diff options
101 files changed, 728 insertions, 1160 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index 8e1bf03f0..1c6a1539d 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -102,6 +102,8 @@ gating_task: networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' gate_script: + # TODO: remove once the image doesn't ship with pre-installed tools + - rm /go/bin/* # N/B: entrypoint.sh resets $GOSRC (same as make clean) - '/usr/local/bin/entrypoint.sh install.tools |& ${TIMESTAMP}' - '/usr/local/bin/entrypoint.sh validate |& ${TIMESTAMP}' @@ -111,7 +113,7 @@ gating_task: build_script: - '/usr/local/bin/entrypoint.sh podman |& ${TIMESTAMP}' - 'cd $GOSRC && ./hack/podman-commands.sh |& ${TIMESTAMP}' - # N/B: need 'clean' so some commited files are re-generated. + # N/B: need 'clean' so some committed files are re-generated. - '/usr/local/bin/entrypoint.sh clean podman-remote |& ${TIMESTAMP}' - '/usr/local/bin/entrypoint.sh clean podman BUILDTAGS="exclude_graphdriver_devicemapper selinux seccomp" |& ${TIMESTAMP}' - '/usr/local/bin/entrypoint.sh podman-remote-darwin |& ${TIMESTAMP}' @@ -296,7 +298,7 @@ meta_task: timeout_in: 10m # Cirrus-CI ignores entrypoint defined in image - script: '/usr/local/bin/entrypoint.sh |& ${TIMESTAMP}' + script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/update_meta.sh |& ${TIMESTAMP}' # Remove old and disused images based on labels set by meta_task diff --git a/.golangci.yml b/.golangci.yml index fcf2582e8..7fbc3d439 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -6,8 +6,9 @@ run: - selinux concurrency: 6 deadline: 5m + skip-dirs-use-default: true skip-dirs: - - dependencies/* + - dependencies - contrib - test/e2e - docs @@ -16,39 +17,19 @@ run: skip-files: - iopodman.go linters: - disable-all: true - enable: - - bodyclose - - deadcode - - depguard - # dupl really overdid it; disabling - # - dupl - - errcheck - - gofmt - - gosimple - - govet - - ineffassign - - nakedret - - staticcheck - - structcheck - - typecheck - - unused - - varcheck - # - gochecknoglobals - # - gochecknoinits - # - goconst - # - gocritic - # - gocyclo - # - goimports - # - golint - # - gosec - - interfacer - # - lll - # - maligned - # - misspell - # - prealloc - - scopelint - - stylecheck - - unconvert - # I think we should uncomment this one and used it - # - unparam + enable-all: true + disable: + - dupl + - funlen + - gochecknoglobals + - gochecknoinits + - goconst + - gocyclo + - golint + - goimports + - gosec + - lll + - maligned + - misspell + - prealloc + - unparam diff --git a/.tool/lint b/.tool/lint deleted file mode 100755 index aa6891251..000000000 --- a/.tool/lint +++ /dev/null @@ -1,46 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit -set -o nounset -set -o pipefail - -# Create the linter path for use later -LINTER=${GOPATH}/bin/gometalinter - -# Make sure gometalinter is installed -if [ ! -f ${LINTER} ]; then - echo >&2 "gometalinter must be installed. Please run 'make install.tools' and try again" - exit 1 -fi - -PKGS=$(find . -type d -not -path . -a -not -iwholename '*.git*' -a -not -iname '.tool' -a -not -iwholename '*vendor*' -a -not -iname 'hack' -a -not -iwholename '*.artifacts*' -a -not -iwholename '*contrib*' -a -not -iwholename '*test*' -a -not -iwholename '*logo*' -a -not -iwholename '*conmon*' -a -not -iwholename '*completions*' -a -not -iwholename '*docs*' -a -not -iwholename '*pause*' -a -not -iwholename './_output*' -a -not -iwholename '*ioprojectatomicpodman.go') - -echo $PKGS - -# Execute the linter -${LINTER} \ - --concurrency=4\ - --enable-gc\ - --vendored-linters\ - --deadline=600s --disable-all\ - --enable=deadcode\ - --enable=errcheck\ - --enable=gofmt\ - --enable=golint\ - --enable=ineffassign\ - --enable=megacheck\ - --enable=misspell\ - --enable=structcheck\ - --enable=varcheck\ - --enable=vet\ - --enable=vetshadow\ - --exclude='error return value not checked.*\(errcheck\)$'\ - --exclude='declaration of.*err.*shadows declaration.*\(vetshadow\)$'\ - --exclude='.*_test\.go:.*error return value not checked.*\(errcheck\)$'\ - --exclude='duplicate of.*_test.go.*\(dupl\)$'\ - --exclude='cmd\/client\/.*\.go.*\(dupl\)$'\ - --exclude='vendor\/.*'\ - --exclude='podman\/.*'\ - --exclude='server\/seccomp\/.*\.go.*$'\ - --exclude='dependencies\/.*'\ - ${PKGS[@]} @@ -1065,7 +1065,7 @@ varlink call -m unix:/run/podman/io.podman/io.podman.RemoveImage '{"name": "regi method RemoveImageWithResponse(name: [string](https://godoc.org/builtin#string), force: [bool](https://godoc.org/builtin#bool)) [RemoveImageResponse](#RemoveImageResponse)</div> RemoveImageWithResponse takes the name or ID of an image as well as a boolean that determines if containers using that image -should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The reponse is +should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The response is in the form of a RemoveImageResponse . ### <a name="RemovePod"></a>func RemovePod <div style="background-color: #E8E8E8; padding: 15px; margin: 10px; border-radius: 10px;"> @@ -148,9 +148,7 @@ ifeq ("$(wildcard $(GOPKGDIR))","") endif touch $@ -lint: .gopathok varlink_generate ## Execute the source code linter - @echo "checking lint" - @./.tool/lint +lint: golangci-lint golangci-lint: .gopathok varlink_generate .install.golangci-lint $(GOBIN)/golangci-lint run --tests=false --skip-files swagger.go @@ -314,12 +312,6 @@ remotesystem: system.test-binary: .install.ginkgo $(GO) test -c ./test/system -perftest: ## Build perf tests - $ cd contrib/perftest;go build - -run-perftest: perftest ## Build and run perf tests - $ contrib/perftest/perftest - vagrant-check: BOX=$(BOX) sh ./vagrant.sh @@ -351,6 +343,9 @@ install-podman-remote-%-docs: podman-remote docs $(MANPAGES) man-page-check: hack/man-page-checker +codespell: + codespell -S bin,vendor,.git,go.sum,changelog.txt,seccomp.json,.cirrus.yml,"*.xz,*.gz,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,copyimg,*.orig,apidoc.go" -L uint,iff,od,seeked + # When publishing releases include critical build-time details .PHONY: release.txt release.txt: @@ -514,7 +509,7 @@ endef .install.golangci-lint: .gopathok if [ ! -x "$(GOBIN)/golangci-lint" ]; then \ - curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOBIN)/ v1.17.1; \ + curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOBIN)/ v1.18.0; \ fi .install.md2man: .gopathok @@ -532,7 +527,7 @@ install.libseccomp.sudo: cd ../../seccomp/libseccomp && git checkout --detach $(LIBSECCOMP_COMMIT) && ./autogen.sh && ./configure --prefix=/usr && make all && make install -cmd/podman/varlink/iopodman.go: cmd/podman/varlink/io.podman.varlink +cmd/podman/varlink/iopodman.go: .gopathok cmd/podman/varlink/io.podman.varlink GO111MODULE=off $(GO) generate ./cmd/podman/varlink/... API.md: cmd/podman/varlink/io.podman.varlink diff --git a/cmd/podman/build.go b/cmd/podman/build.go index 08d3edaa3..885f2ac51 100644 --- a/cmd/podman/build.go +++ b/cmd/podman/build.go @@ -116,21 +116,22 @@ func getContainerfiles(files []string) []string { func getNsValues(c *cliconfig.BuildValues) ([]buildah.NamespaceOption, error) { var ret []buildah.NamespaceOption if c.Network != "" { - if c.Network == "host" { + switch { + case c.Network == "host": ret = append(ret, buildah.NamespaceOption{ Name: string(specs.NetworkNamespace), Host: true, }) - } else if c.Network == "container" { + case c.Network == "container": ret = append(ret, buildah.NamespaceOption{ Name: string(specs.NetworkNamespace), }) - } else if c.Network[0] == '/' { + case c.Network[0] == '/': ret = append(ret, buildah.NamespaceOption{ Name: string(specs.NetworkNamespace), Path: c.Network, }) - } else { + default: return nil, fmt.Errorf("unsupported configuration network=%s", c.Network) } } diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go index 0e4315411..b261599e6 100644 --- a/cmd/podman/cliconfig/config.go +++ b/cmd/podman/cliconfig/config.go @@ -163,6 +163,7 @@ type GenerateKubeValues struct { type GenerateSystemdValues struct { PodmanCommand Name bool + New bool Files bool RestartPolicy string StopTimeout int diff --git a/cmd/podman/common_libpod.go b/cmd/podman/common_libpod.go index 5deea15d3..b97ff5986 100644 --- a/cmd/podman/common_libpod.go +++ b/cmd/podman/common_libpod.go @@ -24,7 +24,8 @@ func getAllOrLatestContainers(c *cliconfig.PodmanCommand, runtime *libpod.Runtim var containers []*libpod.Container var lastError error var err error - if c.Bool("all") { + switch { + case c.Bool("all"): if filterState != -1 { var filterFuncs []libpod.ContainerFilter filterFuncs = append(filterFuncs, func(c *libpod.Container) bool { @@ -38,13 +39,13 @@ func getAllOrLatestContainers(c *cliconfig.PodmanCommand, runtime *libpod.Runtim if err != nil { return nil, errors.Wrapf(err, "unable to get %s containers", verb) } - } else if c.Bool("latest") { + case c.Bool("latest"): lastCtr, err := runtime.GetLatestContainer() if err != nil { return nil, errors.Wrapf(err, "unable to get latest container") } containers = append(containers, lastCtr) - } else { + default: args := c.InputArgs for _, i := range args { container, err := runtime.LookupContainer(i) diff --git a/cmd/podman/containers_prune.go b/cmd/podman/containers_prune.go index 78c50268c..cd9817e7e 100644 --- a/cmd/podman/containers_prune.go +++ b/cmd/podman/containers_prune.go @@ -40,7 +40,7 @@ func init() { pruneContainersCommand.SetHelpTemplate(HelpTemplate()) pruneContainersCommand.SetUsageTemplate(UsageTemplate()) flags := pruneContainersCommand.Flags() - flags.BoolVarP(&pruneContainersCommand.Force, "force", "f", false, "Force removal of a running container. The default is false") + flags.BoolVarP(&pruneContainersCommand.Force, "force", "f", false, "Skip interactive prompt for container removal") flags.StringArrayVar(&pruneContainersCommand.Filter, "filter", []string{}, "Provide filter values (e.g. 'until=<timestamp>')") } @@ -49,11 +49,11 @@ func pruneContainersCmd(c *cliconfig.PruneContainersValues) error { reader := bufio.NewReader(os.Stdin) fmt.Printf(`WARNING! This will remove all stopped containers. Are you sure you want to continue? [y/N] `) - ans, err := reader.ReadString('\n') + answer, err := reader.ReadString('\n') if err != nil { return errors.Wrapf(err, "error reading input") } - if strings.ToLower(ans)[0] != 'y' { + if strings.ToLower(answer)[0] != 'y' { return nil } } @@ -68,7 +68,7 @@ Are you sure you want to continue? [y/N] `) if c.GlobalIsSet("max-workers") { maxWorkers = c.GlobalFlags.MaxWorks } - ok, failures, err := runtime.Prune(getContext(), maxWorkers, c.Force, c.Filter) + ok, failures, err := runtime.Prune(getContext(), maxWorkers, c.Filter) if err != nil { if errors.Cause(err) == define.ErrNoSuchCtr { if len(c.InputArgs) > 1 { diff --git a/cmd/podman/cp.go b/cmd/podman/cp.go index ea97752a3..205103381 100644 --- a/cmd/podman/cp.go +++ b/cmd/podman/cp.go @@ -138,25 +138,25 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin hostOwner := idtools.IDPair{UID: int(hostUID), GID: int(hostGID)} if isFromHostToCtr { - if isVol, volDestName, volName := isVolumeDestName(destPath, ctr); isVol { + if isVol, volDestName, volName := isVolumeDestName(destPath, ctr); isVol { //nolint(gocritic) path, err := pathWithVolumeMount(ctr, runtime, volDestName, volName, destPath) if err != nil { return errors.Wrapf(err, "error getting destination path from volume %s", volDestName) } destPath = path - } else if isBindMount, mount := isBindMountDestName(destPath, ctr); isBindMount { + } else if isBindMount, mount := isBindMountDestName(destPath, ctr); isBindMount { //nolint(gocritic) path, err := pathWithBindMountSource(mount, destPath) if err != nil { return errors.Wrapf(err, "error getting destination path from bind mount %s", mount.Destination) } destPath = path - } else if filepath.IsAbs(destPath) { + } else if filepath.IsAbs(destPath) { //nolint(gocritic) cleanedPath, err := securejoin.SecureJoin(mountPoint, destPath) if err != nil { return err } destPath = cleanedPath - } else { + } else { //nolint(gocritic) ctrWorkDir, err := securejoin.SecureJoin(mountPoint, ctr.WorkingDir()) if err != nil { return err @@ -172,25 +172,25 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin } } else { destOwner = idtools.IDPair{UID: os.Getuid(), GID: os.Getgid()} - if isVol, volDestName, volName := isVolumeDestName(srcPath, ctr); isVol { + if isVol, volDestName, volName := isVolumeDestName(srcPath, ctr); isVol { //nolint(gocritic) path, err := pathWithVolumeMount(ctr, runtime, volDestName, volName, srcPath) if err != nil { return errors.Wrapf(err, "error getting source path from volume %s", volDestName) } srcPath = path - } else if isBindMount, mount := isBindMountDestName(srcPath, ctr); isBindMount { + } else if isBindMount, mount := isBindMountDestName(srcPath, ctr); isBindMount { //nolint(gocritic) path, err := pathWithBindMountSource(mount, srcPath) if err != nil { return errors.Wrapf(err, "error getting source path from bind mount %s", mount.Destination) } srcPath = path - } else if filepath.IsAbs(srcPath) { + } else if filepath.IsAbs(srcPath) { //nolint(gocritic) cleanedPath, err := securejoin.SecureJoin(mountPoint, srcPath) if err != nil { return err } srcPath = cleanedPath - } else { + } else { //nolint(gocritic) cleanedPath, err := securejoin.SecureJoin(mountPoint, filepath.Join(ctr.WorkingDir(), srcPath)) if err != nil { return err diff --git a/cmd/podman/errors_remote.go b/cmd/podman/errors_remote.go index 19df2d2d8..378f9398f 100644 --- a/cmd/podman/errors_remote.go +++ b/cmd/podman/errors_remote.go @@ -25,7 +25,7 @@ func outputError(err error) { } var ne error switch e := err.(type) { - // For some reason golang wont let me list them with commas so listing them all. + // For some reason golang won't let me list them with commas so listing them all. case *iopodman.ImageNotFound: ne = errors.New(e.Reason) case *iopodman.ContainerNotFound: @@ -48,7 +48,7 @@ func outputError(err error) { func setExitCode(err error) int { cause := errors.Cause(err) switch e := cause.(type) { - // For some reason golang wont let me list them with commas so listing them all. + // For some reason golang won't let me list them with commas so listing them all. case *iopodman.ContainerNotFound: return 1 case *iopodman.InvalidState: diff --git a/cmd/podman/generate_systemd.go b/cmd/podman/generate_systemd.go index aa202a68d..a9775f9cb 100644 --- a/cmd/podman/generate_systemd.go +++ b/cmd/podman/generate_systemd.go @@ -45,6 +45,7 @@ func init() { } flags.IntVarP(&containerSystemdCommand.StopTimeout, "timeout", "t", -1, "stop timeout override") flags.StringVar(&containerSystemdCommand.RestartPolicy, "restart-policy", "on-failure", "applicable systemd restart-policy") + flags.BoolVarP(&containerSystemdCommand.New, "new", "", false, "create a new container instead of starting an existing one") } func generateSystemdCmd(c *cliconfig.GenerateSystemdValues) error { diff --git a/cmd/podman/history.go b/cmd/podman/history.go index a16aac8d8..da6a3f608 100644 --- a/cmd/podman/history.go +++ b/cmd/podman/history.go @@ -115,14 +115,14 @@ func genHistoryFormat(format string, quiet bool) string { } // historyToGeneric makes an empty array of interfaces for output -func historyToGeneric(templParams []historyTemplateParams, JSONParams []*image.History) (genericParams []interface{}) { +func historyToGeneric(templParams []historyTemplateParams, jsonParams []*image.History) (genericParams []interface{}) { if len(templParams) > 0 { for _, v := range templParams { genericParams = append(genericParams, interface{}(v)) } return } - for _, v := range JSONParams { + for _, v := range jsonParams { genericParams = append(genericParams, interface{}(v)) } return diff --git a/cmd/podman/images.go b/cmd/podman/images.go index e42546a55..75cdd3465 100644 --- a/cmd/podman/images.go +++ b/cmd/podman/images.go @@ -209,7 +209,7 @@ func (i imagesOptions) setOutputFormat() string { } // imagesToGeneric creates an empty array of interfaces for output -func imagesToGeneric(templParams []imagesTemplateParams, JSONParams []imagesJSONParams) []interface{} { +func imagesToGeneric(templParams []imagesTemplateParams, jsonParams []imagesJSONParams) []interface{} { genericParams := []interface{}{} if len(templParams) > 0 { for _, v := range templParams { @@ -217,7 +217,7 @@ func imagesToGeneric(templParams []imagesTemplateParams, JSONParams []imagesJSON } return genericParams } - for _, v := range JSONParams { + for _, v := range jsonParams { genericParams = append(genericParams, interface{}(v)) } return genericParams @@ -282,10 +282,8 @@ func getImagesTemplateOutput(ctx context.Context, images []*adapter.ContainerIma if len(tag) == 71 && strings.HasPrefix(tag, "sha256:") { imageDigest = digest.Digest(tag) tag = "" - } else { - if img.Digest() != "" { - imageDigest = img.Digest() - } + } else if img.Digest() != "" { + imageDigest = img.Digest() } params := imagesTemplateParams{ Repository: repo, diff --git a/cmd/podman/images_prune.go b/cmd/podman/images_prune.go index 2b498f83d..8f187cbd7 100644 --- a/cmd/podman/images_prune.go +++ b/cmd/podman/images_prune.go @@ -47,11 +47,11 @@ func pruneImagesCmd(c *cliconfig.PruneImagesValues) error { fmt.Printf(` WARNING! This will remove all dangling images. Are you sure you want to continue? [y/N] `) - ans, err := reader.ReadString('\n') + answer, err := reader.ReadString('\n') if err != nil { return errors.Wrapf(err, "error reading input") } - if strings.ToLower(ans)[0] != 'y' { + if strings.ToLower(answer)[0] != 'y' { return nil } } diff --git a/cmd/podman/main.go b/cmd/podman/main.go index c727eea85..a22b01f24 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -72,17 +72,13 @@ var mainCommands = []*cobra.Command{ } var rootCmd = &cobra.Command{ - Use: path.Base(os.Args[0]), - Long: "manage pods and images", - RunE: commandRunE(), - PersistentPreRunE: func(cmd *cobra.Command, args []string) error { - return before(cmd, args) - }, - PersistentPostRunE: func(cmd *cobra.Command, args []string) error { - return after(cmd, args) - }, - SilenceUsage: true, - SilenceErrors: true, + Use: path.Base(os.Args[0]), + Long: "manage pods and images", + RunE: commandRunE(), + PersistentPreRunE: before, + PersistentPostRunE: after, + SilenceUsage: true, + SilenceErrors: true, } var MainGlobalOpts cliconfig.MainFlags @@ -160,16 +156,13 @@ func main() { } if err := rootCmd.Execute(); err != nil { outputError(err) - } else { + } else if exitCode == define.ExecErrorCodeGeneric { // The exitCode modified from define.ExecErrorCodeGeneric, // indicates an application // running inside of a container failed, as opposed to the // podman command failed. Must exit with that exit code // otherwise command exited correctly. - if exitCode == define.ExecErrorCodeGeneric { - exitCode = 0 - } - + exitCode = 0 } // Check if /etc/containers/registries.conf exists when running in diff --git a/cmd/podman/pod_ps.go b/cmd/podman/pod_ps.go index bda447c57..d7731e983 100644 --- a/cmd/podman/pod_ps.go +++ b/cmd/podman/pod_ps.go @@ -320,13 +320,14 @@ func generatePodFilterFuncs(filter, filterValue string) (func(pod *adapter.Pod) // generate the template based on conditions given func genPodPsFormat(c *cliconfig.PodPsValues) string { format := "" - if c.Format != "" { + switch { + case c.Format != "": // "\t" from the command line is not being recognized as a tab // replacing the string "\t" to a tab character if the user passes in "\t" format = strings.Replace(c.Format, `\t`, "\t", -1) - } else if c.Quiet { + case c.Quiet: format = formats.IDString - } else { + default: format = "table {{.ID}}\t{{.Name}}\t{{.Status}}\t{{.Created}}" if c.Bool("namespace") { format += "\t{{.Cgroup}}\t{{.Namespaces}}" @@ -341,14 +342,14 @@ func genPodPsFormat(c *cliconfig.PodPsValues) string { return format } -func podPsToGeneric(templParams []podPsTemplateParams, JSONParams []podPsJSONParams) (genericParams []interface{}) { +func podPsToGeneric(templParams []podPsTemplateParams, jsonParams []podPsJSONParams) (genericParams []interface{}) { if len(templParams) > 0 { for _, v := range templParams { genericParams = append(genericParams, interface{}(v)) } return } - for _, v := range JSONParams { + for _, v := range jsonParams { genericParams = append(genericParams, interface{}(v)) } return diff --git a/cmd/podman/pod_stats.go b/cmd/podman/pod_stats.go index 2f1ebd3ac..297603410 100644 --- a/cmd/podman/pod_stats.go +++ b/cmd/podman/pod_stats.go @@ -124,10 +124,8 @@ func podStatsCmd(c *cliconfig.PodStatsValues) error { for i := 0; i < t.NumField(); i++ { value := strings.ToUpper(splitCamelCase(t.Field(i).Name)) switch value { - case "CPU": - value = value + " %" - case "MEM": - value = value + " %" + case "CPU", "MEM": + value += " %" case "MEM USAGE": value = "MEM USAGE / LIMIT" } @@ -167,10 +165,8 @@ func podStatsCmd(c *cliconfig.PodStatsValues) error { results := podContainerStatsToPodStatOut(newStats) if len(format) == 0 { outputToStdOut(results) - } else { - if err := printPSFormat(c.Format, results, headerNames); err != nil { - return err - } + } else if err := printPSFormat(c.Format, results, headerNames); err != nil { + return err } } time.Sleep(time.Second) diff --git a/cmd/podman/reset.go b/cmd/podman/reset.go index 9d16dc978..203399047 100644 --- a/cmd/podman/reset.go +++ b/cmd/podman/reset.go @@ -52,11 +52,11 @@ WARNING! This will remove: - all images - all build cache Are you sure you want to continue? [y/N] `) - ans, err := reader.ReadString('\n') + answer, err := reader.ReadString('\n') if err != nil { return errors.Wrapf(err, "error reading input") } - if strings.ToLower(ans)[0] != 'y' { + if strings.ToLower(answer)[0] != 'y' { return nil } } diff --git a/cmd/podman/rmi.go b/cmd/podman/rmi.go index f4ca88ea8..caaa8984d 100644 --- a/cmd/podman/rmi.go +++ b/cmd/podman/rmi.go @@ -65,7 +65,7 @@ func rmiCmd(c *cliconfig.RmiValues) error { return errors.Errorf("when using the --all switch, you may not pass any images names or IDs") } - images := args[:] + images := args removeImage := func(img *adapter.ContainerImage) { response, err := runtime.RemoveImage(ctx, img, c.Force) diff --git a/cmd/podman/shared/container.go b/cmd/podman/shared/container.go index 5f8df2e10..9459247ed 100644 --- a/cmd/podman/shared/container.go +++ b/cmd/podman/shared/container.go @@ -650,10 +650,7 @@ func getNamespaceInfo(path string) (string, error) { // getStrFromSquareBrackets gets the string inside [] from a string. func getStrFromSquareBrackets(cmd string) string { - reg, err := regexp.Compile(`.*\[|\].*`) - if err != nil { - return "" - } + reg := regexp.MustCompile(`.*\[|\].*`) arr := strings.Split(reg.ReplaceAllLiteralString(cmd, ""), ",") return strings.Join(arr, ",") } diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index 58cf56eea..05a3f5598 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -444,11 +444,12 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. // USER user := c.String("user") if user == "" { - if usernsMode.IsKeepID() { + switch { + case usernsMode.IsKeepID(): user = fmt.Sprintf("%d:%d", rootless.GetRootlessUID(), rootless.GetRootlessGID()) - } else if data == nil { + case data == nil: user = "0" - } else { + default: user = data.Config.User } } diff --git a/cmd/podman/shared/intermediate.go b/cmd/podman/shared/intermediate.go index bc12bd2a5..e985e4dc0 100644 --- a/cmd/podman/shared/intermediate.go +++ b/cmd/podman/shared/intermediate.go @@ -8,7 +8,7 @@ import ( /* attention -in this file you will see alot of struct duplication. this was done because people wanted a strongly typed +in this file you will see a lot of struct duplication. this was done because people wanted a strongly typed varlink mechanism. this resulted in us creating this intermediate layer that allows us to take the input from the cli and make an intermediate layer which can be transferred as strongly typed structures over a varlink interface. diff --git a/cmd/podman/shared/intermediate_novarlink.go b/cmd/podman/shared/intermediate_novarlink.go index 26738ce48..c6f011fe0 100644 --- a/cmd/podman/shared/intermediate_novarlink.go +++ b/cmd/podman/shared/intermediate_novarlink.go @@ -6,7 +6,7 @@ package shared /* attention -in this file you will see alot of struct duplication. this was done because people wanted a strongly typed +in this file you will see a lot of struct duplication. this was done because people wanted a strongly typed varlink mechanism. this resulted in us creating this intermediate layer that allows us to take the input from the cli and make an intermediate layer which can be transferred as strongly typed structures over a varlink interface. diff --git a/cmd/podman/shared/pod.go b/cmd/podman/shared/pod.go index ab6d1f144..d8d69c8fc 100644 --- a/cmd/podman/shared/pod.go +++ b/cmd/podman/shared/pod.go @@ -59,18 +59,20 @@ func CreatePodStatusResults(ctrStatuses map[string]define.ContainerStatus) (stri } } - if statuses[PodStateRunning] > 0 { + switch { + case statuses[PodStateRunning] > 0: return PodStateRunning, nil - } else if statuses[PodStatePaused] == ctrNum { + case statuses[PodStatePaused] == ctrNum: return PodStatePaused, nil - } else if statuses[PodStateStopped] == ctrNum { + case statuses[PodStateStopped] == ctrNum: return PodStateExited, nil - } else if statuses[PodStateStopped] > 0 { + case statuses[PodStateStopped] > 0: return PodStateStopped, nil - } else if statuses[PodStateErrored] > 0 { + case statuses[PodStateErrored] > 0: return PodStateErrored, nil + default: + return PodStateCreated, nil } - return PodStateCreated, nil } // GetNamespaceOptions transforms a slice of kernel namespaces diff --git a/cmd/podman/stats.go b/cmd/podman/stats.go index f53e09412..08fddc47a 100644 --- a/cmd/podman/stats.go +++ b/cmd/podman/stats.go @@ -105,9 +105,10 @@ func statsCmd(c *cliconfig.StatsValues) error { var ctrs []*libpod.Container containerFunc := runtime.GetRunningContainers - if len(c.InputArgs) > 0 { + switch { + case len(c.InputArgs) > 0: containerFunc = func() ([]*libpod.Container, error) { return runtime.GetContainersByList(c.InputArgs) } - } else if latest { + case latest: containerFunc = func() ([]*libpod.Container, error) { lastCtr, err := runtime.GetLatestContainer() if err != nil { @@ -115,7 +116,7 @@ func statsCmd(c *cliconfig.StatsValues) error { } return []*libpod.Container{lastCtr}, nil } - } else if all { + case all: containerFunc = runtime.GetAllContainers } @@ -219,14 +220,14 @@ func genStatsFormat(format string) string { } // imagesToGeneric creates an empty array of interfaces for output -func statsToGeneric(templParams []statsOutputParams, JSONParams []statsOutputParams) (genericParams []interface{}) { +func statsToGeneric(templParams []statsOutputParams, jsonParams []statsOutputParams) (genericParams []interface{}) { if len(templParams) > 0 { for _, v := range templParams { genericParams = append(genericParams, interface{}(v)) } return } - for _, v := range JSONParams { + for _, v := range jsonParams { genericParams = append(genericParams, interface{}(v)) } return diff --git a/cmd/podman/system_prune.go b/cmd/podman/system_prune.go index 74fdcde99..21b7aa711 100644 --- a/cmd/podman/system_prune.go +++ b/cmd/podman/system_prune.go @@ -63,11 +63,11 @@ WARNING! This will remove: - all dangling images - all build cache Are you sure you want to continue? [y/N] `, volumeString) - ans, err := reader.ReadString('\n') + answer, err := reader.ReadString('\n') if err != nil { return errors.Wrapf(err, "error reading input") } - if strings.ToLower(ans)[0] != 'y' { + if strings.ToLower(answer)[0] != 'y' { return nil } } @@ -92,7 +92,7 @@ Are you sure you want to continue? [y/N] `, volumeString) rmWorkers := shared.Parallelize("rm") fmt.Println("Deleted Containers") - ok, failures, err = runtime.Prune(ctx, rmWorkers, false, []string{}) + ok, failures, err = runtime.Prune(ctx, rmWorkers, []string{}) if err != nil { if lasterr != nil { logrus.Errorf("%q", err) diff --git a/cmd/podman/tree.go b/cmd/podman/tree.go index 566f96995..69b42639d 100644 --- a/cmd/podman/tree.go +++ b/cmd/podman/tree.go @@ -113,12 +113,12 @@ func printImageChildren(layerMap map[string]*image.LayerInfo, layerID string, pr intend := middleItem if !last { // add continueItem i.e. '|' for next iteration prefix - prefix = prefix + continueItem + prefix += continueItem } else if len(ll.ChildID) > 1 || len(ll.ChildID) == 0 { // The above condition ensure, alignment happens for node, which has more then 1 children. // If node is last in printing hierarchy, it should not be printed as middleItem i.e. ├── intend = lastItem - prefix = prefix + " " + prefix += " " } var tags string diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink index ac400a467..b993457ca 100644 --- a/cmd/podman/varlink/io.podman.varlink +++ b/cmd/podman/varlink/io.podman.varlink @@ -885,7 +885,7 @@ method UntagImage(name: string, tag: string) -> (image: string) method RemoveImage(name: string, force: bool) -> (image: string) # RemoveImageWithResponse takes the name or ID of an image as well as a boolean that determines if containers using that image -# should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The reponse is +# should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The response is # in the form of a RemoveImageResponse . method RemoveImageWithResponse(name: string, force: bool) -> (response: RemoveImageResponse) diff --git a/cmd/podman/volume_ls.go b/cmd/podman/volume_ls.go index eda5685cf..938124278 100644 --- a/cmd/podman/volume_ls.go +++ b/cmd/podman/volume_ls.go @@ -134,14 +134,14 @@ func genVolLsFormat(c *cliconfig.VolumeLsValues) string { } // Convert output to genericParams for printing -func volLsToGeneric(templParams []volumeLsTemplateParams, JSONParams []volumeLsJSONParams) (genericParams []interface{}) { +func volLsToGeneric(templParams []volumeLsTemplateParams, jsonParams []volumeLsJSONParams) (genericParams []interface{}) { if len(templParams) > 0 { for _, v := range templParams { genericParams = append(genericParams, interface{}(v)) } return } - for _, v := range JSONParams { + for _, v := range jsonParams { genericParams = append(genericParams, interface{}(v)) } return diff --git a/cmd/podman/volume_prune.go b/cmd/podman/volume_prune.go index daea5a4d2..48ed68509 100644 --- a/cmd/podman/volume_prune.go +++ b/cmd/podman/volume_prune.go @@ -74,11 +74,11 @@ func volumePruneCmd(c *cliconfig.VolumePruneValues) error { reader := bufio.NewReader(os.Stdin) fmt.Println("WARNING! This will remove all volumes not used by at least one container.") fmt.Print("Are you sure you want to continue? [y/N] ") - ans, err := reader.ReadString('\n') + answer, err := reader.ReadString('\n') if err != nil { return errors.Wrapf(err, "error reading input") } - if strings.ToLower(ans)[0] != 'y' { + if strings.ToLower(answer)[0] != 'y' { return nil } } diff --git a/completions/bash/podman b/completions/bash/podman index c23d156bc..ca3618b0b 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -366,7 +366,7 @@ __podman_to_extglob() { # continue processing its completion. # # TODO if the preceding command has options that accept arguments and an -# argument is equal ot one of the subcommands, this is falsely detected as +# argument is equal to one of the subcommands, this is falsely detected as # a match. __podman_subcommands() { local subcommands="$1" diff --git a/contrib/cirrus/README.md b/contrib/cirrus/README.md index de9a33714..49f713a8f 100644 --- a/contrib/cirrus/README.md +++ b/contrib/cirrus/README.md @@ -196,7 +196,7 @@ as the standard 'cloud-init' services. in the ``test_build_vm_images`` Task (above). * Base images do not need to be produced often, but doing so completely - manually would be time-consuming and error-prone. Therefor a special + manually would be time-consuming and error-prone. Therefore a special semi-automatic *Makefile* target is provided to assist with producing all the base-images: ``libpod_base_images`` diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index 2e43a59f6..1e237085f 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -64,8 +64,8 @@ export PACKER_BUILDS="${PACKER_BUILDS:-ubuntu-18,ubuntu-19,fedora-30,xfedora-30, export UBUNTU_BASE_IMAGE="ubuntu-1904-disco-v20190724" export PRIOR_UBUNTU_BASE_IMAGE="ubuntu-1804-bionic-v20190722a" # Manually produced base-image names (see $SCRIPT_BASE/README.md) -export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1565360543" -export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1565360543" +export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1578586410" +export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1541789245" export BUILT_IMAGE_SUFFIX="${BUILT_IMAGE_SUFFIX:--$CIRRUS_REPO_NAME-${CIRRUS_BUILD_ID}}" # IN_PODMAN container image IN_PODMAN_IMAGE="quay.io/libpod/in_podman:latest" @@ -430,6 +430,18 @@ remove_packaged_podman_files() { sync && echo 3 > /proc/sys/vm/drop_caches } +canonicalize_image_names() { + req_env_var IMGNAMES + echo "Adding all current base images to \$IMGNAMES for timestamp update" + export IMGNAMES="\ +$IMGNAMES +$UBUNTU_BASE_IMAGE +$PRIOR_UBUNTU_BASE_IMAGE +$FEDORA_BASE_IMAGE +$PRIOR_FEDORA_BASE_IMAGE +" +} + systemd_banish() { $GOSRC/$PACKER_BASE/systemd_banish.sh } diff --git a/contrib/cirrus/update_meta.sh b/contrib/cirrus/update_meta.sh new file mode 100755 index 000000000..618cd670c --- /dev/null +++ b/contrib/cirrus/update_meta.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +source $(dirname $0)/lib.sh + +# N/B: This script is expected to wrap $ENTRYPOINT when executing under the +# 'meta' Cirrus task on the libpod repo. +ENTRYPOINT=/usr/local/bin/entrypoint.sh + +req_env_var IMGNAMES BUILDID REPOREF GCPJSON GCPNAME GCPPROJECT CIRRUS_CI + +[[ -x "$ENTRYPOINT" ]] || \ + die 2 "Expecting to find an installed entrypoint script $ENTRYPOINT." + +# A better way of checking isn't compatible with old but functional images +# in-use by other repos. +grep -q 'compute images update' "$ENTRYPOINT" || \ + die 3 "Expecting to be running inside a specific imgts container image" + +canonicalize_image_names + +# Executing inside a container; proper hand-off for process control +exec $ENTRYPOINT diff --git a/contrib/perftest/README.md b/contrib/perftest/README.md deleted file mode 100644 index bd0ef08f5..000000000 --- a/contrib/perftest/README.md +++ /dev/null @@ -1,51 +0,0 @@ -## perftest : tool for benchmarking and profiling libpod library -perftest uses libpod as golang library and perform stress test and profile for CPU usage. - -Build: - -``` -# cd $GOPATH/src/github.com/containers/libpod/contrib/perftest -# go build -# go install -``` - -Usage: - -``` -# perftest -h -Usage of perftest: - --count int - count of loop counter for test (default 50) --image string - image-name to be used for test (default "docker.io/library/alpine:latest") - -``` - -e.g. - -``` -# perftest -runc version spec: 1.0.1-dev -conmon version 1.12.0-dev, commit: b6c5cafeffa9b3cde89812207b29ccedd3102712 - -preparing test environment... -2018/11/05 16:52:14 profile: cpu profiling enabled, /tmp/profile626959338/cpu.pprof -Test Round: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 -Profile data - - Create Start Stop Delete -Min 0.23s 0.34s 2.12s 0.51s -Avg 0.25s 0.38s 2.13s 0.54s -Max 0.27s 0.48s 2.13s 0.70s -Total 12.33s 18.82s 106.47s 26.91s -2018/11/05 16:54:59 profile: cpu profiling disabled, /tmp/profile626959338/cpu.pprof - -``` - -Analyse CPU profile. - -``` -# go tool pprof -http=":8081" $GOPATH/src/github.com/containers/libpod/contrib/perftest/perftest /tmp/profile626959338/cpu.pprof -``` -- Open http://localhost:8081 in webbrowser
