compat API not replying like docker for attach API

[benoitf]

Issue Description

When interacting with containers and REST API there is the https://github.com/apocas/dockerode library for Node.JS world

This library is sending some commands using both query parameters and JSON payload. I assume it may be a failure but then Docker engine is correctly handling that usecase while Podman is echoing the command.

Steps to reproduce the issue

Steps to reproduce the issue

1. Create a container using the socket

curl --unix-socket /Users/benoitf/.local/share/containers/podman/machine/qemu/podman.sock -H "Content-Type: application/json" -X POST -d'{"Tty":true,"Image":"docker.io/library/node"}' "http://v1.41/containers/create"

then as output you have the container's ID

{"Id":"13e1c7005acf79a2803d5a448a6fa899e56e87be120ccbabe43886d3191ff8fb","Warnings":[]}

store the container's id in a variable like CONTAINER_ID

export CONTAINER_ID="13e1c7005acf79a2803d5a448a6fa899e56e87be120ccbabe43886d3191ff8fb"

2. then , attach to the container

(dockerode will send the options as JSON payload as well)

 curl --unix-socket /Users/benoitf/.local/share/containers/podman/machine/qemu/podman.sock -H "Content-Type: application/json" -X POST -d'{"stream": true, "stdin":true, "stdout":true}' "http://v1.41/containers/${CONTAINER_ID}/attach?stream=true&stdin=true&stdout=true&stderr=true"

this terminal will then hang,

3. In another terminal, start the container

make sure the variable is also set in this terminal

export CONTAINER_ID="13e1c7005acf79a2803d5a448a6fa899e56e87be120ccbabe43886d3191ff8fb"

 curl --unix-socket /Users/benoitf/.local/share/containers/podman/machine/qemu/podman.sock -H "Content-Type: application/json" -X POST -d'{}' "http://v1.41/containers/${CONTAINER_ID}/start"

4. Now look back to the previous terminal

you should see something like

{"stream": true, "stdin":true, "stdout":true}Welcome to Node.js v20.6.0.
Type ".help" for more information.
> {"stream": true, "stdin":true, "stdout":true}

as you see, the JSON payload is included in the output while it should not

Describe the results you received

receive in output the JSON output of attach body

Describe the results you expected

Do not have the echo of the JSON payload

if I try the same curl commands on docker engine

curl --unix-socket /var/run/docker.sock -H "Content-Type: application/json" -X POST -d'{"Tty":true,"Image":"docker.io/library/node"}' "http://v1.41/containers/create"

{"Id":"fab72557d7487bb9fa51c593c713509e8ca8320cf4756e410eccb1282b0a9e7d","Warnings":[]}

then attach

export CONTAINER_ID="fab72557d7487bb9fa51c593c713509e8ca8320cf4756e410eccb1282b0a9e7d"

 curl --unix-socket /var/run/docker.sock -H "Content-Type: application/json" -X POST -d'{"stream": true, "stdin":true, "stdout":true}' "http://v1.41/containers/${CONTAINER_ID}/attach?stream=true&stdin=true&stdout=true&stderr=true"

switch to another tab:

export CONTAINER_ID="fab72557d7487bb9fa51c593c713509e8ca8320cf4756e410eccb1282b0a9e7d"

start container

curl --unix-socket /var/run/docker.sock -H "Content-Type: application/json" -X POST -d'{}' "http://v1.41/containers/${CONTAINER_ID}/start"

switch back to the previous tab:

we see expected behaviour on Docker's engine:

curl --unix-socket /var/run/docker.sock -H "Content-Type: application/json" -X POST -d'{"stream": true, "stdin":true, "stdout":true}' "http://v1.41/containers/${CONTAINER_ID}/attach?stream=true&stdin=true&stdout=true&stderr=true"
Welcome to Node.js v20.5.1.
Type ".help" for more information.

podman info output

If you are unable to run podman info for any reason, please provide the podman version, operating system and its version and the architecture you are running.

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

Additional environment details

Additional information

Additional information like issue happens only occasionally or issue happens with a particular architecture or on a particular setting

[mheon]

I don't think you provided the output Podman is printing. What exactly are the differences you are seeing?

[benoitf]

I paste it.
Step 4, you see {"stream": true, "stdin":true, "stdout":true} which is the JSON payload of the request

[benoitf]

docker engine doesn't echo the JSON payload in the response like podman does

[Luap99]

Thanks for detailed reproducer.

 curl ... -X POST -d'{"stream": true, "stdin":true, "stdout":true}' "http://v1.41/containers/${CONTAINER_ID}/attach?stream=true&stdin=true&stdout=true&stderr=true"

I don't think this is a valid payload. You send this is a body but the API never documents a body, the parameter should be given as query params which you also do. So if you drop the -d'{"stream": true, "stdin":true, "stdout":true}' part it should work.

The body you send is interpreted as stdin for the container. We print that back for some reason which is definitely wrong but if the library is sending this in the body then the container application can read this which sounds like a bug in your library.

[benoitf]

@Luap99 yes I think both podman and the library are incorrect. Podman should ignore the payload (not echo it) and the library should not send the payload (I also opened a bug on the library)
apocas/dockerode#742

[Luap99]

I don't even think this is an API bug, this seems to reproduce even with the local podman.

# this how it should work
$ cat <<<"test"
test

# this here prints test twice and hangs
$ podman run -it alpine cat <<<"test"
WARN[0000] The input device is not a TTY. The --tty and --interactive flags might not work properly 
test
test
                                         <--- hangs here so it does not seem to recognize EOF correctly

As far I can tell it seems like conmon is sending us immediately the stdin back on stdout (this is even before the application was started) and then when the container is started node reads it from stdin and prints it in the interactive shell as expected.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.