diff options
author | Valentin Rothberg <rothberg@redhat.com> | 2021-04-22 08:01:12 +0200 |
---|---|---|
committer | Valentin Rothberg <rothberg@redhat.com> | 2021-05-05 11:30:12 +0200 |
commit | 0f7d54b0260c1be992ee3b9cee359ef3a9e8bd21 (patch) | |
tree | 192e52054de2abf0c92d83ecdbc71d498c2ec947 /pkg/specgen | |
parent | 8eefca5a257121b177562742c972e39e1686140d (diff) | |
download | podman-0f7d54b0260c1be992ee3b9cee359ef3a9e8bd21.tar.gz podman-0f7d54b0260c1be992ee3b9cee359ef3a9e8bd21.tar.bz2 podman-0f7d54b0260c1be992ee3b9cee359ef3a9e8bd21.zip |
migrate Podman to containers/common/libimage
Migrate the Podman code base over to `common/libimage` which replaces
`libpod/image` and a lot of glue code entirely.
Note that I tried to leave bread crumbs for changed tests.
Miscellaneous changes:
* Some errors yield different messages which required to alter some
tests.
* I fixed some pre-existing issues in the code. Others were marked as
`//TODO`s to prevent the PR from exploding.
* The `NamesHistory` of an image is returned as is from the storage.
Previously, we did some filtering which I think is undesirable.
Instead we should return the data as stored in the storage.
* Touched handlers use the ABI interfaces where possible.
* Local image resolution: previously Podman would match "foo" on
"myfoo". This behaviour has been changed and Podman will now
only match on repository boundaries such that "foo" would match
"my/foo" but not "myfoo". I consider the old behaviour to be a
bug, at the very least an exotic corner case.
* Futhermore, "foo:none" does *not* resolve to a local image "foo"
without tag anymore. It's a hill I am (almost) willing to die on.
* `image prune` prints the IDs of pruned images. Previously, in some
cases, the names were printed instead. The API clearly states ID,
so we should stick to it.
* Compat endpoint image removal with _force_ deletes the entire not
only the specified tag.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Diffstat (limited to 'pkg/specgen')
-rw-r--r-- | pkg/specgen/config_unsupported.go | 4 | ||||
-rw-r--r-- | pkg/specgen/generate/config_linux_cgo.go | 4 | ||||
-rw-r--r-- | pkg/specgen/generate/config_linux_nocgo.go | 4 | ||||
-rw-r--r-- | pkg/specgen/generate/container.go | 93 | ||||
-rw-r--r-- | pkg/specgen/generate/container_create.go | 43 | ||||
-rw-r--r-- | pkg/specgen/generate/kube/kube.go | 6 | ||||
-rw-r--r-- | pkg/specgen/generate/namespaces.go | 8 | ||||
-rw-r--r-- | pkg/specgen/generate/oci.go | 22 | ||||
-rw-r--r-- | pkg/specgen/generate/ports.go | 14 | ||||
-rw-r--r-- | pkg/specgen/generate/security.go | 4 | ||||
-rw-r--r-- | pkg/specgen/generate/storage.go | 8 |
11 files changed, 70 insertions, 140 deletions
diff --git a/pkg/specgen/config_unsupported.go b/pkg/specgen/config_unsupported.go index 3d89e49f8..70a60ac47 100644 --- a/pkg/specgen/config_unsupported.go +++ b/pkg/specgen/config_unsupported.go @@ -3,11 +3,11 @@ package specgen import ( - "github.com/containers/podman/v3/libpod/image" + "github.com/containers/common/libimage" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" ) -func (s *SpecGenerator) getSeccompConfig(configSpec *spec.Spec, img *image.Image) (*spec.LinuxSeccomp, error) { +func (s *SpecGenerator) getSeccompConfig(configSpec *spec.Spec, img *libimage.Image) (*spec.LinuxSeccomp, error) { return nil, errors.New("function not supported on non-linux OS's") } diff --git a/pkg/specgen/generate/config_linux_cgo.go b/pkg/specgen/generate/config_linux_cgo.go index 41f03d5b6..6ffbf69c1 100644 --- a/pkg/specgen/generate/config_linux_cgo.go +++ b/pkg/specgen/generate/config_linux_cgo.go @@ -6,8 +6,8 @@ import ( "context" "io/ioutil" + "github.com/containers/common/libimage" goSeccomp "github.com/containers/common/pkg/seccomp" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/seccomp" "github.com/containers/podman/v3/pkg/specgen" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -15,7 +15,7 @@ import ( "github.com/sirupsen/logrus" ) -func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *image.Image) (*spec.LinuxSeccomp, error) { +func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *libimage.Image) (*spec.LinuxSeccomp, error) { var seccompConfig *spec.LinuxSeccomp var err error scp, err := seccomp.LookupPolicy(s.SeccompPolicy) diff --git a/pkg/specgen/generate/config_linux_nocgo.go b/pkg/specgen/generate/config_linux_nocgo.go index 0867988b6..4a1880b74 100644 --- a/pkg/specgen/generate/config_linux_nocgo.go +++ b/pkg/specgen/generate/config_linux_nocgo.go @@ -5,11 +5,11 @@ package generate import ( "errors" - "github.com/containers/podman/v3/libpod/image" + "github.com/containers/common/libimage" "github.com/containers/podman/v3/pkg/specgen" spec "github.com/opencontainers/runtime-spec/specs-go" ) -func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *image.Image) (*spec.LinuxSeccomp, error) { +func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *libimage.Image) (*spec.LinuxSeccomp, error) { return nil, errors.New("not implemented") } diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go index 3d20ed8ff..d00e51e82 100644 --- a/pkg/specgen/generate/container.go +++ b/pkg/specgen/generate/container.go @@ -5,90 +5,45 @@ import ( "os" "strings" - "github.com/containers/image/v5/manifest" + "github.com/containers/common/libimage" "github.com/containers/podman/v3/libpod" - "github.com/containers/podman/v3/libpod/image" ann "github.com/containers/podman/v3/pkg/annotations" envLib "github.com/containers/podman/v3/pkg/env" "github.com/containers/podman/v3/pkg/signal" "github.com/containers/podman/v3/pkg/specgen" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" - "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) // Fill any missing parts of the spec generator (e.g. from the image). // Returns a set of warnings or any fatal error that occurred. func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerator) ([]string, error) { - var ( - newImage *image.Image - err error - ) - // Only add image configuration if we have an image + var newImage *libimage.Image + var inspectData *libimage.ImageData + var err error if s.Image != "" { - newImage, err = r.ImageRuntime().NewFromLocal(s.Image) + newImage, _, err = r.LibimageRuntime().LookupImage(s.Image, nil) if err != nil { return nil, err } - _, mediaType, err := newImage.Manifest(ctx) + inspectData, err = newImage.Inspect(ctx, false) if err != nil { - if errors.Cause(err) != image.ErrImageIsBareList { - return nil, err - } - // if err is not runnable image - // use the local store image with repo@digest matches with the list, if exists - manifestByte, manifestType, err := newImage.GetManifest(ctx, nil) - if err != nil { - return nil, err - } - list, err := manifest.ListFromBlob(manifestByte, manifestType) - if err != nil { - return nil, err - } - images, err := r.ImageRuntime().GetImages() - if err != nil { - return nil, err - } - findLocal := false - listDigest, err := list.ChooseInstance(r.SystemContext()) - if err != nil { - return nil, err - } - for _, img := range images { - for _, imageDigest := range img.Digests() { - if imageDigest == listDigest { - newImage = img - s.Image = img.ID() - mediaType = manifestType - findLocal = true - logrus.Debug("image contains manifest list, using image from local storage") - break - } - } - } - if !findLocal { - return nil, image.ErrImageIsBareList - } + return nil, err } - if s.HealthConfig == nil && mediaType == manifest.DockerV2Schema2MediaType { - s.HealthConfig, err = newImage.GetHealthCheck(ctx) - if err != nil { - return nil, err - } + if s.HealthConfig == nil { + // NOTE: the health check is only set for Docker images + // but inspect will take care of it. + s.HealthConfig = inspectData.HealthCheck } // Image stop signal if s.StopSignal == nil { - stopSignal, err := newImage.StopSignal(ctx) - if err != nil { - return nil, err - } - if stopSignal != "" { - sig, err := signal.ParseSignalNameOrNumber(stopSignal) + if inspectData.Config.StopSignal != "" { + sig, err := signal.ParseSignalNameOrNumber(inspectData.Config.StopSignal) if err != nil { return nil, err } @@ -113,15 +68,10 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat var envs map[string]string // Image Environment defaults - if newImage != nil { + if inspectData != nil { // Image envs from the image if they don't exist // already, overriding the default environments - imageEnvs, err := newImage.Env(ctx) - if err != nil { - return nil, err - } - - envs, err = envLib.ParseSlice(imageEnvs) + envs, err = envLib.ParseSlice(inspectData.Config.Env) if err != nil { return nil, errors.Wrap(err, "Env fields from image failed to parse") } @@ -175,11 +125,7 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat } // Add annotations from the image - imgAnnotations, err := newImage.Annotations(ctx) - if err != nil { - return nil, err - } - for k, v := range imgAnnotations { + for k, v := range inspectData.Annotations { annotations[k] = v } } @@ -221,11 +167,8 