\ No newline at end of file diff --git a/contrib/perftest/main.go b/contrib/perftest/main.go deleted file mode 100644 index 0a7e45112..000000000 --- a/contrib/perftest/main.go +++ /dev/null @@ -1,282 +0,0 @@ -package main - -import ( - "context" - "flag" - "fmt" - "os" - "strings" - "text/tabwriter" - "time" - - "github.com/containers/image/v5/types" - "github.com/containers/libpod/libpod" - image2 "github.com/containers/libpod/libpod/image" - cc "github.com/containers/libpod/pkg/spec" - "github.com/containers/libpod/pkg/util" - "github.com/containers/storage/pkg/reexec" - "github.com/cri-o/ocicni/pkg/ocicni" - "github.com/pkg/profile" - "github.com/sirupsen/logrus" -) - -const ( - defaultTestImage = "docker.io/library/alpine:latest" - defaultRunCount = 50 -) - -var helpMessage = ` --count int - count of loop counter for test (default 50) --image string - image-name to be used for test (default "docker.io/library/alpine:latest") --log string - log level (info|debug|warn|error) (default "error") - -` - -func main() { - if reexec.Init() { - return - } - - ctx := context.Background() - imageName := "" - - testImageName := flag.String("image", defaultTestImage, "image-name to be used for test") - testRunCount := flag.Int("count", defaultRunCount, "count of loop counter for test") - logLevel := flag.String("log", "error", "log level (info|debug|warn|error)") - - flag.Usage = func() { - fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0]) - fmt.Fprintf(os.Stderr, "%s \n", helpMessage) - } - - flag.Parse() - - switch strings.ToLower(*logLevel) { - case "error": - logrus.SetLevel(logrus.ErrorLevel) - case "warn": - logrus.SetLevel(logrus.WarnLevel) - case "info": - logrus.SetLevel(logrus.InfoLevel) - case "debug": - logrus.SetLevel(logrus.DebugLevel) - default: - logrus.Fatalf("invalid option : %s ", *logLevel) - } - - opts := defaultRuntimeOptions() - client, err := libpod.NewRuntime(opts...) - if err != nil { - logrus.Fatal(err) - } - defer client.Shutdown(false) - - // Print Runtime & System Information. - err = printSystemInfo(client) - if err != nil { - logrus.Fatal(err) - } - - imageRuntime := client.ImageRuntime() - if imageRuntime == nil { - logrus.Fatal("ImageRuntime is null") - } - - fmt.Printf("preparing test environment...\n") - //Prepare for test. - testImage, err := imageRuntime.NewFromLocal(*testImageName) - if err != nil { - // Download the image from remote registry. - writer := os.Stderr - registryCreds := &types.DockerAuthConfig{ - Username: "", - Password: "", - } - dockerRegistryOptions := image2.DockerRegistryOptions{ - DockerRegistryCreds: registryCreds, - DockerCertPath: "", - DockerInsecureSkipTLSVerify: types.OptionalBoolFalse, - } - fmt.Printf("image %s not found locally, fetching from remote registry..\n", *testImageName) - - testImage, err = client.ImageRuntime().New(ctx, *testImageName, "", "", writer, &dockerRegistryOptions, image2.SigningOptions{}, nil, util.PullImageMissing) - if err != nil { - logrus.Fatal(err) - } - fmt.Printf("image downloaded successfully\n\n") - } - - names := testImage.Names() - if len(names) > 0 { - imageName = names[0] - } else { - imageName = testImage.ID() - } - - idmappings, err := util.ParseIDMapping(nil, nil, "", "") - if err != nil { - logrus.Fatal(err) - } - config := &cc.CreateConfig{ - Tty: true, - Image: imageName, - ImageID: testImage.ID(), - IDMappings: idmappings, - Command: []string{"/bin/sh"}, - WorkDir: "/", - NetMode: "bridge", - Network: "bridge", - } - - // Enable CPU Profile - defer profile.Start().Stop() - - data, err := runSingleThreadedStressTest(ctx, client, imageName, testImage.ID(), config, *testRunCount) - if err != nil { - logrus.Fatal(err) - } - - data.printProfiledData((float64)(*testRunCount)) -} - -func defaultRuntimeOptions() []libpod.RuntimeOption { - options := []libpod.RuntimeOption{} - return options - /* - //TODO: Shall we test in clean environment? - sOpts := storage.StoreOptions{ - GraphDriverName: "overlay", - RunRoot: "/var/run/containers/storage", - GraphRoot: "/var/lib/containers/storage", - } - - storageOpts := libpod.WithStorageConfig(sOpts) - options = append(options, storageOpts) - return options - */ -} - -func printSystemInfo(client *libpod.Runtime) error { - OCIRuntimeInfo, err := client.GetOCIRuntimeVersion() - if err != nil { - return err - } - - connmanInfo, err := client.GetConmonVersion() - if err != nil { - return err - } - fmt.Printf("%s\n%s\n\n", OCIRuntimeInfo, connmanInfo) - return nil -} - -func runSingleThreadedStressTest(ctx context.Context, client *libpod.Runtime, imageName string, imageID string, config *cc.CreateConfig, testCount int) (*profileData, error) { - data := new(profileData) - fmt.Printf("Test Round: ") - for i := 0; i < testCount; i++ { - fmt.Printf("%d ", i) - - runtimeSpec, err := cc.CreateConfigToOCISpec(config) - if err != nil { - return nil, err - } - - //Create Container - networks := make([]string, 0) - netmode := "bridge" - createStartTime := time.Now() - ctr, err := client.NewContainer(ctx, - runtimeSpec, - libpod.WithRootFSFromImage(imageID, imageName, false), - libpod.WithNetNS([]ocicni.PortMapping{}, false, netmode, networks), - ) - if err != nil { - return nil, err - } - createTotalTime := time.Now().Sub(createStartTime) - - // Start container - startStartTime := time.Now() - err = ctr.Start(ctx, false) - if err != nil { - return nil, err - } - startTotalTime := time.Now().Sub(startStartTime) - - //Stop Container - stopStartTime := time.Now() - err = ctr.StopWithTimeout(2) - if err != nil { - return nil, err - } - stopTotalTime := time.Now().Sub(stopStartTime) - - //Delete Container - deleteStartTime := time.Now() - - err = client.RemoveContainer(ctx, ctr, true, false) - if err != nil { - return nil, err - } - - deleteTotalTime := time.Now().Sub(deleteStartTime) - - data.updateProfileData(createTotalTime, startTotalTime, stopTotalTime, deleteTotalTime) - } - return data, nil -} - -type profileData struct { - minCreate, minStart, minStop, minDel time.Duration - avgCreate, avgStart, avgStop, avgDel time.Duration - maxCreate, maxStart, maxStop, maxDel time.Duration -} - -func (data *profileData) updateProfileData(create, start, stop, delete time.Duration) { - if create < data.minCreate || data.minCreate == 0 { - data.minCreate = create - } - if create > data.maxCreate || data.maxCreate == 0 { - data.maxCreate = create - } - if start < data.minStart || data.minStart == 0 { - data.minStart = start - } - if start > data.maxStart || data.maxStart == 0 { - data.maxStart = start - } - if stop < data.minStop || data.minStop == 0 { - data.minStop = stop - } - if stop > data.maxStop || data.maxStop == 0 { - data.maxStop = stop - } - if delete < data.minDel || data.minDel == 0 { - data.minDel = delete - } - if delete > data.maxDel || data.maxDel == 0 { - data.maxDel = delete - } - - data.avgCreate = data.avgCreate + create - data.avgStart = data.avgStart + start - data.avgStop = data.avgStop + stop - data.avgDel = data.avgDel + delete -} - -func (data *profileData) printProfiledData(testCount float64) { - - fmt.Printf("\nProfile data\n\n") - w := new(tabwriter.Writer) - w.Init(os.Stdout, 0, 8, 0, '\t', 0) - fmt.Fprintln(w, "\tCreate\tStart\tStop\tDelete") - fmt.Fprintf(w, "Min\t%.2fs\t%.2fs\t%.2fs\t%.2fs\n", data.minCreate.Seconds(), data.minStart.Seconds(), data.minStop.Seconds(), data.minDel.Seconds()) - fmt.Fprintf(w, "Avg\t%.2fs\t%.2fs\t%.2fs\t%.2fs\n", data.avgCreate.Seconds()/testCount, data.avgStart.Seconds()/testCount, data.avgStop.Seconds()/testCount, data.avgDel.Seconds()/testCount) - fmt.Fprintf(w, "Max\t%.2fs\t%.2fs\t%.2fs\t%.2fs\n", data.maxCreate.Seconds(), data.maxStart.Seconds(), data.maxStop.Seconds(), data.maxDel.Seconds()) - fmt.Fprintf(w, "Total\t%.2fs\t%.2fs\t%.2fs\t%.2fs\n", data.avgCreate.Seconds(), data.avgStart.Seconds(), data.avgStop.Seconds(), data.avgDel.Seconds()) - fmt.Fprintln(w) - w.Flush() -} diff --git a/dependencies/analyses/README.md b/dependencies/analyses/README.md index 67dab6f75..734058045 100644 --- a/dependencies/analyses/README.md +++ b/dependencies/analyses/README.md @@ -1,7 +1,7 @@ # A set of scripts and instructions that help to analyze and debloat go-lang dependencies Note that all scripts mentioned below follow the [KISS principle](https://en.wikipedia.org/wiki/KISS_principle) on purpose. -The scripts are meant to be used in combination to aid in understanding the packages' dependencies and how they contribute to the size of the compiled binary. +The scripts are meant to be used in combination to aid in understanding the package's dependencies and how they contribute to the size of the compiled binary. ## Size of packages diff --git a/docs/source/markdown/podman-container-prune.1.md b/docs/source/markdown/podman-container-prune.1.md index 856843a80..eaecee304 100644 --- a/docs/source/markdown/podman-container-prune.1.md +++ b/docs/source/markdown/podman-container-prune.1.md @@ -11,6 +11,9 @@ podman-container-prune - Remove all stopped containers from local storage ## OPTIONS +**--force**, **-f** +Do not provide an interactive prompt for container removal. + **-h**, **--help** Print usage statement diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index 85aa81553..abde899bf 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -419,6 +419,17 @@ Logging driver specific options. Used to set the path to the container log file `--log-opt path=/var/log/container/mycontainer.json` +**--log-opt**=*tag* + +Set custom logging configuration. Presently supports the `tag` option +which specified a custom log tag for the container. For example: + +`--log-opt tag="{{.ImageName}}"` + +It supports the same keys as `podman inspect --format`. + +It is currently supported only by the journald log driver. + **--mac-address**=*address* Container MAC address (e.g. 92:d0:c6:0a:29:33) @@ -575,7 +586,7 @@ To make a pod with more granular options, use the `podman pod create` command be Give extended privileges to this container. The default is *false*. By default, Podman containers are -“unprivileged” (=false) and cannot, for example, modify parts of the kernel. +“unprivileged” (=false) and cannot, for example, modify parts of the operating system. This is because by default a container is not allowed to access any devices. A “privileged” container is given access to all devices. @@ -584,6 +595,8 @@ to all devices on the host, turns off graphdriver mount options, as well as turning off most of the security measures protecting the host from the container. +Rootless containers cannot have more privileges than the account that launched them. + **--publish**, **-p**=*port* Publish a container's port, or range of ports, to the host @@ -786,7 +799,7 @@ You can pass `host` to copy the current configuration from the host. Sets the username or UID used and optionally the groupname or GID for the specified command. -The followings examples are all valid: +The following examples are all valid: --user [user | user:group | uid | uid:gid | user:gid | uid:group ] Without this argument the command will be run as root in the container. diff --git a/docs/source/markdown/podman-exec.1.md b/docs/source/markdown/podman-exec.1.md index d46427c91..fc67211d1 100644 --- a/docs/source/markdown/podman-exec.1.md +++ b/docs/source/markdown/podman-exec.1.md @@ -43,7 +43,19 @@ Pass down to the process N additional file descriptors (in addition to 0, 1, 2). **--privileged** -Give the process extended Linux capabilities when running the command in container. +Give extended privileges to this container. The default is *false*. + +By default, Podman containers are +"unprivileged" and cannot, for example, modify parts of the operating system. +This is because by default a container is only allowed limited access to devices. +A "privileged" container is given the same access to devices as the user launching the container. + +A privileged container turns off the security features that isolate the +container from the host. Dropped Capabilities, limited devices, read/only mount +points, Apparmor/SELinux separation, and Seccomp filters are all disabled. + +Rootless containers cannot have more privileges than the account that launched them. + **--tty**, **-t** diff --git a/docs/source/markdown/podman-generate-systemd.1.md b/docs/source/markdown/podman-generate-systemd.1.md index b81e68a46..4d3f9ba48 100644 --- a/docs/source/markdown/podman-generate-systemd.1.md +++ b/docs/source/markdown/podman-generate-systemd.1.md @@ -22,11 +22,16 @@ Generate files instead of printing to stdout. The generated files are named {co Use the name of the container for the start, stop, and description in the unit file +**--new** + +Create a new container via podman-run instead of starting an existing one. This option relies on container configuration files, which may not map directly to podman CLI flags; please review the generated output carefully before placing in production. + **--timeout**, **-t**=*value* Override the default stop timeout for the container with the given value. **--restart-policy**=*policy* + Set the systemd restart policy. The restart-policy must be one of: "no", "on-success", "on-failure", "on-abnormal", "on-watchdog", "on-abort", or "always". The default policy is *on-failure*. diff --git a/docs/source/markdown/podman-inspect.1.md b/docs/source/markdown/podman-inspect.1.md index f1630c713..ad4d0659e 100644 --- a/docs/source/markdown/podman-inspect.1.md +++ b/docs/source/markdown/podman-inspect.1.md @@ -43,49 +43,83 @@ Display the total file size if the type is a container ``` # podman inspect fedora -{ - "Id": "422dc563ca3260ad9ef5c47a1c246f5065d7f177ce51f4dd208efd82967ff182", - "Digest": "sha256:1b9bfb4e634dc1e5c19d0fa1eb2e5a28a5c2b498e3d3e4ac742bd7f5dae08611", - "RepoTags": [ - "docker.io/library/fedora:latest" - ], - "RepoDigests": [ - "docker.io/library/fedora@sha256:1b9bfb4e634dc1e5c19d0fa1eb2e5a28a5c2b498e3d3e4ac742bd7f5dae08611" - ], - "Parent": "", - "Comment": "", - "Created": "2017-11-14T21:07:08.475840838Z", - "Config": { - "Env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "DISTTAG=f27container", - "FGC=f27", - "FBR=f27" - ] - }, - "Version": "17.06.2-ce", - "Author": "[Adam Miller \u003cmaxamillion@fedoraproject.org\u003e] [Patrick Uiterwijk \u003cpatrick@puiterwijk.org\u003e]", - "Architecture": "amd64", - "Os": "linux", - "Size": 251722732, - "VirtualSize": 