An HTTP response with Content-Type application/json does not need
to be HTML escaped. Doing this causes encoding issues in the Podman
REST API output as seen in the issue:
Fixes#17769
Remove the HTML escaping from Content-Type: application/json responses.
Signed-off-by: Stef Walter <stef@thewalter.net>
Co-Authored-By: Claude <noreply@anthropic.com>
One might think Close() should be called but we are already using
Shutdown() which is the graceful way to stop the server so we don't
actually need Close().
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Deadcode should that the ShouldRestart() API endpoint was never wired
into the router so the endpoint did not existed and the bindings called
a non existing endpoint which returnd 404 which the binding code
assumed means no restart.
As such remove all this code as it didn't do anything useful. And IMO
exposing a shouldrestart API always feeled wrong to me. The client
should not have to deal with this.
This commit does not change the behavior but it also does not make an
attempt to fix the broken restart handling with the rmeote client. Given
we do not seem to have any user reports about this it seems it is not
used.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
As with `volume export`, this was coded up exclusively in cmd/
instead of in libpod. Move it into Libpod, add a REST endpoint,
add bindings, and now everything talks using the ContainerEngine
wiring.
Also similar to `volume export` this also makes things work much
better with volumes that require mounting - we can now guarantee
they're actually mounted, instead of just hoping.
Includes some refactoring of `volume export` as well, to simplify
its implementation and ensure both Import and Export work with
readers/writers, as opposed to just files.
Fixes#26409
Signed-off-by: Matt Heon <mheon@redhat.com>
they allow to override the owner of the volume. Differently from
-o=uid= and -o=gid= they are not passed down to the mount operation.
Closes: https://issues.redhat.com/browse/RHEL-76452
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Previously, our approach was to inspect the volume, grab its
mountpoint, and tar that up, all in the CLI code. There's no
reason why that has to be in the CLI - if we move it into
Libpod, and add a REST endpoint to stream the tar, we can
enable it for the remote client as well.
As a bonus, previously, we could not properly handle volumes that
needed to be mounted. Now, we can mount the volume if necessary,
and as such export works with more types of volumes, including
volume drivers.
Signed-off-by: Matt Heon <mheon@redhat.com>
Two incomptable changes, they removed the BridgeNfIP6tables
and BridgeNfIptables fields so we must drop them. As they are not
important ones that should not cause problems.
Second, they moved to using DockerOCIImageConfig from another new module.
The json format did not chnage so this is not an external API break.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This patch adds a new endpoint to the REST API called "artifacts" with
the following methods:
- Add
- Extract
- Inspect
- List
- Pull
- Push
- Remove
This API will be utilised by the Podman bindings to add OCI Artifact
support to our remote clients.
Jira: https://issues.redhat.com/browse/RUN-2711
Signed-off-by: Lewis Roy <lewis@redhat.com>
When using `docker compose run --entrypoint ''`, docker sends
`"Entrypoint": []` in the JSON. Podman currently treats that
as `nil` and fallback to default image entrypoint.
This is not what is expected by the user. Instead, it should
not use any entrypoint.
This commit fixes it by properly propagating the `[]` downstream
to libpod.
Fixes: #26078
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
Hard coding to none without checking containers.conf is not a good idea
as users who liked the previous behavior and the podman default behavior
of keeping the hosts entries can no longer do that.
With this commit they can set base_hosts_file = "/etc/hosts" to restore
the previous behavior.
Fixes: https://issues.redhat.com/browse/RHEL-92995
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The JSON decoder correctly cannot decode (overflow) negative values (e.g., `-1`) for fields of type `uint64`, as `-1` is used to represent `max` in `POSIXRlimit`. To handle this, we use `tmpSpecGenerator` to decode the request body. The `tmpSpecGenerator` replaces the `POSIXRlimit` type with a `tmpRlimit` type that uses the `json.Number` type for decoding values. The `tmpRlimit` is then converted into the `POSIXRlimit` type and assigned to the `SpecGenerator`.
This approach ensures compatibility with the Podman CLI and remote API, which already handle `-1` by casting it to `uint64` (`uint64(-1)` equals `MaxUint64`) to signify `max`.
