diff options
| -rw-r--r-- | .cirrus.yml | 24 | ||||
| -rw-r--r-- | cmd/podman/main.go | 8 | ||||
| -rw-r--r-- | cmd/podman/play/kube.go | 6 | ||||
| -rw-r--r-- | cmd/podman/registry/remote.go | 8 | ||||
| -rwxr-xr-x | contrib/cirrus/setup_environment.sh | 3 | ||||
| -rw-r--r-- | docs/source/markdown/podman-play-kube.1.md | 5 | ||||
| -rw-r--r-- | docs/source/markdown/podman.1.md | 2 | ||||
| -rw-r--r-- | pkg/domain/entities/play.go | 2 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/play.go | 2 | ||||
| -rw-r--r-- | pkg/util/utils.go | 2 | ||||
| -rw-r--r-- | pkg/util/utils_supported.go | 50 | ||||
| -rw-r--r-- | test/e2e/play_build_test.go | 47 | ||||
| -rw-r--r-- | test/system/001-basic.bats | 14 | ||||
| -rw-r--r-- | test/system/300-cli-parsing.bats | 14 | ||||
| -rw-r--r-- | test/system/helpers.bash | 1 |
15 files changed, 119 insertions, 69 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index 7a306175a..7e523c4ae 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -38,7 +38,7 @@ env: UBUNTU_NAME: "ubuntu-2110" # Google-cloud VM Images - IMAGE_SUFFIX: "c6454758209748992" + IMAGE_SUFFIX: "c5814666029957120" FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}" PRIOR_FEDORA_CACHE_IMAGE_NAME: "prior-fedora-${IMAGE_SUFFIX}" UBUNTU_CACHE_IMAGE_NAME: "ubuntu-${IMAGE_SUFFIX}" @@ -157,11 +157,11 @@ build_task: CTR_FQIN: ${FEDORA_CONTAINER_FQIN} # ID for re-use of build output _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - - env: &priorfedora_envvars - DISTRO_NV: ${PRIOR_FEDORA_NAME} - VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} - _BUILD_CACHE_HANDLE: ${PRIOR_FEDORA_NAME}-build-${CIRRUS_BUILD_ID} + #- env: &priorfedora_envvars + # DISTRO_NV: ${PRIOR_FEDORA_NAME} + # VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} + # CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} + # _BUILD_CACHE_HANDLE: ${PRIOR_FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - env: &ubuntu_envvars DISTRO_NV: ${UBUNTU_NAME} VM_IMAGE_NAME: ${UBUNTU_CACHE_IMAGE_NAME} @@ -390,7 +390,7 @@ unit_test_task: - validate matrix: - env: *stdenvars - - env: *priorfedora_envvars + #- env: *priorfedora_envvars - env: *ubuntu_envvars # Special-case: Rootless on latest Fedora (standard) VM - name: "Rootless unit on $DISTRO_NV" @@ -504,11 +504,11 @@ container_integration_test_task: _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - - env: - DISTRO_NV: ${PRIOR_FEDORA_NAME} - _BUILD_CACHE_HANDLE: ${PRIOR_FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} + #- env: + # DISTRO_NV: ${PRIOR_FEDORA_NAME} + # _BUILD_CACHE_HANDLE: ${PRIOR_FEDORA_NAME}-build-${CIRRUS_BUILD_ID} + # VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} + # CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} gce_instance: *standardvm timeout_in: 90m env: diff --git a/cmd/podman/main.go b/cmd/podman/main.go index 9850f5d27..4f8131653 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -72,6 +72,8 @@ func parseCommands() *cobra.Command { } parent.AddCommand(c.Command) + c.Command.SetFlagErrorFunc(flagErrorFuncfunc) + // - templates need to be set here, as PersistentPreRunE() is // not called when --help is used. // - rootCmd uses cobra default template not ours @@ -84,5 +86,11 @@ func parseCommands() *cobra.Command { os.Exit(1) } + rootCmd.SetFlagErrorFunc(flagErrorFuncfunc) return rootCmd } + +func flagErrorFuncfunc(c *cobra.Command, e error) error { + e = fmt.Errorf("%w\nSee '%s --help'", e, c.CommandPath()) + return e +} diff --git a/cmd/podman/play/kube.go b/cmd/podman/play/kube.go index ccf6ea861..1a430f2dc 100644 --- a/cmd/podman/play/kube.go +++ b/cmd/podman/play/kube.go @@ -27,6 +27,7 @@ type playKubeOptionsWrapper struct { TLSVerifyCLI bool CredentialsCLI string StartCLI bool + BuildCLI bool } var ( @@ -117,7 +118,7 @@ func init() { _ = kubeCmd.RegisterFlagCompletionFunc(configmapFlagName, completion.AutocompleteDefault) buildFlagName := "build" - flags.BoolVar(&kubeOptions.Build, buildFlagName, false, "Build all images in a YAML (given Containerfiles exist)") + flags.BoolVar(&kubeOptions.BuildCLI, buildFlagName, false, "Build all images in a YAML (given Containerfiles exist)") } if !registry.IsRemote() { @@ -138,6 +139,9 @@ func kube(cmd *cobra.Command, args []string) error { if cmd.Flags().Changed("start") { kubeOptions.Start = types.NewOptionalBool(kubeOptions.StartCLI) } + if cmd.Flags().Changed("build") { + kubeOptions.Build = types.NewOptionalBool(kubeOptions.BuildCLI) + } if kubeOptions.Authfile != "" { if _, err := os.Stat(kubeOptions.Authfile); err != nil { return err diff --git a/cmd/podman/registry/remote.go b/cmd/podman/registry/remote.go index f05d8f7b4..181ef6b4a 100644 --- a/cmd/podman/registry/remote.go +++ b/cmd/podman/registry/remote.go @@ -30,6 +30,12 @@ func IsRemote() bool { fs.Usage = func() {} fs.SetInterspersed(false) fs.BoolVarP(&remoteFromCLI.Value, "remote", "r", remote, "") + connectionFlagName := "connection" + ignoredConnection := "" + fs.StringVarP(&ignoredConnection, connectionFlagName, "c", "", "") + urlFlagName := "url" + ignoredURL := "" + fs.StringVar(&ignoredURL, urlFlagName, "", "") // The shell completion logic will call a command called "__complete" or "__completeNoDesc" // This command will always be the second argument @@ -39,6 +45,8 @@ func IsRemote() bool { start = 2 } _ = fs.Parse(os.Args[start:]) + // --connection or --url implies --remote + remoteFromCLI.Value = remoteFromCLI.Value || fs.Changed(connectionFlagName) || fs.Changed(urlFlagName) }) return podmanOptions.EngineMode == entities.TunnelMode || remoteFromCLI.Value } diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 829bb651d..93f085983 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -247,6 +247,7 @@ esac case "$TEST_FLAVOR" in ext_svc) ;; validate) + dnf install -y $PACKAGE_DOWNLOAD_DIR/python3*.rpm # For some reason, this is also needed for validation make .install.pre-commit ;; @@ -257,7 +258,7 @@ case "$TEST_FLAVOR" in if [[ "$ALT_NAME" =~ RPM ]]; then bigto dnf install -y glibc-minimal-langpack go-rpm-macros rpkg rpm-build shadow-utils-subid-devel fi - ;& + ;; docker-py) remove_packaged_podman_files make install PREFIX=/usr ETCDIR=/etc diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md index 6d02af80d..f85ea9046 100644 --- a/docs/source/markdown/podman-play-kube.1.md +++ b/docs/source/markdown/podman-play-kube.1.md @@ -67,7 +67,8 @@ like: ``` The build will consider `foobar` to be the context directory for the build. If there is an image in local storage -called `foobar`, the image will not be built unless the `--build` flag is used. +called `foobar`, the image will not be built unless the `--build` flag is used. Use `--build=false` to completely +disable builds. `Kubernetes ConfigMap` @@ -115,7 +116,7 @@ environment variable. `export REGISTRY_AUTH_FILE=path` #### **--build** -Build images even if they are found in the local storage. +Build images even if they are found in the local storage. Use `--build=false` to completely disable builds. #### **--cert-dir**=*path* diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md index b318001e4..4d3e92dd2 100644 --- a/docs/source/markdown/podman.1.md +++ b/docs/source/markdown/podman.1.md @@ -42,6 +42,7 @@ and "$graphroot/networks" as rootless. #### **--connection**, **-c** Connection to use for remote podman, including Mac and Windows (excluding WSL2) machines, (Default connection is configured in `containers.conf`) +Setting this option will switch the **--remote** option to true. Remote connections use local containers.conf for default. #### **--conmon** @@ -108,6 +109,7 @@ environment variable is set, the **--remote** option defaults to true. #### **--url**=*value* URL to access Podman service (default from `containers.conf`, rootless `unix://run/user/$UID/podman/podman.sock` or as root `unix://run/podman/podman.sock`). +Setting this option will switch the **--remote** option to true. - `CONTAINER_HOST` is of the format `<schema>://[<user[:<password>]@]<host>[:<port>][<path>]` diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go index 39234caf8..43fa3a712 100644 --- a/pkg/domain/entities/play.go +++ b/pkg/domain/entities/play.go @@ -11,7 +11,7 @@ type PlayKubeOptions struct { // Authfile - path to an authentication file. Authfile string // Indicator to build all images with Containerfile or Dockerfile - Build bool + Build types.OptionalBool // CertDir - to a directory containing TLS certifications and keys. CertDir string // Down indicates whether to bring contents of a yaml file "down" diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index cad8c4609..b8ca591bb 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -486,7 +486,7 @@ func (ic *ContainerEngine) getImageAndLabelInfo(ctx context.Context, cwd string, if err != nil { return nil, nil, err } - if (len(buildFile) > 0 && !existsLocally) || (len(buildFile) > 0 && options.Build) { + if (len(buildFile) > 0) && ((!existsLocally && options.Build != types.OptionalBoolFalse) || (options.Build == types.OptionalBoolTrue)) { buildOpts := new(buildahDefine.BuildOptions) commonOpts := new(buildahDefine.CommonBuildOptions) buildOpts.ConfigureNetwork = buildahDefine.NetworkDefault diff --git a/pkg/util/utils.go b/pkg/util/utils.go index 925ff9830..bdd1e1383 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -463,8 +463,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin var ( rootlessConfigHomeDirOnce sync.Once rootlessConfigHomeDir string - rootlessRuntimeDirOnce sync.Once - rootlessRuntimeDir string ) type tomlOptionsConfig struct { diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go index 848b35a45..e9d6bfa31 100644 --- a/pkg/util/utils_supported.go +++ b/pkg/util/utils_supported.go @@ -6,67 +6,21 @@ package util // should work to take darwin from this import ( - "fmt" "os" "path/filepath" "syscall" + cutil "github.com/containers/common/pkg/util" "github.com/containers/podman/v4/pkg/rootless" "github.com/pkg/errors" - "github.com/sirupsen/logrus" ) // GetRuntimeDir returns the runtime directory func GetRuntimeDir() (string, error) { - var rootlessRuntimeDirError error - if !rootless.IsRootless() { return "", nil } - - rootlessRuntimeDirOnce.Do(func() { - runtimeDir := os.Getenv("XDG_RUNTIME_DIR") - uid := fmt.Sprintf("%d", rootless.GetRootlessUID()) - if runtimeDir == "" { - tmpDir := filepath.Join("/run", "user", uid) - if err := os.MkdirAll(tmpDir, 0700); err != nil { - logrus.Debug(err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid)) - if err := os.MkdirAll(tmpDir, 0700); err != nil { - logrus.Debug(err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - home := os.Getenv("HOME") - if home == "" { - rootlessRuntimeDirError = fmt.Errorf("neither XDG_RUNTIME_DIR nor HOME was set non-empty") - return - } - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - rootlessRuntimeDirError = errors.Wrapf(err, "cannot resolve %s", home) - return - } - runtimeDir = filepath.Join(resolvedHome, "rundir") - } - rootlessRuntimeDir = runtimeDir - }) - - if rootlessRuntimeDirError != nil { - return "", rootlessRuntimeDirError - } - return rootlessRuntimeDir, nil + return cutil.GetRuntimeDir() } // GetRootlessConfigHomeDir returns the config home directory when running as non root diff --git a/test/e2e/play_build_test.go b/test/e2e/play_build_test.go index 70e042b4d..849ba7162 100644 --- a/test/e2e/play_build_test.go +++ b/test/e2e/play_build_test.go @@ -212,6 +212,53 @@ LABEL marge=mom Expect(inspectData[0].Config.Labels).To(HaveKeyWithValue("marge", "mom")) }) + It("Do not build image at all if --build=false", func() { + // Setup + yamlDir := filepath.Join(tempdir, RandomString(12)) + err := os.Mkdir(yamlDir, 0755) + Expect(err).To(BeNil(), "mkdir "+yamlDir) + err = writeYaml(testYAML, filepath.Join(yamlDir, "top.yaml")) + Expect(err).To(BeNil()) + + // build an image called foobar but make sure it doesn't have + // the same label as the yaml buildfile, so we can check that + // the image is NOT rebuilt. + err = writeYaml(prebuiltImage, filepath.Join(yamlDir, "Containerfile")) + Expect(err).To(BeNil()) + + app1Dir := filepath.Join(yamlDir, "foobar") + err = os.Mkdir(app1Dir, 0755) + Expect(err).To(BeNil()) + err = writeYaml(playBuildFile, filepath.Join(app1Dir, "Containerfile")) + Expect(err).To(BeNil()) + // Write a file to be copied + err = writeYaml(copyFile, filepath.Join(app1Dir, "copyfile")) + Expect(err).To(BeNil()) + + // Switch to temp dir and restore it afterwards + cwd, err := os.Getwd() + Expect(err).To(BeNil()) + Expect(os.Chdir(yamlDir)).To(BeNil()) + defer func() { (Expect(os.Chdir(cwd)).To(BeNil())) }() + + // Build the image into the local store + build := podmanTest.Podman([]string{"build", "-t", "foobar", "-f", "Containerfile"}) + build.WaitWithDefaultTimeout() + Expect(build).Should(Exit(0)) + + session := podmanTest.Podman([]string{"play", "kube", "--build=false", "top.yaml"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + inspect := podmanTest.Podman([]string{"container", "inspect", "top_pod-foobar"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + inspectData := inspect.InspectContainerToJSON() + Expect(len(inspectData)).To(BeNumerically(">", 0)) + Expect(inspectData[0].Config.Labels).To(Not(HaveKey("homer"))) + Expect(inspectData[0].Config.Labels).To(HaveKeyWithValue("marge", "mom")) + }) + It("--build should override image in store", func() { // Setup yamlDir := filepath.Join(tempdir, RandomString(12)) diff --git a/test/system/001-basic.bats b/test/system/001-basic.bats index e36142188..582efa058 100644 --- a/test/system/001-basic.bats +++ b/test/system/001-basic.bats @@ -105,7 +105,8 @@ function setup() { # ...but no matter what, --remote is never allowed after subcommand PODMAN="${podman_non_remote} ${podman_args[@]}" run_podman 125 version --remote - is "$output" "Error: unknown flag: --remote" "podman version --remote" + is "$output" "Error: unknown flag: --remote +See 'podman version --help'" "podman version --remote" } @test "podman-remote: defaults" { @@ -125,6 +126,17 @@ function setup() { if grep -- " --remote " <<<"$output"; then die "podman --help, with CONTAINER_CONNECTION set, is showing --remote" fi + + # When it detects --url or --connection, --remote is not an option + run_podman --url foobar --help + if grep -- " --remote " <<<"$output"; then + die "podman --help, with --url set, is showing --remote" + fi + + run_podman --connection foobar --help + if grep -- " --remote " <<<"$output"; then + die "podman --help, with --connection set, is showing --remote" + fi } # Check that just calling "podman-remote" prints the usage message even diff --git a/test/system/300-cli-parsing.bats b/test/system/300-cli-parsing.bats index 92c073102..ec493d3d8 100644 --- a/test/system/300-cli-parsing.bats +++ b/test/system/300-cli-parsing.bats @@ -12,4 +12,18 @@ load helpers run_podman run --rm --label 'true="false"' $IMAGE true } +@test "podman flag error" { + local name="podman" + if is_remote; then + name="podman-remote" + fi + run_podman 125 run -h + is "$output" "Error: flag needs an argument: 'h' in -h +See '$name run --help'" "expected error output" + + run_podman 125 bad --invalid + is "$output" "Error: unknown flag: --invalid +See '$name --help'" "expected error output" +} + # vim: filetype=sh diff --git a/test/system/helpers.bash b/test/system/helpers.bash index ee5f73867..221315b97 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -108,6 +108,7 @@ function basic_teardown() { echo "# [teardown]" >&2 run_podman '?' pod rm -t 0 --all --force --ignore run_podman '?' rm -t 0 --all --force --ignore + run_podman '?' network prune --force command rm -rf $PODMAN_TMPDIR } |