diff options
-rw-r--r-- | cmd/podman/runlabel.go | 80 | ||||
-rw-r--r-- | cmd/podman/shared/funcs.go | 4 | ||||
-rw-r--r-- | docs/podman-container-runlabel.1.md | 21 | ||||
-rw-r--r-- | docs/podman-create.1.md | 2 | ||||
-rw-r--r-- | docs/podman-run.1.md | 2 | ||||
-rw-r--r-- | vendor.conf | 2 | ||||
-rw-r--r-- | vendor/github.com/containers/image/docker/docker_client.go | 12 | ||||
-rw-r--r-- | vendor/github.com/containers/image/docker/docker_image.go | 2 | ||||
-rw-r--r-- | vendor/github.com/containers/image/docker/docker_image_dest.go | 2 | ||||
-rw-r--r-- | vendor/github.com/containers/image/docker/docker_image_src.go | 6 | ||||
-rw-r--r-- | vendor/github.com/containers/image/openshift/openshift.go | 2 | ||||
-rw-r--r-- | vendor/github.com/containers/image/pkg/docker/config/config.go | 9 |
12 files changed, 103 insertions, 41 deletions
diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go index 34e6b9093..d514a79fc 100644 --- a/cmd/podman/runlabel.go +++ b/cmd/podman/runlabel.go @@ -6,9 +6,11 @@ import ( "os" "strings" + "github.com/containers/image/types" "github.com/containers/libpod/cmd/podman/libpodruntime" "github.com/containers/libpod/cmd/podman/shared" "github.com/containers/libpod/libpod/image" + "github.com/containers/libpod/pkg/util" "github.com/containers/libpod/utils" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -23,7 +25,7 @@ var ( }, cli.BoolFlag{ Name: "display", - Usage: "preview the command that `podman install` would execute", + Usage: "preview the command that the label would run", }, cli.StringFlag{ Name: "cert-dir", @@ -74,13 +76,14 @@ var ( Executes a command as described by a container image label. ` runlabelCommand = cli.Command{ - Name: "runlabel", - Usage: "Execute the command described by an image label", - Description: runlabelDescription, - Flags: runlabelFlags, - Action: runlabelCmd, - ArgsUsage: "", - OnUsageError: usageErrorHandler, + Name: "runlabel", + Usage: "Execute the command described by an image label", + Description: runlabelDescription, + Flags: runlabelFlags, + Action: runlabelCmd, + ArgsUsage: "", + SkipArgReorder: true, + OnUsageError: usageErrorHandler, } ) @@ -110,12 +113,8 @@ func runlabelCmd(c *cli.Context) error { defer runtime.Shutdown(false) args := c.Args() - if len(args) == 0 { - logrus.Errorf("an image name must be specified") - return nil - } if len(args) < 2 { - logrus.Errorf("the runlabel command requires at least 2 arguments") + logrus.Errorf("the runlabel command requires at least 2 arguments: LABEL IMAGE") return nil } if err := validateFlags(c, runlabelFlags); err != nil { @@ -130,18 +129,17 @@ func runlabelCmd(c *cli.Context) error { runlabelImage := args[1] - if c.IsSet("opts1") { - opts["opts1"] = c.String("opts1") + if c.IsSet("opt1") { + opts["opt1"] = c.String("opt1") } - if c.IsSet("opts2") { - opts["opts2"] = c.String("opts2") + if c.IsSet("opt2") { + opts["opt2"] = c.String("opt2") } - if c.IsSet("opts3") { - opts["opts3"] = c.String("opts3") + if c.IsSet("opt3") { + opts["opt3"] = c.String("opt3") } ctx := getContext() - rtc := runtime.GetConfig() stdErr = os.Stderr stdOut = os.Stdout @@ -154,7 +152,21 @@ func runlabelCmd(c *cli.Context) error { } if pull { - newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, rtc.SignaturePolicyPath, "", stdOut, nil, image.SigningOptions{}, false, false) + var registryCreds *types.DockerAuthConfig + if c.IsSet("creds") { + creds, err := util.ParseRegistryCreds(c.String("creds")) + if err != nil { + return err + } + registryCreds = creds + } + dockerRegistryOptions := image.DockerRegistryOptions{ + DockerRegistryCreds: registryCreds, + DockerCertPath: c.String("cert-dir"), + DockerInsecureSkipTLSVerify: !c.BoolT("tls-verify"), + } + + newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), c.String("authfile"), stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false) } else { newImage, err = runtime.ImageRuntime().NewFromLocal(runlabelImage) } @@ -187,6 +199,23 @@ func runlabelCmd(c *cli.Context) error { env := shared.GenerateRunEnvironment(c.String("name"), imageName, opts) env = append(env, "PODMAN_RUNLABEL_NESTED=1") + envmap := envSliceToMap(env) + + envmapper := func(k string) string { + switch k { + case "OPT1": + return envmap["OPT1"] + case "OPT2": + return envmap["OPT2"] + case "OPT3": + return envmap["OPT3"] + } + return "" + } + + newS := os.Expand(strings.Join(cmd, " "), envmapper) + cmd = strings.Split(newS, " ") + if !c.Bool("quiet") { fmt.Printf("Command: %s\n", strings.Join(cmd, " ")) if c.Bool("display") { @@ -195,3 +224,12 @@ func runlabelCmd(c *cli.Context) error { } return utils.ExecCmdWithStdStreams(stdIn, stdOut, stdErr, env, cmd[0], cmd[1:]...) } + +func envSliceToMap(env []string) map[string]string { + m := make(map[string]string) + for _, i := range env { + split := strings.Split(i, "=") + m[split[0]] = strings.Join(split[1:], " ") + } + return m +} diff --git a/cmd/podman/shared/funcs.go b/cmd/podman/shared/funcs.go index 21e7fe10d..485944f29 100644 --- a/cmd/podman/shared/funcs.go +++ b/cmd/podman/shared/funcs.go @@ -24,10 +24,14 @@ func GenerateCommand(command, imageName, name string) []string { newArg = imageName case "IMAGE=IMAGE": newArg = fmt.Sprintf("IMAGE=%s", imageName) + case "IMAGE=$IMAGE": + newArg = fmt.Sprintf("IMAGE=%s", imageName) case "NAME": newArg = name case "NAME=NAME": newArg = fmt.Sprintf("NAME=%s", name) + case "NAME=$NAME": + newArg = fmt.Sprintf("NAME=%s", name) default: newArg = arg } diff --git a/docs/podman-container-runlabel.1.md b/docs/podman-container-runlabel.1.md index 889a5fb03..4611aa4d9 100644 --- a/docs/podman-container-runlabel.1.md +++ b/docs/podman-container-runlabel.1.md @@ -28,8 +28,8 @@ If the container image has a LABEL INSTALL instruction like the following: Note: Podman will always ensure that `podman` is the first argument of the command being executed. -**NAME** -The name specified via the command. NAME will be replaced with IMAGE if it is not specified. +**LABEL** +The label name specified via the command. **IMAGE** Image name specified via the command. @@ -95,6 +95,23 @@ Require HTTPS and verify certificates when contacting registries (default: true) then tls verification will be used, If set to false then tls verification will not be used. If not specified tls verification will be used unless the target registry is listed as an insecure registry in registries.conf +## Examples ## + +Execute the run label of an image called foobar. +``` +$ sudo podman container runlabel run foobar +``` + +Execute the install label of an image called foobar with additional arguments. +``` +$ sudo podman container runlabel install foobar apples oranges +``` + +Display the command that would be executed by runlabel. +``` +$ sudo podman container runlabel --display run foobar +``` + ## SEE ALSO podman(1) diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index c42671b76..167fce5b9 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -416,7 +416,7 @@ to the container with **--name** then the daemon will also generate a random string name. The name is useful any place you need to identify a container. This works for both background and foreground containers. -**--network**="*bridge*" +**--net**, **--network**="*bridge*" Set the Network mode for the container 'bridge': create a network stack on the default bridge diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index fccebb7f7..b70396a6d 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -401,7 +401,7 @@ to the container with **--name** then the daemon will also generate a random string name. The name is useful any place you need to identify a container. This works for both background and foreground containers. -**--network**="*bridge*" +**--net**, **--network**="*bridge*" Set the Network mode for the container: - `bridge`: create a network stack on the default bridge diff --git a/vendor.conf b/vendor.conf index b526c1560..d65014992 100644 --- a/vendor.conf +++ b/vendor.conf @@ -10,7 +10,7 @@ github.com/containerd/cgroups 58556f5ad8448d99a6f7bea69ea4bdb7747cfeb0 github.com/containerd/continuity master github.com/containernetworking/cni v0.7.0-alpha1 github.com/containernetworking/plugins 