diff options
Diffstat (limited to 'cmd/podman/images')
-rw-r--r-- | cmd/podman/images/build.go | 75 | ||||
-rw-r--r-- | cmd/podman/images/list.go | 1 | ||||
-rw-r--r-- | cmd/podman/images/prune.go | 1 | ||||
-rw-r--r-- | cmd/podman/images/pull.go | 2 | ||||
-rw-r--r-- | cmd/podman/images/search.go | 10 | ||||
-rw-r--r-- | cmd/podman/images/trust_show.go | 1 |
6 files changed, 76 insertions, 14 deletions
diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go index a35fea442..abd3ced5b 100644 --- a/cmd/podman/images/build.go +++ b/cmd/podman/images/build.go @@ -1,9 +1,11 @@ package images import ( + "io" "os" "path/filepath" "strings" + "time" "github.com/containers/buildah" "github.com/containers/buildah/imagebuildah" @@ -11,6 +13,8 @@ import ( "github.com/containers/buildah/pkg/parse" "github.com/containers/common/pkg/completion" "github.com/containers/common/pkg/config" + encconfig "github.com/containers/ocicrypt/config" + enchelpers "github.com/containers/ocicrypt/helpers" "github.com/containers/podman/v2/cmd/podman/common" "github.com/containers/podman/v2/cmd/podman/registry" "github.com/containers/podman/v2/cmd/podman/utils" @@ -78,7 +82,8 @@ func useLayers() string { func init() { registry.Commands = append(registry.Commands, registry.CliCommand{ - Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode}, + Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode}, + Command: buildCmd, }) buildFlags(buildCmd) @@ -151,8 +156,21 @@ func buildFlags(cmd *cobra.Command) { // Add the completion functions fromAndBudFlagsCompletions := buildahCLI.GetFromAndBudFlagsCompletions() completion.CompleteCommandFlags(cmd, fromAndBudFlagsCompletions) - _ = flags.MarkHidden("signature-policy") flags.SetNormalizeFunc(buildahCLI.AliasFlags) + if registry.IsRemote() { + flag = flags.Lookup("isolation") + buildOpts.Isolation = buildah.OCI + if err := flag.Value.Set(buildah.OCI); err != nil { + logrus.Errorf("unable to set --isolation to %v: %v", buildah.OCI, err) + } + flag.DefValue = buildah.OCI + _ = flags.MarkHidden("disable-content-trust") + _ = flags.MarkHidden("cache-from") + _ = flags.MarkHidden("sign-by") + _ = flags.MarkHidden("signature-policy") + _ = flags.MarkHidden("tls-verify") + _ = flags.MarkHidden("compress") + } } // build executes the build command. @@ -246,7 +264,18 @@ func build(cmd *cobra.Command, args []string) error { return err } - _, err = registry.ImageEngine().Build(registry.GetContext(), containerFiles, *apiBuildOpts) + report, err := registry.ImageEngine().Build(registry.GetContext(), containerFiles, *apiBuildOpts) + + if cmd.Flag("iidfile").Changed { + f, err := os.Create(buildOpts.Iidfile) + if err != nil { + return err + } + if _, err := f.WriteString("sha256:" + report.ID); err != nil { + return err + } + } + return err } @@ -308,6 +337,10 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil flags.Layers = false } + var stdin io.Reader + if flags.Stdin { + stdin = os.Stdin + } var stdout, stderr, reporter *os.File stdout = os.Stdout stderr = os.Stderr @@ -402,10 +435,21 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil runtimeFlags = append(runtimeFlags, "--systemd-cgroup") } + imageOS, arch, err := parse.PlatformFromOptions(c) + if err != nil { + return nil, err + } + + decConfig, err := getDecryptConfig(flags.DecryptionKeys) + if err != nil { + return nil, errors.Wrapf(err, "unable to obtain decrypt config") + } + opts := imagebuildah.BuildOptions{ AddCapabilities: flags.CapAdd, AdditionalTags: tags, Annotations: flags.Annotation, + Architecture: arch, Args: args, BlobDirectory: flags.BlobCache, CNIConfigDir: flags.CNIConfigDir, @@ -433,17 +477,25 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil DropCapabilities: flags.CapDrop, Err: stderr, ForceRmIntermediateCtrs: flags.ForceRm, + From: flags.From, IDMappingOptions: idmappingOptions, - IIDFile: flags.Iidfile, + In: stdin, Isolation: isolation, + Jobs: &flags.Jobs, Labels: flags.Label, Layers: flags.Layers, + LogRusage: flags.LogRusage, + Manifest: flags.Manifest, + MaxPullPushRetries: 3, NamespaceOptions: nsValues, NoCache: flags.NoCache, + OS: imageOS, + OciDecryptConfig: decConfig, Out: stdout, Output: output, OutputFormat: format, PullPolicy: pullPolicy, + PullPushRetryDelay: 2 * time.Second, Quiet: flags.Quiet, RemoveIntermediateCtrs: flags.Rm, ReportWriter: reporter, @@ -459,3 +511,18 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil return &entities.BuildOptions{BuildOptions: opts}, nil } + +func getDecryptConfig(decryptionKeys []string) (*encconfig.DecryptConfig, error) { + decConfig := &encconfig.DecryptConfig{} + if len(decryptionKeys) > 0 { + // decryption + dcc, err := enchelpers.CreateCryptoConfig([]string{}, decryptionKeys) + if err != nil { + return nil, errors.Wrapf(err, "invalid decryption keys") + } + cc := encconfig.CombineCryptoConfigs([]encconfig.CryptoConfig{dcc}) + decConfig = cc.DecryptConfig + } + + return decConfig, nil +} diff --git a/cmd/podman/images/list.go b/cmd/podman/images/list.go index 8a7951923..65486e3ba 100644 --- a/cmd/podman/images/list.go +++ b/cmd/podman/images/list.go @@ -275,7 +275,6 @@ func tokenRepoTag(ref string) (string, string, error) { } return name, tag, nil - } func sortFunc(key string, data []imageReporter) func(i, j int) bool { diff --git a/cmd/podman/images/prune.go b/cmd/podman/images/prune.go index 268a68681..8ded8d352 100644 --- a/cmd/podman/images/prune.go +++ b/cmd/podman/images/prune.go @@ -48,7 +48,6 @@ func init() { flags.StringArrayVar(&filter, filterFlagName, []string{}, "Provide filter values (e.g. 'label=<key>=<value>')") //TODO: add completion for filters _ = pruneCmd.RegisterFlagCompletionFunc(filterFlagName, completion.AutocompleteNone) - } func prune(cmd *cobra.Command, args []string) error { diff --git a/cmd/podman/images/pull.go b/cmd/podman/images/pull.go index fe92baebe..3b2595757 100644 --- a/cmd/podman/images/pull.go +++ b/cmd/podman/images/pull.go @@ -110,11 +110,9 @@ func pullFlags(cmd *cobra.Command) { _ = cmd.RegisterFlagCompletionFunc(authfileFlagName, completion.AutocompleteDefault) if !registry.IsRemote() { - certDirFlagName := "cert-dir" flags.StringVar(&pullOptions.CertDir, certDirFlagName, "", "`Pathname` of a directory containing TLS certificates and keys") _ = cmd.RegisterFlagCompletionFunc(certDirFlagName, completion.AutocompleteDefault) - } _ = flags.MarkHidden("signature-policy") } diff --git a/cmd/podman/images/search.go b/cmd/podman/images/search.go index c8ea4b04a..b8274cfce 100644 --- a/cmd/podman/images/search.go +++ b/cmd/podman/images/search.go @@ -156,12 +156,12 @@ func imageSearch(cmd *cobra.Command, args []string) error { return errors.Errorf("filters are not applicable to list tags result") } if report.IsJSON(searchOptions.Format) { - listTagsEntries := buildListTagsJson(searchReport) - return printJson(listTagsEntries) + listTagsEntries := buildListTagsJSON(searchReport) + return printArbitraryJSON(listTagsEntries) } row = "{{.Name}}\t{{.Tag}}\n" case report.IsJSON(searchOptions.Format): - return printJson(searchReport) + return printArbitraryJSON(searchReport) case cmd.Flags().Changed("format"): renderHeaders = parse.HasTable(searchOptions.Format) row = report.NormalizeFormat(searchOptions.Format) @@ -186,7 +186,7 @@ func imageSearch(cmd *cobra.Command, args []string) error { return tmpl.Execute(w, searchReport) } -func printJson(v interface{}) error { +func printArbitraryJSON(v interface{}) error { prettyJSON, err := json.MarshalIndent(v, "", " ") if err != nil { return err @@ -195,7 +195,7 @@ func printJson(v interface{}) error { return nil } -func buildListTagsJson(searchReport []entities.ImageSearchReport) []listEntryTag { +func buildListTagsJSON(searchReport []entities.ImageSearchReport) []listEntryTag { entries := []listEntryTag{} ReportLoop: diff --git a/cmd/podman/images/trust_show.go b/cmd/podman/images/trust_show.go index dc35dc6a1..89733a1aa 100644 --- a/cmd/podman/images/trust_show.go +++ b/cmd/podman/images/trust_show.go @@ -42,7 +42,6 @@ func init() { _ = showFlags.MarkHidden("policypath") showFlags.StringVar(&showTrustOptions.RegistryPath, "registrypath", "", "") _ = showFlags.MarkHidden("registrypath") - } func showTrust(cmd *cobra.Command, args []string) error { |