aboutsummaryrefslogtreecommitdiff
path: root/pkg/spec
diff options
context:
space:
mode:
authorMatthew Heon <matthew.heon@pm.me>2019-04-15 13:56:47 -0400
committerMatthew Heon <matthew.heon@pm.me>2019-05-01 10:16:23 -0400
commit4540458a5e2809d2ecc2a1c6e67e9752529c1126 (patch)
tree32eb0e0da33cec3a7997d7076127fa05b900ce8a /pkg/spec
parent869466eb25a41ab0e6daf9bc6ab951d7300d3f9d (diff)
downloadpodman-4540458a5e2809d2ecc2a1c6e67e9752529c1126.tar.gz
podman-4540458a5e2809d2ecc2a1c6e67e9752529c1126.tar.bz2
podman-4540458a5e2809d2ecc2a1c6e67e9752529c1126.zip
Remove non-config fields from CreateConfig
The goal here is to keep only the configuration directly used to build the container in CreateConfig, and scrub temporary state and helpers that we need to generate. We'll keep those internally in MakeContainerConfig. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'pkg/spec')
-rw-r--r--pkg/spec/containerconfig.go4
-rw-r--r--pkg/spec/createconfig.go26
-rw-r--r--pkg/spec/spec.go47
3 files changed, 37 insertions, 40 deletions
diff --git a/pkg/spec/containerconfig.go b/pkg/spec/containerconfig.go
index 62108c012..775a2042d 100644
--- a/pkg/spec/containerconfig.go
+++ b/pkg/spec/containerconfig.go
@@ -8,12 +8,12 @@ import (
// MakeContainerConfig generates all configuration necessary to start a
// container with libpod from a completed CreateConfig struct.
func (config *CreateConfig) MakeContainerConfig(runtime *libpod.Runtime, pod *libpod.Pod) (*spec.Spec, []libpod.CtrCreateOption, error) {
- runtimeSpec, err := config.createConfigToOCISpec()
+ runtimeSpec, namedVolumes, err := config.createConfigToOCISpec(runtime)
if err != nil {
return nil, nil, err
}
- options, err := config.getContainerCreateOptions(runtime, pod)
+ options, err := config.getContainerCreateOptions(runtime, pod, namedVolumes)
if err != nil {
return nil, nil, err
}
diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go
index 76ce8032c..d2ae99de6 100644
--- a/pkg/spec/createconfig.go
+++ b/pkg/spec/createconfig.go
@@ -65,7 +65,6 @@ type CreateResourceConfig struct {
// CreateConfig is a pre OCI spec structure. It represents user input from varlink or the CLI
type CreateConfig struct {
- Runtime *libpod.Runtime
Annotations map[string]string
Args []string
CapAdd []string // cap-add
@@ -129,7 +128,6 @@ type CreateConfig struct {
Mounts []spec.Mount //mounts
Volumes []string //volume
VolumesFrom []string
- NamedVolumes []*libpod.ContainerNamedVolume // Filled in by CreateConfigToOCISpec
WorkDir string //workdir
LabelOpts []string //SecurityOpts
NoNewPrivs bool //SecurityOpts
@@ -268,7 +266,7 @@ func (c *CreateConfig) GetVolumeMounts(specMounts []spec.Mount) ([]spec.Mount, e
// GetVolumesFrom reads the create-config artifact of the container to get volumes from
// and adds it to c.Volumes of the current container.
-func (c *CreateConfig) GetVolumesFrom() error {
+func (c *CreateConfig) GetVolumesFrom(runtime *libpod.Runtime) error {
if os.Geteuid() != 0 {
return nil
}
@@ -279,7 +277,7 @@ func (c *CreateConfig) GetVolumesFrom() error {
if len(splitVol) == 2 {
options = splitVol[1]
}
- ctr, err := c.Runtime.LookupContainer(splitVol[0])
+ ctr, err := runtime.LookupContainer(splitVol[0])
if err != nil {
return errors.Wrapf(err, "error looking up container %q", splitVol[0])
}
@@ -364,8 +362,8 @@ func (c *CreateConfig) GetTmpfsMounts() []spec.Mount {
return m
}
-func (c *CreateConfig) createExitCommand() ([]string, error) {
- config, err := c.Runtime.GetConfig()
+func (c *CreateConfig) createExitCommand(runtime *libpod.Runtime) ([]string, error) {
+ config, err := runtime.GetConfig()
if err != nil {
return nil, err
}
@@ -397,7 +395,7 @@ func (c *CreateConfig) createExitCommand() ([]string, error) {
}
// GetContainerCreateOptions takes a CreateConfig and returns a slice of CtrCreateOptions
-func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *libpod.Pod) ([]libpod.CtrCreateOption, error) {
+func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *libpod.Pod, namedVolumes []*libpod.ContainerNamedVolume) ([]libpod.CtrCreateOption, error) {
var options []libpod.CtrCreateOption
var portBindings []ocicni.PortMapping
var err error
@@ -448,8 +446,8 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
options = append(options, libpod.WithUserVolumes(volumes))
}
- if len(c.NamedVolumes) != 0 {
- options = append(options, libpod.WithNamedVolumes(c.NamedVolumes))
+ if len(namedVolumes) != 0 {
+ options = append(options, libpod.WithNamedVolumes(namedVolumes))
}
if len(c.Command) != 0 {
@@ -485,7 +483,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
return nil, err
}
} else if c.NetMode.IsContainer() {
- connectedCtr, err := c.Runtime.LookupContainer(c.NetMode.Container())
+ connectedCtr, err := runtime.LookupContainer(c.NetMode.Container())
if err != nil {
return nil, errors.Wrapf(err, "container %q not found", c.NetMode.Container())
}
@@ -496,7 +494,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
}
if c.PidMode.IsContainer() {
- connectedCtr, err := c.Runtime.LookupContainer(c.PidMode.Container())
+ connectedCtr, err := runtime.LookupContainer(c.PidMode.Container())
if err != nil {
return nil, errors.Wrapf(err, "container %q not found", c.PidMode.Container())
}
@@ -505,7 +503,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
}
if c.IpcMode.IsContainer() {
- connectedCtr, err := c.Runtime.LookupContainer(c.IpcMode.Container())
+ connectedCtr, err := runtime.LookupContainer(c.IpcMode.Container())
if err != nil {
return nil, errors.Wrapf(err, "container %q not found", c.IpcMode.Container())
}
@@ -517,7 +515,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
options = append(options, libpod.WithUTSNSFromPod(pod))
}
if c.UtsMode.IsContainer() {
- connectedCtr, err := c.Runtime.LookupContainer(c.UtsMode.Container())
+ connectedCtr, err := runtime.LookupContainer(c.UtsMode.Container())
if err != nil {
return nil, errors.Wrapf(err, "container %q not found", c.UtsMode.Container())
}
@@ -593,7 +591,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l
}
// Always use a cleanup process to clean up Podman after termination
- exitCmd, err := c.createExitCommand()
+ exitCmd, err := c.createExitCommand(runtime)
if err != nil {
return nil, err
}
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index 4c839921c..5ffa6dc4c 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -89,11 +89,11 @@ func getAvailableGids() (int64, error) {
}
// CreateConfigToOCISpec parses information needed to create a container into an OCI runtime spec
-func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //nolint
+func (config *CreateConfig) createConfigToOCISpec(runtime *libpod.Runtime) (*spec.Spec, []*libpod.ContainerNamedVolume, error) { //nolint
cgroupPerm := "ro"
g, err := generate.New("linux")
if err != nil {
- return nil, err
+ return nil, nil, err
}
// Remove the default /dev/shm mount to ensure we overwrite it
g.RemoveMount("/dev/shm")
@@ -139,7 +139,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
if isRootless {
nGids, err := getAvailableGids()
if err != nil {
- return nil, err
+ return nil, nil, err
}
if nGids < 5 {
// If we have no GID mappings, the gid=5 default option would fail, so drop it.
@@ -214,7 +214,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
if hostname == "" && (config.NetMode.IsHost() || config.UtsMode.IsHost()) {
hostname, err = os.Hostname()
if err != nil {
- return nil, errors.Wrap(err, "unable to retrieve hostname")
+ return nil, nil, errors.Wrap(err, "unable to retrieve hostname")
}
}
g.RemoveHostname()
@@ -304,13 +304,13 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
// already adding them all.
if !rootless.IsRootless() {
if err := config.AddPrivilegedDevices(&g); err != nil {
- return nil, err
+ return nil, nil, err
}
}
} else {
for _, devicePath := range config.Devices {
if err := devicesFromPath(&g, devicePath); err != nil {
- return nil, err
+ return nil, nil, err
}
}
}
@@ -340,7 +340,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
spliti := strings.SplitN(i, ":", 2)
if len(spliti) > 1 {
if _, _, err := mount.ParseTmpfsOptions(spliti[1]); err != nil {
- return nil, err
+ return nil, nil, err
}
options = strings.Split(spliti[1], ",")
}
@@ -389,27 +389,27 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
}
if err := addRlimits(config, &g); err != nil {
- return nil, err
+ return nil, nil, err
}
if err := addPidNS(config, &g); err != nil {
- return nil, err
+ return nil, nil, err
}
if err := addUserNS(config, &g); err != nil {
- return nil, err
+ return nil, nil, err
}
if err := addNetNS(config, &g); err != nil {
- return nil, err
+ return nil, nil, err
}
if err := addUTSNS(config, &g); err != nil {
- return nil, err
+ return nil, nil, err
}
if err := addIpcNS(config, &g); err != nil {
- return nil, err
+ return nil, nil, err
}
configSpec := g.Config
@@ -417,7 +417,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
// NOTE: Must happen before SECCOMP
if !config.Privileged {
if err := setupCapabilities(config, configSpec); err != nil {
- return nil, err
+ return nil, nil, err
}
} else {
g.SetupPrivileged(true)
@@ -428,7 +428,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
if config.SeccompProfilePath != "unconfined" {
seccompConfig, err := getSeccompConfig(config, configSpec)
if err != nil {
- return nil, err
+ return nil, nil, err
}
configSpec.Linux.Seccomp = seccompConfig
}
@@ -439,13 +439,13 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
}
// BIND MOUNTS
- if err := config.GetVolumesFrom(); err != nil {
- return nil, errors.Wrap(err, "error getting volume mounts from --volumes-from flag")
+ if err := config.GetVolumesFrom(runtime); err != nil {
+ return nil, nil, errors.Wrap(err, "error getting volume mounts from --volumes-from flag")
}
volumeMounts, err := config.GetVolumeMounts(configSpec.Mounts)
if err != nil {
- return nil, errors.Wrapf(err, "error getting volume mounts")
+ return nil, nil, errors.Wrapf(err, "error getting volume mounts")
}
configSpec.Mounts = supercedeUserMounts(volumeMounts, configSpec.Mounts)
@@ -455,12 +455,11 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
// Split normal mounts and named volumes
newMounts, namedVolumes := splitNamedVolumes(configSpec.Mounts)
configSpec.Mounts = newMounts
- config.NamedVolumes = namedVolumes
// BLOCK IO
blkio, err := config.CreateBlockIO()
if err != nil {
- return nil, errors.Wrapf(err, "error creating block io")
+ return nil, nil, errors.Wrapf(err, "error creating block io")
}
if blkio != nil {
configSpec.Linux.Resources.BlockIO = blkio
@@ -469,7 +468,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
if rootless.IsRootless() {
if addedResources {
- return nil, errors.New("invalid configuration, cannot set resources with rootless containers")
+ return nil, nil, errors.New("invalid configuration, cannot set resources with rootless containers")
}
configSpec.Linux.Resources = &spec.LinuxResources{}
}
@@ -477,7 +476,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
// Make sure that the bind mounts keep options like nosuid, noexec, nodev.
mounts, err := pmount.GetMounts()
if err != nil {
- return nil, err
+ return nil, nil, err
}
for i := range configSpec.Mounts {
m := &configSpec.Mounts[i]
@@ -493,7 +492,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
}
mount, err := findMount(m.Source, mounts)
if err != nil {
- return nil, err
+ return nil, nil, err
}
if mount == nil {
continue
@@ -511,7 +510,7 @@ func (config *CreateConfig) createConfigToOCISpec() (*spec.Spec, error) { //noli
}
}
- return configSpec, nil
+ return configSpec, namedVolumes, nil
}
func findMount(target string, mounts []*pmount.Info) (*pmount.Info, error) {