1562a1e60ed101aacc5e08ed9dbeba8e9f3d4ec1 -github.com/containers/image 7a1eac5d1df2dbd73d8b71853ebce32d989fcae3 +github.com/containers/image 918dbb93e6e099b196b498c38d079f6bb924d0c8 github.com/containers/storage 41294c85d97bef688e18f710402895dbecde3308 github.com/containers/psgo 5dde6da0bc8831b35243a847625bcf18183bd1ee github.com/coreos/go-systemd v14 diff --git a/vendor/github.com/containers/image/docker/docker_client.go b/vendor/github.com/containers/image/docker/docker_client.go index a410279a5..6d2c5b670 100644 --- a/vendor/github.com/containers/image/docker/docker_client.go +++ b/vendor/github.com/containers/image/docker/docker_client.go @@ -259,7 +259,7 @@ func CheckAuth(ctx context.Context, sys *types.SystemContext, username, password case http.StatusUnauthorized: return ErrUnauthorizedForCredentials default: - return errors.Errorf("error occured with status code %q", resp.StatusCode) + return errors.Errorf("error occured with status code %d (%s)", resp.StatusCode, http.StatusText(resp.StatusCode)) } } @@ -329,7 +329,7 @@ func SearchRegistry(ctx context.Context, sys *types.SystemContext, registry, ima } else { defer resp.Body.Close() if resp.StatusCode != http.StatusOK { - logrus.Debugf("error getting search results from v1 endpoint %q, status code %d", registry, resp.StatusCode) + logrus.Debugf("error getting search results from v1 endpoint %q, status code %d (%s)", registry, resp.StatusCode, http.StatusText(resp.StatusCode)) } else { if err := json.NewDecoder(resp.Body).Decode(v1Res); err != nil { return nil, err @@ -346,7 +346,7 @@ func SearchRegistry(ctx context.Context, sys *types.SystemContext, registry, ima } else { defer resp.Body.Close() if resp.StatusCode != http.StatusOK { - logrus.Errorf("error getting search results from v2 endpoint %q, status code %d", registry, resp.StatusCode) + logrus.Errorf("error getting search results from v2 endpoint %q, status code %d (%s)", registry, resp.StatusCode, http.StatusText(resp.StatusCode)) } else { if err := json.NewDecoder(resp.Body).Decode(v2Res); err != nil { return nil, err @@ -495,7 +495,7 @@ func (c *dockerClient) getBearerToken(ctx context.Context, realm, service, scope case http.StatusOK: break default: - return nil, errors.Errorf("unexpected http code: %d, URL: %s", res.StatusCode, authReq.URL) + return nil, errors.Errorf("unexpected http code: %d (%s), URL: %s", res.StatusCode, http.StatusText(res.StatusCode), authReq.URL) } tokenBlob, err := ioutil.ReadAll(res.Body) if err != nil { @@ -522,7 +522,7 @@ func (c *dockerClient) detectProperties(ctx context.Context) error { defer resp.Body.Close() logrus.Debugf("Ping %s status %d", url, resp.StatusCode) if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusUnauthorized { - return errors.Errorf("error pinging registry %s, response code %d", c.registry, resp.StatusCode) + return errors.Errorf("error pinging registry %s, response code %d (%s)", c.registry, resp.StatusCode, http.StatusText(resp.StatusCode)) } c.challenges = parseAuthHeader(resp.Header) c.scheme = scheme @@ -542,8 +542,8 @@ func (c *dockerClient) detectProperties(ctx context.Context) error { pingV1 := func(scheme string) bool { url := fmt.Sprintf(resolvedPingV1URL, scheme, c.registry) resp, err := c.makeRequestToResolvedURL(ctx, "GET", url, nil, nil, -1, noAuth) - logrus.Debugf("Ping %s err %s (%#v)", url, err.Error(), err) if err != nil { + logrus.Debugf("Ping %s err %s (%#v)", url, err.Error(), err) return false } defer resp.Body.Close() diff --git a/vendor/github.com/containers/image/docker/docker_image.go b/vendor/github.com/containers/image/docker/docker_image.go index a1a115080..2ab95f329 100644 --- a/vendor/github.com/containers/image/docker/docker_image.go +++ b/vendor/github.com/containers/image/docker/docker_image.go @@ -73,7 +73,7 @@ func GetRepositoryTags(ctx context.Context, sys *types.SystemContext, ref types. defer res.Body.Close() if res.StatusCode != http.StatusOK { // print url also - return nil, errors.Errorf("Invalid status code returned when fetching tags list %d", res.StatusCode) + return nil, errors.Errorf("Invalid status code returned when