summaryrefslogtreecommitdiff
path: root/pkg/adapter/pods.go
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/adapter/pods.go')
-rw-r--r--pkg/adapter/pods.go14
1 files changed, 12 insertions, 2 deletions
diff --git a/pkg/adapter/pods.go b/pkg/adapter/pods.go
index b9d7fcd9b..e25238956 100644
--- a/pkg/adapter/pods.go
+++ b/pkg/adapter/pods.go
@@ -10,6 +10,7 @@ import (
"os"
"strings"
+ "github.com/containers/buildah/pkg/parse"
"github.com/containers/image/types"
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/cmd/podman/shared"
@@ -570,7 +571,7 @@ func (r *LocalRuntime) PlayKubeYAML(ctx context.Context, c *cliconfig.KubePlayVa
}
}
- if err := createconfig.ValidateVolumeHostDir(hostPath.Path); err != nil {
+ if err := parse.ValidateVolumeHostDir(hostPath.Path); err != nil {
return nil, errors.Wrapf(err, "Error in parsing HostPath in YAML")
}
volumes[volume.Name] = hostPath.Path
@@ -682,6 +683,15 @@ func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container
if containerYAML.SecurityContext.AllowPrivilegeEscalation != nil {
containerConfig.NoNewPrivs = !*containerYAML.SecurityContext.AllowPrivilegeEscalation
}
+
+ }
+ if caps := containerYAML.SecurityContext.Capabilities; caps != nil {
+ for _, capability := range caps.Add {
+ containerConfig.CapAdd = append(containerConfig.CapAdd, string(capability))
+ }
+ for _, capability := range caps.Drop {
+ containerConfig.CapDrop = append(containerConfig.CapDrop, string(capability))
+ }
}
containerConfig.Command = []string{}
@@ -728,7 +738,7 @@ func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container
if !exists {
return nil, errors.Errorf("Volume mount %s specified for container but not configured in volumes", volume.Name)
}
- if err := createconfig.ValidateVolumeCtrDir(volume.MountPath); err != nil {
+ if err := parse.ValidateVolumeCtrDir(volume.MountPath); err != nil {
return nil, errors.Wrapf(err, "error in parsing MountPath")
}
containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s", hostPath, volume.MountPath))