summaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-07-23 11:04:48 +0200
committerGitHub <noreply@github.com>2020-07-23 11:04:48 +0200
commitdade9159e7a0f848e101221274faa3f4f03cf132 (patch)
tree4fc8aa7a9379260c103d86c37cfc0a2ad511a9e9 /cmd
parent2d24487ba244e5cd900f6aecc5d8896e1354d1ee (diff)
parent2faeb2189f81b6925d80aa8031cb5b19aa8618cb (diff)
downloadpodman-dade9159e7a0f848e101221274faa3f4f03cf132.tar.gz
podman-dade9159e7a0f848e101221274faa3f4f03cf132.tar.bz2
podman-dade9159e7a0f848e101221274faa3f4f03cf132.zip
Merge pull request #7054 from mheon/backports_203
Backports and Release Notes for v2.0.3
Diffstat (limited to 'cmd')
-rw-r--r--cmd/podman/common/create.go6
-rw-r--r--cmd/podman/common/specgen.go15
-rw-r--r--cmd/podman/containers/start.go1
-rw-r--r--cmd/podman/early_init_linux.go39
-rw-r--r--cmd/podman/early_init_unsupported.go6
-rw-r--r--cmd/podman/images/list.go53
-rw-r--r--cmd/podman/images/pull.go1
-rw-r--r--cmd/podman/images/push.go1
-rw-r--r--cmd/podman/parse/json.go9
-rw-r--r--cmd/podman/parse/json_test.go30
-rw-r--r--cmd/podman/pods/create.go2
-rw-r--r--cmd/podman/root.go1
-rw-r--r--cmd/podman/system/info.go3
-rw-r--r--cmd/podman/system/version.go3
14 files changed, 142 insertions, 28 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index ee7f957cc..5f3198ed6 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -154,6 +154,10 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
"device-write-iops", []string{},
"Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)",
)
+ createFlags.Bool(
+ "disable-content-trust", false,
+ "This is a Docker specific option and is a NOOP",
+ )
createFlags.String("entrypoint", "",
"Overwrite the default ENTRYPOINT of the image",
)
@@ -395,7 +399,7 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
)
createFlags.StringArrayVar(
&cf.SecurityOpt,
- "security-opt", containerConfig.SecurityOptions(),
+ "security-opt", []string{},
"Security Options",
)
createFlags.String(
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index b4f786da2..aa8669e7a 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -365,9 +365,10 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.Annotations = annotations
s.WorkDir = c.Workdir
- entrypoint := []string{}
userCommand := []string{}
+ var command []string
if c.Entrypoint != nil {
+ entrypoint := []string{}
if ep := *c.Entrypoint; len(ep) > 0 {
// Check if entrypoint specified is json
if err := json.Unmarshal([]byte(*c.Entrypoint), &entrypoint); err != nil {
@@ -375,14 +376,14 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
}
s.Entrypoint = entrypoint
- }
- var command []string
-
- // Build the command
- // If we have an entry point, it goes first
- if c.Entrypoint != nil {
+ // Build the command
+ // If we have an entry point, it goes first
command = entrypoint
}
+
+ // Include the command used to create the container.
+ s.ContainerCreateCommand = os.Args
+
if len(inputCommand) > 0 {
// User command overrides data CMD
command = append(command, inputCommand...)
diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go
index 941588137..21f22b986 100644
--- a/cmd/podman/containers/start.go
+++ b/cmd/podman/containers/start.go
@@ -82,6 +82,7 @@ func start(cmd *cobra.Command, args []string) error {
if cmd.Flag("sig-proxy").Changed {
sigProxy = startOptions.SigProxy
}
+ startOptions.SigProxy = sigProxy
if sigProxy && !startOptions.Attach {
return errors.Wrapf(define.ErrInvalidArg, "you cannot use sig-proxy without --attach")
diff --git a/cmd/podman/early_init_linux.go b/cmd/podman/early_init_linux.go
new file mode 100644
index 000000000..b43450a7f
--- /dev/null
+++ b/cmd/podman/early_init_linux.go
@@ -0,0 +1,39 @@
+package main
+
+import (
+ "fmt"
+ "os"
+ "syscall"
+
+ "github.com/containers/libpod/v2/libpod/define"
+ "github.com/pkg/errors"
+)
+
+func setRLimits() error {
+ rlimits := new(syscall.Rlimit)
+ rlimits.Cur = define.RLimitDefaultValue
+ rlimits.Max = define.RLimitDefaultValue
+ if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ return errors.Wrapf(err, "error getting rlimits")
+ }
+ rlimits.Cur = rlimits.Max
+ if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, rlimits); err != nil {
+ return errors.Wrapf(err, "error setting new rlimits")
+ }
+ }
+ return nil
+}
+
+func setUMask() {
+ // Be sure we can create directories with 0755 mode.