514895140, - "GraphDriver": { - "Name": "overlay", - "Data": { - "MergedDir": "/var/lib/containers/storage/overlay/d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516/merged", - "UpperDir": "/var/lib/containers/storage/overlay/d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516/diff", - "WorkDir": "/var/lib/containers/storage/overlay/d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516/work" - } - }, - "RootFS": { - "Type": "layers", - "Layers": [ - "sha256:d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516" - ] - }, - "Labels": null, - "Annotations": {} -} +[ + { + "Id": "f0858ad3febdf45bb2e5501cb459affffacef081f79eaa436085c3b6d9bd46ca", + "Digest": "sha256:d4f7df6b691d61af6cee7328f82f1d8afdef63bc38f58516858ae3045083924a", + "RepoTags": [ + "docker.io/library/fedora:latest" + ], + "RepoDigests": [ + "docker.io/library/fedora@sha256:8fa60b88e2a7eac8460b9c0104b877f1aa0cea7fbc03c701b7e545dacccfb433", + "docker.io/library/fedora@sha256:d4f7df6b691d61af6cee7328f82f1d8afdef63bc38f58516858ae3045083924a" + ], + "Parent": "", + "Comment": "", + "Created": "2019-10-29T03:23:37.695123423Z", + "Config": { + "Env": [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", + "DISTTAG=f31-updates-candidatecontainer", + "FGC=f31-updates-candidate", + "FBR=f31-updates-candidate" + ], + "Cmd": [ + "/bin/bash" + ], + "Labels": { + "maintainer": "Clement Verna \u003ccverna@fedoraproject.org\u003e" + } + }, + "Version": "18.06.1-ce", + "Author": "", + "Architecture": "amd64", + "Os": "linux", + "Size": 201096840, + "VirtualSize": 201096840, + "GraphDriver": { + "Name": "overlay", + "Data": { + "UpperDir": "/home/user/.local/share/containers/storage/overlay/2ae3cee18c8ef9e0d448649747dab81c4f1ca2714a8c4550eff49574cab262c9/diff", + "WorkDir": "/home/user/.local/share/containers/storage/overlay/2ae3cee18c8ef9e0d448649747dab81c4f1ca2714a8c4550eff49574cab262c9/work" + } + }, + "RootFS": { + "Type": "layers", + "Layers": [ + "sha256:2ae3cee18c8ef9e0d448649747dab81c4f1ca2714a8c4550eff49574cab262c9" + ] + }, + "Labels": { + "maintainer": "Clement Verna \u003ccverna@fedoraproject.org\u003e" + }, + "Annotations": {}, + "ManifestType": "application/vnd.docker.distribution.manifest.v2+json", + "User": "", + "History": [ + { + "created": "2019-01-16T21:21:55.569693599Z", + "created_by": "/bin/sh -c #(nop) LABEL maintainer=Clement Verna \u003ccverna@fedoraproject.org\u003e", + "empty_layer": true + }, + { + "created": "2019-09-27T21:21:07.784469821Z", + "created_by": "/bin/sh -c #(nop) ENV DISTTAG=f31-updates-candidatecontainer FGC=f31-updates-candidate FBR=f31-updates-candidate", + "empty_layer": true + }, + { + "created": "2019-10-29T03:23:37.355187998Z", + "created_by": "/bin/sh -c #(nop) ADD file:298f828afc880ccde9205fc4418435d5e696ad165e283f0530d0b1a74326d6dc in / " + }, + { + "created": "2019-10-29T03:23:37.695123423Z", + "created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]", + "empty_layer": true + } + ], + "NamesHistory": [] + } +] ``` ``` diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index e8744de35..9484ad347 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -426,10 +426,21 @@ Logging driver for the container. Currently available options are *k8s-file* an **--log-opt**=*path* -Logging driver specific options. Used to set the path to the container log file. For example: +Set custom logging configuration. Presently supports the `tag` option +which specified a custom log tag for the container. For example: `--log-opt path=/var/log/container/mycontainer.json` +**--log-opt**=*tag* + +Specify a custom log tag for the container. For example: + +`--log-opt tag="{{.ImageName}}"` + +It supports the same keys as `podman inspect --format`. + +It is currently supported only by the journald log driver. + **--mac-address**=*address* Container MAC address (e.g. `92:d0:c6:0a:29:33`) @@ -588,15 +599,16 @@ If a container is run with a pod, and the pod has an infra-container, the infra- Give extended privileges to this container. The default is *false*. -By default, Podman containers are “unprivileged” (=false) and cannot, -for example, modify parts of the kernel. This is because by default a -container is not allowed to access any devices. A “privileged” container -is given access to all devices. +By default, Podman containers are “unprivileged” (=false) and cannot, for +example, modify parts of the operating system. This is because by default a +container is only allowed limited access to devices. A "privileged" container +is given the same access to devices as the user launching the container. -When the operator executes **podman run --privileged**, Podman enables access -to all devices on the host, turns off graphdriver mount options, as well as -turning off most of the security measures protecting the host from the -container. +A privileged container turns off the security features that isolate the +container from the host. Dropped Capabilities, limited devices, read/only mount +points, Apparmor/SELinux separation, and Seccomp filters are all disabled. + +Rootless containers cannot have more privileges than the account that launched them. **--publish**, **-p**=*port* @@ -823,7 +835,7 @@ You can pass `host` to copy the current configuration from the host. Sets the username or UID used and optionally the groupname or GID for the specified command. -The followings examples are all valid: +The following examples are all valid: --user [user | user:group | uid | uid:gid | user:gid | uid:group ] Without this argument the command will be run as root in the container. @@ -51,7 +51,7 @@ require ( github.com/opencontainers/selinux v1.3.0 github.com/opentracing/opentracing-go v1.1.0 github.com/pkg/errors v0.8.1 - github.com/pkg/profile v1.4.0 + github.com/pkg/profile v1.4.0 // indirect github.com/pmezard/go-difflib v1.0.0 github.com/rootless-containers/rootlesskit v0.7.1 github.com/seccomp/containers-golang v0.0.0-20190312124753-8ca8945ccf5f diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 3347a3648..3f09305f5 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -652,11 +652,9 @@ func (s *BoltState) addContainer(ctr *Container, pod *Pod) error { if string(depCtrPod) != pod.ID() { return errors.Wrapf(define.ErrInvalidArg, "container %s depends on container %s which is in a different pod (%s)", ctr.ID(), dependsCtr, string(depCtrPod)) } - } else { + } else if depCtrPod != nil { // If we're not part of a pod, we cannot depend on containers in a pod - if depCtrPod != nil { - return errors.Wrapf(define.ErrInvalidArg, "container %s depends on container %s which is in a pod - containers not in pods cannot depend on containers in pods", ctr.ID(), dependsCtr) - } + return errors.Wrapf(define.ErrInvalidArg, "container %s depends on container %s which is in a pod - containers not in pods cannot depend on containers in pods", ctr.ID(), dependsCtr) } depNamespace := depCtrBkt.Get(namespaceKey) diff --git a/libpod/container.go b/libpod/container.go index edf72f4ee..b3cb6334a 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -379,6 +379,8 @@ type ContainerConfig struct { CgroupParent string `json:"cgroupParent"` // LogPath log location LogPath string `json:"logPath"` + // LogTag is the tag used for logging + LogTag string `json:"logTag"` // LogDriver driver for logs LogDriver string `json:"logDriver"` // File containing the conmon PID @@ -470,11 +472,9 @@ func (c *Container) specFromState() (*spec.Spec, error) { if err := json.Unmarshal(content, &returnSpec); err != nil { return nil, errors.Wrapf(err, "error unmarshalling container config") } - } else { + } else if !os.IsNotExist(err) { // ignore when the file does not exist - if !os.IsNotExist(err) { - return nil, errors.Wrapf(err, "error opening container config") - } + return nil, errors.Wrapf(err, "error opening container config") } return returnSpec, nil @@ -726,6 +726,11 @@ func (c *Container) LogPath() string { return c.config.LogPath } +// LogTag returns the tag to the container's log file +func (c *Container) LogTag() string { + return c.config.LogTag +} + // RestartPolicy returns the container's restart policy. func (c *Container) RestartPolicy() string { return c.config.RestartPolicy diff --git a/libpod/container.log.go b/libpod/container.log.go index 7d0cd5bfb..7c46dde9a 100644 --- a/libpod/container.log.go +++ b/libpod/container.log.go @@ -56,7 +56,7 @@ func (c *Container) readFromLogFile(options *logs.LogOptions, logChannel chan *l continue } if nll.Partial() { - partial = partial + nll.Msg + partial += nll.Msg continue } else if !nll.Partial() && len(partial) > 1 { nll.Msg = partial diff --git a/libpod/container_graph.go b/libpod/container_graph.go index f6988e1ac..97a12ec42 100644 --- a/libpod/container_graph.go +++ b/libpod/container_graph.go @@ -113,7 +113,7 @@ func detectCycles(graph *ContainerGraph) (bool, error) { info := new(nodeInfo) info.index = index info.lowLink = index - index = index + 1 + index++ nodes[node.id] = info diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go index 639dd6e91..01f2d93bd 100644 --- a/libpod/container_inspect.go +++ b/libpod/container_inspect.go @@ -107,6 +107,7 @@ type InspectContainerData struct { OCIConfigPath string `json:"OCIConfigPath,omitempty"` OCIRuntime string `json:"OCIRuntime,omitempty"` LogPath string `json:"LogPath"` + LogTag string `json:"LogTag"` ConmonPidFile string `json:"ConmonPidFile"` Name string `json:"Name"` RestartCount int32 `json:"RestartCount"` @@ -629,17 +630,9 @@ type InspectNetworkSettings struct { MacAddress string `json:"MacAddress"` } -// Inspect a container for low-level information -func (c *Container) Inspect(size bool) (*InspectContainerData, error) { - if !c.batched { - c.lock.Lock() - defer c.lock.Unlock() - - if err := c.syncContainer(); err != nil { - return nil, err - } - } - +// inspectLocked inspects a container for low-level information. +// The caller must held c.lock. +func (c *Container) inspectLocked(size bool) (*InspectContainerData, error) { storeCtr, err := c.runtime.store.Container(c.ID()) if err != nil { return nil, errors.Wrapf(err, "error getting container from store %q", c.ID()) @@ -655,6 +648,20 @@ func (c *Container) Inspect(size bool) (*InspectContainerData, error) { return c.getContainerInspectData(size, driverData) } +// Inspect a container for low-level information +func (c *Container) Inspect(size bool) (*InspectContainerData, error) { + if !c.batched { + c.lock.Lock() + defer c.lock.Unlock() + + if err := c.syncContainer(); err != nil { + return nil, err + } + } + + return c.inspectLocked(size) +} + func (c *Container) getContainerInspectData(size bool, driverData *driver.Data) (*InspectContainerData, error) { config := c.config runtimeInfo := c.state @@ -732,6 +739,7 @@ func (c *Container) getContainerInspectData(size bool, driverData *driver.Data) HostsPath: hostsPath, StaticDir: config.StaticDir, LogPath: config.LogPath, + LogTag: config.LogTag, OCIRuntime: config.OCIRuntime, ConmonPidFile: config.ConmonPidFile, Name: config.Name, @@ -1206,11 +1214,12 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named // Network mode parsing. networkMode := "" - if c.config.CreateNetNS { + switch { + case c.config.CreateNetNS: networkMode = "default" - } else if c.config.NetNsCtr != "" { + case c.config.NetNsCtr != "": networkMode = fmt.Sprintf("container:%s", c.config.NetNsCtr) - } else { + default: // Find the spec's network namespace. // If there is none, it's host networking. // If there is one and it has a path, it's "ns:". diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 46c83149a..0e883588c 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -22,7 +22,7 @@ import ( "github.com/containers/storage" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/mount" - "github.com/cyphar/filepath-securejoin" + securejoin "github.com/cyphar/filepath-securejoin" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" "github.com/opencontainers/selinux/go-selinux/label" @@ -339,7 +339,7 @@ func (c *Container) handleRestartPolicy(ctx context.Context) (restarted bool, er c.newContainerEvent(events.Restart) // Increment restart count - c.state.RestartCount = c.state.RestartCount + 1 + c.state.RestartCount += 1 logrus.Debugf("Container %s now on retry %d", c.ID(), c.state.RestartCount) if err := c.save(); err != nil { return false, err @@ -1286,7 +1286,7 @@ func (c *Container) restartWithTimeout(ctx context.Context, timeout uint) (err e // TODO: Add ability to override mount label so we can use this for Mount() too // TODO: Can we use this for export? Copying SHM into the export might not be // good -func (c *Container) mountStorage() (_ string, Err error) { +func (c *Container) mountStorage() (_ string, deferredErr error) { var err error // Container already mounted, nothing to do if c.state.Mounted { @@ -1307,7 +1307,7 @@ func (c *Container) mountStorage() (_ string, Err error) { return "", errors.Wrapf(err, "failed to chown %s", c.config.ShmDir) } defer func() { - if Err != nil { + if deferredErr != nil { if err := c.unmountSHM(c.config.ShmDir); err != nil { logrus.Errorf("Error unmounting SHM for container %s after mount error: %v", c.ID(), err) } @@ -1324,7 +1324,7 @@ func (c *Container) mountStorage() (_ string, Err error) { return "", err } defer func() { - if Err != nil { + if deferredErr != nil { if err := c.unmount(false); err != nil { logrus.Errorf("Error unmounting container %s after mount error: %v", c.ID(), err) } @@ -1339,7 +1339,7 @@ func (c *Container) mountStorage() (_ string, Err error) { return "", err } defer func() { - if Err == nil { + if deferredErr == nil { return } vol.lock.Lock() diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 6ec06943f..561dbdc1c 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -62,7 +62,7 @@ func (c *Container) unmountSHM(mount string) error { // prepare mounts the container and sets up other required resources like net // namespaces -func (c *Container) prepare() (Err error) { +func (c *Container) prepare() error { var ( wg sync.WaitGroup netNS ns.NetNS @@ -1277,21 +1277,21 @@ func (c *Container) generateResolvConf() (string, error) { } // If the user provided dns, it trumps all; then dns masq; then resolv.conf - if len(c.config.DNSServer) > 0 { + switch { + case len(c.config.DNSServer) > 0: // We store DNS servers as net.IP, so need to convert to string for _, server := range c.config.DNSServer { nameservers = append(nameservers, server.String()) } - } else if len(cniNameServers) > 0 { + case len(cniNameServers) > 0: nameservers = append(nameservers, cniNameServers...) - } else { + default: // Make a new resolv.conf nameservers = resolvconf.GetNameservers(resolv.Content) // slirp4netns has a built in DNS server. if c.config.NetMode.IsSlirp4netns() { nameservers = append([]string{"10.0.2.3"}, nameservers...) } - } search := resolvconf.GetSearchDomains(resolv.Content) @@ -1451,23 +1451,24 @@ func (c *Container) getOCICgroupPath() (string, error) { if err != nil { return "", err } - if (rootless.IsRootless() && !unified) || c.config.NoCgroups { + switch { + case (rootless.IsRootless() && !unified) || c.config.NoCgroups: return "", nil - } else if c.runtime.config.CgroupManager == define.SystemdCgroupsManager { + case c.runtime.config.CgroupManager == define.SystemdCgroupsManager: // When runc is set to use Systemd as a cgroup manager, it // expects cgroups to be passed as follows: // slice:prefix:name systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID()) logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups) return systemdCgroups, nil - } else if c.runtime.config.CgroupManager == define.CgroupfsCgroupsManager { + case c.runtime.config.CgroupManager == define.CgroupfsCgroupsManager: cgroupPath, err := c.CGroupPath() if err != nil { return "", err } logrus.Debugf("Setting CGroup path for container %s to %s", c.ID(), cgroupPath) return cgroupPath, nil - } else { + default: return "", errors.Wrapf(define.ErrInvalidArg, "invalid cgroup manager %s requested", c.runtime.config.CgroupManager) } } diff --git a/libpod/events/events.go b/libpod/events/events.go index 5e828bc8a..0d8c6b7d6 100644 --- a/libpod/events/events.go +++ b/libpod/events/events.go @@ -129,8 +129,6 @@ func StringToStatus(name string) (Status, error) { return Attach, nil case Checkpoint.String(): return Checkpoint, nil - case Restore.String(): - return Restore, nil case Cleanup.String(): return Cleanup, nil case Commit.String(): diff --git a/libpod/healthcheck.go b/libpod/healthcheck.go index b42e7d16a..9c274c4f3 100644 --- a/libpod/healthcheck.go +++ b/libpod/healthcheck.go @@ -238,7 +238,7 @@ func (c *Container) updateHealthCheckLog(hcl HealthCheckLog, inStartPeriod bool) } if !inStartPeriod { // increment