diff options
| author | Naveen <172697+naveensrinivasan@users.noreply.github.com> | 2022-04-02 16:29:37 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-02 16:29:37 -0500 |
| commit | 6375a85055b4472846445a37464851429edfa447 (patch) | |
| tree | a296f777fa928beaa40c6e9731d4df161d08d91e /pkg/specgen/generate/container.go | |
| parent | 9cacc18c951d4497b5979f96d829c86ca41f777f (diff) | |
| parent | d4394ea3688ad1942b8457f6df869f7c440d49e7 (diff) | |
| download | podman-6375a85055b4472846445a37464851429edfa447.tar.gz podman-6375a85055b4472846445a37464851429edfa447.tar.bz2 podman-6375a85055b4472846445a37464851429edfa447.zip | |
Merge branch 'containers:main' into naveen/feat/set-perms-actions
Diffstat (limited to 'pkg/specgen/generate/container.go')
| -rw-r--r-- | pkg/specgen/generate/container.go | 43 |
1 files changed, 35 insertions, 8 deletions
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go index 118d80e2c..b38b0e695 100644 --- a/pkg/specgen/generate/container.go +++ b/pkg/specgen/generate/container.go @@ -337,11 +337,11 @@ func FinishThrottleDevices(s *specgen.SpecGenerator) error { return nil } -// ConfigToSpec takes a completed container config and converts it back into a specgenerator for purposes of cloning an existing container -func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, containerID string) (*libpod.Container, error) { - c, err := rt.LookupContainer(containerID) +// ConfigToSpec takes a completed container config and converts it back into a specgenerator for purposes of cloning an exisiting container +func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, contaierID string) (*libpod.Container, *libpod.InfraInherit, error) { + c, err := rt.LookupContainer(contaierID) if err != nil { - return nil, err + return nil, nil, err } conf := c.Config() @@ -351,17 +351,22 @@ func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, containerID conf.Systemd = nil conf.Mounts = []string{} + if specg == nil { + specg = &specgen.SpecGenerator{} + } + specg.Pod = conf.Pod matching, err := json.Marshal(conf) if err != nil { - return nil, err + return nil, nil, err } err = json.Unmarshal(matching, specg) if err != nil { - return nil, err + return nil, nil, err } + conf.Systemd = tmpSystemd conf.Mounts = tmpMounts @@ -481,7 +486,29 @@ func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, containerID } } specg.OverlayVolumes = overlay - specg.Mounts = conf.Spec.Mounts + _, mounts := c.SortUserVolumes(c.Spec()) + specg.Mounts = mounts specg.HostDeviceList = conf.DeviceHostSrc - return c, nil + mapSecurityConfig(conf, specg) + + if c.IsInfra() { // if we are creating this spec for a pod's infra ctr, map the compatible options + spec, err := json.Marshal(specg) + if err != nil { + return nil, nil, err + } + infraInherit := &libpod.InfraInherit{} + err = json.Unmarshal(spec, infraInherit) + return c, infraInherit, err + } + // else just return the container + return c, nil, nil +} + +// mapSecurityConfig takes a libpod.ContainerSecurityConfig and converts it to a specgen.ContinerSecurityConfig +func mapSecurityConfig(c *libpod.ContainerConfig, s *specgen.SpecGenerator) { + s.Privileged = c.Privileged + s.SelinuxOpts = append(s.SelinuxOpts, c.LabelOpts...) + s.User = c.User + s.Groups = c.Groups + s.HostUsers = c.HostUsers } |