Add support for adding devices to container

Also add --quiet option to kpod create/run since
this will help with writing tests.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #140
Approved by: TomSweeneyRedHat

4 files changed, 48 insertions, 7 deletions

diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index 99685107b..57e2ff717 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -363,6 +363,10 @@ var createFlags = []cli.Flag{
 		Usage: "Publish all exposed ports to random ports on the host interface",
 	},
 	cli.BoolFlag{
+		Name:  "quiet, q",
+		Usage: "Suppress output information when pulling images",
+	},
+	cli.BoolFlag{
 		Name:  "read-only",
 		Usage: "Make containers root filesystem read-only",
 	},
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index f65bc49c6..79f08220d 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -3,6 +3,7 @@ package main
 import (
 	"encoding/json"
 	"fmt"
+	"io"
 	"os"
 	"strconv"
 	"strings"
@@ -14,7 +15,6 @@ import (
 	"github.com/projectatomic/libpod/libpod"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
-	pb "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
 )
 
 type mountType string
@@ -72,7 +72,7 @@ type createConfig struct {
 	CgroupParent       string // cgroup-parent
 	Command            []string
 	Detach             bool              // detach
-	Devices            []*pb.Device      // device
+	Devices            []string          // device
 	DNSOpt             []string          //dns-opt
 	DNSSearch          []string          //dns-search
 	DNSServers         []string          //dns
@@ -101,6 +101,7 @@ type createConfig struct {
 	Privileged         bool     //privileged
 	Publish            []string //publish
 	PublishAll         bool     //publish-all
+	Quiet              bool     //quiet
 	ReadOnlyRootfs     bool     //read-only
 	Resources          createResourceConfig
 	Rm                 bool //rm
@@ -167,8 +168,11 @@ func createCmd(c *cli.Context) error {
 	if createImage.LocalName == "" {
 		// The image wasnt found by the user input'd name or its fqname
 		// Pull the image
-		fmt.Printf("Trying to pull %s...", createImage.PullName)
-		createImage.Pull()
+		var writer io.Writer
+		if !createConfig.Quiet {
+			writer = os.Stdout
+		}
+		createImage.Pull(writer)
 	}
 
 	runtimeSpec, err := createConfigToOCISpec(createConfig)
@@ -419,6 +423,7 @@ func parseCreateOpts(c *cli.Context, runtime *libpod.Runtime) (*createConfig, er
 		CgroupParent:   c.String("cgroup-parent"),
 		Command:        command,
 		Detach:         c.Bool("detach"),
+		Devices:        c.StringSlice("device"),
 		DNSOpt:         c.StringSlice("dns-opt"),
 		DNSSearch:      c.StringSlice("dns-search"),
 		DNSServers:     c.StringSlice("dns"),
@@ -447,6 +452,7 @@ func parseCreateOpts(c *cli.Context, runtime *libpod.Runtime) (*createConfig, er
 		Privileged:     c.Bool("privileged"),
 		Publish:        c.StringSlice("publish"),
 		PublishAll:     c.Bool("publish-all"),
+		Quiet:          c.Bool("quiet"),
 		ReadOnlyRootfs: c.Bool("read-only"),
 		Resources: createResourceConfig{
 			BlkioWeight:       blkioWeight,
diff --git a/cmd/podman/run.go b/cmd/podman/run.go
index 6ba501c76..bc93459ad 100644
--- a/cmd/podman/run.go
+++ b/cmd/podman/run.go
@@ -2,6 +2,8 @@ package main
 
 import (
 	"fmt"
+	"io"
+	"os"
 	"sync"
 
 	"github.com/pkg/errors"
@@ -44,7 +46,11 @@ func runCmd(c *cli.Context) error {
 	if createImage.LocalName == "" {
 		// The image wasnt found by the user input'd name or its fqname
 		// Pull the image
-		createImage.Pull()
+		var writer io.Writer
+		if !createConfig.Quiet {
+			writer = os.Stdout
+		}
+		createImage.Pull(writer)
 	}
 
 	runtimeSpec, err := createConfigToOCISpec(createConfig)
diff --git a/cmd/podman/spec.go b/cmd/podman/spec.go
index b13556d93..550f74218 100644
--- a/cmd/podman/spec.go
+++ b/cmd/podman/spec.go
@@ -10,6 +10,7 @@ import (
 	"github.com/docker/docker/daemon/caps"
 	"github.com/docker/docker/pkg/mount"
 	"github.com/docker/go-units"
+	"github.com/opencontainers/runc/libcontainer/devices"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/opencontainers/selinux/go-selinux/label"
@@ -163,6 +164,25 @@ func setupCapabilities(config *createConfig, configSpec *spec.Spec) error {
 	return nil
 }
 
+func addDevice(g *generate.Generator, device string) error {
+	dev, err := devices.DeviceFromPath(device, "rwm")
+	if err != nil {
+		return errors.Wrapf(err, "%s is not a valid device", device)
+	}
+	linuxdev := spec.LinuxDevice{
+		Path:     dev.Path,
+		Type:     string(dev.Type),
+		Major:    dev.Major,
+		Minor:    dev.Minor,
+		FileMode: &dev.FileMode,
+		UID:      &dev.Uid,
+		GID:      &dev.Gid,
+	}
+	g.AddDevice(linuxdev)
+	g.AddLinuxResourcesDevice(true, string(dev.Type), &dev.Major, &dev.Minor, dev.Permissions)
+	return nil
+}
+
 // Parses information needed to create a container into an OCI runtime spec
 func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
 	g := generate.New()
@@ -233,6 +253,13 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
 		g.SetLinuxResourcesCPUMems(config.Resources.CPUsetMems)
 	}
 
+	// Devices
+	for _, device := range config.Devices {
+		if err := addDevice(&g, device); err != nil {
+			return nil, err
+		}
+	}
+
 	// SECURITY OPTS
 	g.SetProcessNoNewPrivileges(config.NoNewPrivileges)
 	g.SetProcessApparmorProfile(config.ApparmorProfile)
@@ -321,7 +348,6 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
 			Hooks: &configSpec.Hooks{},
 			//Annotations
 				Resources: &configSpec.LinuxResources{
-					Devices: config.GetDefaultDevices(),
 					BlockIO: &blkio,
 					//HugepageLimits:
 					Network: &configSpec.LinuxNetwork{
@@ -331,7 +357,6 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
 				},
 				//CgroupsPath:
 				//Namespaces: []LinuxNamespace
-				//Devices
 				// DefaultAction:
 				// Architectures
 				// Syscalls: