diff options
Diffstat (limited to 'libpod')
105 files changed, 635 insertions, 424 deletions
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go index b2ee63b08..6f2eaeab2 100644 --- a/libpod/boltdb_state.go +++ b/libpod/boltdb_state.go @@ -6,7 +6,7 @@ import ( "strings" "sync" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -269,9 +269,9 @@ func (s *BoltState) Refresh() error { if err != nil { return err } - for _, execId := range toRemove { - if err := ctrExecBkt.Delete([]byte(execId)); err != nil { - return errors.Wrapf(err, "error removing exec session %s from container %s", execId, string(id)) + for _, execID := range toRemove { + if err := ctrExecBkt.Delete([]byte(execID)); err != nil { + return errors.Wrapf(err, "error removing exec session %s from container %s", execID, string(id)) } } } @@ -904,7 +904,6 @@ func (s *BoltState) ContainerInUse(ctr *Container) ([]string, error) { } return depCtrs, nil - } // AllContainers retrieves all the containers in the database @@ -962,7 +961,6 @@ func (s *BoltState) AllContainers() ([]*Container, error) { } return nil - }) }) if err != nil { @@ -2580,7 +2578,6 @@ func (s *BoltState) LookupVolume(name string) (*Volume, error) { } return volume, nil - } // HasVolume returns true if the given volume exists in the state, otherwise it returns false diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 6014fbef3..cf8f1c175 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -7,8 +7,8 @@ import ( "runtime" "strings" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/boltdb_state_linux.go b/libpod/boltdb_state_linux.go index 65efd5703..72243dcc5 100644 --- a/libpod/boltdb_state_linux.go +++ b/libpod/boltdb_state_linux.go @@ -3,7 +3,7 @@ package libpod import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/common_test.go b/libpod/common_test.go index 4eeb5c317..4c419cfa8 100644 --- a/libpod/common_test.go +++ b/libpod/common_test.go @@ -8,8 +8,8 @@ import ( "time" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/lock" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/lock" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/opencontainers/runtime-tools/generate" "github.com/stretchr/testify/assert" diff --git a/libpod/container.go b/libpod/container.go index e667cd991..ee6e243ac 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -12,9 +12,9 @@ import ( cnitypes "github.com/containernetworking/cni/pkg/types/current" "github.com/containers/common/pkg/secrets" "github.com/containers/image/v5/manifest" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/lock" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/lock" + "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/storage" "github.com/cri-o/ocicni/pkg/ocicni" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -236,6 +236,8 @@ type ContainerOverlayVolume struct { Dest string `json:"dest"` // Source specifies the source path of the mount. Source string `json:"source,omitempty"` + // Options holds overlay volume options. + Options []string `json:"options,omitempty"` } // ContainerImageVolume is a volume based on a container image. The container @@ -1057,7 +1059,6 @@ func (c *Container) NetworkDisabled() (bool, error) { return container.NetworkDisabled() } return networkDisabled(c) - } func networkDisabled(c *Container) (bool, error) { diff --git a/libpod/container_api.go b/libpod/container_api.go index 2473acec0..2818ac841 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -8,13 +8,12 @@ import ( "sync" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/signal" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/signal" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" - "k8s.io/client-go/tools/remotecommand" ) // Init creates a container in the OCI runtime, moving a container from @@ -110,7 +109,7 @@ func (c *Container) Start(ctx context.Context, recursive bool) error { // Attach call occurs before Start). // In overall functionality, it is identical to the Start call, with the added // side effect that an attach session will also be started. -func (c *Container) StartAndAttach(ctx context.Context, streams *define.AttachStreams, keys string, resize <-chan remotecommand.TerminalSize, recursive bool) (<-chan error, error) { +func (c *Container) StartAndAttach(ctx context.Context, streams *define.AttachStreams, keys string, resize <-chan define.TerminalSize, recursive bool) (<-chan error, error) { if !c.batched { c.lock.Lock() defer c.lock.Unlock() @@ -236,7 +235,7 @@ func (c *Container) Kill(signal uint) error { // Attach attaches to a container. // This function returns when the attach finishes. It does not hold the lock for // the duration of its runtime, only using it at the beginning to verify state. -func (c *Container) Attach(streams *define.AttachStreams, keys string, resize <-chan remotecommand.TerminalSize) error { +func (c *Container) Attach(streams *define.AttachStreams, keys string, resize <-chan define.TerminalSize) error { if !c.batched { c.lock.Lock() if err := c.syncContainer(); err != nil { @@ -319,7 +318,7 @@ func (c *Container) HTTPAttach(r *http.Request, w http.ResponseWriter, streams * // AttachResize resizes the container's terminal, which is displayed by Attach // and HTTPAttach. -func (c *Container) AttachResize(newSize remotecommand.TerminalSize) error { +func (c *Container) AttachResize(newSize define.TerminalSize) error { if !c.batched { c.lock.Lock() defer c.lock.Unlock() diff --git a/libpod/container_commit.go b/libpod/container_commit.go index 3386a17bd..22da0c566 100644 --- a/libpod/container_commit.go +++ b/libpod/container_commit.go @@ -9,10 +9,10 @@ import ( "github.com/containers/buildah/util" is "github.com/containers/image/v5/storage" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/libpod/image" - libpodutil "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/libpod/image" + libpodutil "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/container_config.go b/libpod/container_config.go index 5d7e65f2b..be24b54d6 100644 --- a/libpod/container_config.go +++ b/libpod/container_config.go @@ -6,7 +6,7 @@ import ( "github.com/containers/common/pkg/secrets" "github.com/containers/image/v5/manifest" - "github.com/containers/podman/v2/pkg/namespaces" + "github.com/containers/podman/v3/pkg/namespaces" "github.com/containers/storage" "github.com/cri-o/ocicni/pkg/ocicni" spec "github.com/opencontainers/runtime-spec/specs-go" diff --git a/libpod/container_exec.go b/libpod/container_exec.go index 5aee847e1..bb43287d9 100644 --- a/libpod/container_exec.go +++ b/libpod/container_exec.go @@ -8,12 +8,11 @@ import ( "strconv" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" "github.com/containers/storage/pkg/stringid" "github.com/pkg/errors" "github.com/sirupsen/logrus" - "k8s.io/client-go/tools/remotecommand" ) // ExecConfig contains the configuration of an exec session @@ -78,9 +77,11 @@ type ExecConfig struct { type ExecSession struct { // Id is the ID of the exec session. // Named somewhat strangely to not conflict with ID(). + // nolint:stylecheck,golint Id string `json:"id"` // ContainerId is the ID of the container this exec session belongs to. // Named somewhat strangely to not conflict with ContainerID(). + // nolint:stylecheck,golint ContainerId string `json:"containerId"` // State is the state of the exec session. @@ -674,7 +675,7 @@ func (c *Container) ExecRemove(sessionID string, force bool) error { // ExecResize resizes the TTY of the given exec session. Only available if the // exec session created a TTY. -func (c *Container) ExecResize(sessionID string, newSize remotecommand.TerminalSize) error { +func (c *Container) ExecResize(sessionID string, newSize define.TerminalSize) error { if !c.batched { c.lock.Lock() defer c.lock.Unlock() @@ -701,7 +702,7 @@ func (c *Container) ExecResize(sessionID string, newSize remotecommand.TerminalS // Exec emulates the old Libpod exec API, providing a single call to create, // run, and remove an exec session. Returns exit code and error. Exit code is // not guaranteed to be set sanely if error is not nil. -func (c *Container) Exec(config *ExecConfig, streams *define.AttachStreams, resize <-chan remotecommand.TerminalSize) (int, error) { +func (c *Container) Exec(config *ExecConfig, streams *define.AttachStreams, resize <-chan define.TerminalSize) (int, error) { sessionID, err := c.ExecCreate(config) if err != nil { return -1, err @@ -952,18 +953,22 @@ func (c *Container) removeAllExecSessions() error { } // Delete all exec sessions if err := c.runtime.state.RemoveContainerExecSessions(c); err != nil { - if lastErr != nil { - logrus.Errorf("Error stopping container %s exec sessions: %v", c.ID(), lastErr) + if errors.Cause(err) != define.ErrCtrRemoved { + if lastErr != nil { + logrus.Errorf("Error stopping container %s exec sessions: %v", c.ID(), lastErr) + } + lastErr = err } - lastErr = err } c.state.ExecSessions = nil c.state.LegacyExecSessions = nil if err := c.save(); err != nil { - if lastErr != nil { - logrus.Errorf("Error stopping container %s exec sessions: %v", c.ID(), lastErr) + if errors.Cause(err) != define.ErrCtrRemoved { + if lastErr != nil { + logrus.Errorf("Error stopping container %s exec sessions: %v", c.ID(), lastErr) + } + lastErr = err } - lastErr = err } return lastErr diff --git a/libpod/container_graph.go b/libpod/container_graph.go index 39f6ed281..3ae7cfbc7 100644 --- a/libpod/container_graph.go +++ b/libpod/container_graph.go @@ -4,7 +4,7 @@ import ( "context" "strings" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/container_graph_test.go b/libpod/container_graph_test.go index 518f3e74b..7ad7359bb 100644 --- a/libpod/container_graph_test.go +++ b/libpod/container_graph_test.go @@ -3,7 +3,7 @@ package libpod import ( "testing" - "github.com/containers/podman/v2/libpod/lock" + "github.com/containers/podman/v3/libpod/lock" "github.com/stretchr/testify/assert" ) diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go index f50c7dbfe..e0569e2d4 100644 --- a/libpod/container_inspect.go +++ b/libpod/container_inspect.go @@ -2,12 +2,13 @@ package libpod import ( "fmt" + "sort" "strings" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/driver" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/driver" + "github.com/containers/podman/v3/pkg/util" units "github.com/docker/go-units" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" @@ -698,6 +699,8 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named for cap := range boundingCaps { capDrop = append(capDrop, cap) } + // Sort CapDrop so it displays in consistent order (GH #9490) + sort.Strings(capDrop) } hostConfig.CapAdd = capAdd hostConfig.CapDrop = capDrop @@ -796,7 +799,6 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named if c.config.UTSNsCtr != "" { utsMode = fmt.Sprintf("container:%s", c.config.UTSNsCtr) } else if ctrSpec.Linux != nil { - // Locate the spec's UTS namespace. // If there is none, it's uts=host. // If there is one and it has a path, it's "ns:". @@ -871,8 +873,8 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named for _, limit := range ctrSpec.Process.Rlimits { newLimit := define.InspectUlimit{} newLimit.Name = limit.Type - newLimit.Soft = limit.Soft - newLimit.Hard = limit.Hard + newLimit.Soft = int64(limit.Soft) + newLimit.Hard = int64(limit.Hard) hostConfig.Ulimits = append(hostConfig.Ulimits, newLimit) } } diff --git a/libpod/container_internal.go b/libpod/container_internal.go index b280e79d1..2e0c24579 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -13,15 +13,16 @@ import ( "strings" "time" + "github.com/containers/buildah/copier" "github.com/containers/common/pkg/secrets" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/ctime" - "github.com/containers/podman/v2/pkg/hooks" - "github.com/containers/podman/v2/pkg/hooks/exec" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/selinux" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/ctime" + "github.com/containers/podman/v3/pkg/hooks" + "github.com/containers/podman/v3/pkg/hooks/exec" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/selinux" "github.com/containers/storage" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/idtools" @@ -265,7 +266,7 @@ func (c *Container) handleRestartPolicy(ctx context.Context) (_ bool, retErr err c.newContainerEvent(events.Restart) // Increment restart count - c.state.RestartCount += 1 + c.state.RestartCount++ logrus.Debugf("Container %s now on retry %d", c.ID(), c.state.RestartCount) if err := c.save(); err != nil { return false, err @@ -1582,18 +1583,8 @@ func (c *Container) mountNamedVolume(v *ContainerNamedVolume, mountpoint string) return nil, err } - // HACK HACK HACK - copy up into a volume driver is 100% broken - // right now. - if vol.UsesVolumeDriver() { - logrus.Infof("Not copying up into volume %s as it uses a volume driver", vol.Name()) - return vol, nil - } - // If the volume is not empty, we should not copy up. - volMount, err := vol.MountPoint() - if err != nil { - return nil, err - } + volMount := vol.mountPoint() contents, err := ioutil.ReadDir(volMount) if err != nil { return nil, errors.Wrapf(err, "error listing contents of volume %s mountpoint when copying up from container %s", vol.Name(), c.ID()) @@ -1609,8 +1600,66 @@ func (c *Container) mountNamedVolume(v *ContainerNamedVolume, mountpoint string) if err != nil { return nil, errors.Wrapf(err, "error calculating destination path to copy up container %s volume %s", c.ID(), vol.Name()) } - if err := c.copyWithTarFromImage(srcDir, volMount); err != nil && !os.IsNotExist(err) { - return nil, errors.Wrapf(err, "error copying content from container %s into volume %s", c.ID(), vol.Name()) + // Do a manual stat on the source directory to verify existence. + // Skip the rest if it exists. + // TODO: Should this be stat or lstat? I'm using lstat because I + // think copy-up doesn't happen when the source is a link. + srcStat, err := os.Lstat(srcDir) + if err != nil { + if os.IsNotExist(err) { + // Source does not exist, don't bother copying + // up. + return vol, nil + } + return nil, errors.Wrapf(err, "error identifying source directory for copy up into volume %s", vol.Name()) + } + // If it's not a directory we're mounting over it. + if !srcStat.IsDir() { + return vol, nil + } + // Read contents, do not bother continuing if it's empty. Fixes + // a bizarre issue where something copier.Get will ENOENT on + // empty directories and sometimes it will not. + // RHBZ#1928643 + srcContents, err := ioutil.ReadDir(srcDir) + if err != nil { + return nil, errors.Wrapf(err, "error reading contents of source directory for copy up into volume %s", vol.Name()) + } + if len(srcContents) == 0 { + return vol, nil + } + + // Buildah Copier accepts a reader, so we'll need a pipe. + reader, writer := io.Pipe() + defer reader.Close() + + errChan := make(chan error, 1) + + logrus.Infof("About to copy up into volume %s", vol.Name()) + + // Copy, container side: get a tar archive of what needs to be + // streamed into the volume. + go func() { + defer writer.Close() + getOptions := copier.GetOptions{ + KeepDirectoryNames: false, + } + errChan <- copier.Get(srcDir, "", getOptions, []string{"/."}, writer) + }() + + // Copy, volume side: stream what we've written to the pipe, into + // the volume. + copyOpts := copier.PutOptions{} + if err := copier.Put(volMount, "", copyOpts, reader); err != nil { + err2 := <-errChan + if err2 != nil { + logrus.Errorf("Error streaming contents of container %s directory for volume copy-up: %v", c.ID(), err2) + } + return nil, errors.Wrapf(err, "error copying up to volume %s", vol.Name()) + } + + if err := <-errChan; err != nil { + return nil, errors.Wrapf(err, "error streaming container content for copy up into volume %s", vol.Name()) } } return vol, nil @@ -2060,17 +2109,6 @@ func (c *Container) unmount(force bool) error { return nil } -// this should be from chrootarchive. -// Container MUST be mounted before calling. -func (c *Container) copyWithTarFromImage(source, dest string) error { - mappings := idtools.NewIDMappingsFromMaps(c.config.IDMappings.UIDMap, c.config.IDMappings.GIDMap) - a := archive.NewArchiver(mappings) - if err := c.copyOwnerAndPerms(source, dest); err != nil { - return err - } - return a.CopyWithTar(source, dest) -} - // checkReadyForRemoval checks whether the given container is ready to be // removed. // These checks are only used if force-remove is not specified. diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 3583f8fdd..dc0418148 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -21,22 +21,25 @@ import ( cnitypes "github.com/containernetworking/cni/pkg/types/current" "github.com/containernetworking/plugins/pkg/ns" + "github.com/containers/buildah/pkg/chrootuser" "github.com/containers/buildah/pkg/overlay" + butil "github.com/containers/buildah/util" "github.com/containers/common/pkg/apparmor" + "github.com/containers/common/pkg/chown" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/subscriptions" "github.com/containers/common/pkg/umask" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/annotations" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/criu" - "github.com/containers/podman/v2/pkg/lookup" - "github.com/containers/podman/v2/pkg/resolvconf" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" - "github.com/containers/podman/v2/utils" - "github.com/containers/podman/v2/version" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/annotations" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/criu" + "github.com/containers/podman/v3/pkg/lookup" + "github.com/containers/podman/v3/pkg/resolvconf" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" + "github.com/containers/podman/v3/utils" + "github.com/containers/podman/v3/version" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/idtools" securejoin "github.com/cyphar/filepath-securejoin" @@ -203,10 +206,17 @@ func (c *Container) resolveWorkDir() error { } logrus.Debugf("Workdir %q resolved to host path %q", workdir, resolvedWorkdir) - // No need to create it (e.g., `--workdir=/foo`), so let's make sure - // the path exists on the container. + st, err := os.Stat(resolvedWorkdir) + if err == nil { + if !st.IsDir() { + return errors.Errorf("workdir %q exists on container %s, but is not a directory", workdir, c.ID()) + } + return nil + } if !c.config.CreateWorkingDir { - if _, err := os.Stat(resolvedWorkdir); err != nil { + // No need to create it (e.g., `--workdir=/foo`), so let's make sure + // the path exists on the container. + if err != nil { if os.IsNotExist(err) { return errors.Errorf("workdir %q does not exist on container %s", workdir, c.ID()) } @@ -216,11 +226,6 @@ func (c *Container) resolveWorkDir() error { } return nil } - - // Ensure container entrypoint is created (if required). - rootUID := c.RootUID() - rootGID := c.RootGID() - if err := os.MkdirAll(resolvedWorkdir, 0755); err != nil { if os.IsExist(err) { return nil @@ -228,7 +233,12 @@ func (c *Container) resolveWorkDir() error { return errors.Wrapf(err, "error creating container %s workdir", c.ID()) } - if err := os.Chown(resolvedWorkdir, rootUID, rootGID); err != nil { + // Ensure container entrypoint is created (if required). + uid, gid, _, err := chrootuser.GetUser(c.state.Mountpoint, c.User()) + if err != nil { + return errors.Wrapf(err, "error looking up %s inside of the container %s", c.User(), c.ID()) + } + if err := os.Chown(resolvedWorkdir, int(uid), int(gid)); err != nil { return errors.Wrapf(err, "error chowning container %s workdir to container root", c.ID()) } @@ -348,13 +358,28 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { return nil, err } - // Check if the spec file mounts contain the label Relabel flags z or Z. - // If they do, relabel the source directory and then remove the option. + // Get host UID and GID based on the container process UID and GID. + hostUID, hostGID, err := butil.GetHostIDs(util.IDtoolsToRuntimeSpec(c.config.IDMappings.UIDMap), util.IDtoolsToRuntimeSpec(c.config.IDMappings.GIDMap), uint32(execUser.Uid), uint32(execUser.Gid)) + if err != nil { + return nil, err + } + + // Check if the spec file mounts contain the options z, Z or U. + // If they have z or Z, relabel the source directory and then remove the option. + // If they have U, chown the source directory and them remove the option. for i := range g.Config.Mounts { m := &g.Config.Mounts[i] var options []string for _, o := range m.Options { switch o { + case "U": + if m.Type == "tmpfs" { + options = append(options, []string{fmt.Sprintf("uid=%d", execUser.Uid), fmt.Sprintf("gid=%d", execUser.Gid)}...) + } else { + if err := chown.ChangeHostPathOwnership(m.Source, true, int(hostUID), int(hostGID)); err != nil { + return nil, err + } + } case "z": fallthrough case "Z": @@ -419,6 +444,21 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { if err != nil { return nil, errors.Wrapf(err, "mounting overlay failed %q", overlayVol.Source) } + + // Check overlay volume options + for _, o := range overlayVol.Options { + switch o { + case "U": + if err := chown.ChangeHostPathOwnership(overlayVol.Source, true, int(hostUID), int(hostGID)); err != nil { + return nil, err + } + + if err := chown.ChangeHostPathOwnership(contentDir, true, int(hostUID), int(hostGID)); err != nil { + return nil, err + } + } + } + g.AddMount(overlayMount) } @@ -458,7 +498,7 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { break } } - if !hasHomeSet { + if !hasHomeSet && execUser.Home != "" { c.config.Spec.Process.Env = append(c.config.Spec.Process.Env, fmt.Sprintf("HOME=%s", execUser.Home)) } @@ -521,14 +561,14 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { }} } for _, gid := range execUser.Sgids { - isGidAvailable := false + isGIDAvailable := false for _, m := range gidMappings { if gid >= m.ContainerID && gid < m.ContainerID+m.Size { - isGidAvailable = true + isGIDAvailable = true break } } - if isGidAvailable { + if isGIDAvailable { g.AddProcessAdditionalGid(uint32(gid)) } else { logrus.Warnf("additional gid=%d is not present in the user namespace, skip setting it", gid) @@ -1614,13 +1654,12 @@ func (c *Container) makeBindMounts() error { return errors.Wrapf(err, "error setting timezone for container %s", c.ID()) } c.state.BindMounts["/etc/localtime"] = localtimePath - } } // Make .containerenv if it does not exist if _, ok := c.state.BindMounts["/run/.containerenv"]; !ok { - var containerenv string + containerenv := c.runtime.graphRootMountedFlag(c.config.Spec.Mounts) isRootless := 0 if rootless.IsRootless() { isRootless = 1 @@ -1635,7 +1674,7 @@ id=%q image=%q imageid=%q rootless=%d -`, version.Version.String(), c.Name(), c.ID(), imageName, imageID, isRootless) +%s`, version.Version.String(), c.Name(), c.ID(), imageName, imageID, isRootless, containerenv) } containerenvPath, err := c.writeStringToRundir(".containerenv", containerenv) if err != nil { @@ -1674,8 +1713,9 @@ rootless=%d // generateResolvConf generates a containers resolv.conf func (c *Container) generateResolvConf() (string, error) { var ( - nameservers []string - cniNameServers []string + nameservers []string + cniNameServers []string + cniSearchDomains []string ) resolvConf := "/etc/resolv.conf" @@ -1727,6 +1767,10 @@ func (c *Container) generateResolvConf() (string, error) { cniNameServers = append(cniNameServers, i.DNS.Nameservers...) logrus.Debugf("adding nameserver(s) from cni response of '%q'", i.DNS.Nameservers) } + if i.DNS.Search != nil { + cniSearchDomains = append(cniSearchDomains, i.DNS.Search...) + logrus.Debugf("adding search domain(s) from cni response of '%q'", i.DNS.Search) + } } dns := make([]net.IP, 0, len(c.runtime.config.Containers.DNSServers)) @@ -1758,10 +1802,11 @@ func (c *Container) generateResolvConf() (string, error) { } var search []string - if len(c.config.DNSSearch) > 0 || len(c.runtime.config.Containers.DNSSearches) > 0 { + if len(c.config.DNSSearch) > 0 || len(c.runtime.config.Containers.DNSSearches) > 0 || len(cniSearchDomains) > 0 { if !util.StringInSlice(".", c.config.DNSSearch) { search = c.runtime.config.Containers.DNSSearches search = append(search, c.config.DNSSearch...) + search = append(search, cniSearchDomains...) } } else { search = resolvconf.GetSearchDomains(resolv.Content) @@ -2278,23 +2323,6 @@ func (c *Container) generatePasswdAndGroup() (string, string, error) { return passwdPath, groupPath, nil } -func (c *Container) copyOwnerAndPerms(source, dest string) error { - info, err := os.Stat(source) - if err != nil { - if os.IsNotExist(err) { - return nil - } - return err - } - if err := os.Chmod(dest, info.Mode()); err != nil { - return err - } - if err := os.Chown(dest, int(info.Sys().(*syscall.Stat_t).Uid), int(info.Sys().