failing streak - healthCheck.FailingStreak = healthCheck.FailingStreak + 1 + healthCheck.FailingStreak += 1 // if failing streak > retries, then status to unhealthy if healthCheck.FailingStreak >= c.HealthCheckConfig().Retries { healthCheck.Status = HealthCheckUnhealthy diff --git a/libpod/image/image.go b/libpod/image/image.go index bce10e24c..6ea49e2a9 100644 --- a/libpod/image/image.go +++ b/libpod/image/image.go @@ -902,8 +902,7 @@ func (i *Image) Annotations(ctx context.Context) (map[string]string, error) { } } annotations := make(map[string]string) - switch manifestType { - case ociv1.MediaTypeImageManifest: + if manifestType == ociv1.MediaTypeImageManifest { var m ociv1.Manifest if err := json.Unmarshal(imageManifest, &m); err == nil { for k, v := range m.Annotations { @@ -1011,6 +1010,7 @@ func (i *Image) Inspect(ctx context.Context) (*inspect.ImageData, error) { ManifestType: manifestType, User: ociv1Img.Config.User, History: ociv1Img.History, + NamesHistory: i.NamesHistory(), } return data, nil } @@ -1527,7 +1527,7 @@ func GetLayersMapWithImageInfo(imageruntime *Runtime) (map[string]*LayerInfo, er } } - // scan all layers & add all childs for each layers to layerInfo + // scan all layers & add all childid's for each layers to layerInfo for _, layer := range layers { _, ok := layerInfoMap[layer.ID] if ok { diff --git a/libpod/kube.go b/libpod/kube.go index 6ae3e3d07..7a5ab670d 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -15,7 +15,7 @@ import ( "github.com/opencontainers/runtime-tools/generate" "github.com/pkg/errors" "github.com/sirupsen/logrus" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" v12 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -310,13 +310,13 @@ func ocicniPortMappingToContainerPort(portMappings []ocicni.PortMapping) ([]v1.C func libpodEnvVarsToKubeEnvVars(envs []string) ([]v1.EnvVar, error) { var envVars []v1.EnvVar for _, e := range envs { - splitE := strings.SplitN(e, "=", 2) - if len(splitE) != 2 { + split := strings.SplitN(e, "=", 2) + if len(split) != 2 { return envVars, errors.Errorf("environment variable %s is malformed; should be key=value", e) } ev := v1.EnvVar{ - Name: splitE[0], - Value: splitE[1], + Name: split[0], + Value: split[1], } envVars = append(envVars, ev) } @@ -365,11 +365,12 @@ func generateKubeVolumeMount(m specs.Mount) (v1.VolumeMount, v1.Volume, error) { // neither a directory or a file lives here, default to creating a directory // TODO should this be an error instead? var hostPathType v1.HostPathType - if err != nil { + switch { + case err != nil: hostPathType = v1.HostPathDirectoryOrCreate - } else if isDir { + case isDir: hostPathType = v1.HostPathDirectory - } else { + default: hostPathType = v1.HostPathFile } vo.HostPath.Type = &hostPathType diff --git a/libpod/logs/log.go b/libpod/logs/log.go index 0330df06a..9a7bcb5be 100644 --- a/libpod/logs/log.go +++ b/libpod/logs/log.go @@ -96,7 +96,7 @@ func getTailLog(path string, tail int) ([]*LogLine, error) { } nlls = append(nlls, nll) if !nll.Partial() { - tailCounter = tailCounter + 1 + tailCounter++ } if tailCounter == tail { break @@ -105,9 +105,9 @@ func getTailLog(path string, tail int) ([]*LogLine, error) { // Now we iterate the results and assemble partial messages to become full messages for _, nll := range nlls { if nll.Partial() { - partial = partial + nll.Msg + partial += nll.Msg } else { - nll.Msg = nll.Msg + partial + nll.Msg += partial tailLog = append(tailLog, nll) partial = "" } @@ -127,7 +127,7 @@ func (l *LogLine) String(options *LogOptions) string { out = fmt.Sprintf("%s ", cid) } if options.Timestamps { - out = out + fmt.Sprintf("%s ", l.Time.Format(LogTimeFormat)) + out += fmt.Sprintf("%s ", l.Time.Format(LogTimeFormat)) } return out + l.Msg } diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 89dac2b5d..d90bcb708 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -148,7 +148,7 @@ func (r *Runtime) createNetNS(ctr *Container) (n ns.NetNS, q []*cnitypes.Result, logrus.Debugf("Made network namespace at %s for container %s", ctrNS.Path(), ctr.ID()) networkStatus := []*cnitypes.Result{} - if !rootless.IsRootless() { + if !rootless.IsRootless() && ctr.config.NetMode != "slirp4netns" { networkStatus, err = r.configureNetNS(ctr, ctrNS) } return ctrNS, networkStatus, err @@ -255,7 +255,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) { } defer func() { if err := cmd.Process.Release(); err != nil { - logrus.Errorf("unable to release comman process: %q", err) + logrus.Errorf("unable to release command process: %q", err) } }() @@ -462,7 +462,7 @@ func (r *Runtime) teardownNetNS(ctr *Container) error { logrus.Debugf("Tearing down network namespace at %s for container %s", ctr.state.NetNS.Path(), ctr.ID()) // rootless containers do not use the CNI plugin - if !rootless.IsRootless() { + if !rootless.IsRootless() && ctr.config.NetMode != "slirp4netns" { var requestedIP net.IP if ctr.requestedIP != nil { requestedIP = ctr.requestedIP diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index b09dc3a4f..7cc43abc0 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -14,6 +14,7 @@ import ( "strconv" "strings" "syscall" + "text/template" "time" "github.com/containers/libpod/libpod/config" @@ -532,7 +533,7 @@ func (r *ConmonOCIRuntime) ExecContainer(c *Container, sessionID string, options if logrus.GetLevel() != logrus.DebugLevel && r.supportsJSON { ociLog = c.execOCILog(sessionID) } - args := r.sharedConmonArgs(c, sessionID, c.execBundlePath(sessionID), c.execPidPath(sessionID), c.execLogPath(sessionID), c.execExitFileDir(sessionID), ociLog) + args := r.sharedConmonArgs(c, sessionID, c.execBundlePath(sessionID), c.execPidPath(sessionID), c.execLogPath(sessionID), c.execExitFileDir(sessionID), ociLog, "") if options.PreserveFDs > 0 { args = append(args, formatRuntimeOpts("--preserve-fds", fmt.Sprintf("%d", options.PreserveFDs))...) @@ -585,7 +586,8 @@ func (r *ConmonOCIRuntime) ExecContainer(c *Container, sessionID string, options // we don't want to step on users fds they asked to preserve // Since 0-2 are used for stdio, start the fds we pass in at preserveFDs+3 - execCmd.Env = append(r.conmonEnv, fmt.Sprintf("_OCI_SYNCPIPE=%d", options.PreserveFDs+3), fmt.Sprintf("_OCI_STARTPIPE=%d", options.PreserveFDs+4), fmt.Sprintf("_OCI_ATTACHPIPE=%d", options.PreserveFDs+5)) + execCmd.Env = r.conmonEnv + execCmd.Env = append(execCmd.Env, fmt.Sprintf("_OCI_SYNCPIPE=%d", options.PreserveFDs+3), fmt.Sprintf("_OCI_STARTPIPE=%d", options.PreserveFDs+4), fmt.Sprintf("_OCI_ATTACHPIPE=%d", options.PreserveFDs+5)) execCmd.Env = append(execCmd.Env, conmonEnv...) execCmd.ExtraFiles = append(execCmd.ExtraFiles, childSyncPipe, childStartPipe, childAttachPipe) @@ -890,6 +892,27 @@ func waitPidStop(pid int, timeout time.Duration) error { } } +func (r *ConmonOCIRuntime) getLogTag(ctr *Container) (string, error) { + logTag := ctr.LogTag() + if logTag == "" { + return "", nil + } + data, err := ctr.inspectLocked(false) + if err != nil { + return "", nil + } + tmpl, err := template.New("container").Parse(logTag) + if err != nil { + return "", errors.Wrapf(err, "template parsing error %s", logTag) + } + var b bytes.Buffer + err = tmpl.Execute(&b, data) + if err != nil { + return "", err + } + return b.String(), nil +} + // createOCIContainer generates this container's main conmon instance and prepares it for starting func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (err error) { var stderrBuf bytes.Buffer @@ -916,7 +939,13 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co if logrus.GetLevel() != logrus.DebugLevel && r.supportsJSON { ociLog = filepath.Join(ctr.state.RunDir, "oci-log") } - args := r.sharedConmonArgs(ctr, ctr.ID(), ctr.bundlePath(), filepath.Join(ctr.state.RunDir, "pidfile"), ctr.LogPath(), r.exitsDir, ociLog) + + logTag, err := r.getLogTag(ctr) + if err != nil { + return err + } + + args := r.sharedConmonArgs(ctr, ctr.ID(), ctr.bundlePath(), filepath.Join(ctr.state.RunDir, "pidfile"), ctr.LogPath(), r.exitsDir, ociLog, logTag) if ctr.config.Spec.Process.Terminal { args = append(args, "-t") @@ -970,7 +999,8 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co return err } - cmd.Env = append(r.conmonEnv, fmt.Sprintf("_OCI_SYNCPIPE=%d", 3), fmt.Sprintf("_OCI_STARTPIPE=%d", 4)) + cmd.Env = r.conmonEnv + cmd.Env = append(cmd.Env, fmt.Sprintf("_OCI_SYNCPIPE=%d", 3), fmt.Sprintf("_OCI_STARTPIPE=%d", 4)) cmd.Env = append(cmd.Env, conmonEnv...) cmd.ExtraFiles = append(cmd.ExtraFiles, childSyncPipe, childStartPipe) cmd.ExtraFiles = append(cmd.ExtraFiles, envFiles...) @@ -1150,7 +1180,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*o } // sharedConmonArgs takes common arguments for exec and create/restore and formats them for the conmon CLI -func (r *ConmonOCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath, logPath, exitDir, ociLogPath string) []string { +func (r *ConmonOCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath, logPath, exitDir, ociLogPath, logTag string) []string { // set the conmon API version to be able to use the correct sync struct keys args := []string{"--api-version", "1"} if r.cgroupManager == define.SystemdCgroupsManager && !ctr.config.NoCgroups { @@ -1197,6 +1227,9 @@ func (r *ConmonOCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, p if ociLogPath != "" { args = append(args, "--runtime-arg", "--log-format=json", "--runtime-arg", "--log", fmt.Sprintf("--runtime-arg=%s", ociLogPath)) } + if logTag != "" { + args = append(args, "--log-tag", logTag) + } if ctr.config.NoCgroups { logrus.Debugf("Running with no CGroups") args = append(args, "--runtime-arg", "--cgroup-manager", "--runtime-arg", "disabled") @@ -1275,12 +1308,10 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec control, err := cgroups.New(cgroupPath, &spec.LinuxResources{}) if err != nil { logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) - } else { + } else if err := control.AddPid(cmd.Process.Pid); err != nil { // we need to remove this defer and delete the cgroup once conmon exits // maybe need a conmon monitor? - if err := control.AddPid(cmd.Process.Pid); err != nil { - logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) - } + logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err) } } } diff --git a/libpod/options.go b/libpod/options.go index 031f4f705..8bc5a541d 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -733,7 +733,9 @@ func WithExitCommand(exitCommand []string) CtrCreateOption { return define.ErrCtrFinalized } - ctr.config.ExitCommand = append(exitCommand, ctr.ID()) + ctr.config.ExitCommand = exitCommand + ctr.config.ExitCommand = append(ctr.config.ExitCommand, ctr.ID()) + return nil } } @@ -1059,6 +1061,23 @@ func WithLogPath(path string) CtrCreateOption { } } +// WithLogTag sets the tag to the log file. +func WithLogTag(tag string) CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return define.ErrCtrFinalized + } + if tag == "" { + return errors.Wrapf(define.ErrInvalidArg, "log tag must be set") + } + + ctr.config.LogTag = tag + + return nil + } + +} + // WithNoCgroups disables the creation of CGroups for the new container. func WithNoCgroups() CtrCreateOption { return func(ctr *Container) error { diff --git a/libpod/runtime.go b/libpod/runtime.go index b4cbde28e..8dcec82db 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -180,12 +180,13 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) { // Set up the lock manager manager, err = lock.OpenSHMLockManager(lockPath, runtime.config.NumLocks) if err != nil { - if os.IsNotExist(errors.Cause(err)) { + switch { + case os.IsNotExist(errors.Cause(err)): manager, err = lock.NewSHMLockManager(lockPath, runtime.config.NumLocks) if err != nil { return nil, errors.Wrapf(err, "failed to get new shm lock manager") } - } else if errors.Cause(err) == syscall.ERANGE && runtime.doRenumber { + case errors.Cause(err) == syscall.ERANGE && runtime.doRenumber: logrus.Debugf("Number of locks does not match - removing old locks") // ERANGE indicates a lock numbering mismatch. @@ -199,7 +200,7 @@ func getLockManager(runtime *Runtime) (lock.Manager, error) { if err != nil { return nil, err } - } else { + default: return nil, err } } @@ -289,10 +290,8 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (err error) { logrus.Debug("Not configuring container store") } else if runtime.noStore { logrus.Debug("No store required. Not opening container store.") - } else { - if err := runtime.configureStore(); err != nil { - return err - } + } else if err := runtime.configureStore(); err != nil { + return err } defer func() { if err != nil && store != nil { @@ -718,18 +717,14 @@ func (r *Runtime) generateName() (string, error) { // Make sure container with this name does not exist if _, err := r.state.LookupContainer(name); err == nil { continue - } else { - if errors.Cause(err) != define.ErrNoSuchCtr { - return "", err - } + } else if errors.Cause(err) != define.ErrNoSuchCtr { + return "", err } // Make sure pod with this name does not exist if _, err := r.state.LookupPod(name); err == nil { continue - } else { - if errors.Cause(err) != define.ErrNoSuchPod { - return "", err - } + } else if errors.Cause(err) != define.ErrNoSuchPod { + return "", err } return name, nil } diff --git a/libpod/runtime_cstorage.go b/libpod/runtime_cstorage.go index 2d523a7d2..cfcf4589f 100644 --- a/libpod/runtime_cstorage.go +++ b/libpod/runtime_cstorage.go @@ -107,15 +107,13 @@ func (r *Runtime) removeStorageContainer(idOrName string, force bool) error { if timesMounted > 0 { return errors.Wrapf(define.ErrCtrStateInvalid, "container %q is mounted and cannot be removed without using force", idOrName) } - } else { - if _, err := r.store.Unmount(ctr.ID, true); err != nil { - if errors.Cause(err) == storage.ErrContainerUnknown { - // Container again gone, no error - logrus.Warnf("Storage for container %s already removed", ctr.ID) - return nil - } - return errors.Wrapf(err, "error unmounting container %q", idOrName) + } else if _, err := r.store.Unmount(ctr.ID, true); err != nil { + if errors.Cause(err) == storage.ErrContainerUnknown { + // Container again gone, no error + logrus.Warnf("Storage for container %s already removed", ctr.ID) + return nil } + return errors.Wrapf(err, "error unmounting container %q", idOrName) } if err := r.store.DeleteContainer(ctr.ID); err != nil { diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 51efc5996..de7cfd3b8 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -234,15 +234,16 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (c *Contai } case define.SystemdCgroupsManager: if ctr.config.CgroupParent == "" { - if pod != nil && pod.config.UsePodCgroup { + switch { + case pod != nil && pod.config.UsePodCgroup: podCgroup, err := pod.CgroupPath() if err != nil { return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID()) } ctr.config.CgroupParent = podCgroup - } else if rootless.IsRootless() { + case rootless.IsRootless(): ctr.config.CgroupParent = SystemdDefaultRootlessCgroupParent - } else { + default: ctr.config.CgroupParent = SystemdDefaultCgroupParent } } else if len(ctr.config.CgroupParent) < 6 || !strings.HasSuffix(path.Base(ctr.config.CgroupParent), ".slice") { @@ -361,10 +362,8 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (c *Contai if err := r.state.AddContainerToPod(pod, ctr); err != nil { return nil, err } - } else { - if err := r.state.AddContainer(ctr); err != nil { - return nil, err - } + } else if err := r.state.AddContainer(ctr); err != nil { + return nil, err } ctr.newContainerEvent(events.Create) return ctr, nil diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 563d9728a..450c64d24 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -19,7 +19,7 @@ import ( ) // NewPod makes a new, empty pod -func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Pod, Err error) { +func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Pod, deferredErr error) { r.lock.Lock() defer r.lock.Unlock() @@ -65,7 +65,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po pod.config.LockID = pod.lock.ID() defer func() { - if Err != nil { + if deferredErr != nil { if err := pod.lock.Free(); err != nil { logrus.Errorf("Error freeing pod lock after failed creation: %v", err) } @@ -126,7 +126,7 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po return nil, errors.Wrapf(err, "error adding pod to state") } defer func() { - if Err != nil { + if deferredErr != nil { if err := r.removePod(ctx, pod, true, true); err != nil { logrus.Errorf("Error removing pod after pause container creation failure: %v", err) } diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go index 5b05acea4..e1f3480ce 