Add podman image mount

There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
author: Daniel J Walsh <dwalsh@redhat.com> 2020-07-28 10:25:14 -0400
committer: Daniel J Walsh <dwalsh@redhat.com> 2020-07-28 10:27:44 -0400
commit: 6979d140f1c531fd32e885542be27407105ebf90 (patch)
tree: e2d8c286c22eb5fe4065fa957fe043b546ed8c52 /cmd
parent: 288ebec6e737c105fa0ef43412de4e0a8997feb9 (diff)
download: podman-6979d140f1c531fd32e885542be27407105ebf90.tar.gz
podman-6979d140f1c531fd32e885542be27407105ebf90.tar.bz2
podman-6979d140f1c531fd32e885542be27407105ebf90.zip
2 files changed, 210 insertions, 0 deletions
diff --git a/cmd/podman/images/mount.go b/cmd/podman/images/mount.go
new file mode 100644
index 000000000..fac06e324
--- /dev/null
+++ b/cmd/podman/images/mount.go
@@ -0,0 +1,139 @@
+package images
+
+import (
+	"fmt"
+	"os"
+	"text/tabwriter"
+	"text/template"
+
+	"github.com/containers/podman/v2/cmd/podman/registry"
+	"github.com/containers/podman/v2/cmd/podman/utils"
+	"github.com/containers/podman/v2/pkg/domain/entities"
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+var (
+	mountDescription = `podman image mount
+    Lists all mounted images mount points if no images is specified
+
+  podman image mount IMAGE-NAME-OR-ID
+    Mounts the specified image and prints the mountpoint
+`
+
+	mountCommand = &cobra.Command{
+		Use:   "mount [flags] [IMAGE...]",
+		Short: "Mount an images's root filesystem",
+		Long:  mountDescription,
+		RunE:  mount,
+		Example: `podman image mount imgID
+  podman image mount imgID1 imgID2 imgID3
+  podman image mount
+  podman image mount --all`,
+		Annotations: map[string]string{
+			registry.UnshareNSRequired: "",
+			registry.ParentNSRequired:  "",
+		},
+	}
+)
+
+var (
+	mountOpts entities.ImageMountOptions
+)
+
+func mountFlags(flags *pflag.FlagSet) {
+	flags.BoolVarP(&mountOpts.All, "all", "a", false, "Mount all images")
+	flags.StringVar(&mountOpts.Format, "format", "", "Print the mounted images in specified format (json)")
+}
+
+func init() {
+	registry.Commands = append(registry.Commands, registry.CliCommand{
+		Mode:    []entities.EngineMode{entities.ABIMode},
+		Command: mountCommand,
+		Parent:  imageCmd,
+	})
+	mountFlags(mountCommand.Flags())
+}
+
+func mount(_ *cobra.Command, args []string) error {
+	var (
+		errs utils.OutputErrors
+	)
+	if len(args) > 0 && mountOpts.All {
+		return errors.New("when using the --all switch, you may not pass any image names or IDs")
+	}
+	reports, err := registry.ImageEngine().Mount(registry.GetContext(), args, mountOpts)
+	if err != nil {
+		return err
+	}
+	if len(args) > 0 || mountOpts.All {
+		for _, r := range reports {
+			if r.Err == nil {
+				fmt.Println(r.Path)
+				continue
+			}
+			errs = append(errs, r.Err)
+		}
+		return errs.PrintErrors()
+	}
+
+	switch mountOpts.Format {
+	case "json":
+		return printJSON(reports)
+	case "":
+		// do nothing
+	default:
+		return errors.Errorf("unknown --format argument: %s", mountOpts.Format)
+	}
+
+	mrs := make([]mountReporter, 0, len(reports))
+	for _, r := range reports {
+		mrs = append(mrs, mountReporter{r})
+	}
+	row := "{{.ID}} {{.Path}}\n"
+	format := "{{range . }}" + row + "{{end}}"
+	tmpl, err := template.New("mounts").Parse(format)
+	if err != nil {
+		return err
+	}
+	w := tabwriter.NewWriter(os.Stdout, 8, 2, 2, ' ', 0)
+	defer w.Flush()
+	return tmpl.Execute(w, mrs)
+}
+
+func printJSON(reports []*entities.ImageMountReport) error {
+	type jreport struct {