(*syscall.Stat_t).Gid)); err != nil { - return err - } - return nil -} - // Get cgroup path in a format suitable for the OCI spec func (c *Container) getOCICgroupPath() (string, error) { unified, err := cgroups.IsCgroup2UnifiedMode() diff --git a/libpod/container_internal_unsupported.go b/libpod/container_internal_unsupported.go index 7f6fc9ec9..f979bcbde 100644 --- a/libpod/container_internal_unsupported.go +++ b/libpod/container_internal_unsupported.go @@ -5,8 +5,8 @@ package libpod import ( "context" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/lookup" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/lookup" spec "github.com/opencontainers/runtime-spec/specs-go" ) diff --git a/libpod/container_log.go b/libpod/container_log.go index f16e08353..a3b700004 100644 --- a/libpod/container_log.go +++ b/libpod/container_log.go @@ -6,8 +6,8 @@ import ( "os" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/logs" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/logs" "github.com/hpcloud/tail/watch" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/container_log_linux.go b/libpod/container_log_linux.go index d895171cf..5792633b0 100644 --- a/libpod/container_log_linux.go +++ b/libpod/container_log_linux.go @@ -8,11 +8,12 @@ import ( "fmt" "io" "math" - "strings" "time" - "github.com/containers/podman/v2/libpod/logs" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/logs" journal "github.com/coreos/go-systemd/v22/sdjournal" + "github.com/hpcloud/tail/watch" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -34,10 +35,16 @@ func (c *Container) readFromJournal(ctx context.Context, options *logs.LogOption var config journal.JournalReaderConfig if options.Tail < 0 { config.NumFromTail = 0 + } else if options.Tail == 0 { + config.NumFromTail = math.MaxUint64 } else { config.NumFromTail = uint64(options.Tail) } - config.Formatter = journalFormatter + if options.Multi { + config.Formatter = journalFormatterWithID + } else { + config.Formatter = journalFormatter + } defaultTime := time.Time{} if options.Since != defaultTime { // coreos/go-systemd/sdjournal doesn't correctly handle requests for data in the future @@ -45,7 +52,7 @@ func (c *Container) readFromJournal(ctx context.Context, options *logs.LogOption if time.Now().Before(options.Since) { return nil } - config.Since = time.Since(options.Since) + config.Since = -time.Since(options.Since) } config.Matches = append(config.Matches, journal.Match{ Field: "CONTAINER_ID_FULL", @@ -63,8 +70,12 @@ func (c *Container) readFromJournal(ctx context.Context, options *logs.LogOption if options.Tail == math.MaxInt64 { r.Rewind() } + state, err := c.State() + if err != nil { + return err + } - if options.Follow { + if options.Follow && state == define.ContainerStateRunning { go func() { done := make(chan bool) until := make(chan time.Time) @@ -76,6 +87,21 @@ func (c *Container) readFromJournal(ctx context.Context, options *logs.LogOption // nothing to do anymore } }() + go func() { + for { + state, err := c.State() + if err != nil { + until <- time.Time{} + logrus.Error(err) + break + } + time.Sleep(watch.POLL_DURATION) + if state != define.ContainerStateRunning && state != define.ContainerStatePaused { + until <- time.Time{} + break + } + } + }() follower := FollowBuffer{logChannel} err := r.Follow(until, follower) if err != nil { @@ -114,7 +140,44 @@ func (c *Container) readFromJournal(ctx context.Context, options *logs.LogOption return nil } +func journalFormatterWithID(entry *journal.JournalEntry) (string, error) { + output, err := formatterPrefix(entry) + if err != nil { + return "", err + } + + id, ok := entry.Fields["CONTAINER_ID_FULL"] + if !ok { + return "", fmt.Errorf("no CONTAINER_ID_FULL field present in journal entry") + } + if len(id) > 12 { + id = id[:12] + } + output += fmt.Sprintf("%s ", id) + // Append message + msg, err := formatterMessage(entry) + if err != nil { + return "", err + } + output += msg + return output, nil +} + func journalFormatter(entry *journal.JournalEntry) (string, error) { + output, err := formatterPrefix(entry) + if err != nil { + return "", err + } + // Append message + msg, err := formatterMessage(entry) + if err != nil { + return "", err + } + output += msg + return output, nil +} + +func formatterPrefix(entry *journal.JournalEntry) (string, error) { usec := entry.RealtimeTimestamp tsString := time.Unix(0, int64(usec)*int64(time.Microsecond)).Format(logs.LogTimeFormat) output := fmt.Sprintf("%s ", tsString) @@ -137,13 +200,16 @@ func journalFormatter(entry *journal.JournalEntry) (string, error) { output += fmt.Sprintf("%s ", logs.FullLogType) } + return output, nil +} + +func formatterMessage(entry *journal.JournalEntry) (string, error) { // Finally, append the message msg, ok := entry.Fields["MESSAGE"] if !ok { return "", fmt.Errorf("no MESSAGE field present in journal entry") } - output += strings.TrimSpace(msg) - return output, nil + return msg, nil } type FollowBuffer struct { diff --git a/libpod/container_log_unsupported.go b/libpod/container_log_unsupported.go index 4106b36e5..d10082141 100644 --- a/libpod/container_log_unsupported.go +++ b/libpod/container_log_unsupported.go @@ -5,8 +5,8 @@ package libpod import ( "context" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/logs" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/logs" "github.com/pkg/errors" ) diff --git a/libpod/container_path_resolution.go b/libpod/container_path_resolution.go index 805b3b947..5245314ae 100644 --- a/libpod/container_path_resolution.go +++ b/libpod/container_path_resolution.go @@ -18,7 +18,7 @@ import ( // mountPoint (e.g., via a mount or volume), the resolved root (e.g., container // mount, bind mount or volume) and the resolved path on the root (absolute to // the host). -func (container *Container) resolvePath(mountPoint string, containerPath string) (string, string, error) { +func (c *Container) resolvePath(mountPoint string, containerPath string) (string, string, error) { // Let's first make sure we have a path relative to the mount point. pathRelativeToContainerMountPoint := containerPath if !filepath.IsAbs(containerPath) { @@ -26,7 +26,7 @@ func (container *Container) resolvePath(mountPoint string, containerPath string) // container's working dir. To be extra careful, let's first // join the working dir with "/", and the add the containerPath // to it. - pathRelativeToContainerMountPoint = filepath.Join(filepath.Join("/", container.WorkingDir()), containerPath) + pathRelativeToContainerMountPoint = filepath.Join(filepath.Join("/", c.WorkingDir()), containerPath) } resolvedPathOnTheContainerMountPoint := filepath.Join(mountPoint, pathRelativeToContainerMountPoint) pathRelativeToContainerMountPoint = strings.TrimPrefix(pathRelativeToContainerMountPoint, mountPoint) @@ -43,7 +43,7 @@ func (container *Container) resolvePath(mountPoint string, containerPath string) searchPath := pathRelativeToContainerMountPoint for { - volume, err := findVolume(container, searchPath) + volume, err := findVolume(c, searchPath) if err != nil { return "", "", err } @@ -74,7 +74,7 @@ func (container *Container) resolvePath(mountPoint string, containerPath string) return mountPoint, absolutePathOnTheVolumeMount, nil } - if mount := findBindMount(container, searchPath); mount != nil { + if mount := findBindMount(c, searchPath); mount != nil { logrus.Debugf("Container path %q resolved to bind mount %q:%q on path %q", containerPath, mount.Source, mount.Destination, searchPath) // We found a matching bind mount for searchPath. We // now need to first find the relative path of our @@ -86,14 +86,12 @@ func (container *Container) resolvePath(mountPoint string, containerPath string) return "", "", err } return mount.Source, absolutePathOnTheBindMount, nil - } if searchPath == "/" { // Cannot go beyond "/", so we're done. break } - // Walk *down* the path (e.g., "/foo/bar/x" -> "/foo/bar"). searchPath = filepath.Dir(searchPath) } diff --git a/libpod/container_top_linux.go b/libpod/container_top_linux.go index 161367d75..ee03570ab 100644 --- a/libpod/container_top_linux.go +++ b/libpod/container_top_linux.go @@ -8,8 +8,8 @@ import ( "strconv" "strings" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/psgo" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/container_top_unsupported.go b/libpod/container_top_unsupported.go index 866fe106f..1a096d248 100644 --- a/libpod/container_top_unsupported.go +++ b/libpod/container_top_unsupported.go @@ -2,7 +2,7 @@ package libpod -import "github.com/containers/podman/v2/libpod/define" +import "github.com/containers/podman/v3/libpod/define" // Top gathers statistics about the running processes in a container. It returns a // []string for output diff --git a/libpod/container_validate.go b/libpod/container_validate.go index 57bb929dd..245121a91 100644 --- a/libpod/container_validate.go +++ b/libpod/container_validate.go @@ -1,7 +1,7 @@ package libpod import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" ) diff --git a/libpod/define/container_inspect.go b/libpod/define/container_inspect.go index 2cdd53cbc..0f355d20a 100644 --- a/libpod/define/container_inspect.go +++ b/libpod/define/container_inspect.go @@ -122,9 +122,9 @@ type InspectUlimit struct { // Name is the name (type) of the ulimit. Name string `json:"Name"` // Soft is the soft limit that will be applied. - Soft uint64 `json:"Soft"` + Soft int64 `json:"Soft"` // Hard is the hard limit that will be applied. - Hard uint64 `json:"Hard"` + Hard int64 `json:"Hard"` } // InspectDevice is a single device that will be mounted into the container. diff --git a/libpod/define/terminal.go b/libpod/define/terminal.go new file mode 100644 index 000000000..ce8955544 --- /dev/null +++ b/libpod/define/terminal.go @@ -0,0 +1,7 @@ +package define + +// TerminalSize represents the width and height of a terminal. +type TerminalSize struct { + Width uint16 + Height uint16 +} diff --git a/libpod/define/version.go b/libpod/define/version.go index d4cdd539d..67dc730ac 100644 --- a/libpod/define/version.go +++ b/libpod/define/version.go @@ -5,7 +5,7 @@ import ( "strconv" "time" - podmanVersion "github.com/containers/podman/v2/version" + podmanVersion "github.com/containers/podman/v3/version" ) // Overwritten at build time diff --git a/libpod/diff.go b/libpod/diff.go index 43f4d2e96..36d60b838 100644 --- a/libpod/diff.go +++ b/libpod/diff.go @@ -3,7 +3,7 @@ package libpod import ( "io" - "github.com/containers/podman/v2/libpod/layers" + "github.com/containers/podman/v3/libpod/layers" "github.com/containers/storage/pkg/archive" "github.com/pkg/errors" ) diff --git a/libpod/driver/driver.go b/libpod/driver/driver.go index de71c1f6e..6fe2cf8ac 100644 --- a/libpod/driver/driver.go +++ b/libpod/driver/driver.go @@ -1,7 +1,7 @@ package driver import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/storage" ) diff --git a/libpod/events.go b/libpod/events.go index e199a3846..839229674 100644 --- a/libpod/events.go +++ b/libpod/events.go @@ -5,7 +5,7 @@ import ( "fmt" "sync" - "github.com/containers/podman/v2/libpod/events" + "github.com/containers/podman/v3/libpod/events" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/events/events.go b/libpod/events/events.go index aa0401b62..01ea6a386 100644 --- a/libpod/events/events.go +++ b/libpod/events/events.go @@ -97,7 +97,6 @@ func newEventFromJSONString(event string) (*Event, error) { return nil, err } return &e, nil - } // ToString converts a Type to a string diff --git a/libpod/events/filters.go b/libpod/events/filters.go index 62891d32c..acfb96302 100644 --- a/libpod/events/filters.go +++ b/libpod/events/filters.go @@ -4,7 +4,7 @@ import ( "strings" "time" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" ) @@ -86,7 +86,6 @@ func generateEventSinceOption(timeSince time.Time) func(e *Event) bool { func generateEventUntilOption(timeUntil time.Time) func(e *Event) bool { return func(e *Event) bool { return e.Time.Before(timeUntil) - } } diff --git a/libpod/events/journal_linux.go b/libpod/events/journal_linux.go index 8b7e448b1..23e5f15b1 100644 --- a/libpod/events/journal_linux.go +++ b/libpod/events/journal_linux.go @@ -8,7 +8,7 @@ import ( "strconv" "time" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/pkg/util" "github.com/coreos/go-systemd/v22/journal" "github.com/coreos/go-systemd/v22/sdjournal" "github.com/pkg/errors" diff --git a/libpod/events/logfile.go b/libpod/events/logfile.go index 05ae3ce52..7a32ea311 100644 --- a/libpod/events/logfile.go +++ b/libpod/events/logfile.go @@ -6,7 +6,7 @@ import ( "os" "time" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" "github.com/pkg/errors" ) @@ -39,7 +39,6 @@ func (e EventLogFile) Write(ee Event) error { return err } return nil - } // Reads from the log file diff --git a/libpod/healthcheck.go b/libpod/healthcheck.go index f77075893..c32ba85cb 100644 --- a/libpod/healthcheck.go +++ b/libpod/healthcheck.go @@ -9,7 +9,7 @@ import ( "strings" "time" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -190,7 +190,7 @@ func (c *Container) updateHealthCheckLog(hcl define.HealthCheckLog, inStartPerio } if !inStartPeriod { // increment failing streak - healthCheck.FailingStreak += 1 + healthCheck.FailingStreak++ // if failing streak > retries, then status to unhealthy if healthCheck.FailingStreak >= c.HealthCheckConfig().Retries { healthCheck.Status = define.HealthCheckUnhealthy diff --git a/libpod/healthcheck_linux.go b/libpod/healthcheck_linux.go index 0ad15da09..e08214809 100644 --- a/libpod/healthcheck_linux.go +++ b/libpod/healthcheck_linux.go @@ -6,8 +6,8 @@ import ( "os/exec" "strings" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/systemd" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/systemd" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/healthcheck_unsupported.go b/libpod/healthcheck_unsupported.go index 67c952b40..8b6a0209b 100644 --- a/libpod/healthcheck_unsupported.go +++ b/libpod/healthcheck_unsupported.go @@ -2,7 +2,7 @@ package libpod -import "github.com/containers/podman/v2/libpod/define" +import "github.com/containers/podman/v3/libpod/define" // createTimer systemd timers for healthchecks of a container func (c *Container) createTimer() error { diff --git a/libpod/image/docker_registry_options.go b/libpod/image/docker_registry_options.go index 835473a1f..0a2a375ae 100644 --- a/libpod/image/docker_registry_options.go +++ b/libpod/image/docker_registry_options.go @@ -6,7 +6,7 @@ import ( "github.com/containers/buildah/pkg/parse" "github.com/containers/image/v5/docker/reference" "github.com/containers/image/v5/types" - podmanVersion "github.com/containers/podman/v2/version" + podmanVersion "github.com/containers/podman/v3/version" ) // DockerRegistryOptions encapsulates settings that affect how we connect or diff --git a/libpod/image/errors.go b/libpod/image/errors.go index 3f58b1c6a..49f841bf4 100644 --- a/libpod/image/errors.go +++ b/libpod/image/errors.go @@ -1,7 +1,7 @@ package image import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" ) var ( diff --git a/libpod/image/filters.go b/libpod/image/filters.go index 4aff0a7b5..37d3cb6a5 100644 --- a/libpod/image/filters.go +++ b/libpod/image/filters.go @@ -8,7 +8,7 @@ import ( "strings" "time" - "github.com/containers/podman/v2/pkg/inspect" + "github.com/containers/podman/v3/pkg/inspect" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/image/image.go b/libpod/image/image.go index d732aecfe..265178ad5 100644 --- a/libpod/image/image.go +++ b/libpod/image/image.go @@ -29,12 +29,12 @@ import ( "github.com/containers/image/v5/transports" "github.com/containers/image/v5/transports/alltransports" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/driver" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/inspect" - "github.com/containers/podman/v2/pkg/registries" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/driver" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/inspect" + "github.com/containers/podman/v3/pkg/registries" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" digest "github.com/opencontainers/go-digest" ociv1 "github.com/opencontainers/image-spec/specs-go/v1" @@ -143,7 +143,7 @@ func (ir *Runtime) NewFromLocal(name string) (*Image, error) { // New creates a new image object where the image could be local // or remote -func (ir *Runtime) New(ctx context.Context, name, signaturePolicyPath, authfile string, writer io.Writer, dockeroptions *DockerRegistryOptions, signingoptions SigningOptions, label *string, pullType util.PullType) (*Image, error) { +func (ir *Runtime) New(ctx context.Context, name, signaturePolicyPath, authfile string, writer io.Writer, dockeroptions *DockerRegistryOptions, signingoptions SigningOptions, label *string, pullType util.PullType, progress chan types.ProgressProperties) (*Image, error) { span, _ := opentracing.StartSpanFromContext(ctx, "newImage") span.SetTag("type", "runtime") defer span.Finish() @@ -162,7 +162,7 @@ func (ir *Runtime) New(ctx context.Context, name, signaturePolicyPath, authfile if signaturePolicyPath == "" { signaturePolicyPath = ir.SignaturePolicyPath } - imageName, err := ir.pullImageFromHeuristicSource(ctx, name, writer, authfile, signaturePolicyPath, signingoptions, dockeroptions, &retry.RetryOptions{MaxRetry: maxRetry}, label) + imageName, err := ir.pullImageFromHeuristicSource(ctx, name, writer, authfile, signaturePolicyPath, signingoptions, dockeroptions, &retry.RetryOptions{MaxRetry: maxRetry}, label, progress) if err != nil { return nil, err } @@ -323,7 +323,7 @@ func (ir *Runtime) LoadAllImagesFromDockerArchive(ctx context.Context, fileName } defer goal.cleanUp() - imageNames, err := ir.doPullImage(ctx, sc, goal, writer, SigningOptions{}, &DockerRegistryOptions{}, &retry.RetryOptions{}, nil) + imageNames, err := ir.doPullImage(ctx, sc, goal, writer, SigningOptions{}, &DockerRegistryOptions{}, &retry.RetryOptions{}, nil, nil) if err != nil { return nil, err } @@ -1688,7 +1688,6 @@ func (i *Image) GetConfigBlob(ctx context.Context) (*manifest.Schema2Image, erro return nil, errors.Wrapf(err, "unable to parse image blob for %s", i.ID()) } return &blob, nil - } // GetHealthCheck returns a HealthConfig for an image. This function only works with diff --git a/libpod/image/image_test.go b/libpod/image/image_test.go index 2704b8baf..3e6e7b9db 100644 --- a/libpod/image/image_test.go +++ b/libpod/image/image_test.go @@ -7,8 +7,8 @@ import ( "os" "testing" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" "github.com/containers/storage/pkg/reexec" "github.com/opencontainers/go-digest" @@ -66,7 +66,6 @@ func makeLocalMatrix(b, bg *Image) []localImageTest { l = append(l, busybox, busyboxGlibc) return l - } func TestMain(m *testing.M) { @@ -95,9 +94,9 @@ func TestImage_NewFromLocal(t *testing.T) { ir, err := NewImageRuntimeFromOptions(so) assert.NoError(t, err) ir.Eventer = events.NewNullEventer() - bb, err := ir.New(context.Background(), "docker.io/library/busybox:latest", "", "", writer, nil, SigningOptions{}, nil, util.PullImageMissing) + bb, err := ir.New(context.Background(), "docker.io/library/busybox:latest", "", "", writer, nil, SigningOptions{}, nil, util.PullImageMissing, nil) assert.NoError(t, err) - bbglibc, err := ir.New(context.Background(), "docker.io/library/busybox:glibc", "", "", writer, nil, SigningOptions{}, nil, util.PullImageMissing) + bbglibc, err := ir.New(context.Background(), "docker.io/library/busybox:glibc", "", "", writer, nil, SigningOptions{}, nil, util.PullImageMissing, nil) assert.NoError(t, err) tm := makeLocalMatrix(bb, bbglibc) @@ -141,7 +140,7 @@ func TestImage_New(t *testing.T) { // Iterate over the names and delete the image // after the pull for _, img := range names { - newImage, err := ir.New(context.Background(), img, "", "", writer, nil, SigningOptions{}, nil, util.PullImageMissing) + newImage, err := ir.New(context.Background(), img, "", "", writer, nil, SigningOptions{}, nil, util.PullImageMissing, nil) assert.NoError(t, err) assert.NotEqual(t, newImage.ID(), "") err = newImage.Remove(context.Background(), false) @@ -170,7 +169,7 @@ func TestImage_MatchRepoTag(t *testing.T) { ir, err := NewImageRuntimeFromOptions(so) assert.NoError(t, err) ir.Eventer = events.NewNullEventer() - newImage, err := ir.New(context.Background(), "busybox", "", "", os.Stdout, nil, SigningOptions{}, nil, util.PullImageMissing) + newImage, err := ir.New(context.Background(), "busybox", "", "", os.Stdout, nil, SigningOptions{}, nil, util.PullImageMissing, nil) assert.NoError(t, err) err = newImage.TagImage("foo:latest") assert.NoError(t, err) diff --git a/libpod/image/layer_tree.go b/libpod/image/layer_tree.go index 18101575e..aa3084449 100644 --- a/libpod/image/layer_tree.go +++ b/libpod/image/layer_tree.go @@ -4,7 +4,7 @@ import ( "context" ociv1 "github.com/opencontainers/image-spec/specs-go/v1" - "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) // layerTree is an internal representation of local layers. @@ -84,7 +84,12 @@ func (ir *Runtime) layerTree() (*layerTree, error) { } node, exists := tree.nodes[topLayer] if !exists { - return nil, errors.Errorf("top layer %s of image %s not found in layer tree", img.TopLayer(), img.ID()) + // Note: erroring out in this case has turned out having been a + // mistake. Users may not be able to recover, so we're now + // throwing a warning to guide them to resolve the issue and + // turn the errors non-fatal. + logrus.Warnf("Top layer %s of image %s not found in layer tree. The storage may be corrupted, consider running `podman system reset`.", topLayer, img.ID()) + continue } node.images = append(node.images, img) } @@ -107,7 +112,12 @@ func (t *layerTree) children(ctx context.Context, parent *Image, all bool) ([]st parentNode, exists := t.nodes[parent.TopLayer()] if !exists { - return nil, errors.Errorf("layer not found in layer tree: %q", parent.TopLayer()) + // Note: erroring out in this case has turned out having been a + // mistake. Users may not be able to recover, so we're now + // throwing a warning to guide them to resolve the issue and + // turn the errors non-fatal. + logrus.Warnf("Layer %s not found in layer. The storage may be corrupted, consider running `podman system reset`.", parent.TopLayer()) + return children, nil } parentID := parent.ID() @@ -177,7 +187,12 @@ func (t *layerTree) parent(ctx context.Context, child *Image) (*Image, error) { node, exists := t.nodes[child.TopLayer()] if !exists { - return nil, errors.Errorf("layer not found in layer tree: %q", child.TopLayer()) + // Note: erroring out in this case has turned out having been a + // mistake. Users may not be able to recover, so we're now + // throwing a warning to guide them to resolve the issue and + // turn the errors non-fatal. + logrus.Warnf("Layer %s not found in layer. The storage may be corrupted, consider running `podman system reset`.", child.TopLayer()) + return nil, nil } childOCI, err := t.toOCI(ctx, child) diff --git a/libpod/image/prune.go b/libpod/image/prune.go index 587c99333..d6ae5feaf 100644 --- a/libpod/image/prune.go +++ b/libpod/image/prune.go @@ -5,9 +5,9 @@ import ( "strings" "time" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/domain/entities/reports" - "github.com/containers/podman/v2/pkg/timetype" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/domain/entities/reports" + "github.com/containers/podman/v3/pkg/timetype" "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -52,7 +52,6 @@ func generatePruneFilterFuncs(filter, filterValue string) (ImageFilter, error) { } return false }, nil - } return nil, nil } @@ -170,7 +169,6 @@ func (ir *Runtime) PruneImages(ctx context.Context, all bool, filter []string) ( Size: uint64(imgSize), }) } - } return preports, nil } diff --git a/libpod/image/pull.go b/libpod/image/pull.go index 996b5995a..c5fafc25d 100644 --- a/libpod/image/pull.go +++ b/libpod/image/pull.go @@ -6,6 +6,7 @@ import ( "io" "path/filepath" "strings" + "time" "github.com/containers/common/pkg/retry" cp "github.com/containers/image/v5/copy" @@ -19,9 +20,9 @@ import ( "github.com/containers/image/v5/transports" "github.com/containers/image/v5/transports/alltransports" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/errorhandling" - "github.com/containers/podman/v2/pkg/registries" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/errorhandling" + "github.com/containers/podman/v3/pkg/registries" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -241,7 +242,7 @@ func toLocalImageName(imageName string) string { // pullImageFromHeuristicSource pulls an image based on inputName, which is heuristically parsed and may involve configured registries. // Use pullImageFromReference if the source is known precisely. -func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName string, writer io.Writer, authfile, signaturePolicyPath string, signingOptions SigningOptions, dockerOptions *DockerRegistryOptions, retryOptions *retry.RetryOptions, label *string) ([]string, error) { +func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName string, writer io.Writer, authfile, signaturePolicyPath string, signingOptions SigningOptions, dockerOptions *DockerRegistryOptions, retryOptions *retry.RetryOptions, label *string, progress chan types.ProgressProperties) ([]string, error) { span, _ := opentracing.StartSpanFromContext(ctx, "pullImageFromHeuristicSource") defer span.Finish() @@ -275,7 +276,7 @@ func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName s } } defer goal.cleanUp() - return ir.doPullImage(ctx, sc, *goal, writer, signingOptions, dockerOptions, retryOptions, label) + return ir.doPullImage(ctx, sc, *goal, writer, signingOptions, dockerOptions, retryOptions, label, progress) } // pullImageFromReference pulls an image from a types.imageReference. @@ -294,7 +295,7 @@ func (ir *Runtime) pullImageFromReference(ctx context.Context, srcRef types.Imag return nil, errors.Wrapf(err, "error determining pull goal for image %q", transports.ImageName(srcRef)) } defer goal.cleanUp() - return ir.doPullImage(ctx, sc, *goal, writer, signingOptions, dockerOptions, retryOptions, nil) + return ir.doPullImage(ctx, sc, *goal, writer, signingOptions, dockerOptions, retryOptions, nil, nil) } func cleanErrorMessage(err error) string { @@ -304,7 +305,7 @@ func cleanErrorMessage(err error) string { } // doPullImage is an internal helper interpreting pullGoal. Almost everyone should call one of the callers of doPullImage instead. -func (ir *Runtime) doPullImage(ctx context.Context, sc *types.SystemContext, goal pullGoal, writer io.Writer, signingOptions SigningOptions, dockerOptions *DockerRegistryOptions, retryOptions *retry.RetryOptions, label *string) ([]string, error) { +func (ir *Runtime) doPullImage(ctx context.Context, sc *types.SystemContext, goal pullGoal, writer io.Writer, signingOptions SigningOptions, dockerOptions *DockerRegistryOptions, retryOptions *retry.RetryOptions, label *string, progress chan types.ProgressProperties) ([]string, error) { span, _ := opentracing.StartSpanFromContext(ctx, "doPullImage") defer span.Finish() @@ -328,6 +329,10 @@ func (ir *Runtime) doPullImage(ctx context.Context, sc *types.SystemContext, goa for _, imageInfo := range goal.refPairs { copyOptions := getCopyOptions(sc, writer, dockerOptions, nil, signingOptions, "", nil) copyOptions.SourceCtx.SystemRegistriesConfPath = systemRegistriesConfPath // FIXME: Set this more globally. Probably no reason not to have it in every types.SystemContext, and to compute the value just once in one place. + if progress != nil { + copyOptions.Progress = progress + copyOptions.ProgressInterval = time.Second + } // Print the following statement only when pulling from a docker or atomic registry if writer != nil && (imageInfo.srcRef.Transport().Name() == DockerTransport || imageInfo.srcRef.Transport().Name() == AtomicTransport) { if _, err := io.WriteString(writer, fmt.Sprintf("Trying to pull %s...\n", imageInfo.image)); err != nil { diff --git a/libpod/image/search.go b/libpod/image/search.go index c5799219a..714551e6e 100644 --- a/libpod/image/search.go +++ b/libpod/image/search.go @@ -10,7 +10,7 @@ import ( "github.com/containers/image/v5/docker" "github.com/containers/image/v5/transports/alltransports" "github.com/containers/image/v5/types" - sysreg "github.com/containers/podman/v2/pkg/registries" + sysreg "github.com/containers/podman/v3/pkg/registries" "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/sync/semaphore" diff --git a/libpod/image/utils.go b/libpod/image/utils.go index 5e7fed5c6..0b4264112 100644 --- a/libpod/image/utils.go +++ b/libpod/image/utils.go @@ -11,7 +11,7 @@ import ( "github.com/containers/image/v5/docker/reference" "github.com/containers/image/v5/signature" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/storage" "github.com/pkg/errors" ) @@ -45,7 +45,6 @@ func findImageInRepotags(search imageParts, images []*Image) (*storage.Image, er } } if len(candidates) == 0 { - return nil, errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", searchName) } @@ -75,9 +74,8 @@ func findImageInRepotags(search imageParts, images []*Image) (*storage.Image, er } if rwImageCnt > 1 { return nil, errors.Wrapf(define.ErrMultipleImages, "found multiple read/write images %s", strings.Join(keys, ",")) - } else { - return nil, errors.Wrapf(define.ErrMultipleImages, "found multiple read/only images %s", strings.Join(keys, ",")) } + return nil, errors.Wrapf(define.ErrMultipleImages, "found multiple read/only images %s", strings.Join(keys, ",")) } return candidates[0].image.image, nil } diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go index 9285589b1..26f15d9c8 100644 --- a/libpod/in_memory_state.go +++ b/libpod/in_memory_state.go @@ -3,8 +3,8 @@ package libpod import ( "strings" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/registrar" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/registrar" "github.com/containers/storage/pkg/truncindex" "github.com/pkg/errors" ) diff --git a/libpod/info.go b/libpod/info.go index 1b3550abd..ef0c83a2a 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -15,11 +15,11 @@ import ( "github.com/containers/buildah" "github.com/containers/common/pkg/apparmor" "github.com/containers/common/pkg/seccomp" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/linkmode" - "github.com/containers/podman/v2/pkg/cgroups" - registries2 "github.com/containers/podman/v2/pkg/registries" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/linkmode" + "github.com/containers/podman/v3/pkg/cgroups" + registries2 "github.com/containers/podman/v3/pkg/registries" + "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/storage" "github.com/containers/storage/pkg/system" "github.com/opencontainers/selinux/go-selinux" @@ -222,11 +222,11 @@ func (r *Runtime) getContainerStoreInfo() (define.ContainerStore, error) { } switch state { case define.ContainerStateRunning: - running += 1 + running++ case define.ContainerStatePaused: - paused += 1 + paused++ default: - stopped += 1 + stopped++ } } cs.Paused = paused diff --git a/libpod/kube.go b/libpod/kube.go index 6cb7723c9..0c4f9f0a0 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -7,9 +7,9 @@ import ( "strings" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/lookup" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/lookup" + "github.com/containers/podman/v3/pkg/util" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" diff --git a/libpod/lock/file_lock_manager.go b/libpod/lock/file_lock_manager.go index 68ec3986c..155606642 100644 --- a/libpod/lock/file_lock_manager.go +++ b/libpod/lock/file_lock_manager.go @@ -1,7 +1,7 @@ package lock import ( - "github.com/containers/podman/v2/libpod/lock/file" + "github.com/containers/podman/v3/libpod/lock/file" ) // FileLockManager manages shared memory locks. diff --git a/libpod/lock/shm_lock_manager_linux.go b/libpod/lock/shm_lock_manager_linux.go index 9581607b6..ecccb2bcb 100644 --- a/libpod/lock/shm_lock_manager_linux.go +++ b/libpod/lock/shm_lock_manager_linux.go @@ -5,7 +5,7 @@ package lock import ( "syscall" - "github.com/containers/podman/v2/libpod/lock/shm" + "github.com/containers/podman/v3/libpod/lock/shm" "github.com/pkg/errors" ) diff --git a/libpod/logs/log.go b/libpod/logs/log.go index 2637c8524..bba52408d 100644 --- a/libpod/logs/log.go +++ b/libpod/logs/log.go @@ -8,7 +8,7 @@ import ( "sync" "time" - "github.com/containers/podman/v2/libpod/logs/reversereader" + "github.com/containers/podman/v3/libpod/logs/reversereader" "github.com/hpcloud/tail" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/network/create.go b/libpod/network/create.go index deacf487a..1a5aa82fc 100644 --- a/libpod/network/create.go +++ b/libpod/network/create.go @@ -10,9 +10,9 @@ import ( "github.com/containernetworking/cni/pkg/version" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/pkg/domain/entities" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -75,7 +75,6 @@ func validateBridgeOptions(options entities.NetworkCreateOptions) error { } return nil - } // parseMTU parses the mtu option diff --git a/libpod/network/create_test.go b/libpod/network/create_test.go index 0b828e635..c3824bd91 100644 --- a/libpod/network/create_test.go +++ b/libpod/network/create_test.go @@ -4,11 +4,10 @@ import ( "net" "testing" - "github.com/containers/podman/v2/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/domain/entities" ) func Test_validateBridgeOptions(t *testing.T) { - tests := []struct { name string subnet net.IPNet diff --git a/libpod/network/devices.go b/libpod/network/devices.go index a5d23fae4..de6bb4efc 100644 --- a/libpod/network/devices.go +++ b/libpod/network/devices.go @@ -5,8 +5,8 @@ import ( "os/exec" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/pkg/util" - "github.com/containers/podman/v2/utils" + "github.com/containers/podman/v3/pkg/util" + "github.com/containers/podman/v3/utils" "github.com/sirupsen/logrus" ) diff --git a/libpod/network/files.go b/libpod/network/files.go index 33cf01064..fe483e25c 100644 --- a/libpod/network/files.go +++ b/libpod/network/files.go @@ -10,7 +10,7 @@ import ( "github.com/containernetworking/cni/libcni" "github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -81,9 +81,9 @@ func GetCNIConfigPathByNameOrID(config *config.Config, name string) (string, err return "", errors.Wrap(define.ErrNoSuchNetwork, fmt.Sprintf("unable to find network configuration for %s", name)) } -// ReadRawCNIConfByName reads the raw CNI configuration for a CNI +// ReadRawCNIConfByNameOrID reads the raw CNI configuration for a CNI // network by name -func ReadRawCNIConfByName(config *config.Config, name string) ([]byte, error) { +func ReadRawCNIConfByNameOrID(config *config.Config, name string) ([]byte, error) { confFile, err := GetCNIConfigPathByNameOrID(config, name) if err != nil { return nil, err diff --git a/libpod/network/netconflist.go b/libpod/network/netconflist.go index 9be98e78f..1a1583587 100644 --- a/libpod/network/netconflist.go +++ b/libpod/network/netconflist.go @@ -7,7 +7,7 @@ import ( "strings" "github.com/containernetworking/cni/libcni" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" ) diff --git a/libpod/network/netconflist_test.go b/libpod/network/netconflist_test.go index 5ff733f0f..161764ed9 100644 --- a/libpod/network/netconflist_test.go +++ b/libpod/network/netconflist_test.go @@ -7,7 +7,6 @@ import ( ) func TestNewIPAMDefaultRoute(t *testing.T) { - tests := []struct { name string isIPv6 bool diff --git a/libpod/network/network.go b/libpod/network/network.go index cdaef6c13..f19a764ef 100644 --- a/libpod/network/network.go +++ b/libpod/network/network.go @@ -7,13 +7,14 @@ import ( "net" "os" + "github.com/containernetworking/cni/libcni" "github.com/containernetworking/cni/pkg/types" "github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/domain/entities" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -222,7 +223,7 @@ func RemoveNetwork(config *config.Config, name string) error { // InspectNetwork reads a CNI config and returns its configuration func InspectNetwork(config *config.Config, name string) (map[string]interface{}, error) { - b, err := ReadRawCNIConfByName(config, name) + b, err := ReadRawCNIConfByNameOrID(config, name) if err != nil { return nil, err } @@ -234,7 +235,7 @@ func InspectNetwork(config *config.Config, name string) (map[string]interface{}, // Exists says whether a given network exists or not; it meant // specifically for restful responses so 404s can be used func Exists(config *config.Config, name string) (bool, error) { - _, err := ReadRawCNIConfByName(config, name) + _, err := ReadRawCNIConfByNameOrID(config, name) if err != nil { if errors.Cause(err) == define.ErrNoSuchNetwork { return false, nil @@ -277,3 +278,17 @@ func PruneNetworks(rtc *config.Config, usedNetworks map[string]bool) ([]*entitie } return reports, nil } + +// NormalizeName translates a network ID into a name. +// If the input is a name the name is returned. +func NormalizeName(config *config.Config, nameOrID string) (string, error) { + path, err := GetCNIConfigPathByNameOrID(config, nameOrID) + if err != nil { + return "", err + } + conf, err := libcni.ConfListFromFile(path) + if err != nil { + return "", err + } + return conf.Name, nil +} diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 