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat s.SeccompProfilePath = p } - if len(s.User) == 0 && newImage != nil { - s.User, err = newImage.User(ctx) - if err != nil { - return nil, err - } + if len(s.User) == 0 && inspectData != nil { + s.User = inspectData.Config.User } if err := finishThrottleDevices(s); err != nil { return nil, err diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 277435ef1..01f939022 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -7,9 +7,9 @@ import ( "strings" cdi "github.com/container-orchestrated-devices/container-device-interface/pkg" + "github.com/containers/common/libimage" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage/types" @@ -86,11 +86,18 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener options = append(options, libpod.WithCreateCommand(s.ContainerCreateCommand)) } - var newImage *image.Image + var newImage *libimage.Image + var imageData *libimage.ImageData if s.Rootfs != "" { options = append(options, libpod.WithRootFS(s.Rootfs)) } else { - newImage, err = rt.ImageRuntime().NewFromLocal(s.Image) + var resolvedImageName string + newImage, resolvedImageName, err = rt.LibimageRuntime().LookupImage(s.Image, nil) + if err != nil { + return nil, err + } + + imageData, err = newImage.Inspect(ctx, false) if err != nil { return nil, err } @@ -98,15 +105,14 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener // image. Otherwise, it must have been an ID where we're // defaulting to the first name or an empty one if no names are // present. - imgName := newImage.InputName - if s.Image == newImage.InputName && strings.HasPrefix(newImage.ID(), s.Image) { + if strings.HasPrefix(newImage.ID(), resolvedImageName) { names := newImage.Names() if len(names) > 0 { - imgName = names[0] + resolvedImageName = names[0] } } - options = append(options, libpod.WithRootFSFromImage(newImage.ID(), imgName, s.RawImageName)) + options = append(options, libpod.WithRootFSFromImage(newImage.ID(), resolvedImageName, s.RawImageName)) } if err := s.Validate(); err != nil { return nil, errors.Wrap(err, "invalid config provided") @@ -117,12 +123,12 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener return nil, err } - command, err := makeCommand(ctx, s, newImage, rtc) + command, err := makeCommand(ctx, s, imageData, rtc) if err != nil { return nil, err } - opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, finalOverlays, newImage, command) + opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, finalOverlays, imageData, command) if err != nil { return nil, err } @@ -176,7 +182,7 @@ func extractCDIDevices(s *specgen.SpecGenerator) []libpod.CtrCreateOption { return options } -func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator, pod *libpod.Pod, volumes []*specgen.NamedVolume, overlays []*specgen.OverlayVolume, img *image.Image, command []string) ([]libpod.CtrCreateOption, error) { +func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator, pod *libpod.Pod, volumes []*specgen.NamedVolume, overlays []*specgen.OverlayVolume, imageData *libimage.ImageData, command []string) ([]libpod.CtrCreateOption, error) { var options []libpod.CtrCreateOption var err error @@ -202,11 +208,8 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. case "false": break case "", "true": - if len(command) == 0 { - command, err = img.Cmd(ctx) - if err != nil { - return nil, err - } + if len(command) == 0 && imageData != nil { + command = imageData.Config.Cmd } if len(command) > 0 { @@ -308,13 +311,9 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. } // If the user did not specify a workdir on the CLI, let's extract it // from the image. - if s.WorkDir == "" && img != nil { + if s.WorkDir == "" && imageData != nil { options = append(options, libpod.WithCreateWorkingDir()) - wd, err := img.WorkingDir(ctx) - if err != nil { - return nil, err - } - s.WorkDir = wd + s.WorkDir = imageData.Config.WorkingDir } if s.WorkDir == "" { s.WorkDir = "/" @@ -367,7 +366,7 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. options = append(options, libpod.WithPrivileged(s.Privileged)) // Get namespace related options - namespaceOptions, err := namespaceOptions(ctx, s, rt, pod, img) + namespaceOptions, err := namespaceOptions(ctx, s, rt, pod, imageData) if err != nil { return nil, err } diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 1347ed1e0..73c1c31ba 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -7,9 +7,9 @@ import ( "net" "strings" + "github.com/containers/common/libimage" "github.com/containers/common/pkg/parse" "github.com/containers/common/pkg/secrets" - "github.com/containers/podman/v3/libpod/image" ann "github.com/containers/podman/v3/pkg/annotations" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" @@ -79,7 +79,7 @@ type CtrSpecGenOptions struct { // Container as read from the pod yaml Container v1.Container // Image available to use (pulled or found local) - Image *image.Image + Image *libimage.Image // Volumes for all containers Volumes map[string]*KubeVolume // PodID of the parent pod @@ -165,7 +165,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener // TODO: We don't understand why specgen does not take of this, but // integration tests clearly pointed out that it was required. - imageData, err := opts.Image.Inspect(ctx) + imageData, err := opts.Image.Inspect(ctx, false) if err != nil { return nil, err } diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go index b52e8d100..278f35c22 100644 --- a/pkg/specgen/generate/namespaces.go +++ b/pkg/specgen/generate/namespaces.go @@ -6,10 +6,10 @@ import ( "os" "strings" + "github.com/containers/common/libimage" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" @@ -79,7 +79,7 @@ func GetDefaultNamespaceMode(nsType string, cfg *config.Config, pod *libpod.Pod) // joining a pod. // TODO: Consider grouping options that are not directly attached to a namespace // elsewhere. -func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, pod *libpod.Pod, img *image.Image) ([]libpod.CtrCreateOption, error) { +func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, pod *libpod.Pod, imageData *libimage.ImageData) ([]libpod.CtrCreateOption, error) { toReturn := []libpod.CtrCreateOption{} // If pod is not nil, get infra container. @@ -234,7 +234,7 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod. } toReturn = append(toReturn, libpod.WithNetNSFrom(netCtr)) case specgen.Slirp: - portMappings, err := createPortMappings(ctx, s, img) + portMappings, err := createPortMappings(ctx, s, imageData) if err != nil { return nil, err } @@ -246,7 +246,7 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod. case specgen.Private: fallthrough case specgen.Bridge: - portMappings, err := createPortMappings(ctx, s, img) + portMappings, err := createPortMappings(ctx, s, imageData) if err != nil { return nil, err } diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index 4eae09a5e..bf8d44ed6 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -5,10 +5,10 @@ import ( "path" "strings" + "github.com/containers/common/libimage" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/cgroups" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/specgen" @@ -95,16 +95,12 @@ func addRlimits(s *specgen.SpecGenerator, g *generate.Generator) error { } // Produce the final command for the container. -func makeCommand(ctx context.Context, s *specgen.SpecGenerator, img *image.Image, rtc *config.Config) ([]string, error) { +func makeCommand(ctx context.Context, s *specgen.SpecGenerator, imageData *libimage.ImageData, rtc *config.Config) ([]string, error) { finalCommand := []string{} entrypoint := s.Entrypoint - if entrypoint == nil && img != nil { - newEntry, err := img.Entrypoint(ctx) - if err != nil { - return nil, err - } - entrypoint = newEntry + if entrypoint == nil && imageData != nil { + entrypoint = imageData.Config.Entrypoint } // Don't append the entrypoint if it is [""] @@ -115,12 +111,8 @@ func makeCommand(ctx context.Context, s *specgen.SpecGenerator, img *image.Image // Only use image command if the user did not manually set an // entrypoint. command := s.Command - if len(command) == 0 && img != nil && len(s.Entrypoint) == 0 { - newCmd, err := img.Cmd(ctx) - if err != nil { - return nil, err - } - command = newCmd + if len(command) == 0 && imageData != nil && len(s.Entrypoint) == 0 { + command = imageData.Config.Cmd } finalCommand = append(finalCommand, command...) @@ -182,7 +174,7 @@ func getCGroupPermissons(unmask []string) string { } // SpecGenToOCI returns the base configuration for the container. -func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *image.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string) (*spec.Spec, error) { +func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *libimage.