Handle podman build --dns-search

Fixes: https://github.com/containers/podman/issues/9574

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

5 files changed, 83 insertions, 43 deletions

diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go
index 97eb966b7..cd23557db 100644
--- a/cmd/podman/images/build.go
+++ b/cmd/podman/images/build.go
@@ -20,7 +20,6 @@ import (
 	"github.com/containers/podman/v3/cmd/podman/registry"
 	"github.com/containers/podman/v3/cmd/podman/utils"
 	"github.com/containers/podman/v3/pkg/domain/entities"
-	"github.com/docker/go-units"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
@@ -299,6 +298,11 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
 		}
 	}
 
+	commonOpts, err := parse.CommonBuildOptions(c)
+	if err != nil {
+		return nil, err
+	}
+
 	pullPolicy := imagebuildah.PullIfMissing
 	if c.Flags().Changed("pull") && flags.Pull {
 		pullPolicy = imagebuildah.PullAlways
@@ -362,22 +366,6 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
 		reporter = logfile
 	}
 
-	var memoryLimit, memorySwap int64
-	var err error
-	if c.Flags().Changed("memory") {
-		memoryLimit, err = units.RAMInBytes(flags.Memory)
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	if c.Flags().Changed("memory-swap") {
-		memorySwap, err = units.RAMInBytes(flags.MemorySwap)
-		if err != nil {
-			return nil, err
-		}
-	}
-
 	nsValues, networkPolicy, err := parse.NamespaceOptions(c)
 	if err != nil {
 		return nil, err
@@ -455,29 +443,15 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
 	}
 
 	opts := imagebuildah.BuildOptions{
-		AddCapabilities: flags.CapAdd,
-		AdditionalTags:  tags,
-		Annotations:     flags.Annotation,
-		Architecture:    arch,
-		Args:            args,
-		BlobDirectory:   flags.BlobCache,
-		CNIConfigDir:    flags.CNIConfigDir,
-		CNIPluginPath:   flags.CNIPlugInPath,
-		CommonBuildOpts: &buildah.CommonBuildOptions{
-			AddHost:      flags.AddHost,
-			CPUPeriod:    flags.CPUPeriod,
-			CPUQuota:     flags.CPUQuota,
-			CPUSetCPUs:   flags.CPUSetCPUs,
-			CPUSetMems:   flags.CPUSetMems,
-			CPUShares:    flags.CPUShares,
-			CgroupParent: flags.CgroupParent,
-			HTTPProxy:    flags.HTTPProxy,
-			Memory:       memoryLimit,
-			MemorySwap:   memorySwap,
-			ShmSize:      flags.ShmSize,
-			Ulimit:       flags.Ulimit,
-			Volumes:      flags.Volumes,
-		},
+		AddCapabilities:         flags.CapAdd,
+		AdditionalTags:          tags,
+		Annotations:             flags.Annotation,
+		Architecture:            arch,
+		Args:                    args,
+		BlobDirectory:           flags.BlobCache,
+		CNIConfigDir:            flags.CNIConfigDir,
+		CNIPluginPath:           flags.CNIPlugInPath,
+		CommonBuildOpts:         commonOpts,
 		Compression:             compression,
 		ConfigureNetwork:        networkPolicy,
 		ContextDirectory:        contextDir,
diff --git a/docs/source/markdown/podman-build.1.md b/docs/source/markdown/podman-build.1.md
index 84a624e53..9b34499d6 100644
--- a/docs/source/markdown/podman-build.1.md
+++ b/docs/source/markdown/podman-build.1.md
@@ -259,7 +259,7 @@ solely for scripting compatibility.
 
 #### **--dns**=*dns*
 
-Set custom DNS servers
+Set custom DNS servers to be used during the build.
 
 This option can be used to override the DNS configuration passed to the
 container. Typically this is necessary when the host DNS configuration is
@@ -272,11 +272,11 @@ image will be used without changes.
 
 #### **--dns-option**=*option*
 
-Set custom DNS options
+Set custom DNS options to be used during the build.
 
 #### **--dns-search**=*domain*
 
-Set custom DNS search domains
+Set custom DNS search domains to be used during the build.
 
