diff options
| -rw-r--r-- | docs/source/markdown/options/digestfile.md | 4 | ||||
| -rw-r--r-- | docs/source/markdown/options/label.md | 3 | ||||
| -rw-r--r-- | docs/source/markdown/podman-create.1.md.in | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman-manifest-push.1.md.in | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman-pod-clone.1.md.in | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman-pod-create.1.md.in | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman-push.1.md.in | 4 | ||||
| -rw-r--r-- | docs/source/markdown/podman-run.1.md.in | 4 | ||||
| -rw-r--r-- | libpod/define/config.go | 2 | ||||
| -rw-r--r-- | libpod/define/mount.go | 2 | ||||
| -rw-r--r-- | libpod/define/mount_freebsd.go | 8 | ||||
| -rw-r--r-- | libpod/define/mount_linux.go | 8 | ||||
| -rw-r--r-- | libpod/define/mount_unsupported.go | 8 | ||||
| -rw-r--r-- | libpod/kube.go | 4 | ||||
| -rw-r--r-- | libpod/runtime.go | 8 | ||||
| -rw-r--r-- | libpod/runtime_test.go | 28 | ||||
| -rw-r--r-- | pkg/api/server/register_containers.go | 2 | ||||
| -rw-r--r-- | pkg/api/server/register_secrets.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/generate/kube/kube.go | 7 | ||||
| -rw-r--r-- | pkg/specgen/volumes.go | 3 | ||||
| -rw-r--r-- | test/apiv2/10-images.at | 11 | ||||
| -rw-r--r-- | test/e2e/generate_kube_test.go | 2 |
22 files changed, 91 insertions, 35 deletions
diff --git a/docs/source/markdown/options/digestfile.md b/docs/source/markdown/options/digestfile.md new file mode 100644 index 000000000..de013e287 --- /dev/null +++ b/docs/source/markdown/options/digestfile.md @@ -0,0 +1,4 @@ +#### **--digestfile**=*Digestfile* + +After copying the image, write the digest of the resulting image to the file. +(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) diff --git a/docs/source/markdown/options/label.md b/docs/source/markdown/options/label.md new file mode 100644 index 000000000..629aa82e6 --- /dev/null +++ b/docs/source/markdown/options/label.md @@ -0,0 +1,3 @@ +#### **--label**, **-l**=*key=value* + +Add metadata to a <<container|pod>>. diff --git a/docs/source/markdown/podman-create.1.md.in b/docs/source/markdown/podman-create.1.md.in index 4fe50caed..25726af8c 100644 --- a/docs/source/markdown/podman-create.1.md.in +++ b/docs/source/markdown/podman-create.1.md.in @@ -260,9 +260,7 @@ To specify multiple static IPv6 addresses per container, set multiple networks u @@option ipc -#### **--label**, **-l**=*label* - -Add metadata to a container (e.g., --label com.example.key=value) +@@option label @@option label-file diff --git a/docs/source/markdown/podman-manifest-push.1.md.in b/docs/source/markdown/podman-manifest-push.1.md.in index 88d070c3f..b27fbee8d 100644 --- a/docs/source/markdown/podman-manifest-push.1.md.in +++ b/docs/source/markdown/podman-manifest-push.1.md.in @@ -29,9 +29,7 @@ Specifies the compression format to use. Supported values are: `gzip`, `zstd` a @@option creds -#### **--digestfile**=*Digestfile* - -After copying the image, write the digest of the resulting image to the file. +@@option digestfile #### **--format**, **-f**=*format* diff --git a/docs/source/markdown/podman-pod-clone.1.md.in b/docs/source/markdown/podman-pod-clone.1.md.in index 24edc44ec..e2e08d2a6 100644 --- a/docs/source/markdown/podman-pod-clone.1.md.in +++ b/docs/source/markdown/podman-pod-clone.1.md.in @@ -66,9 +66,7 @@ Print usage statement. @@option infra-name -#### **--label**, **-l**=*label* - -Add metadata to a pod (e.g., --label com.example.key=value). +@@option label @@option label-file diff --git a/docs/source/markdown/podman-pod-create.1.md.in b/docs/source/markdown/podman-pod-create.1.md.in index 35d06fa00..f3d6884c5 100644 --- a/docs/source/markdown/podman-pod-create.1.md.in +++ b/docs/source/markdown/podman-pod-create.1.md.in @@ -130,9 +130,7 @@ The address must be within the network's IPv6 address pool. To specify multiple static IPv6 addresses per pod, set multiple networks using the **--network** option with a static IPv6 address specified for each using the `ip6` mode for that option. -#### **--label**, **-l**=*label* - -Add metadata to a pod (e.g., --label com.example.key=value). +@@option label @@option label-file diff --git a/docs/source/markdown/podman-push.1.md.in b/docs/source/markdown/podman-push.1.md.in index a98964e45..408fdb43c 100644 --- a/docs/source/markdown/podman-push.1.md.in +++ b/docs/source/markdown/podman-push.1.md.in @@ -62,9 +62,7 @@ Specifies the compression format to use. Supported values are: `gzip`, `zstd` a @@option creds -#### **--digestfile**=*Digestfile* - -After copying the image, write the digest of the resulting image to the file. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) +@@option digestfile @@option disable-content-trust diff --git a/docs/source/markdown/podman-run.1.md.in b/docs/source/markdown/podman-run.1.md.in index 64affa238..a32bf4781 100644 --- a/docs/source/markdown/podman-run.1.md.in +++ b/docs/source/markdown/podman-run.1.md.in @@ -280,9 +280,7 @@ To specify multiple static IPv6 addresses per container, set multiple networks u @@option ipc -#### **--label**, **-l**=*key=value* - -Add metadata to a container. +@@option label @@option label-file diff --git a/libpod/define/config.go b/libpod/define/config.go index 34c1a675d..1fad5cc9a 100644 --- a/libpod/define/config.go +++ b/libpod/define/config.go @@ -85,4 +85,4 @@ const PassthroughLogging = "passthrough" const RLimitDefaultValue = uint64(1048576) // BindMountPrefix distinguishes its annotations from others -const BindMountPrefix = "bind-mount-options:" +const BindMountPrefix = "bind-mount-options" diff --git a/libpod/define/mount.go b/libpod/define/mount.go index 1b0d019c8..db444fd83 100644 --- a/libpod/define/mount.go +++ b/libpod/define/mount.go @@ -1,8 +1,6 @@ package define const ( - // TypeBind is the type for mounting host dir - TypeBind = "bind" // TypeVolume is the type for named volumes TypeVolume = "volume" // TypeTmpfs is the type for mounting tmpfs diff --git a/libpod/define/mount_freebsd.go b/libpod/define/mount_freebsd.go new file mode 100644 index 000000000..e080c9ec6 --- /dev/null +++ b/libpod/define/mount_freebsd.go @@ -0,0 +1,8 @@ +//go:build freebsd + +package define + +const ( + // TypeBind is the type for mounting host dir + TypeBind = "nullfs" +) diff --git a/libpod/define/mount_linux.go b/libpod/define/mount_linux.go new file mode 100644 index 000000000..5ef848905 --- /dev/null +++ b/libpod/define/mount_linux.go @@ -0,0 +1,8 @@ +//go:build linux + +package define + +const ( + // TypeBind is the type for mounting host dir + TypeBind = "bind" +) diff --git a/libpod/define/mount_unsupported.go b/libpod/define/mount_unsupported.go new file mode 100644 index 000000000..cb8642fe2 --- /dev/null +++ b/libpod/define/mount_unsupported.go @@ -0,0 +1,8 @@ +//go:build !linux && !freebsd + +package define + +const ( + // TypeBind is the type for mounting host dir + TypeBind = "bind" +) diff --git a/libpod/kube.go b/libpod/kube.go index a70782d69..d4414aabd 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -385,7 +385,7 @@ func (p *Pod) podWithContainers(ctx context.Context, containers []*Container, po return nil, err } for k, v := range annotations { - podAnnotations[define.BindMountPrefix+k] = TruncateKubeAnnotation(v) + podAnnotations[define.BindMountPrefix] = TruncateKubeAnnotation(k + ":" + v) } // Since port bindings for the pod are handled by the // infra container, wipe them here only if we are sharing the net namespace @@ -529,7 +529,7 @@ func simplePodWithV1Containers(ctx context.Context, ctrs []*Container) (*v1.Pod, return nil, err } for k, v := range annotations { - kubeAnnotations[define.BindMountPrefix+k] = TruncateKubeAnnotation(v) + kubeAnnotations[define.BindMountPrefix] = TruncateKubeAnnotation(k + ":" + v) } if isInit { kubeInitCtrs = append(kubeInitCtrs, kubeCtr) diff --git a/libpod/runtime.go b/libpod/runtime.go index 9b97fd724..1503b2344 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -5,6 +5,7 @@ import ( "context" "errors" "fmt" + "math/rand" "os" "path/filepath" "strings" @@ -112,6 +113,13 @@ type Runtime struct { secretsManager *secrets.SecretsManager } +func init() { + // generateName calls namesgenerator.GetRandomName which the + // global RNG from math/rand. Seed it here to make sure we + // don't get the same name every time. + rand.Seed(time.Now().UnixNano()) +} + // SetXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set. // containers/image uses XDG_RUNTIME_DIR to locate the auth file, XDG_CONFIG_HOME is // use for the containers.conf configuration file. diff --git a/libpod/runtime_test.go b/libpod/runtime_test.go new file mode 100644 index 000000000..2e16c7fcd --- /dev/null +++ b/libpod/runtime_test.go @@ -0,0 +1,28 @@ +package libpod + +import ( + "math/rand" + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func Test_generateName(t *testing.T) { + state, path, _, err := getEmptyBoltState() + assert.NoError(t, err) + defer