aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmd/podman/common/specgen.go20
-rw-r--r--cmd/podman/containers/create.go48
-rw-r--r--cmd/podman/containers/run.go9
-rw-r--r--libpod/runtime_ctr.go4
-rw-r--r--pkg/api/handlers/compat/exec.go3
-rw-r--r--pkg/specgen/generate/container_create.go3
-rw-r--r--pkg/specgen/specgen.go2
-rw-r--r--pkg/util/utils.go6
-rw-r--r--test/e2e/create_test.go13
-rw-r--r--test/system/030-run.bats41
10 files changed, 100 insertions, 49 deletions
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index 599e003e8..1f6fbbe98 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -520,7 +520,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
case "label":
// TODO selinux opts and label opts are the same thing
s.ContainerSecurityConfig.SelinuxOpts = append(s.ContainerSecurityConfig.SelinuxOpts, con[1])
- s.Annotations[define.InspectAnnotationLabel] = con[1]
+ s.Annotations[define.InspectAnnotationLabel] = strings.Join(s.ContainerSecurityConfig.SelinuxOpts, ",label=")
case "apparmor":
s.ContainerSecurityConfig.ApparmorProfile = con[1]
s.Annotations[define.InspectAnnotationApparmor] = con[1]
@@ -535,7 +535,6 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.SeccompPolicy = c.SeccompPolicy
- // TODO: should parse out options
s.VolumesFrom = c.VolumesFrom
// Only add read-only tmpfs mounts in case that we are read-only and the
@@ -547,22 +546,10 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.Mounts = mounts
s.Volumes = volumes
- // TODO any idea why this was done
- // devices := rtc.Containers.Devices
- // TODO conflict on populate?
- //
- // if c.Changed("device") {
- // devices = append(devices, c.StringSlice("device")...)
- // }
-
for _, dev := range c.Devices {
s.Devices = append(s.Devices, specs.LinuxDevice{Path: dev})
}
- // TODO things i cannot find in spec
- // we dont think these are in the spec
- // init - initbinary
- // initpath
s.Init = c.Init
s.InitPath = c.InitPath
s.Stdin = c.Interactive
@@ -587,11 +574,6 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.Rlimits = append(s.Rlimits, rl)
}
- // Tmpfs: c.StringArray("tmpfs"),
-
- // TODO how to handle this?
- // Syslog: c.Bool("syslog"),
-
logOpts := make(map[string]string)
for _, o := range c.LogOptions {
split := strings.SplitN(o, "=", 2)
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 45ce00c86..c48a739ff 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -6,11 +6,12 @@ import (
"os"
"strings"
- "github.com/containers/libpod/libpod/define"
-
"github.com/containers/common/pkg/config"
+ "github.com/containers/image/v5/storage"
+ "github.com/containers/image/v5/transports/alltransports"
"github.com/containers/libpod/cmd/podman/common"
"github.com/containers/libpod/cmd/podman/registry"
+ "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/domain/entities"
"github.com/containers/libpod/pkg/errorhandling"
"github.com/containers/libpod/pkg/specgen"
@@ -108,12 +109,15 @@ func create(cmd *cobra.Command, args []string) error {
return err
}
+ imageName := args[0]
if !cliVals.RootFS {
- if err := pullImage(args[0]); err != nil {
+ name, err := pullImage(args[0])
+ if err != nil {
return err
}
+ imageName = name
}
- s := specgen.NewSpecGenerator(args[0], cliVals.RootFS)
+ s := specgen.NewSpecGenerator(imageName, cliVals.RootFS)
if err := common.FillOutSpecGen(s, &cliVals, args); err != nil {
return err
}
@@ -211,30 +215,44 @@ func createInit(c *cobra.Command) error {
return nil
}
-func pullImage(imageName string) error {
- br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName)
- if err != nil {
- return err
- }
+func pullImage(imageName string) (string, error) {
pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull)
if err != nil {
- return err
+ return "", err
}
- if !br.Value || pullPolicy == config.PullImageAlways {
+
+ // Check if the image is missing and hence if we need to pull it.
