hold the lock for the full artifact pull.
Signed-off-by: Matt Heon <mheon@redhat.com>
Currently WSL uses UTF-16 encoded output by default but is planning
to use UTF-8.
See https://github.com/containers/podman/issues/26527
To get ready for the change we are enforcing UTF-8 encoded output by
setting the environment variable `WSL_UTF8=1` and by updating the
code that transfomed wsl output from UTF-16 to UTF-8.
Fixes https://github.com/containers/podman/issues/26527
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
An HTTP response with Content-Type application/json does not need
to be HTML escaped. Doing this causes encoding issues in the Podman
REST API output as seen in the issue:
Fixes#17769
Remove the HTML escaping from Content-Type: application/json responses.
Signed-off-by: Stef Walter <stef@thewalter.net>
Co-Authored-By: Claude <noreply@anthropic.com>
All callers ignore the error anyways so no reason to return it as the
function itself already logs it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We don't need a stub implementation as this code should never end up
being imported on non windows platforms.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Make use of our custom ChoiceValue flag type instead of using yet
another type. With that we can remove the StringSet type.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Only one function, there are more public bindings that call a legit
server endpoint but are unused by podman-remote. As external users might
need/want them they should stay.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
One might think Close() should be called but we are already using
Shutdown() which is the graceful way to stop the server so we don't
actually need Close().
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Deadcode should that the ShouldRestart() API endpoint was never wired
into the router so the endpoint did not existed and the bindings called
a non existing endpoint which returnd 404 which the binding code
assumed means no restart.
As such remove all this code as it didn't do anything useful. And IMO
exposing a shouldrestart API always feeled wrong to me. The client
should not have to deal with this.
This commit does not change the behavior but it also does not make an
attempt to fix the broken restart handling with the rmeote client. Given
we do not seem to have any user reports about this it seems it is not
used.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
With the recent release of krunkit 0.2.0, a CLI option was added to
enable nested virtualization on macOS hosts with an M3 or higher. Enable
this by default. If the host does not support this feature, krunkit will
ignore the argument and continue starting the VM.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Setup a local web server both for HTTP and HTTPS and make sure the
client rejects the connection and does not try to pull the image.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Allow users to target the most recently created container with
`podman update --latest` (short `-l`). The same option already exists
on many other commands, so this brings update in line with the rest of
the CLI and saves users from typing or looking up the newest container.
Fixes: #26380
Signed-off-by: Hayato Kihara <kai.21banana@gmail.com>
As with `volume export`, this was coded up exclusively in cmd/
instead of in libpod. Move it into Libpod, add a REST endpoint,
add bindings, and now everything talks using the ContainerEngine
wiring.
Also similar to `volume export` this also makes things work much
better with volumes that require mounting - we can now guarantee
they're actually mounted, instead of just hoping.
Includes some refactoring of `volume export` as well, to simplify
its implementation and ensure both Import and Export work with
readers/writers, as opposed to just files.
Fixes#26409
Signed-off-by: Matt Heon <mheon@redhat.com>
Ygal Blum