diff options
| -rw-r--r-- | cmd/podman/common/specgen.go | 20 | ||||
| -rw-r--r-- | cmd/podman/containers/create.go | 48 | ||||
| -rw-r--r-- | cmd/podman/containers/run.go | 9 | ||||
| -rw-r--r-- | libpod/runtime_ctr.go | 4 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/exec.go | 3 | ||||
| -rw-r--r-- | pkg/specgen/generate/container_create.go | 3 | ||||
| -rw-r--r-- | pkg/specgen/specgen.go | 2 | ||||
| -rw-r--r-- | pkg/util/utils.go | 6 | ||||
| -rw-r--r-- | test/e2e/create_test.go | 13 | ||||
| -rw-r--r-- | test/system/030-run.bats | 41 |
10 files changed, 100 insertions, 49 deletions
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index 599e003e8..1f6fbbe98 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -520,7 +520,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string case "label": // TODO selinux opts and label opts are the same thing s.ContainerSecurityConfig.SelinuxOpts = append(s.ContainerSecurityConfig.SelinuxOpts, con[1]) - s.Annotations[define.InspectAnnotationLabel] = con[1] + s.Annotations[define.InspectAnnotationLabel] = strings.Join(s.ContainerSecurityConfig.SelinuxOpts, ",label=") case "apparmor": s.ContainerSecurityConfig.ApparmorProfile = con[1] s.Annotations[define.InspectAnnotationApparmor] = con[1] @@ -535,7 +535,6 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string s.SeccompPolicy = c.SeccompPolicy - // TODO: should parse out options s.VolumesFrom = c.VolumesFrom // Only add read-only tmpfs mounts in case that we are read-only and the @@ -547,22 +546,10 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string s.Mounts = mounts s.Volumes = volumes - // TODO any idea why this was done - // devices := rtc.Containers.Devices - // TODO conflict on populate? - // - // if c.Changed("device") { - // devices = append(devices, c.StringSlice("device")...) - // } - for _, dev := range c.Devices { s.Devices = append(s.Devices, specs.LinuxDevice{Path: dev}) } - // TODO things i cannot find in spec - // we dont think these are in the spec - // init - initbinary - // initpath s.Init = c.Init s.InitPath = c.InitPath s.Stdin = c.Interactive @@ -587,11 +574,6 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string s.Rlimits = append(s.Rlimits, rl) } - // Tmpfs: c.StringArray("tmpfs"), - - // TODO how to handle this? - // Syslog: c.Bool("syslog"), - logOpts := make(map[string]string) for _, o := range c.LogOptions { split := strings.SplitN(o, "=", 2) diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 45ce00c86..c48a739ff 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -6,11 +6,12 @@ import ( "os" "strings" - "github.com/containers/libpod/libpod/define" - "github.com/containers/common/pkg/config" + "github.com/containers/image/v5/storage" + "github.com/containers/image/v5/transports/alltransports" "github.com/containers/libpod/cmd/podman/common" "github.com/containers/libpod/cmd/podman/registry" + "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/domain/entities" "github.com/containers/libpod/pkg/errorhandling" "github.com/containers/libpod/pkg/specgen" @@ -108,12 +109,15 @@ func create(cmd *cobra.Command, args []string) error { return err } + imageName := args[0] if !cliVals.RootFS { - if err := pullImage(args[0]); err != nil { + name, err := pullImage(args[0]) + if err != nil { return err } + imageName = name } - s := specgen.NewSpecGenerator(args[0], cliVals.RootFS) + s := specgen.NewSpecGenerator(imageName, cliVals.RootFS) if err := common.FillOutSpecGen(s, &cliVals, args); err != nil { return err } @@ -211,30 +215,44 @@ func createInit(c *cobra.Command) error { return nil } -func pullImage(imageName string) error { - br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName) - if err != nil { - return err - } +func pullImage(imageName string) (string, error) { pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull) if err != nil { - return err + return "", err } - if !br.Value || pullPolicy == config.PullImageAlways { + + // Check if the image is missing and hence if we need to pull it. + imageMissing := true + imageRef, err := alltransports.ParseImageName(imageName) + switch { + case err != nil: + // Assume we specified a local image withouth the explicit storage transport. + fallthrough + + case imageRef.Transport().Name() == storage.Transport.Name(): + br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName) + if err != nil { + return "", err + } + imageMissing = !br.Value + } + + if imageMissing || pullPolicy == config.PullImageAlways { if pullPolicy == config.PullImageNever { - return errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName) + return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName) } - _, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{ + pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{ Authfile: cliVals.Authfile, Quiet: cliVals.Quiet, OverrideArch: cliVals.OverrideArch, OverrideOS: cliVals.OverrideOS, }) if pullErr != nil { - return pullErr + return "", pullErr } + imageName = pullReport.Images[0] } - return nil + return imageName, nil } func openCidFile(cidfile string) (*os.File, error) { diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go index cb307c38f..4b287838e 100644 --- a/cmd/podman/containers/run.go +++ b/cmd/podman/containers/run.go @@ -125,10 +125,13 @@ func run(cmd *cobra.Command, args []string) error { return err } + imageName := args[0] if !cliVals.RootFS { - if err := pullImage(args[0]); err != nil { + name, err := pullImage(args[0]) + if err != nil { return err } + imageName = name } if cliVals.Replace { @@ -166,7 +169,7 @@ func run(cmd *cobra.Command, args []string) error { runOpts.Detach = cliVals.Detach runOpts.DetachKeys = cliVals.DetachKeys cliVals.PreserveFDs = runOpts.PreserveFDs - s := specgen.NewSpecGenerator(args[0], cliVals.RootFS) + s := specgen.NewSpecGenerator(imageName, cliVals.RootFS) if err := common.FillOutSpecGen(s, &cliVals, args); err != nil { return err } @@ -196,7 +199,7 @@ func run(cmd *cobra.Command, args []string) error { return nil } if runRmi { - _, rmErrors := registry.ImageEngine().Remove(registry.GetContext(), []string{args[0]}, entities.ImageRemoveOptions{}) + _, rmErrors := registry.ImageEngine().Remove(registry.GetContext(), []string{imageName}, entities.ImageRemoveOptions{}) if len(rmErrors) > 0 { logrus.Errorf("%s", errors.Wrapf(errorhandling.JoinErrors(rmErrors), "failed removing image")) } diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 0431861b5..f1752cbeb 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -83,6 +83,8 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf return nil, errors.Wrapf(err, "converting containers.conf ShmSize %s to an int", r.config.Containers.ShmSize) } ctr.config.ShmSize = size + ctr.config.StopSignal = 15 + ctr.config.StopTimeout = r.config.Engine.StopTimeout } else { // This is a restore from an imported checkpoint ctr.restoreFromCheckpoint = true @@ -107,8 +109,6 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf ctr.state.BindMounts = make(map[string]string) - ctr.config.StopTimeout = r.config.Engine.StopTimeout - ctr.config.OCIRuntime = r.defaultOCIRuntime.Name() // Set namespace based on current runtime namespace diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go index 8f7016903..dae76c061 100644 --- a/pkg/api/handlers/compat/exec.go +++ b/pkg/api/handlers/compat/exec.go @@ -62,7 +62,8 @@ func ExecCreateHandler(w http.ResponseWriter, r *http.Request) { utils.InternalServerError(w, err) return } - exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, false, true, true) + // Automatically log to syslog if the server has log-level=debug set + exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, logrus.IsLevelEnabled(logrus.DebugLevel), true, true) if err != nil { utils.InternalServerError(w, err) return diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index ea6f938a8..7b4fbebf4 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -114,8 +114,7 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener } options = append(options, opts...) - // TODO: Enable syslog support - we'll need to put this in SpecGen. - exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, false, s.Remove, false) + exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false) if err != nil { return nil, err } diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 46ff8c716..3d5bf03e5 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -129,7 +129,7 @@ type ContainerBasicConfig struct { Sysctl map[string]string `json:"sysctl,omitempty"` // Remove indicates if the container should be removed once it has been started // and exits - Remove bool `json:"remove"` + Remove bool `json:"remove,omitempty"` // PreserveFDs is a number of additional file descriptors (in addition // to 0, 1, 2) that will be passed to the executed process. The total FDs // passed will be 3 + PreserveFDs. diff --git a/pkg/util/utils.go b/pkg/util/utils.go index 917f57742..1d8941b4d 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -419,12 +419,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin if len(uidMapSlice) == 0 && len(gidMapSlice) != 0 { uidMapSlice = gidMapSlice } - if len(uidMapSlice) == 0 && subUIDMap == "" && os.Getuid() != 0 { - uidMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getuid())} - } - if len(gidMapSlice) == 0 && subGIDMap == "" && os.Getuid() != 0 { - gidMapSlice = []string{fmt.Sprintf("0:%d:1", os.Getgid())} - } if subUIDMap != "" && subGIDMap != "" { mappings, err := idtools.NewIDMappings(subUIDMap, subGIDMap) diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index 52ce0b46a..44bb5c45f 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -458,4 +458,17 @@ var _ = Describe("Podman create", func() { Expect(session.ExitCode()).To(Equal(0)) } }) + + It("podman create sets default stop signal 15", func() { + ctrName := "testCtr" + session := podmanTest.Podman([]string{"create", "--name", ctrName, ALPINE, "/bin/sh"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", ctrName}) + inspect.WaitWithDefaultTimeout() + data := inspect.InspectContainerToJSON() + Expect(len(data)).To(Equal(1)) + Expect(data[0].Config.StopSignal).To(Equal(uint(15))) + }) }) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index eeecea2e5..bc6347012 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -201,4 +201,45 @@ echo $rand | 0 | $rand "podman will not overwrite existing cidfile" } +@test "podman run docker-archive" { + # Create an image that, when run, outputs a random magic string + expect=$(random_string 20) + run_podman run --name myc --entrypoint="[\"/bin/echo\",\"$expect\"]" $IMAGE + is "$output" "$expect" "podman run --entrypoint echo-randomstring" + + # Save it as a tar archive + run_podman commit myc myi + archive=$PODMAN_TMPDIR/archive.tar + run_podman save myi -o $archive + is "$output" "" "podman save" + + # Clean up image and container from container storage... + run_podman rmi myi + run_podman rm myc + + # ... then confirm we can run from archive. This re-imports the image + # and runs it, producing our random string as the last line. + run_podman run docker-archive:$archive + is "${lines[0]}" "Getting image source signatures" "podman run docker-archive, first line of output" + is "$output" ".*Copying blob" "podman run docker-archive" + is "$output" ".*Copying config" "podman run docker-archive" + is "$output" ".*Writing manifest" "podman run docker-archive" + is "${lines[-1]}" "$expect" "podman run docker-archive: expected random string output" + + # Clean up container as well as re-imported image + run_podman rm -a + run_podman rmi myi + + # Repeat the above, with podman-create and podman-start. + run_podman create docker-archive:$archive + cid=${lines[-1]} + + run_podman start --attach $cid + is "$output" "$expect" "'podman run' of 'podman-create docker-archive'" + + # Clean up. + run_podman rm $cid + run_podman rmi myi +} + # vim: filetype=sh |