summaryrefslogtreecommitdiff
path: root/cmd/podman/play_kube.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman/play_kube.go')
-rw-r--r--cmd/podman/play_kube.go15
1 files changed, 10 insertions, 5 deletions
diff --git a/cmd/podman/play_kube.go b/cmd/podman/play_kube.go
index 10221a339..b468a7a89 100644
--- a/cmd/podman/play_kube.go
+++ b/cmd/podman/play_kube.go
@@ -13,7 +13,7 @@ import (
"github.com/containers/libpod/cmd/podman/libpodruntime"
"github.com/containers/libpod/cmd/podman/shared"
"github.com/containers/libpod/libpod"
- image2 "github.com/containers/libpod/libpod/image"
+ "github.com/containers/libpod/libpod/image"
ns "github.com/containers/libpod/pkg/namespaces"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/spec"
@@ -145,7 +145,7 @@ func playKubeYAMLCmd(c *cliconfig.KubePlayValues) error {
writer = os.Stderr
}
- dockerRegistryOptions := image2.DockerRegistryOptions{
+ dockerRegistryOptions := image.DockerRegistryOptions{
DockerRegistryCreds: registryCreds,
DockerCertPath: c.CertDir,
}
@@ -168,7 +168,13 @@ func playKubeYAMLCmd(c *cliconfig.KubePlayValues) error {
return errors.Errorf("Error creating HostPath %s at %s", volume.Name, hostPath.Path)
}
}
+ // unconditionally label a newly created volume as private
+ if err := libpod.LabelVolumePath(hostPath.Path, false); err != nil {
+ return errors.Wrapf(err, "Error giving %s a label", hostPath.Path)
+ }
+ break
case v1.HostPathDirectory:
+ case v1.HostPathUnset:
// do nothing here because we will verify the path exists in validateVolumeHostDir
break
default:
@@ -178,12 +184,11 @@ func playKubeYAMLCmd(c *cliconfig.KubePlayValues) error {
if err := shared.ValidateVolumeHostDir(hostPath.Path); err != nil {
return errors.Wrapf(err, "Error in parsing HostPath in YAML")
}
- fmt.Println(volume.Name)
volumes[volume.Name] = hostPath.Path
}
for _, container := range podYAML.Spec.Containers {
- newImage, err := runtime.ImageRuntime().New(ctx, container.Image, c.SignaturePolicy, c.Authfile, writer, &dockerRegistryOptions, image2.SigningOptions{}, false, nil)
+ newImage, err := runtime.ImageRuntime().New(ctx, container.Image, c.SignaturePolicy, c.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, false, nil)
if err != nil {
return err
}
@@ -232,7 +237,7 @@ func getPodPorts(containers []v1.Container) []ocicni.PortMapping {
}
// kubeContainerToCreateConfig takes a v1.Container and returns a createconfig describing a container
-func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container, runtime *libpod.Runtime, newImage *image2.Image, namespaces map[string]string, volumes map[string]string) (*createconfig.CreateConfig, error) {
+func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container, runtime *libpod.Runtime, newImage *image.Image, namespaces map[string]string, volumes map[string]string) (*createconfig.CreateConfig, error) {
var (
containerConfig createconfig.CreateConfig
envs map[string]string
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-01-15 17:00:57 +0000