As pointed out in containers/podman/issues/10730, the man pages of
buildah/podman push/pull were incomplete in explaining all supported
transports. To keep things simple, explain the defaults, refer to
containers-transports(5).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
It affects all transports; and without --format, we try several manifest formats.
[NO NEW TESTS NEEDED]
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Currently manifests just look like images in container storage.
It is surprising to the user when they go to push the images
that they end up failing, and have to use the buildah manifest push.
This patch causes buildah push to failover to buildah manifest push
if the image is a manifest.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If the registry is set to insecure allowd using BUILD_REGISTRY_SOURCES, hardcode to skip the tls verify to avoid the errors.
Returns error if set insecureRegistries but force to use tls-verify.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Run 'buildah --help', recursively against all subcommands,
then cross-reference the results against docs/buildah*.md.
Report differences in subcommands and/or flags.
The majority of the changes in this PR are trivial (see
below) but a handful may be controversial and require
careful review:
* Making 'bud' the default output of 'buildah help',
with 'build-using-dockerfile' as an alias. This is
the inverse of the situation until now: buildah
would list build-using-dockerfile as the primary
name. The man page, OTOH, lists 'bud'. The source
file name is 'bud'. I suspect that most people
type 'bud'. So, for consistency, I choose to make
'bud' the default visible command.
* add --encryption-key and --encrypt-layer documentation
to buildah-commit.md, and --encrypt-layer to -push.md.
Please double-check the wording here.
* remove --notruncate from buildah-images.md. The option
does not exist (although there is a TODO comment in
the code). If it should exist, it is left to the
reader to implement. I would humbly suggest that this
is a good idea, for consistency with buildah containers.
* remove --shm-size from buildah-pull.md. The option
does not exist, and I suspect this was a copy-paste error.
* remove --security-opt from run.go. It was unimplemented
and undocumented.
* remove --userns-[gu]id-map from buildah-bud.md. These
are global options, not bud options, and are documented
well enough in buildah.bud.
Trivial (IMO) changes:
* split options in man pages, from '**--foo, -f**'
to '**--foo**, **-f**'. This conforms with the style
used in podman man pages.
* add missing one-letter aliases (usually "-q", "-a")
* add missing man page entries for some easy options
* sort out-of-order subcommand listings in man pages
Finally, do note that this is a copy-and-alter duplicate of the
original script in podman, and that is horrible. In an ideal
world I would've been able to refactor the podman version into
something usable on both repos (and then more). It turns out the
differences in man page format and in special-case handling are
too broad to let me do a clean refactor.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Small fixes to the man pages:
* Ensure the explaination of the `--cert-dir` and `--tls-verify` flags
are consistent across all the commands.
* Ensure `buildah-login` and `docker-login` man pages are referenced
by the sub commands that deal with authenticated registries.
Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Add the --sign-by option to `buildah build-using-dockerfile`,
`buildah commit`, `buildah push`, and `buildah manifest push`. Add the
`--remove-signatures` option to `buildah pull`, `buildah push`, and
`buildah manifest push`. We just pass them to the image library, which
does all of the heavy lifting.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #2085
Approved by: rhatdan
Fix man page instances of 'registries.conf(5)' et al.
The correct man page is containers-registries.conf(5).
Found via:
$ for i in registries.conf storage.conf policy.json ; do grep $i.5 docs/*.md | grep -v containers-$i;done
In buildah.md, I simply removed the storage.conf line from
the 'Commands' table because it's not a command.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Closes: #2068
Approved by: TomSweeneyRedHat
Or set it to /var/tmp if the user did not specify.
Currently certain large workloads can not be handled because users are running
out of space on pulls/ and pushes. Containers/image stores data temporarily in
the file system. This allows the user to overide the location of the temporary
storage.
Also update containers/image to v5.0.1
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Thanks to Dmitry Smirnov @onlyjob for suggesting this tool.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1985
Approved by: TomSweeneyRedHat
If $BUILD_REGISTRY_SOURCES is set, expect it to be a valid
github.com/openshift/api/config/v1.Image, and parse its
AllowedRegistries and BlockedRegistries lists when, pulling, committing,
or pushing images.
Override the local signature policy when committing or pushing an image
to ensure that local storage is always allowed.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1787
Approved by: rhatdan
We removed the "Succesfully pushed ..." statement from the end of
the `buildah push` command in #1744. However we've had a request
for that information still so I'm re-adding it as a debug statement
and we can discuss if there's a better way or not.
Also add the --digestfile option. With it the user will be able
to specify a file to write the digest of the pushed image to for
reference.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1799
Approved by: rhatdan
Fix the bug that buildah reads /var/run/containers.. as authentication file.(in readme files it should be /run/containers/uid).