os.RemoveAll(path) + defer state.Close() + + r := &Runtime{ + state: state, + } + + // Test that (*Runtime).generateName returns different names + // if called twice, even if the global RNG has the default + // seed. + n1, _ := r.generateName() + rand.Seed(1) + n2, _ := r.generateName() + assert.NotEqual(t, n1, n2) +} diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index 41baf5418..7e9c02816 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -212,7 +212,6 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // - in: query // name: signal // type: string - // default: TERM // description: signal to be sent to container // default: SIGKILL // produces: @@ -723,6 +722,7 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // type: boolean // description: Include namespace information // default: false + // - in: query // name: pod // type: boolean // default: false diff --git a/pkg/api/server/register_secrets.go b/pkg/api/server/register_secrets.go index f4608baa6..8918ad238 100644 --- a/pkg/api/server/register_secrets.go +++ b/pkg/api/server/register_secrets.go @@ -54,7 +54,6 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - `id=[id]` Matches for full or partial ID. // produces: // - application/json - // parameters: // responses: // '200': // "$ref": "#/responses/SecretListResponse" @@ -128,7 +127,6 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - `id=[id]` Matches for full or partial ID. // produces: // - application/json - // parameters: // responses: // '200': // "$ref": "#/responses/SecretListCompatResponse" diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 375b719d3..5862d3f1c 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -357,8 +357,11 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener // a selinux mount option exists for it for k, v := range opts.Annotations { // Make sure the z/Z option is not already there (from editing the YAML) - if strings.Replace(k, define.BindMountPrefix, "", 1) == volumeSource.Source && !cutil.StringInSlice("z", options) && !cutil.StringInSlice("Z", options) { - options = append(options, v) + if k == define.BindMountPrefix { + lastIndex := strings.LastIndex(v, ":") + if v[:lastIndex] == volumeSource.Source && !cutil.StringInSlice("z", options) && !cutil.StringInSlice("Z", options) { + options = append(options, v[lastIndex+1:]) + } } } mount := spec.Mount{ diff --git a/pkg/specgen/volumes.go b/pkg/specgen/volumes.go index e70ed5b13..e71d14331 100644 --- a/pkg/specgen/volumes.go +++ b/pkg/specgen/volumes.go @@ -7,6 +7,7 @@ import ( "strings" "github.com/containers/common/pkg/parse" + "github.com/containers/podman/v4/libpod/define" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" ) @@ -159,7 +160,7 @@ func GenVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*Na } else { newMount := spec.Mount{ Destination: dest, - Type: "bind", + Type: define.TypeBind, Source: src, Options: options, } diff --git a/test/apiv2/10-images.at b/test/apiv2/10-images.at index 86ee2a1f5..3ffc6f738 100644 --- a/test/apiv2/10-images.at +++ b/test/apiv2/10-images.at @@ -227,14 +227,15 @@ t GET libpod/images/quay.io/libpod/busybox:latest/exists 204 CONTAINERFILE_WITH_ERR_TAR="${TMPD}/containerfile.tar" cat > $TMPD/containerfile << EOF -FROM quay.io/fedora/fedora +FROM $IMAGE RUN echo 'some error' >&2 EOF tar --format=posix -C $TMPD -cvf ${CONTAINERFILE_WITH_ERR_TAR} containerfile &> /dev/null -t POST "build?q=1&dockerfile=containerfile" $CONTAINERFILE_WITH_ERR_TAR 200 -response_output=$(cat "$WORKDIR/curl.result.out") -if [[ ${response_output} == *"some error"* ]];then - _show_ok 0 "compat quiet build" "~ $response_output" "found output from stderr in API" +t POST "/build?q=1&dockerfile=containerfile" $CONTAINERFILE_WITH_ERR_TAR 200 +if [[ $output == *"some error"* ]];then + _show_ok 0 "compat quiet build" "[should not contain 'some error']" "$output" +else + _show_ok 1 "compat quiet build" fi cleanBuildTest diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index 6a73d8ab6..960837ebe 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -719,7 +719,7 @@ var _ = Describe("Podman generate kube", func() { pod := new(v1.Pod) err = yaml.Unmarshal(b, pod) Expect(err).To(BeNil()) - Expect(pod.Annotations).To(HaveKeyWithValue(define.BindMountPrefix+vol1, HaveSuffix("z"))) + Expect(pod.Annotations).To(HaveKeyWithValue(define.BindMountPrefix, vol1+":"+"z")) rm := podmanTest.Podman([]string{"pod", "rm", "-t", "0", "-f", "test1"}) rm.WaitWithDefaultTimeout() |