diff options
| author | Matthew Heon <matthew.heon@pm.me> | 2019-04-15 13:56:47 -0400 |
|---|---|---|
| committer | Matthew Heon <matthew.heon@pm.me> | 2019-05-01 10:16:23 -0400 |
| commit | 4540458a5e2809d2ecc2a1c6e67e9752529c1126 (patch) | |
| tree | 32eb0e0da33cec3a7997d7076127fa05b900ce8a /pkg/spec/spec.go | |
| parent | 869466eb25a41ab0e6daf9bc6ab951d7300d3f9d (diff) | |
| download | podman-4540458a5e2809d2ecc2a1c6e67e9752529c1126.tar.gz podman-4540458a5e2809d2ecc2a1c6e67e9752529c1126.tar.bz2 podman-4540458a5e2809d2ecc2a1c6e67e9752529c1126.zip | |
Remove non-config fields from CreateConfig
The goal here is to keep only the configuration directly used to
build the container in CreateConfig, and scrub temporary state
and helpers that we need to generate. We'll keep those internally
in MakeContainerConfig.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'pkg/spec/spec.go')
| -rw-r--r-- | pkg/spec/spec.go | 47 |
1 files changed, 23 insertions, 24 deletions
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index 4c839921c..5ffa6dc4c 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -89,11 +89,11 @@ func getAvailableGids() (int64, error) { } // CreateConfigToOCISpec parses information needed to create a container into an OCI runtime spec -func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //nolint +func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime) (*spec.Spec, []*libpod.ContainerNamedVolume, error) { //nolint cgroupPerm := "ro" g, err := generate.New("linux") if err != nil { - return nil, err + return nil, nil, err } // Remove the default /dev/shm mount to ensure we overwrite it g.RemoveMount("/dev/shm") @@ -139,7 +139,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli if isRootless { nGids, err := getAvailableGids() if err != nil { - return nil, err + return nil, nil, err } if nGids < 5 { // If we have no GID mappings, the gid=5 default option would fail, so drop it. @@ -214,7 +214,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli if hostname == "" && (config.NetMode.IsHost() || config.UtsMode.IsHost()) { hostname, err = os.Hostname() if err != nil { - return nil, errors.Wrap(err, "unable to retrieve hostname") + return nil, nil, errors.Wrap(err, "unable to retrieve hostname") } } g.RemoveHostname() @@ -304,13 +304,13 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli // already adding them all. if !rootless.IsRootless() { if err := config.AddPrivilegedDevices(&g); err != nil { - return nil, err + return nil, nil, err } } } else { for _, devicePath := range config.Devices { if err := devicesFromPath(&g, devicePath); err != nil { - return nil, err + return nil, nil, err } } } @@ -340,7 +340,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli spliti := strings.SplitN(i, ":", 2) if len(spliti) > 1 { if _, _, err := mount.ParseTmpfsOptions(spliti[1]); err != nil { - return nil, err + return nil, nil, err } options = strings.Split(spliti[1], ",") } @@ -389,27 +389,27 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli } if err := addRlimits(config, &g); err != nil { - return nil, err + return nil, nil, err } if err := addPidNS(config, &g); err != nil { - return nil, err + return nil, nil, err } if err := addUserNS(config, &g); err != nil { - return nil, err + return nil, nil, err } if err := addNetNS(config, &g); err != nil { - return nil, err + return nil, nil, err } if err := addUTSNS(config, &g); err != nil { - return nil, err + return nil, nil, err } if err := addIpcNS(config, &g); err != nil { - return nil, err + return nil, nil, err } configSpec := g.Config @@ -417,7 +417,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli // NOTE: Must happen before SECCOMP if !config.Privileged { if err := setupCapabilities(config, configSpec); err != nil { - return nil, err + return nil, nil, err } } else { g.SetupPrivileged(true) @@ -428,7 +428,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli if config.SeccompProfilePath != "unconfined" { seccompConfig, err := getSeccompConfig(config, configSpec) if err != nil { - return nil, err + return nil, nil, err } configSpec.Linux.Seccomp = seccompConfig } @@ -439,13 +439,13 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli } // BIND MOUNTS - if err := config.GetVolumesFrom(); err != nil { - return nil, errors.Wrap(err, "error getting volume mounts from --volumes-from flag") + if err := config.GetVolumesFrom(runtime); err != nil { + return nil, nil, errors.Wrap(err, "error getting volume mounts from --volumes-from flag") } volumeMounts, err := config.GetVolumeMounts(configSpec.Mounts) if err != nil { - return nil, errors.Wrapf(err, "error getting volume mounts") + return nil, nil, errors.Wrapf(err, "error getting volume mounts") } configSpec.Mounts = supercedeUserMounts(volumeMounts, configSpec.Mounts) @@ -455,12 +455,11 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli // Split normal mounts and named volumes newMounts, namedVolumes := splitNamedVolumes(configSpec.Mounts) configSpec.Mounts = newMounts - config.NamedVolumes = namedVolumes // BLOCK IO blkio, err := config.CreateBlockIO() if err != nil { - return nil, errors.Wrapf(err, "error creating block io") + return nil, nil, errors.Wrapf(err, "error creating block io") } if blkio != nil { configSpec.Linux.Resources.BlockIO = blkio @@ -469,7 +468,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli if rootless.IsRootless() { if addedResources { - return nil, errors.New("invalid configuration, cannot set resources with rootless containers") + return nil, nil, errors.New("invalid configuration, cannot set resources with rootless containers") } configSpec.Linux.Resources = &spec.LinuxResources{} } @@ -477,7 +476,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli // Make sure that the bind mounts keep options like nosuid, noexec, nodev. mounts, err := pmount.GetMounts() if err != nil { - return nil, err + return nil, nil, err } for i := range configSpec.Mounts { m := &configSpec.Mounts[i] @@ -493,7 +492,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli } mount, err := findMount(m.Source, mounts) if err != nil { - return nil, err + return nil, nil, err } if mount == nil { continue @@ -511,7 +510,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli } } - return configSpec, nil + return configSpec, namedVolumes, nil } func findMount(target string, mounts []*pmount.Info) (*pmount.Info, error) { |