+ syscall.Umask(0022)
+}
+
+func earlyInitHook() {
+ if err := setRLimits(); err != nil {
+ fmt.Fprint(os.Stderr, "Failed to set rlimits: "+err.Error())
+ }
+
+ setUMask()
+}
diff --git a/cmd/podman/early_init_unsupported.go b/cmd/podman/early_init_unsupported.go
new file mode 100644
index 000000000..4e748559f
--- /dev/null
+++ b/cmd/podman/early_init_unsupported.go
@@ -0,0 +1,6 @@
+// +build !linux
+
+package main
+
+func earlyInitHook() {
+}
diff --git a/cmd/podman/images/list.go b/cmd/podman/images/list.go
index 8d50986d5..94d03bd6f 100644
--- a/cmd/podman/images/list.go
+++ b/cmd/podman/images/list.go
@@ -1,7 +1,6 @@
package images
import (
- "errors"
"fmt"
"os"
"sort"
@@ -11,9 +10,11 @@ import (
"time"
"unicode"
+ "github.com/containers/image/v5/docker/reference"
"github.com/containers/libpod/v2/cmd/podman/registry"
"github.com/containers/libpod/v2/pkg/domain/entities"
"github.com/docker/go-units"
+ "github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
)
@@ -98,7 +99,10 @@ func images(cmd *cobra.Command, args []string) error {
return err
}
- imgs := sortImages(summaries)
+ imgs, err := sortImages(summaries)
+ if err != nil {
+ return err
+ }
switch {
case listFlag.quiet:
return writeID(imgs)
@@ -170,14 +174,18 @@ func writeTemplate(imgs []imageReporter) error {
return tmpl.Execute(w, imgs)
}
-func sortImages(imageS []*entities.ImageSummary) []imageReporter {
+func sortImages(imageS []*entities.ImageSummary) ([]imageReporter, error) {
imgs := make([]imageReporter, 0, len(imageS))
+ var err error
for _, e := range imageS {
var h imageReporter
if len(e.RepoTags) > 0 {
for _, tag := range e.RepoTags {
h.ImageSummary = *e
- h.Repository, h.Tag = tokenRepoTag(tag)
+ h.Repository, h.Tag, err = tokenRepoTag(tag)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error parsing repository tag %q:", tag)
+ }
imgs = append(imgs, h)
}
} else {
@@ -189,23 +197,32 @@ func sortImages(imageS []*entities.ImageSummary) []imageReporter {
}
sort.Slice(imgs, sortFunc(listFlag.sort, imgs))
- return imgs
+ return imgs, err
}
-func tokenRepoTag(tag string) (string, string) {
- tokens := strings.Split(tag, ":")
- switch len(tokens) {
- case 0:
- return tag, ""
- case 1:
- return tokens[0], ""
- case 2:
- return tokens[0], tokens[1]
- case 3:
- return tokens[0] + ":" + tokens[1], tokens[2]
- default:
- return "<N/A>", ""
+func tokenRepoTag(ref string) (string, string, error) {
+
+ if ref == "<none>:<none>" {
+ return "<none>", "<none>", nil
+ }
+
+ repo, err := reference.Parse(ref)
+ if err != nil {
+ return "", "", err
+ }
+
+ named, ok := repo.(reference.Named)
+ if !ok {
+ return ref, "", nil
}
+
+ tagged, ok := repo.(reference.Tagged)
+ if !ok {
+ return named.Name(), "", nil
+ }
+
+ return named.Name(), tagged.Tag(), nil
+
}
func sortFunc(key string, data []imageReporter) func(i, j int) bool {
diff --git a/cmd/podman/images/pull.go b/cmd/podman/images/pull.go
index 83bb186df..c10a351d8 100644
--- a/cmd/podman/images/pull.go
+++ b/cmd/podman/images/pull.go
@@ -82,6 +82,7 @@ func pullFlags(flags *pflag.FlagSet) {
flags.StringVar(&pullOptions.CredentialsCLI, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.StringVar(&pullOptions.OverrideArch, "override-arch", "", "Use `ARCH` instead of the architecture of the machine for choosing images")
flags.StringVar(&pullOptions.OverrideOS, "override-os", "", "Use `OS` instead of the running OS for choosing images")
+ flags.Bool("disable-content-trust", false, "This is a Docker specific option and is a NOOP")
flags.BoolVarP(&pullOptions.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
flags.StringVar(&pullOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&pullOptions.TLSVerifyCLI, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
diff --git a/cmd/podman/images/push.go b/cmd/podman/images/push.go
index fd91ab0ab..c25c33784 100644
--- a/cmd/podman/images/push.go
+++ b/cmd/podman/images/push.go
@@ -77,6 +77,7 @@ func pushFlags(flags *pflag.FlagSet) {