+		ID           string `json:"id"`
+		Names        []string
+		Repositories []string
+		Mountpoint   string `json:"mountpoint"`
+	}
+	jreports := make([]jreport, 0, len(reports))
+
+	for _, r := range reports {
+		jreports = append(jreports, jreport{
+			ID:           r.Id,
+			Names:        []string{r.Name},
+			Repositories: r.Repositories,
+			Mountpoint:   r.Path,
+		})
+	}
+	b, err := json.MarshalIndent(jreports, "", " ")
+	if err != nil {
+		return err
+	}
+	fmt.Println(string(b))
+	return nil
+}
+
+type mountReporter struct {
+	*entities.ImageMountReport
+}
+
+func (m mountReporter) ID() string {
+	if len(m.Repositories) > 0 {
+		return m.Repositories[0]
+	}
+	return m.Id
+}
diff --git a/cmd/podman/images/unmount.go b/cmd/podman/images/unmount.go
new file mode 100644
index 000000000..f7f6cf8e5
--- /dev/null
+++ b/cmd/podman/images/unmount.go
@@ -0,0 +1,71 @@
+package images
+
+import (
+	"fmt"
+
+	"github.com/containers/podman/v2/cmd/podman/registry"
+	"github.com/containers/podman/v2/cmd/podman/utils"
+	"github.com/containers/podman/v2/pkg/domain/entities"
+	"github.com/pkg/errors"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+var (
+	description = `Image storage increments a mount counter each time an image is mounted.
+
+  When an image is unmounted, the mount counter is decremented. The image's root filesystem is physically unmounted only when the mount counter reaches zero indicating no other processes are using the mount.
+
+  An unmount can be forced with the --force flag.
+`
+	unmountCommand = &cobra.Command{
+		Use:     "unmount [flags] IMAGE [IMAGE...]",
+		Aliases: []string{"umount"},
+		Short:   "Unmount an image's root filesystem",
+		Long:    description,
+		RunE:    unmount,
+		Example: `podman unmount imgID
+  podman unmount imgID1 imgID2 imgID3
+  podman unmount --all`,
+	}
+)
+
+var (
+	unmountOpts entities.ImageUnmountOptions
+)
+
+func unmountFlags(flags *pflag.FlagSet) {
+	flags.BoolVarP(&unmountOpts.All, "all", "a", false, "Unmount all of the currently mounted images")
+	flags.BoolVarP(&unmountOpts.Force, "force", "f", false, "Force the complete unmount of the specified mounted images")
+}
+
+func init() {
+	registry.Commands = append(registry.Commands, registry.CliCommand{
+		Mode:    []entities.EngineMode{entities.ABIMode},
+		Parent:  imageCmd,
+		Command: unmountCommand,
+	})
+	unmountFlags(unmountCommand.Flags())
+}
+
+func unmount(cmd *cobra.Command, args []string) error {
+	var errs utils.OutputErrors
+	if len(args) < 1 && !unmountOpts.All {
+		return errors.New("image name or ID must be specified")
+	}
+	if len(args) > 0 && unmountOpts.All {
+		return errors.New("when using the --all switch, you may not pass any image names or IDs")
+	}
+	reports, err := registry.ImageEngine().Unmount(registry.GetContext(), args, unmountOpts)
+	if err != nil {
+		return err
+	}
+	for _, r := range reports {
+		if r.Err == nil {
+			fmt.Println(r.Id)
+		} else {
+			errs = append(errs, r.Err)
+		}
+	}
+	return errs.PrintErrors()
+}
author	Daniel J Walsh <dwalsh@redhat.com>	2020-07-28 10:25:14 -0400
committer	Daniel J Walsh <dwalsh@redhat.com>	2020-07-28 10:27:44 -0400
commit	6979d140f1c531fd32e885542be27407105ebf90 (patch)
tree	e2d8c286c22eb5fe4065fa957fe043b546ed8c52 /cmd
parent	288ebec6e737c105fa0ef43412de4e0a8997feb9 (diff)
download	podman-6979d140f1c531fd32e885542be27407105ebf90.tar.gz podman-6979d140f1c531fd32e885542be27407105ebf90.tar.bz2 podman-6979d140f1c531fd32e885542be27407105ebf90.zip