`setConsoleMode` should do nothing if the handle is not a terminal. The proposed change is [exactly what `golang.org/x/term/IsTerminal()` does on Windows](https://cs.opensource.google/go/x/term/+/6886f2df:term_windows.go).
[NO TESTS NEEDED]
Signed-off-by: Anton Tykhyy <atykhyy@gmail.com>
* To aid in debugging log API request and response bodies at trace
level. Events can be correlated using the X-Reference-Id.
* Server now echos X-Reference-Id from client if set, otherwise
generates an unique id.
* Move logic for X-Reference-Id into middleware
* Change uses of Header.Add() to Set() when setting Content-Type
* Log API operations in Apache format using gorilla middleware
* Port server code to use BaseContext and ConnContext
Fixes#10053
Signed-off-by: Jhon Honce <jhonce@redhat.com>
We should only print unhealthy if the check fails. Currently this is
filling logs when users are running lots of healthchecks.
Improves: https://github.com/containers/podman/issues/11157
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Kubernetes has a concept of init containers that run and exit before
the regular containers in a pod are started. We added init containers
to podman pods as well. This patch adds support for generating init
containers in the kube yaml when a pod we are converting had init
containers. When playing a kube yaml, it detects an init container
and creates such a container in podman accordingly.
Note, only init containers created with the init type set to "always"
will be generated as the "once" option deletes the init container after
it has run and exited. Play kube will always creates init containers
with the "always" init container type.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Include the response schema for a succesful request in the
/containers/stats API documentation
Additionally remove http 409 from /libpod/containers/stats docs, the
documentation was copied from the deprecated stats endpoint, when a
container is unavailabe the endpoint returns an empty list and no 409.
Signed-off-by: Jelle van der Waa <jvanderwaa@redhat.com>
By popular request, turn decimals to octal. Most eyes are trained to
parse file permissions in octal.
[NO TESTS NEEDED] since machine isn't tested yet.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Enforce "docker.io" to be the only search registry. Short-name
resolution for remote clients is not fully supported since there is no
means to prompt. Enforcing a single registry works around the problem
since prompting only fires with more than one search registry.
Fixes: #11489
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
override the outer scope variable instead of creating a local one.
Otherwise the wrong variable would be used for the next iterations.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Recent changes in c/image caused the `SetAuthentication` API to be more
restrictive in terms of validating the `key` (`server`) input. To ensure
that manually modified or entries in `~/.docker/config.json` still work,
we now strip the leading `http[s]://` prefix.
Fixes https://github.com/containers/podman/issues/11235
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
Improve the error handling of `container inspect` to properly handle
when the container has been removed _between_ the lookup and the
inspect. That will yield the correct "no such object" error message in
`inspect`.
[NO TESTS NEEDED] since I do not know have a reliable and cheap
reproducer. It's fixing a CI flake, so there's already an indicator.
Fixes: #11392
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Commit 092902b455 introduced advanced network options for podman play
kube. However this never worked because it unconditionally set the
network mode to bridge after it parsed the network option.
Added a test to ensure the correct mode is set.
Truly fixes#10807
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When attempting to run remote builds, users with UID/GID values that
were high enough that they wouldn't be mapped into their default user
namespace configurations would see their builds fail when the server
attempted to extract the build contexts that they supplied, and failed
to set ownership of the build context content to the UID/GID that were
originally assigned to them.
When archiving the build context at the client, set ownership of
everything to 0:0, which we know is always mapped. Both ADD and COPY
require that we set the ownership of newly-added content to 0:0 (unless
the --chown flag is used), so throwing away the original ownership
information doesn't hurt, anyway. As usual, tarballs that we extract
as part of ADD aren't going to be affected.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
QEmu normally install BIOS images under `/usr/local` prefix, but
Homebrew installs them under `/opt/homebrew`. This change searches both
locations and then puts back to an unpathed name if it doesn't find the
BIOS. (I imitated other architectures' implemenations in that failback
behavior.)
[NO TESTS NEEDED]
Signed-off-by: Jonathan Springer <jonpspri@gmail.com>
Handle custom restart policies of containers when generating the unit
files; those should be set on the unit level and removed from ExecStart
flags.
Fixes: #11438
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Prevent hitting `panic: runtime error: index out of range [1] with length 1`
while performing `podman info` when unexpected values for user.slice is found.
[NO TESTS NEEDED]
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Adding the `-cpu host` option to the `addArchOptions` function for
darwin removes the warning message, "host doesn't support requested
feature: CPUID.80000001H:ECX.svm [bit 2]" by qemu-system-x86_64 when
using the `podman machine start` command on MacOS
Closes#11421
[NO TESTS NEEDED]
Signed-off-by: Scott Schreckengaust <scottschreckengaust@users.noreply.github.com>
Cause qemu to fall back to using TCG acceleration when HVP acceleration
is not available on Darwin Aarch64. Qemu prints a warning which it is
desirable to leave to embarrass the upstream Qemu into approving the HVF
patches.
[NO TESTS NEEDED]
Signed-off-by: Jonathan Springer <jspringer@us.ibm.com>
Signed-off-by: Jonathan Springer <jonpspri@gmail.com>
Following PR adds support for `kubectl` like `pod logs` to podman.
Usage `podman pod logs <podIDorName` gives a stream of logs for all
the containers within the pod with **containername** as a field.
Just like **`kubectl`** also supports `podman pod logs -c ctrIDorName podIDorName`
to limit the log stream to any of the specificied container which belongs to pod.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Equivalent for supported platforms, and makes it easier to support
additional unix-like OSes.
[NO TESTS NEEDED]
Signed-off-by: Maya Rashish <maya@NetBSD.org>
Filtering is missing in both compat API and libpod API, while docker
has filtering functinality. This commit enables filtering option using
name and id in both libpod and http API.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
When net.Dial always fail in the above loop, the code following the loop
is executed. This error check prevents this.
[NO TESTS NEEDED]
Signed-off-by: Guillaume Rose <gurose@redhat.com>
Following PR makes sure that `podman manifest rm <list>` only removes
the named manifest list and not referenced images.
Bumping and squashing c/common to v0.43.3-0.20210902095222-a7acc160fb25
in same commit in order to make sure build commit test passes.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Creating the rootlessport socket can fail with `bind: invalid argument`
when the socket path is longer than 108 chars. This is the case for
users with a long runtime directory.
Since the kernel does not allow to use socket paths with more then 108
chars use a workaround to open the socket path.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
OpenShift Merge Robot