fetching tags list %d (%s)", res.StatusCode, http.StatusText(res.StatusCode)) } var tagsHolder struct { diff --git a/vendor/github.com/containers/image/docker/docker_image_dest.go b/vendor/github.com/containers/image/docker/docker_image_dest.go index 94763d026..9bbffef93 100644 --- a/vendor/github.com/containers/image/docker/docker_image_dest.go +++ b/vendor/github.com/containers/image/docker/docker_image_dest.go @@ -207,7 +207,7 @@ func (d *dockerImageDestination) HasBlob(ctx context.Context, info types.BlobInf logrus.Debugf("... not present") return false, -1, nil default: - return false, -1, errors.Errorf("failed to read from destination repository %s: %v", reference.Path(d.ref.ref), http.StatusText(res.StatusCode)) + return false, -1, errors.Errorf("failed to read from destination repository %s: %d (%s)", reference.Path(d.ref.ref), res.StatusCode, http.StatusText(res.StatusCode)) } } diff --git a/vendor/github.com/containers/image/docker/docker_image_src.go b/vendor/github.com/containers/image/docker/docker_image_src.go index 3ff826aaa..aedab9731 100644 --- a/vendor/github.com/containers/image/docker/docker_image_src.go +++ b/vendor/github.com/containers/image/docker/docker_image_src.go @@ -140,7 +140,7 @@ func (s *dockerImageSource) getExternalBlob(ctx context.Context, urls []string) resp, err = s.c.makeRequestToResolvedURL(ctx, "GET", url, nil, nil, -1, noAuth) if err == nil { if resp.StatusCode != http.StatusOK { - err = errors.Errorf("error fetching external blob from %q: %d", url, resp.StatusCode) + err = errors.Errorf("error fetching external blob from %q: %d (%s)", url, resp.StatusCode, http.StatusText(resp.StatusCode)) logrus.Debug(err) continue } @@ -175,7 +175,7 @@ func (s *dockerImageSource) GetBlob(ctx context.Context, info types.BlobInfo) (i } if res.StatusCode != http.StatusOK { // print url also - return nil, 0, errors.Errorf("Invalid status code returned when fetching blob %d", res.StatusCode) + return nil, 0, errors.Errorf("Invalid status code returned when fetching blob %d (%s)", res.StatusCode, http.StatusText(res.StatusCode)) } return res.Body, getBlobSize(res), nil } @@ -274,7 +274,7 @@ func (s *dockerImageSource) getOneSignature(ctx context.Context, url *url.URL) ( if res.StatusCode == http.StatusNotFound { return nil, true, nil } else if res.StatusCode != http.StatusOK { - return nil, false, errors.Errorf("Error reading signature from %s: status %d", url.String(), res.StatusCode) + return nil, false, errors.Errorf("Error reading signature from %s: status %d (%s)", url.String(), res.StatusCode, http.StatusText(res.StatusCode)) } sig, err := ioutil.ReadAll(res.Body) if err != nil { diff --git a/vendor/github.com/containers/image/openshift/openshift.go b/vendor/github.com/containers/image/openshift/openshift.go index 2cadb0ce2..a8d5072d9 100644 --- a/vendor/github.com/containers/image/openshift/openshift.go +++ b/vendor/github.com/containers/image/openshift/openshift.go @@ -127,7 +127,7 @@ func (c *openshiftClient) doRequest(ctx context.Context, method, path string, re if statusValid { return nil, errors.New(status.Message) } - return nil, errors.Errorf("HTTP error: status code: %d, body: %s", res.StatusCode, string(body)) + return nil, errors.Errorf("HTTP error: status code: %d (%s), body: %s", res.StatusCode, http.StatusText(res.StatusCode), string(body)) } return body, nil diff --git a/vendor/github.com/containers/image/pkg/docker/config/config.go b/vendor/github.com/containers/image/pkg/docker/config/config.go index 58e8d5022..1f576253d 100644 --- a/vendor/github.com/containers/image/pkg/docker/config/config.go +++ b/vendor/github.com/containers/image/pkg/docker/config/config.go @@ -165,9 +165,12 @@ func readJSONFile(path string, legacyFormat bool) (dockerConfigFile, error) { var auths dockerConfigFile raw, err := ioutil.ReadFile(path) - if os.IsNotExist(err) { - auths.AuthConfigs = map[string]dockerAuthConfig{} - return auths, nil + if err != nil { + if os.IsNotExist(err) { + auths.AuthConfigs = map[string]dockerAuthConfig{} + return auths, nil + } + return dockerConfigFile{}, err } if legacyFormat { |