100644 --- a/libpod/runtime_volume_linux.go +++ b/libpod/runtime_volume_linux.go @@ -28,7 +28,7 @@ func (r *Runtime) NewVolume(ctx context.Context, options ...VolumeCreateOption) } // newVolume creates a new empty volume -func (r *Runtime) newVolume(ctx context.Context, options ...VolumeCreateOption) (_ *Volume, Err error) { +func (r *Runtime) newVolume(ctx context.Context, options ...VolumeCreateOption) (_ *Volume, deferredErr error) { volume, err := newVolume(r) if err != nil { return nil, errors.Wrapf(err, "error creating volume") @@ -98,7 +98,7 @@ func (r *Runtime) newVolume(ctx context.Context, options ...VolumeCreateOption) volume.config.LockID = volume.lock.ID() defer func() { - if Err != nil { + if deferredErr != nil { if err := volume.lock.Free(); err != nil { logrus.Errorf("Error freeing volume lock after failed creation: %v", err) } diff --git a/libpod/volume_internal_linux.go b/libpod/volume_internal_linux.go index 70eccbecb..081a17325 100644 --- a/libpod/volume_internal_linux.go +++ b/libpod/volume_internal_linux.go @@ -39,7 +39,7 @@ func (v *Volume) mount() error { // If the count is non-zero, the volume is already mounted. // Nothing to do. if v.state.MountCount > 0 { - v.state.MountCount = v.state.MountCount + 1 + v.state.MountCount += 1 logrus.Debugf("Volume %s mount count now at %d", v.Name(), v.state.MountCount) return v.save() } @@ -81,7 +81,7 @@ func (v *Volume) mount() error { logrus.Debugf("Mounted volume %s", v.Name()) // Increment the mount counter - v.state.MountCount = v.state.MountCount + 1 + v.state.MountCount += 1 logrus.Debugf("Volume %s mount count now at %d", v.Name(), v.state.MountCount) return v.save() } @@ -124,7 +124,7 @@ func (v *Volume) unmount(force bool) error { } if !force { - v.state.MountCount = v.state.MountCount - 1 + v.state.MountCount -= 1 } else { v.state.MountCount = 0 } diff --git a/pkg/adapter/containers.go b/pkg/adapter/containers.go index 3334e9fa1..8b21d6b94 100644 --- a/pkg/adapter/containers.go +++ b/pkg/adapter/containers.go @@ -375,7 +375,7 @@ func (r *LocalRuntime) selectDetachKeys(flagValue string) (string, error) { config, err := r.GetConfig() if err != nil { - return "", errors.Wrapf(err, "unable to retrive runtime config") + return "", errors.Wrapf(err, "unable to retrieve runtime config") } if config.DetachKeys != "" { return config.DetachKeys, nil @@ -609,11 +609,12 @@ func (r *LocalRuntime) Restore(ctx context.Context, c *cliconfig.RestoreValues) return state == define.ContainerStateExited }) - if c.Import != "" { + switch { + case c.Import != "": containers, err = crImportCheckpoint(ctx, r.Runtime, c.Import, c.Name) - } else if c.All { + case c.All: containers, err = r.GetContainers(filterFuncs...) - } else { + default: containers, err = shortcuts.GetContainersByContext(false, c.Latest, c.InputArgs, r.Runtime) } if err != nil { @@ -835,25 +836,26 @@ func (r *LocalRuntime) Restart(ctx context.Context, c *cliconfig.RestartValues) inputTimeout := c.Timeout // Handle --latest - if c.Latest { + switch { + case c.Latest: lastCtr, err := r.Runtime.GetLatestContainer() if err != nil { return nil, nil, errors.Wrapf(err, "unable to get latest container") } restartContainers = append(restartContainers, lastCtr) - } else if c.Running { + case c.Running: containers, err = r.GetRunningContainers() if err != nil { return nil, nil, err } restartContainers = append(restartContainers, containers...) - } else if c.All { + case c.All: containers, err = r.Runtime.GetAllContainers() if err != nil { return nil, nil, err } restartContainers = append(restartContainers, containers...) - } else { + default: for _, id := range c.InputArgs { ctr, err := r.Runtime.LookupContainer(id) if err != nil { @@ -1048,7 +1050,7 @@ func (r *LocalRuntime) ExecContainer(ctx context.Context, cli *cliconfig.ExecVal } // Prune removes stopped containers -func (r *LocalRuntime) Prune(ctx context.Context, maxWorkers int, force bool, filters []string) ([]string, map[string]error, error) { +func (r *LocalRuntime) Prune(ctx context.Context, maxWorkers int, filters []string) ([]string, map[string]error, error) { var ( ok = []string{} failures = map[string]error{} @@ -1100,7 +1102,7 @@ func (r *LocalRuntime) Prune(ctx context.Context, maxWorkers int, force bool, fi pool.Add(shared.Job{ ID: ctr.ID(), Fn: func() error { - err := r.Runtime.RemoveContainer(ctx, ctr, force, false) + err := r.Runtime.RemoveContainer(ctx, ctr, false, false) if err != nil { logrus.Debugf("Failed to prune container %s: %s", ctr.ID(), err.Error()) } @@ -1230,6 +1232,7 @@ func (r *LocalRuntime) generateSystemdgenContainerInfo(c *cliconfig.GenerateSyst PIDFile: conmonPidFile, StopTimeout: timeout, GenerateTimestamp: true, + CreateCommand: config.CreateCommand, } return info, true, nil @@ -1237,11 +1240,21 @@ func (r *LocalRuntime) generateSystemdgenContainerInfo(c *cliconfig.GenerateSyst // GenerateSystemd creates a unit file for a container or pod. func (r *LocalRuntime) GenerateSystemd(c *cliconfig.GenerateSystemdValues) (string, error) { + opts := systemdgen.Options{ + Files: c.Files, + New: c.New, + } + // First assume it's a container. if info, found, err := r.generateSystemdgenContainerInfo(c, c.InputArgs[0], nil); found && err != nil { return "", err } else if found && err == nil { - return systemdgen.CreateContainerSystemdUnit(info, c.Files) + return systemdgen.CreateContainerSystemdUnit(info, opts) + } + + // --new does not support pods. + if c.New { + return "", errors.Errorf("error generating systemd unit files: cannot generate generic files for a pod") } // We're either having a pod or garbage. @@ -1312,7 +1325,7 @@ func (r *LocalRuntime) GenerateSystemd(c *cliconfig.GenerateSystemdValues) (stri if i > 0 { builder.WriteByte('\n') } - out, err := systemdgen.CreateContainerSystemdUnit(info, c.Files) + out, err := systemdgen.CreateContainerSystemdUnit(info, opts) if err != nil { return "", err } diff --git a/pkg/adapter/containers_remote.go b/pkg/adapter/containers_remote.go index 36db4af68..60ee3cb2d 100644 --- a/pkg/adapter/containers_remote.go +++ b/pkg/adapter/containers_remote.go @@ -922,7 +922,7 @@ func (r *LocalRuntime) Top(cli *cliconfig.TopValues) ([]string, error) { } // Prune removes stopped containers -func (r *LocalRuntime) Prune(ctx context.Context, maxWorkers int, force bool, filter []string) ([]string, map[string]error, error) { +func (r *LocalRuntime) Prune(ctx context.Context, maxWorkers int, filter []string) ([]string, map[string]error, error) { var ( ok = []string{} diff --git a/pkg/adapter/runtime.go b/pkg/adapter/runtime.go index 5f880e807..40089797d 100644 --- a/pkg/adapter/runtime.go +++ b/pkg/adapter/runtime.go @@ -59,7 +59,7 @@ type Volume struct { // VolumeFilter is for filtering volumes on the client type VolumeFilter func(*Volume) bool -// GetRuntimeNoStore returns a localruntime struct wit an embedded runtime but +// GetRuntimeNoStore returns a localruntime struct with an embedded runtime but // without a configured storage. func GetRuntimeNoStore(ctx context.Context, c *cliconfig.PodmanCommand) (*LocalRuntime, error) { runtime, err := libpodruntime.GetRuntimeNoStore(ctx, c) @@ -407,7 +407,8 @@ func (r *LocalRuntime) Events(c *cliconfig.EventValues) error { } w := bufio.NewWriter(os.Stdout) for event := range eventChannel { - if c.Format == formats.JSONString { + switch { + case c.Format == formats.JSONString: jsonStr, err := event.ToJSONString() if err != nil { return errors.Wrapf(err, "unable to format json") @@ -415,11 +416,11 @@ func (r *LocalRuntime) Events(c *cliconfig.EventValues) error { if _, err := w.Write([]byte(jsonStr)); err != nil { return err } - } else if len(c.Format) > 0 { + case len(c.Format) > 0: if err := tmpl.Execute(w, event); err != nil { return err } - } else { + default: if _, err := w.Write([]byte(event.ToHumanReadable())); err != nil { return err } diff --git a/pkg/adapter/shortcuts/shortcuts.go b/pkg/adapter/shortcuts/shortcuts.go index 4f6cfd6a3..8a8459c6c 100644 --- a/pkg/adapter/shortcuts/shortcuts.go +++ b/pkg/adapter/shortcuts/shortcuts.go @@ -42,12 +42,13 @@ func GetContainersByContext(all, latest bool, names []string, runtime *libpod.Ru var ctr *libpod.Container ctrs = []*libpod.Container{} - if all { + switch { + case all: ctrs, err = runtime.GetAllContainers() - } else if latest { + case latest: ctr, err = runtime.GetLatestContainer() ctrs = append(ctrs, ctr) - } else { + default: for _, n := range names { ctr, e := runtime.LookupContainer(n) if e != nil { diff --git a/pkg/api/handlers/utils/handler.go b/pkg/api/handlers/utils/handler.go index 0815e6eca..8c2110f97 100644 --- a/pkg/api/handlers/utils/handler.go +++ b/pkg/api/handlers/utils/handler.go @@ -12,19 +12,19 @@ import ( // WriteResponse encodes the given value as JSON or string and renders it for http client func WriteResponse(w http.ResponseWriter, code int, value interface{}) { - switch value.(type) { + switch v := value.(type) { case string: w.Header().Set("Content-Type", "text/plain; charset=us-ascii") w.WriteHeader(code) - if _, err := fmt.Fprintln(w, value); err != nil { + if _, err := fmt.Fprintln(w, v); err != nil { log.Errorf("unable to send string response: %q", err) } case *os.File: w.Header().Set("Content-Type", "application/octet; charset=us-ascii") w.WriteHeader(code) - if _, err := io.Copy(w, value.(*os.File)); err != nil { + if _, err := io.Copy(w, v); err != nil { log.Errorf("unable to copy to response: %q", err) } default: diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go index 9711e8120..6b28b2759 100644 --- a/pkg/cgroups/cgroups.go +++ b/pkg/cgroups/cgroups.go @@ -155,7 +155,7 @@ func (c *CgroupControl) getCgroupv1Path(name string) string { } // createCgroupv2Path creates the cgroupv2 path and enables all the available controllers -func createCgroupv2Path(path string) (Err error) { +func createCgroupv2Path(path string) (deferredError error) { content, err := ioutil.ReadFile("/sys/fs/cgroup/cgroup.controllers") if err != nil { return errors.Wrapf(err, "read /sys/fs/cgroup/cgroup.controllers") @@ -169,7 +169,7 @@ func createCgroupv2Path(path string) (Err error) { if i == 0 { res = fmt.Sprintf("+%s", c) } else { - res = res + fmt.Sprintf(" +%s", c) + res += fmt.Sprintf(" +%s", c) } } resByte := []byte(res) @@ -186,7 +186,7 @@ func createCgroupv2Path(path string) (Err error) { } else { // If the directory was created, be sure it is not left around on errors. defer func() { - if Err != nil { + if deferredError != nil { os.Remove(current) } }() diff --git a/pkg/hooks/docs/oci-hooks.5.md b/pkg/hooks/docs/oci-hooks.5.md index b50a6bddc..7d13ffa82 100644 --- a/pkg/hooks/docs/oci-hooks.5.md +++ b/pkg/hooks/docs/oci-hooks.5.md @@ -25,7 +25,7 @@ Tools consuming this format may also opt to monitor the hook directories for cha Hooks are injected in the order obtained by sorting the JSON file names, after converting them to lower case, based on their Unicode code points. For example, a matching hook defined in `01-my-hook.json` would be injected before matching hooks defined in `02-another-hook.json` and `01-UPPERCASE.json`. -It is strongly recommended to make the sort oder unambiguous depending on an ASCII-only prefix (like the `01`/`02` above). +It is strongly recommended to make the sort order unambiguous depending on an ASCII-only prefix (like the `01`/`02` above). Each JSON file should contain an object with one of the following schemas. diff --git a/pkg/inspect/inspect.go b/pkg/inspect/inspect.go index ec3d98613..8249dc4aa 100644 --- a/pkg/inspect/inspect.go +++ b/pkg/inspect/inspect.go @@ -31,6 +31,7 @@ type ImageData struct { ManifestType string `json:"ManifestType"` User string `json:"User"` History []v1.History `json:"History"` + NamesHistory []string `json:"NamesHistory"` } // RootFS holds the root fs information of an image diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 244a8d1cd..6d058229b 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -282,10 +282,13 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l options = append(options, libpod.WithStopSignal(c.StopSignal)) options = append(options, libpod.WithStopTimeout(c.StopTimeout)) - logPath := getLoggingPath(c.LogDriverOpt) + logPath, logTag := getLoggingOpts(c.LogDriverOpt) if logPath != "" { options = append(options, libpod.WithLogPath(logPath)) } + if logTag != "" { + options = append(options, libpod.WithLogTag(logTag)) + } if c.LogDriver != "" { options = append(options, libpod.WithLogDriver(c.LogDriver)) diff --git a/pkg/spec/namespaces.go b/pkg/spec/namespaces.go index 8e95a3ca0..e62d4ed0a 100644 --- a/pkg/spec/namespaces.go +++ b/pkg/spec/namespaces.go @@ -44,7 +44,8 @@ func (c *NetworkConfig) ToCreateOptions(runtime *libpod.Runtime, userns *UserCon } } - if c.NetMode.IsNS() { + switch { + case c.NetMode.IsNS(): ns := c.NetMode.NS() if ns == "" { return nil, errors.Errorf("invalid empty user-defined network namespace") @@ -53,13 +54,13 @@ func (c *NetworkConfig) ToCreateOptions(runtime *libpod.Runtime, userns *UserCon if err != nil { return nil, err } - } else if c.NetMode.IsContainer() { + case c.NetMode.IsContainer(): connectedCtr, err := runtime.LookupContainer(c.NetMode.Container()) if err != nil { return nil, errors.Wrapf(err, "container %q not found", c.NetMode.Container()) } options = append(options, libpod.WithNetNSFrom(connectedCtr)) - } else if !c.NetMode.IsHost() && !c.NetMode.IsNone() { + case !c.NetMode.IsHost() && !c.NetMode.IsNone(): postConfigureNetNS := userns.getPostConfigureNetNS() options = append(options, libpod.WithNetNS(portBindings, postConfigureNetNS, string(c.NetMode), networks)) } @@ -102,29 +103,31 @@ func (c *NetworkConfig) ToCreateOptions(runtime *libpod.Runtime, userns *UserCon // state of the NetworkConfig. func (c *NetworkConfig) ConfigureGenerator(g *generate.Generator) error { netMode := c.NetMode - if netMode.IsHost() { + netCtr := netMode.Container() + switch { + case netMode.IsHost(): logrus.Debug("Using host netmode") if err := g.RemoveLinuxNamespace(string(spec.NetworkNamespace)); err != nil { return err } - } else if netMode.IsNone() { + case netMode.IsNone(): logrus.Debug("Using none netmode") - } else if netMode.IsBridge() { + case netMode.IsBridge(): logrus.Debug("Using bridge netmode") - } else if netCtr := netMode.Container(); netCtr != "" { + case netCtr != "": logrus.Debugf("using container %s netmode", netCtr) - } else if IsNS(string(netMode)) { + case IsNS(string(netMode)): logrus.Debug("Using ns netmode") if err := g.AddOrReplaceLinuxNamespace(string(spec.NetworkNamespace), NS(string(netMode))); err != nil { return err } - } else if IsPod(string(netMode)) { + case IsPod(string(netMode)): logrus.Debug("Using pod netmode, unless pod is not sharing") - } else if netMode.IsSlirp4netns() { + case netMode.IsSlirp4netns(): logrus.Debug("Using slirp4netns netmode") - } else if netMode.IsUserDefined() { + case netMode.IsUserDefined(): logrus.Debug("Using user defined netmode") - } else { + default: return errors.Errorf("unknown network mode") } @@ -220,7 +223,8 @@ func (c *CgroupConfig) ToCreateOptions(runtime *libpod.Runtime) ([]libpod.CtrCre // ToCreateOptions converts the input to container create options. func (c *UserConfig) ToCreateOptions(runtime *libpod.Runtime) ([]libpod.CtrCreateOption, error) { options := make([]libpod.CtrCreateOption, 0) - if c.UsernsMode.IsNS() { + switch { + case c.UsernsMode.IsNS(): ns := c.UsernsMode.NS() if ns == "" { return nil, errors.Errorf("invalid empty user-defined user namespace") @@ -230,13 +234,13 @@ func (c *UserConfig) ToCreateOptions(runtime *libpod.Runtime) ([]libpod.CtrCreat return nil, err } options = append(options, libpod.WithIDMappings(*c.IDMappings)) - } else if c.UsernsMode.IsContainer() { + case c.UsernsMode.IsContainer(): connectedCtr, err := runtime.LookupContainer(c.UsernsMode.Container()) if err != nil { return nil, errors.Wrapf(err, "container %q not found", c.UsernsMode.Container()) } options = append(options, libpod.WithUserNSFrom(connectedCtr)) - } else { + default: options = append(options, libpod.WithIDMappings(*c.IDMappings)) } @@ -413,20 +417,22 @@ func (c *UtsConfig) ToCreateOptions(runtime *libpod.Runtime, pod *libpod.Pod) ([ // of the UtsConfig. func (c *UtsConfig) ConfigureGenerator(g *generate.Generator, net *NetworkConfig, runtime *libpod.Runtime) error { hostname := c.Hostname + utsCtrID := c.UtsMode.Container() var err error if hostname == "" { - if utsCtrID := c.UtsMode.Container(); utsCtrID != "" { + switch { + case utsCtrID != "": utsCtr, err := runtime.GetContainer(utsCtrID) if err != nil { return errors.Wrapf(err, "unable to retrieve hostname from dependency container %s", utsCtrID) } hostname = utsCtr.Hostname() - } else if net.NetMode.IsHost() || c.UtsMode.IsHost() { + case net.NetMode.IsHost() || c.UtsMode.IsHost(): hostname, err = os.Hostname() if err != nil { return errors.Wrap(err, "unable to retrieve hostname of the host") } - } else { + default: logrus.Debug("No hostname set; container's hostname will default to runtime default") } } diff --git a/pkg/spec/parse.go b/pkg/spec/parse.go index c2572a033..6fa0b0636 100644 --- a/pkg/spec/parse.go +++ b/pkg/spec/parse.go @@ -132,16 +132,23 @@ func validateIOpsDevice(val string) (*throttleDevice, error) { //nolint }, nil } -func getLoggingPath(opts []string) string { +// getLoggingOpts splits the path= and tag= options provided to --log-opt. +func getLoggingOpts(opts []string) (string, string) { + var path, tag string for _, opt := range opts { arr := strings.SplitN(opt, "=", 2) if len(arr) == 2 { if strings.TrimSpace(arr[0]) == "path" { - return strings.TrimSpace(arr[1]) + path = strings.TrimSpace(arr[1]) + } else if strings.TrimSpace(arr[0]) == "tag" { + tag = strings.TrimSpace(arr[1]) } } + if path != "" && tag != "" { + break + } } - return "" + return path, tag } // ParseDevice parses device mapping string to a src, dest & permissions string diff --git a/pkg/spec/storage.go b/pkg/spec/storage.go index dbdab0030..0e2098c1d 100644 --- a/pkg/spec/storage.go +++ b/pkg/spec/storage.go @@ -409,9 +409,10 @@ func getBindMount(args []string) (spec.Mount, error) { // ro=[true|false] // rw // rw=[true|false] - if len(kv) == 1 { + switch len(kv) { + case 1: newMount.Options = append(newMount.Options, kv[0]) - } else if len(kv) == 2 { + case 2: switch strings.ToLower(kv[1]) { case "true": newMount.Options = append(newMount.Options, kv[0]) @@ -424,7 +425,7 @@ func getBindMount(args []string) (spec.Mount, error) { default: return newMount, errors.Wrapf(optionArgError, "%s must be set to true or false, instead received %q", kv[0], kv[1]) } - } else { + default: return newMount, errors.Wrapf(optionArgError, "badly formatted option %q", val) } case "nosuid", "suid": diff --git a/pkg/systemdgen/systemdgen.go b/pkg/systemdgen/systemdgen.go index 09d3c6fd5..b6167a23e 100644 --- a/pkg/systemdgen/systemdgen.go +++ b/pkg/systemdgen/systemdgen.go @@ -7,6 +7,7 @@ import ( "os" "path/filepath" "sort" + "strings" "text/template" "time" @@ -48,6 +49,14 @@ type ContainerInfo struct { Executable string // TimeStamp at the time of creating the unit file. Will be set internally. TimeStamp string + // New controls if a new container is created or if an existing one is started. + New bool + // CreateCommand is the full command plus arguments of the process the + // container has been created with. + CreateCommand []string + // RunCommand is a post-processed variant of CreateCommand and used for + // the ExecStart field in generic unit files. + RunCommand string } var restartPolicies = []string{"no", "on-success", "on-failure", "on-abnormal", "on-watchdog", "on-abort", "always"} @@ -84,17 +93,35 @@ Before={{- range $index, $value := .RequiredServices -}}{{if $index}} {{end}}{{ [Service] Restart={{.RestartPolicy}} +{{- if .New}} +ExecStartPre=/usr/bin/rm -f /%t/%n-pid /%t/%n-cid +ExecStart={{.RunCommand}} +ExecStop={{.Executable}} stop --cidfile /%t/%n-cid {{if (ge .StopTimeout 0)}}-t {{.StopTimeout}}{{end}} +ExecStopPost={{.Executable}} rm -f --cidfile /%t/%n-cid +PIDFile=/%t/%n-pid +{{- else}} ExecStart={{.Executable}} start {{.ContainerName}} ExecStop={{.Executable}} stop {{if (ge .StopTimeout 0)}}-t {{.StopTimeout}}{{end}} {{.ContainerName}} +PIDFile={{.PIDFile}} +{{- end}} KillMode=none Type=forking -PIDFile={{.PIDFile}} [Install] WantedBy=multi-user.target` +// Options include different options to control the unit file generation. +type Options struct { + // When set, generate service files in the current working directory and + // return the paths to these files instead of returning all contents in one + // big string. + Files bool + // New controls if a new container is created or if an existing one is started. + New bool +} + // CreateContainerSystemdUnit creates a systemd unit file for a container. -func CreateContainerSystemdUnit(info *ContainerInfo, generateFiles bool) (string, error) { +func CreateContainerSystemdUnit(info *ContainerInfo, opts Options) (string, error) { if err := validateRestartPolicy(info.RestartPolicy); err != nil { return "", err } @@ -109,6 +136,36 @@ func CreateContainerSystemdUnit(info *ContainerInfo, generateFiles bool) (string info.Executable = executable } + // Assemble the ExecStart command when creating a new container. + // + // Note that we cannot catch all corner cases here such that users + // *must* manually check the generated files. A container might have + // been created via a Python script, which would certainly yield an + // invalid `info.CreateCommand`. Hence, we're doing a best effort unit + // generation and don't try aiming at completeness. + if opts.New { + // The create command must at least have three arguments: + // /usr/bin/podman run $IMAGE + index := 2 + if info.CreateCommand[1] == "container" { + index = 3 + } + if len(info.CreateCommand) < index+1 { + return "", errors.Errorf("container's create command is too short or invalid: %v", info.CreateCommand) + } + // We're hard-coding the first four arguments and append the + // CreatCommand with a stripped command and subcomand. + command := []string{ + info.Executable, + "run", + "--conmon-pidfile", "/%t/%n-pid", + "--cidfile", "/%t/%n-cid", + } + command = append(command, info.CreateCommand[index:]...) + info.RunCommand = strings.Join(command, " ") + info.New = true + } + if info.PodmanVersion == "" { info.PodmanVersion = version.Version } @@ -131,7 +188,7 @@ func CreateContainerSystemdUnit(info *ContainerInfo, generateFiles bool) (string return "", err } - if !generateFiles { + if !opts.Files { return buf.String(), nil } diff --git a/pkg/systemdgen/systemdgen_test.go b/pkg/systemdgen/systemdgen_test.go index 1ddb0c514..e1da7e8e0 100644 --- a/pkg/systemdgen/systemdgen_test.go +++ b/pkg/systemdgen/systemdgen_test.go @@ -44,9 +44,9 @@ Documentation=man:podman-generate-systemd(1) Restart=always ExecStart=/usr/bin/podman start 639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401 ExecStop=/usr/bin/podman stop -t 10 639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401 +PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid KillMode=none Type=forking -PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid [Install] WantedBy=multi-user.target` @@ -62,9 +62,9 @@ Documentation=man:podman-generate-systemd(1) Restart=always ExecStart=/usr/bin/podman start foobar ExecStop=/usr/bin/podman stop -t 10 foobar +PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid KillMode=none Type=forking -PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid [Install] WantedBy=multi-user.target` @@ -84,9 +84,9 @@ After=a.service b.service c.service pod.service Restart=always ExecStart=/usr/bin/podman start foobar ExecStop=/usr/bin/podman stop -t 10 foobar +PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid KillMode=none Type=forking -PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid [Install] WantedBy=multi-user.target` @@ -104,9 +104,29 @@ Before=container-1.service container-2.service Restart=always ExecStart=/usr/bin/podman start jadda-jadda-infra ExecStop=/usr/bin/podman stop -t 10 jadda-jadda-infra +PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid +KillMode=none +Type=forking + +[Install] +WantedBy=multi-user.target` + + goodNameNew := `# jadda-jadda.service +# autogenerated by Podman CI + +[Unit] +Description=Podman jadda-jadda.service +Documentation=man:podman-generate-systemd(1) + +[Service] +Restart=always +ExecStartPre=/usr/bin/rm -f /%t/%n-pid /%t/%n-cid +ExecStart=/usr/bin/podman run --conmon-pidfile /%t/%n-pid --cidfile /%t/%n-cid --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN +ExecStop=/usr/bin/podman stop --cidfile /%t/%n-cid -t 42 +ExecStopPost=/usr/bin/podman rm -f --cidfile /%t/%n-cid +PIDFile=/%t/%n-pid KillMode=none Type=forking -PIDFile=/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid [Install] WantedBy=multi-user.target` @@ -184,16 +204,35 @@ WantedBy=multi-user.target` "", true, }, + {"good with name and generic", + ContainerInfo{ + Executable: "/usr/bin/podman", + ServiceName: "jadda-jadda", + ContainerName: "jadda-jadda", + RestartPolicy: "always", + PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", + StopTimeout: 42, + PodmanVersion: "CI", + New: true, + CreateCommand: []string{"I'll get stripped", "container", "run", "--name", "jadda-jadda", "--hostname", "hello-world", "awesome-image:latest", "command", "arg1", "...", "argN"}, + }, + goodNameNew, + false, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := CreateContainerSystemdUnit(&tt.info, false) + opts := Options{ + Files: false, + New: tt.info.New, + } + got, err := CreateContainerSystemdUnit(&tt.info, opts) if (err != nil) != tt.wantErr { t.Errorf("CreateContainerSystemdUnit() error = \n%v, wantErr \n%v", err, tt.wantErr) return } if got != tt.want { - t.Errorf("CreateContainerSystemdUnit() = \n%v, want \n%v", got, tt.want) + t.Errorf("CreateContainerSystemdUnit() = \n%v\n---------> want\n%v", got, tt.want) } }) } diff --git a/pkg/timetype/timestamp.go b/pkg/timetype/timestamp.go index eb904a574..2de1a005f 100644 --- a/pkg/timetype/timestamp.go +++ b/pkg/timetype/timestamp.go @@ -34,7 +34,7 @@ func GetTimestamp(value string, reference time.Time) (string, error) { // if the string has a Z or a + or three dashes use parse otherwise use parseinlocation parseInLocation := !(strings.ContainsAny(value, "zZ+") || strings.Count(value, "-") == 3) - if strings.Contains(value, ".") { + if strings.Contains(value, ".") { // nolint(gocritic) if parseInLocation { format = rFC3339NanoLocal } else { diff --git a/pkg/util/utils.go b/pkg/util/utils.go index c9d09b8b5..6aa3c221e 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -321,20 +321,27 @@ func ParseSignal(rawSignal string) (syscall.Signal, error) { } // ParseIDMapping takes idmappings and subuid and subgid maps and returns a storage mapping -func ParseIDMapping(mode namespaces.UsernsMode, UIDMapSlice, GIDMapSlice []string, subUIDMap, subGIDMap string) (*storage.IDMappingOptions, error) { +func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []string, subUIDMap, subGIDMap string) (*storage.IDMappingOptions, error) { options := storage.IDMappingOptions{ HostUIDMapping: true, HostGIDMapping: true, } if mode.IsKeepID() { - if len(UIDMapSlice) > 0 || len(GIDMapSlice) > 0 { + if len(uidMapSlice) > 0 || len(gidMapSlice) > 0 { return nil, errors.New("cannot specify custom mappings with --userns=keep-id") } if len(subUIDMap) > 0 || len(subGIDMap) > 0 { return nil, errors.New("cannot specify subuidmap or subgidmap with --userns=keep-id") } if rootless.IsRootless() { + min := func(a, b int) int { + if a < b { + return a + } + return b + } + uid := rootless.GetRootlessUID() gid := rootless.GetRootlessGID() @@ -352,13 +359,17 @@ func ParseIDMapping(mode namespaces.UsernsMode, UIDMapSlice, GIDMapSlice []strin options.UIDMap, options.GIDMap = nil, nil - options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: uid}) + options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(uid, maxUID)}) options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid, HostID: 0, Size: 1}) - options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid}) + if maxUID > uid { + options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid}) + } - options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: gid}) + options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(gid, maxGID)}) options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid, HostID: 0, Size: 1}) - options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid + 1, HostID: gid + 1, Size: maxGID - gid}) + if maxGID > gid { + options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid + 1, HostID: gid + 1, Size: maxGID - gid}) + } options.HostUIDMapping = false options.HostGIDMapping = false @@ -373,17 +384,17 @@ func ParseIDMapping(mode namespaces.UsernsMode, UIDMapSlice, GIDMapSlice []strin if subUIDMap == "" && subGIDMap != "" { subUIDMap = subGIDMap } - if len(GIDMapSlice) == 0 && len(UIDMapSlice) != 0 { - GIDMapSlice = UIDMapSlice + if len(gidMapSlice) == 0 && len(uidMapSlice) != 0 { + gidMapSlice = uidMapSlice } - if len(UIDMapSlice) == 0 && len(GIDMapSlice) != 0 { - UIDMapSlice = GIDMapSlice + if len(uidMapSlice) == 0 && len(gidMapSlice) != 0 { + uidMapSlice = gidMapSlice } - if len(UIDMapSlice) == 0 && subUIDMap == "" && os.Getuid() != 0 { - UIDMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getuid())} + if len(uidMapSlice) == 0 && subUIDMap == "" && os.Getuid() != 0 { + uidMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getuid())} } - if len(GIDMapSlice) == 0 && subGIDMap == "" && os.Getuid() != 0 { - GIDMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getgid())} + if len(gidMapSlice) == 0 && subGIDMap == "" && os.Getuid() != 0 { + gidMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getgid())} } if subUIDMap != "" && subGIDMap != "" { @@ -394,11 +405,11 @@ func ParseIDMapping(mode namespaces.UsernsMode, UIDMapSlice, GIDMapSlice []strin options.UIDMap = mappings.UIDs() options.GIDMap = mappings.GIDs() } - parsedUIDMap, err := idtools.ParseIDMap(UIDMapSlice, "UID") + parsedUIDMap, err := idtools.ParseIDMap(uidMapSlice, "UID") if err != nil { return nil, err } - parsedGIDMap, err := idtools.ParseIDMap(GIDMapSlice, "GID") + parsedGIDMap, err := idtools.ParseIDMap(gidMapSlice, "GID") if err != nil { return nil, err } diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go index 91072b023..f0fef41a4 100644 --- a/test/e2e/generate_systemd_test.go +++ b/test/e2e/generate_systemd_test.go @@ -177,4 +177,32 @@ var _ = Describe("Podman generate systemd", func() { found, _ = session.GrepString("/container-foo-1.service") Expect(found).To(BeTrue()) }) + + It("podman generate systemd --new", func() { + n := podmanTest.Podman([]string{"create", "--name", "foo", "alpine", "top"}) + n.WaitWithDefaultTimeout() + Expect(n.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"generate", "systemd", "--timeout", "42", "--name", "--new", "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + // Grepping the output (in addition to unit tests) + found, _ := session.GrepString("# container-foo.service") + Expect(found).To(BeTrue()) + + found, _ = session.GrepString("stop --cidfile /%t/%n-cid -t 42") + Expect(found).To(BeTrue()) + }) + + It("podman generate systemd --new pod", func() { + n := podmanTest.Podman([]string{"pod", "create", "--name", "foo"}) + n.WaitWithDefaultTimeout() + Expect(n.