55d338e7d..0526e646e 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -22,13 +22,13 @@ import ( cnitypes "github.com/containernetworking/cni/pkg/types/current" "github.com/containernetworking/plugins/pkg/ns" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/libpod/network" - "github.com/containers/podman/v2/pkg/errorhandling" - "github.com/containers/podman/v2/pkg/netns" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/rootlessport" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/libpod/network" + "github.com/containers/podman/v3/pkg/errorhandling" + "github.com/containers/podman/v3/pkg/netns" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/rootlessport" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -480,9 +480,8 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error { if havePortMapping { if isSlirpHostForward { return r.setupRootlessPortMappingViaSlirp(ctr, cmd, apiSocket) - } else { - return r.setupRootlessPortMappingViaRLK(ctr, netnsPath) } + return r.setupRootlessPortMappingViaRLK(ctr, netnsPath) } return nil } @@ -1135,18 +1134,22 @@ func (w *logrusDebugWriter) Write(p []byte) (int, error) { // NetworkDisconnect removes a container from the network func (c *Container) NetworkDisconnect(nameOrID, netName string, force bool) error { + // only the bridge mode supports cni networks + if !c.config.NetMode.IsBridge() { + return errors.Errorf("network mode %q is not supported", c.config.NetMode) + } + networks, err := c.networksByNameIndex() if err != nil { return err } - exists, err := network.Exists(c.runtime.config, netName) + // check if network exists and if the input is a ID we get the name + // ocicni only uses names so it is important that we only use the name + netName, err = network.NormalizeName(c.runtime.config, netName) if err != nil { return err } - if !exists { - return errors.Wrap(define.ErrNoSuchNetwork, netName) - } index, nameExists := networks[netName] if !nameExists && len(networks) > 0 { @@ -1192,18 +1195,22 @@ func (c *Container) NetworkDisconnect(nameOrID, netName string, force bool) erro // ConnectNetwork connects a container to a given network func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) error { + // only the bridge mode supports cni networks + if !c.config.NetMode.IsBridge() { + return errors.Errorf("network mode %q is not supported", c.config.NetMode) + } + networks, err := c.networksByNameIndex() if err != nil { return err } - exists, err := network.Exists(c.runtime.config, netName) + // check if network exists and if the input is a ID we get the name + // ocicni only uses names so it is important that we only use the name + netName, err = network.NormalizeName(c.runtime.config, netName) if err != nil { return err } - if !exists { - return errors.Wrap(define.ErrNoSuchNetwork, netName) - } c.lock.Lock() defer c.lock.Unlock() diff --git a/libpod/networking_unsupported.go b/libpod/networking_unsupported.go index 9e5c4adde..20c27ca7f 100644 --- a/libpod/networking_unsupported.go +++ b/libpod/networking_unsupported.go @@ -4,7 +4,7 @@ package libpod import ( cnitypes "github.com/containernetworking/cni/pkg/types/current" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" ) func (r *Runtime) setupRootlessNetNS(ctr *Container) error { diff --git a/libpod/oci.go b/libpod/oci.go index 6948e6425..f2053f1b5 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -3,8 +3,7 @@ package libpod import ( "net/http" - "github.com/containers/podman/v2/libpod/define" - "k8s.io/client-go/tools/remotecommand" + "github.com/containers/podman/v3/libpod/define" ) // OCIRuntime is an implementation of an OCI runtime. @@ -64,7 +63,7 @@ type OCIRuntime interface { // client. HTTPAttach(ctr *Container, r *http.Request, w http.ResponseWriter, streams *HTTPAttachStreams, detachKeys *string, cancel <-chan bool, hijackDone chan<- bool, streamAttach, streamLogs bool) error // AttachResize resizes the terminal in use by the given container. - AttachResize(ctr *Container, newSize remotecommand.TerminalSize) error + AttachResize(ctr *Container, newSize define.TerminalSize) error // ExecContainer executes a command in a running container. // Returns an int (PID of exec session), error channel (errors from @@ -86,7 +85,7 @@ type OCIRuntime interface { ExecContainerDetached(ctr *Container, sessionID string, options *ExecOptions, stdin bool) (int, error) // ExecAttachResize resizes the terminal of a running exec session. Only // allowed with sessions that were created with a TTY. - ExecAttachResize(ctr *Container, sessionID string, newSize remotecommand.TerminalSize) error + ExecAttachResize(ctr *Container, sessionID string, newSize define.TerminalSize) error // ExecStopContainer stops a given exec session in a running container. // SIGTERM with be sent initially, then SIGKILL after the given timeout. // If timeout is 0, SIGKILL will be sent immediately, and SIGTERM will diff --git a/libpod/oci_attach_linux.go b/libpod/oci_attach_linux.go index 4556eba94..b5040de3e 100644 --- a/libpod/oci_attach_linux.go +++ b/libpod/oci_attach_linux.go @@ -10,15 +10,14 @@ import ( "path/filepath" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/errorhandling" - "github.com/containers/podman/v2/pkg/kubeutils" - "github.com/containers/podman/v2/utils" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/errorhandling" + "github.com/containers/podman/v3/pkg/kubeutils" + "github.com/containers/podman/v3/utils" "github.com/moby/term" "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" - "k8s.io/client-go/tools/remotecommand" ) /* Sync with stdpipe_t in conmon.c */ @@ -40,7 +39,7 @@ func openUnixSocket(path string) (*net.UnixConn, error) { // Attach to the given container // Does not check if state is appropriate // started is only required if startContainer is true -func (c *Container) attach(streams *define.AttachStreams, keys string, resize <-chan remotecommand.TerminalSize, startContainer bool, started chan bool, attachRdy chan<- bool) error { +func (c *Container) attach(streams *define.AttachStreams, keys string, resize <-chan define.TerminalSize, startContainer bool, started chan bool, attachRdy chan<- bool) error { if !streams.AttachOutput && !streams.AttachError && !streams.AttachInput { return errors.Wrapf(define.ErrInvalidArg, "must provide at least one stream to attach to") } @@ -172,8 +171,8 @@ func processDetachKeys(keys string) ([]byte, error) { return detachKeys, nil } -func registerResizeFunc(resize <-chan remotecommand.TerminalSize, bundlePath string) { - kubeutils.HandleResizing(resize, func(size remotecommand.TerminalSize) { +func registerResizeFunc(resize <-chan define.TerminalSize, bundlePath string) { + kubeutils.HandleResizing(resize, func(size define.TerminalSize) { controlPath := filepath.Join(bundlePath, "ctl") controlFile, err := os.OpenFile(controlPath, unix.O_WRONLY, 0) if err != nil { diff --git a/libpod/oci_attach_unsupported.go b/libpod/oci_attach_unsupported.go index 317dfdc90..85e8b32e6 100644 --- a/libpod/oci_attach_unsupported.go +++ b/libpod/oci_attach_unsupported.go @@ -5,14 +5,13 @@ package libpod import ( "os" - "github.com/containers/podman/v2/libpod/define" - "k8s.io/client-go/tools/remotecommand" + "github.com/containers/podman/v3/libpod/define" ) -func (c *Container) attach(streams *define.AttachStreams, keys string, resize <-chan remotecommand.TerminalSize, startContainer bool, started chan bool, attachRdy chan<- bool) error { +func (c *Container) attach(streams *define.AttachStreams, keys string, resize <-chan define.TerminalSize, startContainer bool, started chan bool, attachRdy chan<- bool) error { return define.ErrNotImplemented } -func (c *Container) attachToExec(streams *define.AttachStreams, keys string, resize <-chan remotecommand.TerminalSize, sessionID string, startFd *os.File, attachFd *os.File) error { +func (c *Container) attachToExec(streams *define.AttachStreams, keys string, resize <-chan define.TerminalSize, sessionID string, startFd *os.File, attachFd *os.File) error { return define.ErrNotImplemented } diff --git a/libpod/oci_conmon_exec_linux.go b/libpod/oci_conmon_exec_linux.go index faf86ea5b..173edba2b 100644 --- a/libpod/oci_conmon_exec_linux.go +++ b/libpod/oci_conmon_exec_linux.go @@ -10,14 +10,13 @@ import ( "time" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/errorhandling" - "github.com/containers/podman/v2/pkg/util" - "github.com/containers/podman/v2/utils" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/errorhandling" + "github.com/containers/podman/v3/pkg/util" + "github.com/containers/podman/v3/utils" "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" - "k8s.io/client-go/tools/remotecommand" ) // ExecContainer executes a command in a running container @@ -191,7 +190,7 @@ func (r *ConmonOCIRuntime) ExecContainerDetached(ctr *Container, sessionID strin } // ExecAttachResize resizes the TTY of the given exec session. -func (r *ConmonOCIRuntime) ExecAttachResize(ctr *Container, sessionID string, newSize remotecommand.TerminalSize) error { +func (r *ConmonOCIRuntime) ExecAttachResize(ctr *Container, sessionID string, newSize define.TerminalSize) error { controlFile, err := openControlFile(ctr, ctr.execBundlePath(sessionID)) if err != nil { return err diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 23bfb29d7..de7630c06 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -25,14 +25,14 @@ import ( "github.com/containers/common/pkg/capabilities" "github.com/containers/common/pkg/config" conmonConfig "github.com/containers/conmon/runner/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/logs" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/errorhandling" - "github.com/containers/podman/v2/pkg/lookup" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" - "github.com/containers/podman/v2/utils" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/logs" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/errorhandling" + "github.com/containers/podman/v3/pkg/lookup" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" + "github.com/containers/podman/v3/utils" "github.com/containers/storage/pkg/homedir" pmount "github.com/containers/storage/pkg/mount" "github.com/coreos/go-systemd/v22/activation" @@ -43,7 +43,6 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" - "k8s.io/client-go/tools/remotecommand" ) const ( @@ -746,7 +745,7 @@ func openControlFile(ctr *Container, parentDir string) (*os.File, error) { } // AttachResize resizes the terminal used by the given container. -func (r *ConmonOCIRuntime) AttachResize(ctr *Container, newSize remotecommand.TerminalSize) error { +func (r *ConmonOCIRuntime) AttachResize(ctr *Container, newSize define.TerminalSize) error { controlFile, err := openControlFile(ctr, ctr.bundlePath()) if err != nil { return err @@ -1228,7 +1227,6 @@ func prepareProcessExec(c *Container, options *ExecOptions, env []string, sessio if options.Cwd != "" { pspec.Cwd = options.Cwd - } var addGroups []string @@ -1798,5 +1796,4 @@ func httpAttachNonTerminalCopy(container *net.UnixConn, http *bufio.ReadWriter, return err } } - } diff --git a/libpod/oci_conmon_unsupported.go b/libpod/oci_conmon_unsupported.go index 2504c31f0..4de27d663 100644 --- a/libpod/oci_conmon_unsupported.go +++ b/libpod/oci_conmon_unsupported.go @@ -5,7 +5,7 @@ package libpod import ( "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" ) const ( diff --git a/libpod/oci_missing.go b/libpod/oci_missing.go index 9d12972d4..eb8cdebad 100644 --- a/libpod/oci_missing.go +++ b/libpod/oci_missing.go @@ -6,10 +6,9 @@ import ( "path/filepath" "sync" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" "github.com/sirupsen/logrus" - "k8s.io/client-go/tools/remotecommand" ) var ( @@ -115,7 +114,7 @@ func (r *MissingRuntime) HTTPAttach(ctr *Container, req *http.Request, w http.Re } // AttachResize is not available as the runtime is missing -func (r *MissingRuntime) AttachResize(ctr *Container, newSize remotecommand.TerminalSize) error { +func (r *MissingRuntime) AttachResize(ctr *Container, newSize define.TerminalSize) error { return r.printError() } @@ -135,7 +134,7 @@ func (r *MissingRuntime) ExecContainerDetached(ctr *Container, sessionID string, } // ExecAttachResize is not available as the runtime is missing. -func (r *MissingRuntime) ExecAttachResize(ctr *Container, sessionID string, newSize remotecommand.TerminalSize) error { +func (r *MissingRuntime) ExecAttachResize(ctr *Container, sessionID string, newSize define.TerminalSize) error { return r.printError() } diff --git a/libpod/oci_util.go b/libpod/oci_util.go index d40cf13bd..1cafd5863 100644 --- a/libpod/oci_util.go +++ b/libpod/oci_util.go @@ -8,7 +8,7 @@ import ( "strings" "time" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -103,7 +103,6 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) { } default: return nil, fmt.Errorf("unknown protocol %s", i.Protocol) - } } return files, nil diff --git a/libpod/options.go b/libpod/options.go index 74ee60fef..6344e1acc 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -11,11 +11,11 @@ import ( "github.com/containers/common/pkg/secrets" "github.com/containers/image/v5/manifest" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/namespaces" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/namespaces" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" "github.com/containers/storage/pkg/idtools" "github.com/cri-o/ocicni/pkg/ocicni" @@ -1109,7 +1109,6 @@ func WithLogTag(tag string) CtrCreateOption { return nil } - } // WithCgroupsMode disables the creation of CGroups for the conmon process. @@ -1131,7 +1130,6 @@ func WithCgroupsMode(mode string) CtrCreateOption { return nil } - } // WithCgroupParent sets the Cgroup Parent of the new container. @@ -1430,10 +1428,10 @@ func WithOverlayVolumes(volumes []*ContainerOverlayVolume) CtrCreateOption { } for _, vol := range volumes { - ctr.config.OverlayVolumes = append(ctr.config.OverlayVolumes, &ContainerOverlayVolume{ - Dest: vol.Dest, - Source: vol.Source, + Dest: vol.Dest, + Source: vol.Source, + Options: vol.Options, }) } diff --git a/libpod/plugin/volume_api.go b/libpod/plugin/volume_api.go index c5dec651c..fafd26dac 100644 --- a/libpod/plugin/volume_api.go +++ b/libpod/plugin/volume_api.go @@ -12,7 +12,7 @@ import ( "sync" "time" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/docker/go-plugins-helpers/sdk" "github.com/docker/go-plugins-helpers/volume" jsoniter "github.com/json-iterator/go" @@ -241,9 +241,8 @@ func (p *VolumePlugin) makeErrorResponse(err, endpoint, volName string) error { } if volName != "" { return errors.Wrapf(errors.New(err), "error on %s on volume %s in volume plugin %s", endpoint, volName, p.Name) - } else { - return errors.Wrapf(errors.New(err), "error on %s in volume plugin %s", endpoint, p.Name) } + return errors.Wrapf(errors.New(err), "error on %s in volume plugin %s", endpoint, p.Name) } // Handle error responses from plugin diff --git a/libpod/pod.go b/libpod/pod.go index 784c2cf5e..dce2a0c1c 100644 --- a/libpod/pod.go +++ b/libpod/pod.go @@ -4,8 +4,8 @@ import ( "net" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/lock" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/lock" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/pkg/errors" ) diff --git a/libpod/pod_api.go b/libpod/pod_api.go index 845948dd3..14fe8276c 100644 --- a/libpod/pod_api.go +++ b/libpod/pod_api.go @@ -3,11 +3,11 @@ package libpod import ( "context" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/parallel" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/parallel" + "github.com/containers/podman/v3/pkg/rootless" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/pod_internal.go b/libpod/pod_internal.go index b039ce83f..31b4ba443 100644 --- a/libpod/pod_internal.go +++ b/libpod/pod_internal.go @@ -6,7 +6,7 @@ import ( "time" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/storage/pkg/stringid" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/pod_status.go b/libpod/pod_status.go index 668d45ec7..8552f5681 100644 --- a/libpod/pod_status.go +++ b/libpod/pod_status.go @@ -1,6 +1,6 @@ package libpod -import "github.com/containers/podman/v2/libpod/define" +import "github.com/containers/podman/v3/libpod/define" // GetPodStatus determines the status of the pod based on the // statuses of the containers in the pod. diff --git a/libpod/pod_top_linux.go b/libpod/pod_top_linux.go index 07e1a0d80..aee62d832 100644 --- a/libpod/pod_top_linux.go +++ b/libpod/pod_top_linux.go @@ -6,8 +6,8 @@ import ( "strconv" "strings" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/psgo" ) diff --git a/libpod/pod_top_unsupported.go b/libpod/pod_top_unsupported.go index fbe6f7331..59d2ff9a2 100644 --- a/libpod/pod_top_unsupported.go +++ b/libpod/pod_top_unsupported.go @@ -2,7 +2,7 @@ package libpod -import "github.com/containers/podman/v2/libpod/define" +import "github.com/containers/podman/v3/libpod/define" // GetPodPidInformation is exclusive to linux func (p *Pod) GetPodPidInformation(descriptors []string) ([]string, error) { diff --git a/libpod/reset.go b/libpod/reset.go index 24efeed40..4199e9b76 100644 --- a/libpod/reset.go +++ b/libpod/reset.go @@ -6,9 +6,9 @@ import ( "os" "path/filepath" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -16,7 +16,6 @@ import ( // Reset removes all storage func (r *Runtime) Reset(ctx context.Context) error { - pods, err := r.GetAllPods() if err != nil { return err diff --git a/libpod/rootless_cni_linux.go b/libpod/rootless_cni_linux.go index 94ae062aa..df690e914 100644 --- a/libpod/rootless_cni_linux.go +++ b/libpod/rootless_cni_linux.go @@ -11,10 +11,10 @@ import ( cnitypes "github.com/containernetworking/cni/pkg/types/current" "github.com/containernetworking/plugins/pkg/ns" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/image" - "github.com/containers/podman/v2/pkg/env" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/image" + "github.com/containers/podman/v3/pkg/env" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage/pkg/lockfile" "github.com/hashicorp/go-multierror" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -265,7 +265,7 @@ func startRootlessCNIInfraContainer(ctx context.Context, r *Runtime) (*Container } logrus.Debugf("rootless CNI: ensuring image %q to exist", imageName) newImage, err := r.ImageRuntime().New(ctx, imageName, "", "", nil, nil, - image.SigningOptions{}, nil, util.PullImageMissing) + image.SigningOptions{}, nil, util.PullImageMissing, nil) if err != nil { return nil, err } diff --git a/libpod/runtime.go b/libpod/runtime.go index 1ad39fe2f..201482c65 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -1,6 +1,7 @@ package libpod import ( + "bufio" "context" "fmt" "os" @@ -13,19 +14,20 @@ import ( "github.com/containers/image/v5/pkg/sysregistriesv2" is "github.com/containers/image/v5/storage" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/libpod/image" - "github.com/containers/podman/v2/libpod/lock" - "github.com/containers/podman/v2/libpod/plugin" - "github.com/containers/podman/v2/libpod/shutdown" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/registries" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/libpod/image" + "github.com/containers/podman/v3/libpod/lock" + "github.com/containers/podman/v3/libpod/plugin" + "github.com/containers/podman/v3/libpod/shutdown" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/registries" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/docker/docker/pkg/namesgenerator" + spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -146,7 +148,6 @@ func NewRuntime(ctx context.Context, options ...RuntimeOption) (*Runtime, error) // An error will be returned if the configuration file at the given path does // not exist or cannot be loaded func NewRuntimeFromConfig(ctx context.Context, userConfig *config.Config, options ...RuntimeOption) (*Runtime, error) { - return newRuntimeFromConfig(ctx, userConfig, options...) } @@ -382,7 +383,6 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) { // Initialize remaining OCI runtimes for name, paths := range runtime.config.Engine.OCIRuntimes { - ociRuntime, err := newConmonOCIRuntime(name, paths, runtime.conmonPath, runtime.runtimeFlags, runtime.config) if err != nil { // Don't fatally error. @@ -437,7 +437,6 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) { // Set up the CNI net plugin if !rootless.IsRootless() { - netPlugin, err := ocicni.InitCNI(runtime.config.Network.DefaultNetwork, runtime.config.Network.NetworkConfigDir, runtime.config.Network.CNIPluginDirs...) if err != nil { return errors.Wrapf(err, "error configuring CNI network plugin") @@ -484,7 +483,6 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) { if became { os.Exit(ret) } - } // If the file doesn't exist, we need to refresh the state // This will trigger on first use as well, but refreshing an @@ -626,9 +624,12 @@ func (r *Runtime) Shutdown(force bool) error { func (r *Runtime) refresh(alivePath string) error { logrus.Debugf("Podman detected system restart - performing state refresh") - // First clear the state in the database - if err := r.state.Refresh(); err != nil { - return err + // Clear state of database if not running in container + if !graphRootMounted() { + // First clear the state in the database + if err := r.state.Refresh(); err != nil { + return err + } } // Next refresh the state of all containers to recreate dirs and @@ -787,7 +788,6 @@ type DBConfig struct { // mergeDBConfig merges the configuration from the database. func (r *Runtime) mergeDBConfig(dbConfig *DBConfig) { - c := &r.config.Engine if !r.storageSet.RunRootSet && dbConfig.StorageTmp != "" { if r.storageConfig.RunRoot != dbConfig.StorageTmp && @@ -909,3 +909,29 @@ func (r *Runtime) getVolumePlugin(name string) (*plugin.VolumePlugin, error) { func (r *Runtime) GetSecretsStorageDir() string { return filepath.Join(r.store.GraphRoot(), "secrets") } + +func graphRootMounted() bool { + f, err := os.OpenFile("/run/.containerenv", os.O_RDONLY, os.ModePerm) + if err != nil { + return false + } + defer f.Close() + + scanner := bufio.NewScanner(f) + for scanner.Scan() { + if scanner.Text() == "graphRootMounted=1" { + return true + } + } + return false +} + +func (r *Runtime) graphRootMountedFlag(mounts []spec.Mount) string { + root := r.store.GraphRoot() + for _, val := range mounts { + if strings.HasPrefix(root, val.Source) { + return "graphRootMounted=1" + } + } + return "" +} diff --git a/libpod/runtime_cstorage.go b/libpod/runtime_cstorage.go index 6ee8a9354..cd2f226af 100644 --- a/libpod/runtime_cstorage.go +++ b/libpod/runtime_cstorage.go @@ -3,7 +3,7 @@ package libpod import ( "time" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 49cf42626..8bf862bf2 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -10,12 +10,13 @@ import ( "github.com/containers/buildah" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/libpod/shutdown" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/domain/entities/reports" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/libpod/network" + "github.com/containers/podman/v3/libpod/shutdown" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/domain/entities/reports" + "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/storage" "github.com/containers/storage/pkg/stringid" "github.com/docker/go-units" @@ -285,6 +286,21 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai return nil, err } + // normalize the networks to names + // ocicni only knows about cni names so we have to make + // sure we do not use ids internally + if len(ctr.config.Networks) > 0 { + netNames := make([]string, 0, len(ctr.config.Networks)) + for _, nameOrID := range ctr.config.Networks { + netName, err := network.NormalizeName(r.config, nameOrID) + if err != nil { + return nil, err + } + netNames = append(netNames, netName) + } + ctr.config.Networks = netNames + } + // Inhibit shutdown until creation succeeds shutdown.Inhibit() defer shutdown.Uninhibit() @@ -1139,7 +1155,6 @@ func (r *Runtime) IsStorageContainerMounted(id string) (bool, string, error) { // StorageContainers returns a list of containers from containers/storage that // are not currently known to Podman. func (r *Runtime) StorageContainers() ([]storage.Container, error) { - if r.store == nil { return nil, define.ErrStoreNotInitialized } diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go index 2c5442bd2..6e1105b9e 100644 --- a/libpod/runtime_img.go +++ b/libpod/runtime_img.go @@ -15,10 +15,10 @@ import ( ociarchive "github.com/containers/image/v5/oci/archive" "github.com/containers/image/v5/oci/layout" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/libpod/image" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/libpod/image" + "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -166,6 +166,11 @@ func (r *Runtime) newImageBuildCompleteEvent(idOrName string) { // Build adds the runtime to the imagebuildah call func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions, dockerfiles ...string) (string, reference.Canonical, error) { + if options.Runtime == "" { + // Make sure that build containers use the same runtime as Podman (see #9365). + conf := util.DefaultContainerConfig() + options.Runtime = conf.Engine.OCIRuntime + } id, ref, err := imagebuildah.BuildDockerfiles(ctx, r.store, options, dockerfiles...) // Write event for build completion r.newImageBuildCompleteEvent(id) @@ -313,9 +318,8 @@ func (r *Runtime) LoadImageFromSingleImageArchive(ctx context.Context, writer io if err == nil && src != nil { if newImages, err := r.ImageRuntime().LoadFromArchiveReference(ctx, src, signaturePolicy, writer); err == nil { return getImageNames(newImages), nil - } else { - saveErr = err } + saveErr = err } } return "", errors.Wrapf(saveErr, "error pulling image") diff --git a/libpod/runtime_img_test.go b/libpod/runtime_img_test.go index 6ca4d900b..7d6390c85 100644 --- a/libpod/runtime_img_test.go +++ b/libpod/runtime_img_test.go @@ -6,7 +6,7 @@ import ( "reflect" "testing" - sysreg "github.com/containers/podman/v2/pkg/registries" + sysreg "github.com/containers/podman/v3/pkg/registries" "github.com/stretchr/testify/assert" ) @@ -26,7 +26,6 @@ func createTmpFile(content []byte) (string, error) { if _, err := tmpfile.Write(content); err != nil { return "", err - } if err := tmpfile.Close(); err != nil { return "", err diff --git a/libpod/runtime_migrate.go b/libpod/runtime_migrate.go index f0f800ef0..3e63bc19e 100644 --- a/libpod/runtime_migrate.go +++ b/libpod/runtime_migrate.go @@ -11,9 +11,9 @@ import ( "strconv" "syscall" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/libpod/runtime_pod.go b/libpod/runtime_pod.go index 6f9135764..b142472e8 100644 --- a/libpod/runtime_pod.go +++ b/libpod/runtime_pod.go @@ -4,8 +4,8 @@ import ( "context" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" ) diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go index 564851f4e..0a09e40ea 100644 --- a/libpod/runtime_pod_infra_linux.go +++ b/libpod/runtime_pod_infra_linux.go @@ -6,10 +6,10 @@ import ( "context" "strings" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/image" - "github.com/containers/podman/v2/pkg/rootless" - "github.com/containers/podman/v2/pkg/util" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/image" + "github.com/containers/podman/v3/pkg/rootless" + "github.com/containers/podman/v3/pkg/util" v1 "github.com/opencontainers/image-spec/specs-go/v1" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" @@ -24,7 +24,6 @@ const ( ) func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawImageName, imgID string, config *v1.ImageConfig) (*Container, error) { - // Set up generator for infra container defaults g, err := generate.New("linux") if err != nil { @@ -217,7 +216,7 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container, if img == "" { img = r.config.Engine.InfraImage } - newImage, err := r.ImageRuntime().New(ctx, img, "", "", nil, nil, image.SigningOptions{}, nil, util.PullImageMissing) + newImage, err := r.ImageRuntime().New(ctx, img, "", "", nil, nil, image.SigningOptions{}, nil, util.PullImageMissing, nil) if err != nil { return nil, err } @@ -226,7 +225,10 @@ func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container, if err != nil { return nil, err } - imageName := newImage.Names()[0] + imageName := "none" + if len(newImage.Names()) > 0 { + imageName = newImage.Names()[0] + } imageID := data.ID return r.makeInfraContainer(ctx, p, imageName, r.config.Engine.InfraImage, imageID, data.Config) diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 1eb42660c..cf48a9453 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -10,10 +10,10 @@ import ( "strings" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/rootless" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/runtime_pod_unsupported.go b/libpod/runtime_pod_unsupported.go index 6976d37c6..6dbcc9214 100644 --- a/libpod/runtime_pod_unsupported.go +++ b/libpod/runtime_pod_unsupported.go @@ -5,7 +5,7 @@ package libpod import ( "context" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" ) // NewPod makes a new, empty pod diff --git a/libpod/runtime_renumber.go b/libpod/runtime_renumber.go index 4c121be12..b19cc921f 100644 --- a/libpod/runtime_renumber.go +++ b/libpod/runtime_renumber.go @@ -1,7 +1,7 @@ package libpod import ( - "github.com/containers/podman/v2/libpod/events" + "github.com/containers/podman/v3/libpod/events" "github.com/pkg/errors" ) diff --git a/libpod/runtime_volume.go b/libpod/runtime_volume.go index 9d985f905..5f8f9ca1e 100644 --- a/libpod/runtime_volume.go +++ b/libpod/runtime_volume.go @@ -3,9 +3,9 @@ package libpod import ( "context" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - "github.com/containers/podman/v2/pkg/domain/entities/reports" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + "github.com/containers/podman/v3/pkg/domain/entities/reports" "github.com/pkg/errors" ) diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go index 4a29f01aa..3d5bc8bb2 100644 --- a/libpod/runtime_volume_linux.go +++ b/libpod/runtime_volume_linux.go @@ -9,9 +9,9 @@ import ( "strings" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/events" - volplugin "github.com/containers/podman/v2/libpod/plugin" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/events" + volplugin "github.com/containers/podman/v3/libpod/plugin" "github.com/containers/storage/pkg/stringid" pluginapi "github.com/docker/go-plugins-helpers/volume" "github.com/pkg/errors" diff --git a/libpod/runtime_volume_unsupported.go b/libpod/runtime_volume_unsupported.go index 3cdb73aed..da7ee3552 100644 --- a/libpod/runtime_volume_unsupported.go +++ b/libpod/runtime_volume_unsupported.go @@ -5,7 +5,7 @@ package libpod import ( "context" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" ) func (r *Runtime) removeVolume(ctx context.Context, v *Volume, force bool) error { diff --git a/libpod/state_test.go b/libpod/state_test.go index 0709071ec..559c84d1e 100644 --- a/libpod/state_test.go +++ b/libpod/state_test.go @@ -9,8 +9,8 @@ import ( "time" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/lock" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/lock" "github.com/containers/storage" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/libpod/stats.go b/libpod/stats.go index 09d990017..f4732b4fc 100644 --- a/libpod/stats.go +++ b/libpod/stats.go @@ -7,8 +7,8 @@ import ( "syscall" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/cgroups" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/cgroups" "github.com/pkg/errors" ) diff --git a/libpod/stats_unsupported.go b/libpod/stats_unsupported.go index 749a8bf49..44a1c8d03 100644 --- a/libpod/stats_unsupported.go +++ b/libpod/stats_unsupported.go @@ -2,7 +2,7 @@ package libpod -import "github.com/containers/podman/v2/libpod/define" +import "github.com/containers/podman/v3/libpod/define" // GetContainerStats gets the running stats for a given container func (c *Container) GetContainerStats(previousStats *define.ContainerStats) (*define.ContainerStats, error) { diff --git a/libpod/storage.go b/libpod/storage.go index d7862b322..418eb3151 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -6,7 +6,7 @@ import ( istorage "github.com/containers/image/v5/storage" "github.com/containers/image/v5/types" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/storage" "github.com/containers/storage/pkg/idtools" v1 "github.com/opencontainers/image-spec/specs-go/v1" diff --git a/libpod/util.go b/libpod/util.go index 391208fb9..b75c9179a 100644 --- a/libpod/util.go +++ b/libpod/util.go @@ -14,8 +14,8 @@ import ( "time" "github.com/containers/common/pkg/config" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/utils" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/utils" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/fsnotify/fsnotify" spec "github.com/opencontainers/runtime-spec/specs-go" diff --git a/libpod/util_linux.go b/libpod/util_linux.go index 5184ed393..32b058d27 100644 --- a/libpod/util_linux.go +++ b/libpod/util_linux.go @@ -7,9 +7,9 @@ import ( "strings" "syscall" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/cgroups" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/cgroups" + "github.com/containers/podman/v3/pkg/rootless" "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/util_test.go b/libpod/util_test.go index 5b1702592..160dca408 100644 --- a/libpod/util_test.go +++ b/libpod/util_test.go @@ -3,7 +3,7 @@ package libpod import ( "testing" - "github.com/containers/podman/v2/utils" + "github.com/containers/podman/v3/utils" "github.com/stretchr/testify/assert" ) diff --git a/libpod/util_unsupported.go b/libpod/util_unsupported.go index 4c7a90940..b718d36aa 100644 --- a/libpod/util_unsupported.go +++ b/libpod/util_unsupported.go @@ -3,7 +3,7 @@ package libpod import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" ) diff --git a/libpod/volume.go b/libpod/volume.go index 4c137cb8e..506c45b5a 100644 --- a/libpod/volume.go +++ b/libpod/volume.go @@ -5,9 +5,9 @@ import ( "path/filepath" "time" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/libpod/lock" - "github.com/containers/podman/v2/libpod/plugin" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/libpod/lock" + "github.com/containers/podman/v3/libpod/plugin" ) // Volume is a libpod named volume. @@ -130,11 +130,18 @@ func (v *Volume) MountPoint() (string, error) { if err := v.update(); err != nil { return "", err } + } + + return v.mountPoint(), nil +} - return v.state.MountPoint, nil +// Internal-only helper for volume mountpoint +func (v *Volume) mountPoint() string { + if v.UsesVolumeDriver() { + return v.state.MountPoint } - return v.config.MountPoint, nil + return v.config.MountPoint } // Options return the volume's options diff --git a/libpod/volume_inspect.go b/libpod/volume_inspect.go index 2448d1bb5..c3f51222d 100644 --- a/libpod/volume_inspect.go +++ b/libpod/volume_inspect.go @@ -1,7 +1,7 @@ package libpod import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" pluginapi "github.com/docker/go-plugins-helpers/volume" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/libpod/volume_internal.go b/libpod/volume_internal.go index 88d940370..c1dbe00fd 100644 --- a/libpod/volume_internal.go +++ b/libpod/volume_internal.go @@ -4,7 +4,7 @@ import ( "os" "path/filepath" - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" ) diff --git a/libpod/volume_internal_linux.go b/libpod/volume_internal_linux.go index e184505e7..67ac41874 100644 --- a/libpod/volume_internal_linux.go +++ b/libpod/volume_internal_linux.go @@ -6,8 +6,8 @@ import ( "os/exec" "strings" - "github.com/containers/podman/v2/libpod/define" - "github.com/containers/podman/v2/pkg/rootless" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/rootless" pluginapi "github.com/docker/go-plugins-helpers/volume" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -45,7 +45,7 @@ func (v *Volume) mount() error { // If the count is non-zero, the volume is already mounted. // Nothing to do. if v.state.MountCount > 0 { - v.state.MountCount += 1 + v.state.MountCount++ logrus.Debugf("Volume %s mount count now at %d", v.Name(), v.state.MountCount) return v.save() } @@ -67,7 +67,7 @@ func (v *Volume) mount() error { return err } - v.state.MountCount += 1 + v.state.MountCount++ v.state.MountPoint = mountPoint return v.save() } @@ -109,7 +109,7 @@ func (v *Volume) mount() error { logrus.Debugf("Mounted volume %s", v.Name()) // Increment the mount counter - v.state.MountCount += 1 + v.state.MountCount++ logrus.Debugf("Volume %s mount count now at %d", v.Name(), v.state.MountCount) return v.save() } @@ -152,7 +152,7 @@ func (v *Volume) unmount(force bool) error { } if !force { - v.state.MountCount -= 1 + v.state.MountCount-- } else { v.state.MountCount = 0 } diff --git a/libpod/volume_internal_unsupported.go b/libpod/volume_internal_unsupported.go index ddbdbd8b6..77452cf22 100644 --- a/libpod/volume_internal_unsupported.go +++ b/libpod/volume_internal_unsupported.go @@ -3,7 +3,7 @@ package libpod import ( - "github.com/containers/podman/v2/libpod/define" + "github.com/containers/podman/v3/libpod/define" ) func (v *Volume) mount() error { |