 #### **--file**, **-f**=*Containerfile*
 
diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go
index e06f93b89..392f688dd 100644
--- a/pkg/api/handlers/compat/images_build.go
+++ b/pkg/api/handlers/compat/images_build.go
@@ -77,6 +77,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
 		Devices                string `schema:"devices"`
 		Dockerfile             string `schema:"dockerfile"`
 		DropCapabilities       string `schema:"dropcaps"`
+		DNSServers             string `schema:"dnsservers"`
+		DNSOptions             string `schema:"dnsoptions"`
+		DNSSearch              string `schema:"dnssearch"`
 		Excludes               string `schema:"excludes"`
 		ForceRm                bool   `schema:"forcerm"`
 		From                   string `schema:"from"`
@@ -160,6 +163,36 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
 		devices = m
 	}
 
+	var dnsservers = []string{}
+	if _, found := r.URL.Query()["dnsservers"]; found {
+		var m = []string{}
+		if err := json.Unmarshal([]byte(query.DNSServers), &m); err != nil {
+			utils.BadRequest(w, "dnsservers", query.DNSServers, err)
+			return
+		}
+		dnsservers = m
+	}
+
+	var dnsoptions = []string{}
+	if _, found := r.URL.Query()["dnsoptions"]; found {
+		var m = []string{}
+		if err := json.Unmarshal([]byte(query.DNSOptions), &m); err != nil {
+			utils.BadRequest(w, "dnsoptions", query.DNSOptions, err)
+			return
+		}
+		dnsoptions = m
+	}
+
+	var dnssearch = []string{}
+	if _, found := r.URL.Query()["dnssearch"]; found {
+		var m = []string{}
+		if err := json.Unmarshal([]byte(query.DNSSearch), &m); err != nil {
+			utils.BadRequest(w, "dnssearches", query.DNSSearch, err)
+			return
+		}
+		dnssearch = m
+	}
+
 	var output string
 	if len(query.Tag) > 0 {
 		output = query.Tag[0]
@@ -285,6 +318,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
 			CPUQuota:   query.CpuQuota,
 			CPUShares:  query.CpuShares,
 			CPUSetCPUs: query.CpuSetCpus,
+			DNSServers: dnsservers,
+			DNSOptions: dnsoptions,
+			DNSSearch:  dnssearch,
 			HTTPProxy:  query.HTTPProxy,
 			Memory:     query.Memory,
 			MemorySwap: query.MemSwap,
diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go
index 27706fd2c..1cbd28c37 100644
--- a/pkg/bindings/images/build.go
+++ b/pkg/bindings/images/build.go
@@ -87,6 +87,28 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
 		params.Add("devices", d)
 	}
 
+	if dnsservers := options.CommonBuildOpts.DNSServers; len(dnsservers) > 0 {
+		c, err := jsoniter.MarshalToString(dnsservers)
+		if err != nil {
+			return nil, err
+		}
+		params.Add("dnsservers", c)
+	}
+	if dnsoptions := options.CommonBuildOpts.DNSOptions; len(dnsoptions) > 0 {
+		c, err := jsoniter.MarshalToString(dnsoptions)
+		if err != nil {
+			return nil, err
+		}
+		params.Add("dnsoptions", c)
+	}
+	if dnssearch := options.CommonBuildOpts.DNSSearch; len(dnssearch) > 0 {
+		c, err := jsoniter.MarshalToString(dnssearch)
+		if err != nil {
+			return nil, err
+		}
+		params.Add("dnssearch", c)
+	}
+
 	if caps := options.DropCapabilities; len(caps) > 0 {
 		c, err := jsoniter.MarshalToString(caps)
 		if err != nil {
diff --git a/test/system/070-build.bats b/test/system/070-build.bats
index a9f97d5ab..1a89800a5 100644
--- a/test/system/070-build.bats
+++ b/test/system/070-build.bats
@@ -168,6 +168,9 @@ EOF
         CAT_SECRET="cat /run/secrets/$secret_filename"
     fi
 
+    # For --dns-search: a domain that is unlikely to exist
+    local nosuchdomain=nx$(random_string 10).net
+
     # Command to run on container startup with no args
     cat >$tmpdir/mycmd <<EOF
 #!/bin/sh
@@ -218,17 +221,22 @@ RUN chown 2:3 /bin/mydefaultcmd
 RUN $CAT_SECRET
 
 CMD ["/bin/mydefaultcmd","$s_echo"]
+RUN cat /etc/resolv.conf
 EOF
 
     # cd to the dir, so we test relative paths (important for podman-remote)
     cd $PODMAN_TMPDIR
     run_podman ${MOUNTS_CONF} build \
+               --dns-search $nosuchdomain \
                -t build_test -f build-test/Containerfile build-test
     local iid="${lines[-1]}"
 
     # Make sure 'podman build' had the secret mounted
     is "$output" ".*$secret_contents.*" "podman build has /run/secrets mounted"
 
+    is "$output" ".*search $nosuchdomain" \
+       "--dns-search added to /etc/resolv.conf"
+
     if is_remote; then
         ENVHOST=""
     else