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string) (*spec.Spec, error) { cgroupPerm := getCGroupPermissons(s.Unmask) g, err := generate.New("linux") diff --git a/pkg/specgen/generate/ports.go b/pkg/specgen/generate/ports.go index 678e36a70..6832664a7 100644 --- a/pkg/specgen/generate/ports.go +++ b/pkg/specgen/generate/ports.go @@ -6,9 +6,9 @@ import ( "strconv" "strings" + "github.com/containers/common/libimage" "github.com/containers/podman/v3/utils" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/specgen" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/pkg/errors" @@ -253,7 +253,7 @@ func parsePortMapping(portMappings []specgen.PortMapping) ([]ocicni.PortMapping, } // Make final port mappings for the container -func createPortMappings(ctx context.Context, s *specgen.SpecGenerator, img *image.Image) ([]ocicni.PortMapping, error) { +func createPortMappings(ctx context.Context, s *specgen.SpecGenerator, imageData *libimage.ImageData) ([]ocicni.PortMapping, error) { finalMappings, containerPortValidate, hostPortValidate, err := parsePortMapping(s.PortMappings) if err != nil { return nil, err @@ -262,7 +262,7 @@ func createPortMappings(ctx context.Context, s *specgen.SpecGenerator, img *imag // If not publishing exposed ports, or if we are publishing and there is // nothing to publish - then just return the port mappings we've made so // far. - if !s.PublishExposedPorts || (len(s.Expose) == 0 && img == nil) { + if !s.PublishExposedPorts || (len(s.Expose) == 0 && imageData == nil) { return finalMappings, nil } @@ -273,12 +273,8 @@ func createPortMappings(ctx context.Context, s *specgen.SpecGenerator, img *imag for k, v := range s.Expose { expose[k] = v } - if img != nil { - inspect, err := img.InspectNoSize(ctx) - if err != nil { - return nil, errors.Wrapf(err, "error inspecting image to get exposed ports") - } - for imgExpose := range inspect.Config.ExposedPorts { + if imageData != nil { + for imgExpose := range imageData.Config.ExposedPorts { // Expose format is portNumber[/protocol] splitExpose := strings.SplitN(imgExpose, "/", 2) num, err := strconv.Atoi(splitExpose[0]) diff --git a/pkg/specgen/generate/security.go b/pkg/specgen/generate/security.go index e0e4a47a4..a12cc09e2 100644 --- a/pkg/specgen/generate/security.go +++ b/pkg/specgen/generate/security.go @@ -3,12 +3,12 @@ package generate import ( "strings" + "github.com/containers/common/libimage" "github.com/containers/common/pkg/apparmor" "github.com/containers/common/pkg/capabilities" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" "github.com/opencontainers/runtime-tools/generate" @@ -80,7 +80,7 @@ func setupApparmor(s *specgen.SpecGenerator, rtc *config.Config, g *generate.Gen return nil } -func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator, newImage *image.Image, rtc *config.Config) error { +func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator, newImage *libimage.Image, rtc *config.Config) error { var ( caplist []string err error diff --git a/pkg/specgen/generate/storage.go b/pkg/specgen/generate/storage.go index 8066834f7..13f336594 100644 --- a/pkg/specgen/generate/storage.go +++ b/pkg/specgen/generate/storage.go @@ -8,10 +8,10 @@ import ( "path/filepath" "strings" + "github.com/containers/common/libimage" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -24,7 +24,7 @@ var ( ) // Produce final mounts and named volumes for a container -func finalizeMounts(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, img *image.Image) ([]spec.Mount, []*specgen.NamedVolume, []*specgen.OverlayVolume, error) { +func finalizeMounts(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, img *libimage.Image) ([]spec.Mount, []*specgen.NamedVolume, []*specgen.OverlayVolume, error) { // Get image volumes baseMounts, baseVolumes, err := getImageVolumes(ctx, img, s) if err != nil { @@ -173,7 +173,7 @@ func finalizeMounts(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Ru } // Get image volumes from the given image -func getImageVolumes(ctx context.Context, img *image.Image, s *specgen.SpecGenerator) (map[string]spec.Mount, map[string]*specgen.NamedVolume, error) { +func getImageVolumes(ctx context.Context, img *libimage.Image, s *specgen.SpecGenerator) (map[string]spec.Mount, map[string]*specgen.NamedVolume, error) { mounts := make(map[string]spec.Mount) volumes := make(map[string]*specgen.NamedVolume) @@ -184,7 +184,7 @@ func getImageVolumes(ctx context.Context, img *image.Image, s *specgen.SpecGener return mounts, volumes, nil } - inspect, err := img.InspectNoSize(ctx) + inspect, err := img.Inspect(ctx, false) if err != nil { return nil, nil, errors.Wrapf(err, "error inspecting image to get image volumes") } |