flags.BoolVar(&pushOptions.Compress, "compress", false, "Compress tarball image layers when pushing to a directory using the 'dir' transport. (default is same compression type as source)")
flags.StringVar(&pushOptions.CredentialsCLI, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.StringVar(&pushOptions.DigestFile, "digestfile", "", "Write the digest of the pushed image to the specified file")
+ flags.Bool("disable-content-trust", false, "This is a Docker specific option and is a NOOP")
flags.StringVarP(&pushOptions.Format, "format", "f", "", "Manifest type (oci, v2s1, or v2s2) to use when pushing an image using the 'dir' transport (default is manifest type of source)")
flags.BoolVarP(&pushOptions.Quiet, "quiet", "q", false, "Suppress output information when pushing images")
flags.BoolVar(&pushOptions.RemoveSignatures, "remove-signatures", false, "Discard any pre-existing signatures in the image")
diff --git a/cmd/podman/parse/json.go b/cmd/podman/parse/json.go
new file mode 100644
index 000000000..95a6633b8
--- /dev/null
+++ b/cmd/podman/parse/json.go
@@ -0,0 +1,9 @@
+package parse
+
+import "regexp"
+
+var jsonFormatRegex = regexp.MustCompile(`^(\s*json\s*|\s*{{\s*json\s*\.\s*}}\s*)$`)
+
+func MatchesJSONFormat(s string) bool {
+ return jsonFormatRegex.Match([]byte(s))
+}
diff --git a/cmd/podman/parse/json_test.go b/cmd/podman/parse/json_test.go
new file mode 100644
index 000000000..5cad185fd
--- /dev/null
+++ b/cmd/podman/parse/json_test.go
@@ -0,0 +1,30 @@
+package parse
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestMatchesJSONFormat(t *testing.T) {
+ tests := []struct {
+ input string
+ expected bool
+ }{
+ {"json", true},
+ {" json", true},
+ {"json ", true},
+ {" json ", true},
+ {"{{json .}}", true},
+ {"{{ json .}}", true},
+ {"{{json . }}", true},
+ {" {{ json . }} ", true},
+ {"{{json }}", false},
+ {"{{json .", false},
+ {"json . }}", false},
+ }
+
+ for _, tt := range tests {
+ assert.Equal(t, tt.expected, MatchesJSONFormat(tt.input))
+ }
+}
diff --git a/cmd/podman/pods/create.go b/cmd/podman/pods/create.go
index 0e2a085fd..d57a2f2f7 100644
--- a/cmd/podman/pods/create.go
+++ b/cmd/podman/pods/create.go
@@ -149,6 +149,8 @@ func create(cmd *cobra.Command, args []string) error {
}
}
+ createOptions.CreateCommand = os.Args
+
if replace {
if err := replacePod(createOptions.Name); err != nil {
return err
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index 7c54da91a..b2c9f9c2c 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -77,6 +77,7 @@ func init() {
cobra.OnInitialize(
loggingHook,
syslogHook,
+ earlyInitHook,
)
rootFlags(rootCmd, registry.PodmanConfig())
diff --git a/cmd/podman/system/info.go b/cmd/podman/system/info.go
index 699f7b55c..410b3455a 100644
--- a/cmd/podman/system/info.go
+++ b/cmd/podman/system/info.go
@@ -5,6 +5,7 @@ import (
"os"
"text/template"
+ "github.com/containers/libpod/v2/cmd/podman/parse"
"github.com/containers/libpod/v2/cmd/podman/registry"
"github.com/containers/libpod/v2/cmd/podman/validate"
"github.com/containers/libpod/v2/pkg/domain/entities"
@@ -68,7 +69,7 @@ func info(cmd *cobra.Command, args []string) error {
return err
}
- if inFormat == "json" {
+ if parse.MatchesJSONFormat(inFormat) {
b, err := json.MarshalIndent(info, "", " ")
if err != nil {
return err
diff --git a/cmd/podman/system/version.go b/cmd/podman/system/version.go
index 5aac34699..9b70bc9f4 100644
--- a/cmd/podman/system/version.go
+++ b/cmd/podman/system/version.go
@@ -8,6 +8,7 @@ import (
"text/tabwriter"
"github.com/containers/buildah/pkg/formats"
+ "github.com/containers/libpod/v2/cmd/podman/parse"
"github.com/containers/libpod/v2/cmd/podman/registry"
"github.com/containers/libpod/v2/cmd/podman/validate"
"github.com/containers/libpod/v2/libpod/define"
@@ -41,7 +42,7 @@ func version(cmd *cobra.Command, args []string) error {
}
switch {
- case versionFormat == "json", versionFormat == "{{ json .}}":
+ case parse.MatchesJSONFormat(versionFormat):
s, err := json.MarshalToString(versions)
if err != nil {
return err