diff options
Diffstat (limited to 'pkg/domain/infra/abi')
| -rw-r--r-- | pkg/domain/infra/abi/images.go | 15 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/play.go | 116 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/system.go | 6 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/trust.go | 6 |
4 files changed, 77 insertions, 66 deletions
diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 74478b26d..c3ec7dd8a 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -785,12 +785,19 @@ func transferRootless(source entities.ImageScpOptions, dest entities.ImageScpOpt return cmdLoad.Run() } -// TransferRootful creates new podman processes using exec.Command and a new uid/gid alongside a cleared environment +// transferRootful creates new podman processes using exec.Command and a new uid/gid alongside a cleared environment func transferRootful(source entities.ImageScpOptions, dest entities.ImageScpOptions, podman string, parentFlags []string) error { - basicCommand := []string{podman} + basicCommand := make([]string, 0, len(parentFlags)+1) + basicCommand = append(basicCommand, podman) basicCommand = append(basicCommand, parentFlags...) - saveCommand := append(basicCommand, "save") - loadCommand := append(basicCommand, "load") + + saveCommand := make([]string, 0, len(basicCommand)+4) + saveCommand = append(saveCommand, basicCommand...) + saveCommand = append(saveCommand, "save") + + loadCommand := make([]string, 0, len(basicCommand)+3) + loadCommand = append(loadCommand, basicCommand...) + loadCommand = append(loadCommand, "load") if source.Quiet { saveCommand = append(saveCommand, "-q") loadCommand = append(loadCommand, "-q") diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 1d347ed8c..0da07bab8 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -78,7 +78,11 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, options podTemplateSpec.ObjectMeta = podYAML.ObjectMeta podTemplateSpec.Spec = podYAML.Spec - + for name, val := range podYAML.Annotations { + if len(val) > define.MaxKubeAnnotation { + return nil, errors.Errorf("invalid annotation %q=%q value length exceeds Kubernetetes max %d", name, val, define.MaxKubeAnnotation) + } + } for name, val := range options.Annotations { if podYAML.Annotations == nil { podYAML.Annotations = make(map[string]string) @@ -199,18 +203,20 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY return nil, err } - ns, networks, netOpts, err := specgen.ParseNetworkFlag(options.Networks) - if err != nil { - return nil, err - } + if len(options.Networks) > 0 { + ns, networks, netOpts, err := specgen.ParseNetworkFlag(options.Networks) + if err != nil { + return nil, err + } - if (ns.IsBridge() && len(networks) == 0) || ns.IsHost() { - return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML") - } + if (ns.IsBridge() && len(networks) == 0) || ns.IsHost() { + return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML") + } - podOpt.Net.Network = ns - podOpt.Net.Networks = networks - podOpt.Net.NetworkOptions = netOpts + podOpt.Net.Network = ns + podOpt.Net.Networks = networks + podOpt.Net.NetworkOptions = netOpts + } // FIXME This is very hard to support properly with a good ux if len(options.StaticIPs) > *ipIndex { @@ -435,53 +441,51 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY initContainers = append(initContainers, ctr) } for _, container := range podYAML.Spec.Containers { - if !strings.Contains("infra", container.Name) { - // Error out if the same name is used for more than one container - if _, ok := ctrNames[container.Name]; ok { - return nil, errors.Errorf("the pod %q is invalid; duplicate container name %q detected", podName, container.Name) - } - ctrNames[container.Name] = "" - pulledImage, labels, err := ic.getImageAndLabelInfo(ctx, cwd, annotations, writer, container, options) - if err != nil { - return nil, err - } + // Error out if the same name is used for more than one container + if _, ok := ctrNames[container.Name]; ok { + return nil, errors.Errorf("the pod %q is invalid; duplicate container name %q detected", podName, container.Name) + } + ctrNames[container.Name] = "" + pulledImage, labels, err := ic.getImageAndLabelInfo(ctx, cwd, annotations, writer, container, options) + if err != nil { + return nil, err + } - for k, v := range podSpec.PodSpecGen.Labels { // add podYAML labels - labels[k] = v - } + for k, v := range podSpec.PodSpecGen.Labels { // add podYAML labels + labels[k] = v + } - specgenOpts := kube.CtrSpecGenOptions{ - Annotations: annotations, - Container: container, - Image: pulledImage, - Volumes: volumes, - PodID: pod.ID(), - PodName: podName, - PodInfraID: podInfraID, - ConfigMaps: configMaps, - SeccompPaths: seccompPaths, - RestartPolicy: ctrRestartPolicy, - NetNSIsHost: p.NetNS.IsHost(), - SecretsManager: secretsManager, - LogDriver: options.LogDriver, - LogOptions: options.LogOptions, - Labels: labels, - } - specGen, err := kube.ToSpecGen(ctx, &specgenOpts) - if err != nil { - return nil, err - } - specGen.RawImageName = container.Image - rtSpec, spec, opts, err := generate.MakeContainer(ctx, ic.Libpod, specGen, false, nil) - if err != nil { - return nil, err - } - ctr, err := generate.ExecuteCreate(ctx, ic.Libpod, rtSpec, spec, false, opts...) - if err != nil { - return nil, err - } - containers = append(containers, ctr) + specgenOpts := kube.CtrSpecGenOptions{ + Annotations: annotations, + Container: container, + