summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2019-05-22 00:10:40 +0200
committerGitHub <noreply@github.com>2019-05-22 00:10:40 +0200
commit488b698040e6df1c8bb353a3e32c6e446a14e2d4 (patch)
tree14699b1c5fc4840c08525603ba674c232d4ca328
parent1cf9a1bdba195fea77a002d8b51cf8f965b861fb (diff)
parent43f28cdc166f467f3df0f553f696ecaaf0881979 (diff)
downloadpodman-488b698040e6df1c8bb353a3e32c6e446a14e2d4.tar.gz
podman-488b698040e6df1c8bb353a3e32c6e446a14e2d4.tar.bz2
podman-488b698040e6df1c8bb353a3e32c6e446a14e2d4.zip
Merge pull request #3177 from mheon/duplicate_volumes
When superceding mounts, check for opposite types
-rw-r--r--pkg/spec/storage.go36
-rw-r--r--test/e2e/run_volume_test.go14
2 files changed, 39 insertions, 11 deletions
diff --git a/pkg/spec/storage.go b/pkg/spec/storage.go
index 55148b606..dcc149b55 100644
--- a/pkg/spec/storage.go
+++ b/pkg/spec/storage.go
@@ -135,6 +135,29 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
unifiedMounts[initMount.Destination] = initMount
}
+ // Before superceding, we need to find volume mounts which conflict with
+ // named volumes, and vice versa.
+ // We'll delete the conflicts here as we supercede.
+ for dest := range unifiedMounts {
+ if _, ok := baseVolumes[dest]; ok {
+ delete(baseVolumes, dest)
+ }
+ }
+ for dest := range unifiedVolumes {
+ if _, ok := baseMounts[dest]; ok {
+ delete(baseMounts, dest)
+ }
+ }
+
+ // Supercede volumes-from/image volumes with unified volumes from above.
+ // This is an unconditional replacement.
+ for dest, mount := range unifiedMounts {
+ baseMounts[dest] = mount
+ }
+ for dest, volume := range unifiedVolumes {
+ baseVolumes[dest] = volume
+ }
+
// If requested, add tmpfs filesystems for read-only containers.
// Need to keep track of which we created, so we don't modify options
// for them later...
@@ -146,14 +169,14 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
if config.ReadOnlyRootfs && config.ReadOnlyTmpfs {
options := []string{"rw", "rprivate", "nosuid", "nodev", "tmpcopyup", "size=65536k"}
for dest := range readonlyTmpfs {
- if _, ok := unifiedMounts[dest]; ok {
+ if _, ok := baseMounts[dest]; ok {
continue
}
localOpts := options
if dest == "/run" {
localOpts = append(localOpts, "noexec")
}
- unifiedMounts[dest] = spec.Mount{
+ baseMounts[dest] = spec.Mount{
Destination: dest,
Type: "tmpfs",
Source: "tmpfs",
@@ -163,15 +186,6 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
}
}
- // Supercede volumes-from/image volumes with unified volumes from above.
- // This is an unconditional replacement.
- for dest, mount := range unifiedMounts {
- baseMounts[dest] = mount
- }
- for dest, volume := range unifiedVolumes {
- baseVolumes[dest] = volume
- }
-
// Check for conflicts between named volumes and mounts
for dest := range baseMounts {
if _, ok := baseVolumes[dest]; ok {
diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go
index e27b2aa55..d031ca143 100644
--- a/test/e2e/run_volume_test.go
+++ b/test/e2e/run_volume_test.go
@@ -104,4 +104,18 @@ var _ = Describe("Podman run with volumes", func() {
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(125))
})
+
+ It("podman run with conflict between image volume and user mount succeeds", func() {
+ podmanTest.RestoreArtifact(redis)
+ mountPath := filepath.Join(podmanTest.TempDir, "secrets")
+ err := os.Mkdir(mountPath, 0755)
+ Expect(err).To(BeNil())
+ testFile := filepath.Join(mountPath, "test1")
+ f, err := os.Create(testFile)
+ f.Close()
+ Expect(err).To(BeNil())
+ session := podmanTest.Podman([]string{"run", "-v", fmt.Sprintf("%s:/data", mountPath), redis, "ls", "/data/test1"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+ })
})