Fixes: https://issues.redhat.com/browse/RUN-2859
Fixes: https://github.com/containers/podman/issues/24886
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
The Docker `-XDELETE image/$name?force=true` endpoint only removes
containers using an image if they are in a non running state.
In Podman, when forcefully removing images we also forcefully delete
containers using the image including running containers.
This patch changes the Docker image force delete compat API to act like the
Docker API while maintaining commands like `podman rmi -f $imagename`
It also corrects the API return code returned when an image is requested
to be deleted with running containers using it.
Fixes: https://github.com/containers/podman/issues/25871
Signed-off-by: Lewis Roy <lewis@redhat.com>
Add the inherit-labels option to the build API and tweak the go.mod
after some unhappiness in my sandbox.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This was added by commit 84e42877a ("make lint: re-enable revive"),
making nolintlint became almost useless.
Remove the ungodly amount of unused nolint annotations.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
The --env is used to add new environment variable to container or
override the existing one. The --unsetenv is used to remove
the environment variable.
It is done by sharing "env" and "unsetenv" flags between both
"update" and "create" commands and later handling these flags
in the "update" command handler.
The list of environment variables to add/remove is stored
in newly added variables in the ContainerUpdateOptions.
The Container.Update API call is refactored to take
the ContainerUpdateOptions as an input to limit the number of its
arguments.
The Env and UnsetEnv lists are later handled using the envLib
package and the Container is updated.
The remote API is also extended to handle Env and EnvUnset.
Fixes: #24875
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
GoLang sets unset values to the default value of the type. This means that the destination of the log is an empty string and the count and size are set to 0. However, this means that size and count are unbounded, and this is not the default behavior.
Fixes: https://github.com/containers/podman/issues/25473
Fixes: https://issues.redhat.com/browse/RHEL-83262
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
A lot of types are moved and now deprecated which causes lint issues.
IDResponse is copied into podman because that has no new 1 to 1
replacement. For some fields that we set as part of the docker API I
added the nolint directive as these fields might be used by API
consumers.
For the other types it is mostly a 1 to 1 move.
ParseUintList is deprecated but we can use the same function from
github.com/containers/storage/pkg/parsers instead.
Note that it containers breaking changes to pkg/bindings which we should
not do generally but given the prevoius commit already has a unavoidable
breaking change we might as well fix the IDResponse issue once now.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Update to the latest c/{common,image} which inclused an update to
docker v28, that update is NOT backwards compatible so I had to fix a
few types.
NOTE: handler.ExecCreateConfig is used directly by the bindings. Thus
this is an API break for pkg/bindings. Including docker types as part of
any stable pkg/bindings API was a very bad idea.
I see no way to avoid that unless we never want to docker v28, which is
not easy as the update comes in from c/image and maybe other packages.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
podman artifact add now supports two new command line switches.
--type string that describes the type of artifact
--annotation string slice in the form of key=val
These new options allow users to "tag" information in on their artifacts
for any number of purposes down the line
RUN-2446
Signed-off-by: Brent Baude <bbaude@redhat.com>
podman exec support detaching early via the detach key sequence. In that
case the podman process should exit successfully but the container exec
process keeps running.
Now I wrote automated test for both podman run and exec detach but this
uncovered several larger issues:
- detach sequence parsing is broken[1]
- podman-remote exec detach is broken[2]
- detach in general seems to be buggy/racy, seeing lot of flakes that
fail to restore the terminal and get an EIO instead, i.e.
"Unable to restore terminal: input/output error"
Thus I cannot add tests for now but this commit should at least fix the
obvoius case as reported by the user so I like to get this in regardless
and I will work through the other issues once I have more time.
Fixes#24895
[1] https://github.com/containers/common/pull/2302
[2] https://github.com/containers/podman/issues/25089
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
flouthoc
openshift-merge-bot[bot]
Stef Walter
Paul Holzinger
Ygal Blum
Matt Heon
Giuseppe Scrivano
Lewis Roy
Jan Kaluza
Patrick Barrett
Nicola Sella
Jan Rodák
Cesar Goncalves
Matej Vašek
tomsweeneyredhat
Kir Kolyshkin
sianao
Jakub Panek
Brent Baude