+ imageMissing := true
+ imageRef, err := alltransports.ParseImageName(imageName)
+ switch {
+ case err != nil:
+ // Assume we specified a local image withouth the explicit storage transport.
+ fallthrough
+
+ case imageRef.Transport().Name() == storage.Transport.Name():
+ br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName)
+ if err != nil {
+ return "", err
+ }
+ imageMissing = !br.Value
+ }
+
+ if imageMissing || pullPolicy == config.PullImageAlways {
if pullPolicy == config.PullImageNever {
- return errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName)
+ return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName)
}
- _, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{
+ pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{
Authfile: cliVals.Authfile,
Quiet: cliVals.Quiet,
OverrideArch: cliVals.OverrideArch,
OverrideOS: cliVals.OverrideOS,
})
if pullErr != nil {
- return pullErr
+ return "", pullErr
}
+ imageName = pullReport.Images[0]
}
- return nil
+ return imageName, nil
}
func openCidFile(cidfile string) (*os.File, error) {
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index cb307c38f..4b287838e 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -125,10 +125,13 @@ func run(cmd *cobra.Command, args []string) error {
return err
}
+ imageName := args[0]
if !cliVals.RootFS {
- if err := pullImage(args[0]); err != nil {
+ name, err := pullImage(args[0])
+ if err != nil {
return err
}
+ imageName = name
}
if cliVals.Replace {
@@ -166,7 +169,7 @@ func run(cmd *cobra.Command, args []string) error {
runOpts.Detach = cliVals.Detach
runOpts.DetachKeys = cliVals.DetachKeys
cliVals.PreserveFDs = runOpts.PreserveFDs
- s := specgen.NewSpecGenerator(args[0], cliVals.RootFS)
+ s := specgen.NewSpecGenerator(imageName, cliVals.RootFS)
if err := common.FillOutSpecGen(s, &cliVals, args); err != nil {
return err
}
@@ -196,7 +199,7 @@ func run(cmd *cobra.Command, args []string) error {
return nil
}
if runRmi {
- _, rmErrors := registry.ImageEngine().Remove(registry.GetContext(), []string{args[0]}, entities.ImageRemoveOptions{})
+ _, rmErrors := registry.ImageEngine().Remove(registry.GetContext(), []string{imageName}, entities.ImageRemoveOptions{})
if len(rmErrors) > 0 {
logrus.Errorf("%s", errors.Wrapf(errorhandling.JoinErrors(rmErrors), "failed removing image"))
}
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 0431861b5..f1752cbeb 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -83,6 +83,8 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
return nil, errors.Wrapf(err, "converting containers.conf ShmSize %s to an int", r.config.Containers.ShmSize)
}
ctr.config.ShmSize = size
+ ctr.config.StopSignal = 15
+ ctr.config.StopTimeout = r.config.Engine.StopTimeout
} else {
// This is a restore from an imported checkpoint
ctr.restoreFromCheckpoint = true
@@ -107,8 +109,6 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
ctr.state.BindMounts = make(map[string]string)
- ctr.config.StopTimeout = r.config.Engine.StopTimeout
-
ctr.config.OCIRuntime = r.defaultOCIRuntime.Name()
// Set namespace based on current runtime namespace
diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go
index 8f7016903..dae76c061 100644
--- a/pkg/api/handlers/compat/exec.go
+++ b/pkg/api/handlers/compat/exec.go
@@ -62,7 +62,8 @@ func ExecCreateHandler(w http.ResponseWriter, r *http.Request) {
utils.InternalServerError(w, err)
return
}
- exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, false, true, true)
+ // Automatically log to syslog if the server has log-level=debug set
+ exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, logrus.IsLevelEnabled(logrus.DebugLevel), true, true)
if err != nil {
utils.InternalServerError(w, err)
return
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index ea6f938a8..7b4fbebf4 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -114,8 +114,7 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
}
options = append(options, opts...)
- // TODO: Enable syslog support - we'll need to put this in SpecGen.
- exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, false, s.Remove, false)
+ exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false)
if err != nil {
return nil, err
}
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index 46ff8c716..3d5bf03e5 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -129,7 +129,7 @@ type ContainerBasicConfig struct {
Sysctl map[string]string `json:"sysctl,omitempty"`
// Remove indicates if the container should be removed once it has been started
// and exits
- Remove bool `json:"remove"`
+ Remove bool `json:"remove,omitempty"`
// PreserveFDs is a number of additional file descriptors (in addition
// to 0, 1, 2) that will be passed to the executed process. The total FDs
// passed will be 3 + PreserveFDs.
diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index 917f57742..1d8941b4d 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -419,12 +419,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin
if len(uidMapSlice) == 0 && len(gidMapSlice) != 0 {
uidMapSlice = gidMapSlice
}
- if len(uidMapSlice) == 0 && subUIDMap == "" && os.Getuid() != 0 {
- uidMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getuid())}
- }
- if len(gidMapSlice) == 0 && subGIDMap == "" && os.Getuid() != 0 {
- gidMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getgid())}
- }
if subUIDMap != "" && subGIDMap != "" {
mappings, err := idtools.NewIDMappings(subUIDMap, subGIDMap)
diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go
index 52ce0b46a..44bb5c45f 100644
--- a/test/e2e/create_test.go
+++ b/test/e2e/create_test.go
@@ -458,4 +458,17 @@ var _ = Describe("Podman create", func() {
Expect(session.ExitCode()).To(Equal(0))
}
})
+
+ It("podman create sets default stop signal 15", func() {
+ ctrName := "testCtr"
+ session := podmanTest.Podman([]string{"create", "--name", ctrName, ALPINE, "/bin/sh"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ inspect := podmanTest.Podman([]string{"inspect", ctrName})
+ inspect.WaitWithDefaultTimeout()
+ data := inspect.InspectContainerToJSON()
+ Expect(len(data)).To(Equal(1))
+ Expect(data[0].Config.StopSignal).To(Equal(uint(15)))
+ })
})
diff --git a/test/system/030-run.bats b/test/system/030-run.bats
index eeecea2e5..bc6347012 100644
--- a/test/system/030-run.bats
+++ b/test/system/030-run.bats
@@ -201,4 +201,45 @@ echo $rand | 0 | $rand
"podman will not overwrite existing cidfile"
}
+@test "podman run docker-archive" {
+ # Create an image that, when run, outputs a random magic string
+ expect=$(random_string 20)
+ run_podman run --name myc --entrypoint="[\"/bin/echo\",\"$expect\"]" $IMAGE
+ is "$output" "$expect" "podman run --entrypoint echo-randomstring"
+
+ # Save it as a tar archive
+ run_podman commit myc myi
+ archive=$PODMAN_TMPDIR/archive.tar
+ run_podman save myi -o $archive
+ is "$output" "" "podman save"
+
+ # Clean up image and container from container storage...
+ run_podman rmi myi
+ run_podman rm myc
+
+ # ... then confirm we can run from archive. This re-imports the image
+ # and runs it, producing our random string as the last line.
+ run_podman run docker-archive:$archive
+ is "${lines[0]}" "Getting image source signatures" "podman run docker-archive, first line of output"
+ is "$output" ".*Copying blob" "podman run docker-archive"
+ is "$output" ".*Copying config" "podman run docker-archive"
+ is "$output" ".*Writing manifest" "podman run docker-archive"
+ is "${lines[-1]}" "$expect" "podman run docker-archive: expected random string output"
+
+ # Clean up container as well as re-imported image
+ run_podman rm -a
+ run_podman rmi myi
+
+ # Repeat the above, with podman-create and podman-start.
+ run_podman create docker-archive:$archive
+ cid=${lines[-1]}
+
+ run_podman start --attach $cid
+ is "$output" "$expect" "'podman run' of 'podman-create docker-archive'"
+
+ # Clean up.
+ run_podman rm $cid
+ run_podman rmi myi
+}
+
# vim: filetype=sh