it allows to select a different OCI runtime to use with atomic run.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1196
Approved by: rhatdan
There were two primary cases where a secondary atomic run with a command
would trigger an exception. The first was reported in
https://github.com/projectatomic/atomic/issues/1006. Basically it can
be summarized as:
```
atomic run registry.fedoraproject.org/fedora:25 date # works fine
atomic run registry.fedoraproject.org/fedora:26 date # tries to run in the existing f25 container
```
The second case is as simple as:
```
atomic run registry.fedoraproject.org/fedora:25 date # works fine
atomic run registry.fedoraproject.org/fedora:25 date # fails
```
This fails because atomic starts the stopped f25 container and then attempts a docker exec. The
exec fails because the 'date' command is short-lived and the container exits prior to the exec
being run.
We now catch those exceptions and notify the user. We added a `--replace` option to run where
atomic will now delete the container in question and re-run it from the correct image.
Closes: #1019
Approved by: baude
To have parity function with pull, we need to add --storage
to install and run. This allows for overriding when atomic.type
is defined. For example, if you pull an image that has
atomic.type=system but you really want to store it
on the docker backend.
Closes: #861
Approved by: baude
Wrap atomic run/stop with systemctl start/stop for system
containers. This way the user can directly use the atomic
CLI for the full container cycle. In addition, the equivalent
functionality already exists for docker containers, so it
makes sense to allow system containers to start/stop in a
similar fashion.
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #651
Approved by: rhatdan
Laymen users who are told to run a image may not understand
the docker run switches that have security implications. We
now look for the following switches:
* --privileged
* --cap-add
* --security-opt label:disable
* --net=host
* --pid=host
* --ipc=host
and output an appropriate security message.
Also, moved def run() from Atomic/atomic.py to Atomic/run.py
to reduce the size and the number of definitions in
Atomic/atomic.py.
Use --display to view run or install commands without
executing the commands. This is useful when working with custom images
with LABEL methods defined.
Signed-off-by: Sally O'Malley <somalley@redhat.com>
This commit adds `IMAGE` and `NAME` as environment variables
passed to install, uninstall, stop, and run (similarly to
`CONFDIR`, `DATADIR`, and `LOGDIR`). This allows users to write
`NAME=${NAME}` instead of `NAME=NAME`, and also enables `${NAME}`
and `${IMAGE}` to be used in arbitrary parts of the commands.