Add `buildah login`, `buildah logout` to close#1329, enable to use buildah login before running buildah bud for multi-stage bud and avoiding using --creds flag.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1501
Approved by: rhatdan
We really want users to use the registries.conf file specified by
the administrator. We also don't want them overriding the signature-policy.
Thes options are mainly their for CI/CD Systems, so they should be hidden
from the user.
Signed-off-by: Daniel J Walsh dwalsh@redhat.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1373
Approved by: TomSweeneyRedHat
In this case assume it's the same as source. This makes it
compatible with `docker push`.
Thus `buildah push my_registry/my_image` will behave like
`buildah push my_registry/my_image docker://my_registry/my_image`
Signed-off-by: Jonh Wendell <jonh.wendell@redhat.com>
Closes: #994
Approved by: rhatdan
man-pages(7) has [1]:
> For commands, this shows the syntax of the command and its arguments
> (including options); boldface is used for as-is text and italics are
> used to indicate replaceable arguments. Brackets ([]) surround
> optional arguments, vertical bars (|) separate choices, and ellipses
> (...) can be repeated.
I've adjusted our SYNOPSIS entries to match that formatting, and
generally tried to make them more consistent with the precedent set by
the man-pages project. Outside of the SYNOPSIS entry, I prefer using
backticks for literals, although in some places I've left the **
bolding to keep things visually similar to a nearby SYNOPSIS entry.
I've also simplified a few placeholders, e.g. "containerID" ->
"container", because I didn't think the additional bit was providing
much additional context. If there is ambiguity about the
representation, it should be addressed in the DESCRIPTION instead of
with an "ID" or "Name" suffix.
[1]: http://man7.org/linux/man-pages/man7/man-pages.7.html
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #839
Approved by: rhatdan
Extend util.ResolveName() to prepend "localhost" to the list of
registries, and teach util.FindImage(), util.ExpandNames(), and
util.AddImageNames() to use util.ResolveName().
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #648
Approved by: rhatdan
This fixes an issue where if you did
man -k buildah-bud
buildah-bud (1) - (unknown subject)
Now you will see
man -k buildah-bud
buildah-bud (1) - Build an image using instructions from Dockerfiles.
More importantly
man -k Dockerfile
buildah-bud (1) - Build an image using instructions from Dockerfiles.
docker-build (1) - Build an image from a Dockerfile
docker-image-build (1) - Build an image from a Dockerfile
Dockerfile (5) - automate the steps of creating a Docker image
podman-build (1) - Build a container image using a Dockerfile.
Will now list buildah-d
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #638
Approved by: TomSweeneyRedHat
The example for the oci transport was misleading as it showed a different format.
Added an example for oci-archive. Added oci-archive to the Destinations.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #559
Approved by: rhatdan
I noticed when you look at the man pages with man ./doc/buildah.1 that the
headings were not showing up. go-md2man wanted to have a primary header
in order to format them correctly. Removing the first # from the first line
fixes the issue.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #521
Approved by: rhatdan
Since we fall back to reading the credentials from $HOME/.docker/config
set by docker login when kpod login doesn't have the credentials
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Closes: #331
Approved by: rhatdan
buildah push and from now use the credentials stored in ${XDG_RUNTIME_DIR}/containers/auth.json by kpod login
if the auth file path is changed, buildah push and from can get the credentials from the custom auth file
using the --authfile flag
e.g buildah push --authfile /tmp/auths/myauths.json alpine docker://username/image
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Closes: #325
Approved by: rhatdan
buildah push supports manifest type conversion when pushing using the 'dir' transport
Manifest types include oci, v2s1, and v2s2
e.g buildah push --format v2s2 alpine dir:my-directory
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Closes: #321
Approved by: rhatdan
1. Sort options so they are in alphabet order
2. Remove extra lines of code for options parsing that really do not accomplish anything.
3. Remove variables when they are not necessary, I.E. Don't create a variable to hold an
option that is only used once, use the option instead.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #267
Approved by: <username_without_leading_@>
containers/image now fully supports pushing images and signatures to an
openshift/atomic registry using the docker:// transport.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #238
Approved by: rhatdan
Add a "push" command, which pulls an image's layers from local storage,
recomputes the image's digest and manifest, and uses the image library
to write the result to the specified location.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #141
Approved by: rhatdan
Valentin Rothberg
Miloslav Trmač
Daniel J Walsh
OpenShift Merge Robot
Qi Wang
Ed Santiago
Flavio Castelli
Brandon Lum
Nalin Dahyabhai
Giuseppe Scrivano
TomSweeneyRedHat
Jonh Wendell
W. Trevor King
umohnani8