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"generate", "systemd", "--timeout", "42", "--name", "--new", "foo"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(125)) + }) + }) diff --git a/test/e2e/healthcheck_run_test.go b/test/e2e/healthcheck_run_test.go index 4acea06eb..7633261e3 100644 --- a/test/e2e/healthcheck_run_test.go +++ b/test/e2e/healthcheck_run_test.go @@ -42,7 +42,7 @@ var _ = Describe("Podman healthcheck run", func() { }) It("podman healthcheck on valid container", func() { - Skip("Extremely consistent flake - reenable on debugging") + Skip("Extremely consistent flake - re-enable on debugging") session := podmanTest.Podman([]string{"run", "-dt", "--name", "hc", healthcheck}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) diff --git a/test/e2e/libpod_suite_remoteclient_test.go b/test/e2e/libpod_suite_remoteclient_test.go index 2cd485114..c87ff016a 100644 --- a/test/e2e/libpod_suite_remoteclient_test.go +++ b/test/e2e/libpod_suite_remoteclient_test.go @@ -24,7 +24,7 @@ func SkipIfRemote() { func SkipIfRootless() { if os.Geteuid() != 0 { - ginkgo.Skip("This function is not enabled for remote podman") + ginkgo.Skip("This function is not enabled for rootless podman") } } diff --git a/test/e2e/logs_test.go b/test/e2e/logs_test.go index e25364695..0438a31cb 100644 --- a/test/e2e/logs_test.go +++ b/test/e2e/logs_test.go @@ -1,7 +1,9 @@ package integration import ( + "fmt" "os" + "os/exec" "strings" . "github.com/containers/libpod/test/utils" @@ -153,6 +155,23 @@ var _ = Describe("Podman logs", func() { Expect(results.ExitCode()).To(BeZero()) }) + It("podman journald logs for container with container tag", func() { + Skip("need to verify images have correct packages for journald") + logc := podmanTest.Podman([]string{"run", "--log-driver", "journald", "--log-opt=tag={{.ImageName}}", "-d", ALPINE, "sh", "-c", "echo podman; sleep 0.1; echo podman; sleep 0.1; echo podman"}) + logc.WaitWithDefaultTimeout() + Expect(logc.ExitCode()).To(Equal(0)) + cid := logc.OutputToString() + + wait := podmanTest.Podman([]string{"wait", "-l"}) + wait.WaitWithDefaultTimeout() + Expect(wait.ExitCode()).To(BeZero()) + + cmd := exec.Command("journalctl", "--no-pager", "-o", "json", "--output-fields=CONTAINER_TAG", "-u", fmt.Sprintf("libpod-conmon-%s.scope", cid)) + out, err := cmd.CombinedOutput() + Expect(err).To(BeNil()) + Expect(string(out)).To(ContainSubstring("alpine")) + }) + It("podman journald logs for container", func() { Skip("need to verify images have correct packages for journald") logc := podmanTest.Podman([]string{"run", "--log-driver", "journald", "-dt", ALPINE, "sh", "-c", "echo podman; echo podman; echo podman"}) diff --git a/test/e2e/mount_test.go b/test/e2e/mount_test.go index dda83ba31..ac52d8c7e 100644 --- a/test/e2e/mount_test.go +++ b/test/e2e/mount_test.go @@ -205,7 +205,7 @@ var _ = Describe("Podman mount", func() { Expect(lmount.OutputToString()).To(Equal("")) }) - It("podman list mulitple mounted containers", func() { + It("podman list multiple mounted containers", func() { SkipIfRootless() setup := podmanTest.Podman([]string{"create", ALPINE, "ls"}) diff --git a/test/e2e/run_signal_test.go b/test/e2e/run_signal_test.go index 1d57e6211..eee7c14fb 100644 --- a/test/e2e/run_signal_test.go +++ b/test/e2e/run_signal_test.go @@ -47,7 +47,7 @@ var _ = Describe("Podman run with --sig-proxy", func() { Specify("signals are forwarded to container using sig-proxy", func() { if podmanTest.Host.Arch == "ppc64le" { - Skip("Doesnt work on ppc64le") + Skip("Doesn't work on ppc64le") } signal := syscall.SIGFPE // Set up a socket for communication diff --git a/test/e2e/save_test.go b/test/e2e/save_test.go index 52dab923b..60825f975 100644 --- a/test/e2e/save_test.go +++ b/test/e2e/save_test.go @@ -51,7 +51,7 @@ var _ = Describe("Podman save", func() { }) It("podman save with stdout", func() { - Skip("Pipe redirection in ginkgo probably wont work") + Skip("Pipe redirection in ginkgo probably won't work") outfile := filepath.Join(podmanTest.TempDir, "alpine.tar") save := podmanTest.PodmanNoCache([]string{"save", ALPINE, ">", outfile}) diff --git a/test/endpoint/commit.go b/test/endpoint/commit.go index 476ac6ca3..ab9af819f 100644 --- a/test/endpoint/commit.go +++ b/test/endpoint/commit.go @@ -40,7 +40,7 @@ var _ = Describe("Podman commit", func() { // run the container to be committed _ = endpointTest.startTopContainer("top") result := endpointTest.Varlink("Commit", string(b), false) - // This indicates an error occured + // This indicates an error occurred Expect(len(result.StdErrToString())).To(BeNumerically(">", 0)) }) diff --git a/test/system/TODO.md b/test/system/TODO.md index f6110d2e9..f0d311626 100644 --- a/test/system/TODO.md +++ b/test/system/TODO.md @@ -70,7 +70,7 @@ have been omitted as they are verified by repeated implied use. - [ ] Container runlabel, exists, checkpoint, exists, restore, stop, prune - Using pre-existing remote image, start it with 'podman container runlabel --pull' - - Run a named container that exits immediatly + - Run a named container that exits immediately - Confirm 'container exists' zero exit (both containers) - Checkpoint the running container - Confirm 'container exists' non-zero exit (runlabel container) diff --git a/test/test_podman_pods.sh b/test/test_podman_pods.sh index daa8acaee..f2f47f510 100755 --- a/test/test_podman_pods.sh +++ b/test/test_podman_pods.sh @@ -39,13 +39,13 @@ fi ######## -# Create a named and unamed pod +# Create a named and unnamed pod ######## podman pod create --name foobar podid=$(podman pod create) ######## -# Delete a named and unamed pod +# Delete a named and unnamed pod ######## podman pod rm foobar podman pod rm $podid diff --git a/test/utils/common_function_test.go b/test/utils/common_function_test.go index 98cb43188..46cce1076 100644 --- a/test/utils/common_function_test.go +++ b/test/utils/common_function_test.go @@ -115,7 +115,7 @@ var _ = Describe("Common functions test", func() { bytes, _ := ioutil.ReadAll(read) json.Unmarshal(bytes, compareData) - Expect(reflect.DeepEqual(testData, compareData)).To(BeTrue(), "Data chaned after we store it to file.") + Expect(reflect.DeepEqual(testData, compareData)).To(BeTrue(), "Data changed after we store it to file.") }) DescribeTable("Test Containerized", diff --git a/troubleshooting.md b/troubleshooting.md index d122983d7..0f9440799 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -431,7 +431,7 @@ or as root if your user has not enough privileges. ### 18) `podman run` fails with "bpf create: permission denied error" -The Kernel Lockdown patches deny eBPF programs when Secure Boot is enabled in the BIOS. [Matthew Garrett's post](https://mjg59.dreamwidth.org/50577.html) desribes the relationship between Lockdown and Secure Boot and [Jan-Philip Gehrcke's](https://gehrcke.de/2019/09/running-an-ebpf-program-may-require-lifting-the-kernel-lockdown/) connects this with eBPF. [RH bug 1768125](https://bugzilla.redhat.com/show_bug.cgi?id=1768125) contains some additional details. +The Kernel Lockdown patches deny eBPF programs when Secure Boot is enabled in the BIOS. [Matthew Garrett's post](https://mjg59.dreamwidth.org/50577.html) describes the relationship between Lockdown and Secure Boot and [Jan-Philip Gehrcke's](https://gehrcke.de/2019/09/running-an-ebpf-program-may-require-lifting-the-kernel-lockdown/) connects this with eBPF. [RH bug 1768125](https://bugzilla.redhat.com/show_bug.cgi?id=1768125) contains some additional details. #### Symptom diff --git a/vendor/github.com/pkg/profile/.travis.yml b/vendor/github.com/pkg/profile/.travis.yml deleted file mode 100644 index fd72871e0..000000000 --- a/vendor/github.com/pkg/profile/.travis.yml +++ /dev/null @@ -1,10 +0,0 @@ -language: go -go_import_path: github.com/pkg/profile -go: - - 1.12.x - - 1.13.x - - tip - -script: - - go test github.com/pkg/profile - - go test -race github.com/pkg/profile diff --git a/vendor/github.com/pkg/profile/AUTHORS b/vendor/github.com/pkg/profile/AUTHORS deleted file mode 100644 index 00441d354..000000000 --- a/vendor/github.com/pkg/profile/AUTHORS +++ /dev/null @@ -1 +0,0 @@ -Dave Cheney <dave@cheney.net> diff --git a/vendor/github.com/pkg/profile/LICENSE b/vendor/github.com/pkg/profile/LICENSE deleted file mode 100644 index f747a8411..000000000 --- a/vendor/github.com/pkg/profile/LICENSE +++ /dev/null @@ -1,24 +0,0 @@ -Copyright (c) 2013 Dave Cheney. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/pkg/profile/README.md b/vendor/github.com/pkg/profile/README.md deleted file mode 100644 index 37bfa58c5..000000000 --- a/vendor/github.com/pkg/profile/README.md +++ /dev/null @@ -1,54 +0,0 @@ -profile -======= - -Simple profiling support package for Go - -[![Build Status](https://travis-ci.org/pkg/profile.svg?branch=master)](https://travis-ci.org/pkg/profile) [![GoDoc](http://godoc.org/github.com/pkg/profile?status.svg)](http://godoc.org/github.com/pkg/profile) - - -installation ------------- - - go get github.com/pkg/profile - -usage ------ - -Enabling profiling in your application is as simple as one line at the top of your main function - -```go -import "github.com/pkg/profile" - -func main() { - defer profile.Start().Stop() - ... -} -``` - -options -------- - -What to profile is controlled by config value passed to profile.Start. -By default CPU profiling is enabled. - -```go -import "github.com/pkg/profile" - -func main() { - // p.Stop() must be called before the program exits to - // ensure profiling information is written to disk. - p := profile.Start(profile.MemProfile, profile.ProfilePath("."), profile.NoShutdownHook) - ... -} -``` - -Several convenience package level values are provided for cpu, memory, and block (contention) profiling. - -For more complex options, consult the [documentation](http://godoc.org/github.com/pkg/profile). - -contributing ------------- - -We welcome pull requests, bug fixes and issue reports. - -Before proposing a change, please discuss it first by raising an issue. diff --git a/vendor/github.com/pkg/profile/go.mod b/vendor/github.com/pkg/profile/go.mod deleted file mode 100644 index 2d82f3d84..000000000 --- a/vendor/github.com/pkg/profile/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module github.com/pkg/profile - -go 1.12 diff --git a/vendor/github.com/pkg/profile/profile.go b/vendor/github.com/pkg/profile/profile.go deleted file mode 100644 index b9fdfcfd8..000000000 --- a/vendor/github.com/pkg/profile/profile.go +++ /dev/null @@ -1,284 +0,0 @@ -// Package profile provides a simple way to manage runtime/pprof -// profiling of your Go application. -package profile - -import ( - "io/ioutil" - "log" - "os" - "os/signal" - "path/filepath" - "runtime" - "runtime/pprof" - "runtime/trace" - "sync/atomic" -) - -const ( - cpuMode = iota - memMode - mutexMode - blockMode - traceMode - threadCreateMode - goroutineMode -) - -// Profile represents an active profiling session. -type Profile struct { - // quiet suppresses informational messages during profiling. - quiet bool - - // noShutdownHook controls whether the profiling package should - // hook SIGINT to write profiles cleanly. - noShutdownHook bool - - // mode holds the type of profiling that will be made - mode int - - // path holds the base path where various profiling files are written. - // If blank, the base path will be generated by ioutil.TempDir. - path string - - // memProfileRate holds the rate for the memory profile. - memProfileRate int - - // closer holds a cleanup function that run after each profile - closer func() - - // stopped records if a call to profile.Stop has been made - stopped uint32 -} - -// NoShutdownHook controls whether the profiling package should -// hook SIGINT to write profiles cleanly. -// Programs with more sophisticated signal handling should set -// this to true and ensure the Stop() function returned from Start() -// is called during shutdown. -func NoShutdownHook(p *Profile) { p.noShutdownHook = true } - -// Quiet suppresses informational messages during profiling. -func Quiet(p *Profile) { p.quiet = true } - -// CPUProfile enables cpu profiling. -// It disables any previous profiling settings. -func CPUProfile(p *Profile) { p.mode = cpuMode } - -// DefaultMemProfileRate is the default memory profiling rate. -// See also http://golang.org/pkg/runtime/#pkg-variables -const DefaultMemProfileRate = 4096 - -// MemProfile enables memory profiling. -// It disables any previous profiling settings. -func MemProfile(p *Profile) { - p.memProfileRate = DefaultMemProfileRate - p.mode = memMode -} - -// MemProfileRate enables memory profiling at the preferred rate. -// It disables any previous profiling settings. -func MemProfileRate(rate int) func(*Profile) { - return func(p *Profile) { - p.memProfileRate = rate - p.mode = memMode - } -} - -// MutexProfile enables mutex profiling. -// It disables any previous profiling settings. -func MutexProfile(p *Profile) { p.mode = mutexMode } - -// BlockProfile enables block (contention) profiling. -// It disables any previous profiling settings. -func BlockProfile(p *Profile) { p.mode = blockMode } - -// Trace profile enables execution tracing. -// It disables any previous profiling settings. -func TraceProfile(p *Profile) { p.mode = traceMode } - -// ThreadcreationProfile enables thread creation profiling.. -// It disables any previous profiling settings. -func ThreadcreationProfile(p *Profile) { p.mode = threadCreateMode } - -// GoroutineProfile enables goroutine profiling. -// It disables any previous profiling settings. -func GoroutineProfile(p *Profile) { p.mode = goroutineMode } - -// ProfilePath controls the base path where various profiling -// files are written. If blank, the base path will be generated -// by ioutil.TempDir. -func ProfilePath(path string) func(*Profile) { - return func(p *Profile) { - p.path = path - } -} - -// Stop stops the profile and flushes any unwritten data. -func (p *Profile) Stop() { - if !atomic.CompareAndSwapUint32(&p.stopped, 0, 1) { - // someone has already called close - return - } - p.closer() - atomic.StoreUint32(&started, 0) -} - -// started is non zero if a profile is running. -var started uint32 - -// Start starts a new profiling session. -// The caller should call the Stop method on the value returned -// to cleanly stop profiling. -func Start(options ...func(*Profile)) interface { - Stop() -} { - if !atomic.CompareAndSwapUint32(&started, 0, 1) { - log.Fatal("profile: Start() already called") - } - - var prof Profile - for _, option := range options { - option(&prof) - } - - path, err := func() (string, error) { - if p := prof.path; p != "" { - return p, os.MkdirAll(p, 0777) - } - return ioutil.TempDir("", "profile") - }() - - if err != nil { - log.Fatalf("profile: could not create initial output directory: %v", err) - } - - logf := func(format string, args ...interface{}) { - if !prof.quiet { - log.Printf(format, args...) - } - } - - switch prof.mode { - case cpuMode: - fn := filepath.Join(path, "cpu.pprof") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create cpu profile %q: %v", fn, err) - } - logf("profile: cpu profiling enabled, %s", fn) - pprof.StartCPUProfile(f) - prof.closer = func() { - pprof.StopCPUProfile() - f.Close() - logf("profile: cpu profiling disabled, %s", fn) - } - - case memMode: - fn := filepath.Join(path, "mem.pprof") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create memory profile %q: %v", fn, err) - } - old := runtime.MemProfileRate - runtime.MemProfileRate = prof.memProfileRate - logf("profile: memory profiling enabled (rate %d), %s", runtime.MemProfileRate, fn) - prof.closer = func() { - pprof.Lookup("heap").WriteTo(f, 0) - f.Close() - runtime.MemProfileRate = old - logf("profile: memory profiling disabled, %s", fn) - } - - case mutexMode: - fn := filepath.Join(path, "mutex.pprof") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create mutex profile %q: %v", fn, err) - } - runtime.SetMutexProfileFraction(1) - logf("profile: mutex profiling enabled, %s", fn) - prof.closer = func() { - if mp := pprof.Lookup("mutex"); mp != nil { - mp.WriteTo(f, 0) - } - f.Close() - runtime.SetMutexProfileFraction(0) - logf("profile: mutex profiling disabled, %s", fn) - } - - case blockMode: - fn := filepath.Join(path, "block.pprof") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create block profile %q: %v", fn, err) - } - runtime.SetBlockProfileRate(1) - logf("profile: block profiling enabled, %s", fn) - prof.closer = func() { - pprof.Lookup("block").WriteTo(f, 0) - f.Close() - runtime.SetBlockProfileRate(0) - logf("profile: block profiling disabled, %s", fn) - } - - case threadCreateMode: - fn := filepath.Join(path, "threadcreation.pprof") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create thread creation profile %q: %v", fn, err) - } - logf("profile: thread creation profiling enabled, %s", fn) - prof.closer = func() { - if mp := pprof.Lookup("threadcreate"); mp != nil { - mp.WriteTo(f, 0) - } - f.Close() - logf("profile: thread creation profiling disabled, %s", fn) - } - - case traceMode: - fn := filepath.Join(path, "trace.out") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create trace output file %q: %v", fn, err) - } - if err := trace.Start(f); err != nil { - log.Fatalf("profile: could not start trace: %v", err) - } - logf("profile: trace enabled, %s", fn) - prof.closer = func() { - trace.Stop() - logf("profile: trace disabled, %s", fn) - } - - case goroutineMode: - fn := filepath.Join(path, "goroutine.pprof") - f, err := os.Create(fn) - if err != nil { - log.Fatalf("profile: could not create goroutine profile %q: %v", fn, err) - } - logf("profile: goroutine profiling enabled, %s", fn) - prof.closer = func() { - if mp := pprof.Lookup("goroutine"); mp != nil { - mp.WriteTo(f, 0) - } - f.Close() - logf("profile: goroutine profiling disabled, %s", fn) - } - } - - if !prof.noShutdownHook { - go func() { - c := make(chan os.Signal, 1) - signal.Notify(c, os.Interrupt) - <-c - - log.Println("profile: caught interrupt, stopping profiles") - prof.Stop() - - os.Exit(0) - }() - } - - return &prof -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 3f6454f9d..82a7ab382 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -423,8 +423,6 @@ github.com/ostreedev/ostree-go/pkg/glibobject github.com/ostreedev/ostree-go/pkg/otbuiltin # github.com/pkg/errors v0.8.1 github.com/pkg/errors -# github.com/pkg/profile v1.4.0 -github.com/pkg/profile # github.com/pmezard/go-difflib v1.0.0 github.com/pmezard/go-difflib/difflib # github.com/pquerna/ffjson v0.0.0-20190813045741-dac163c6c0a9 |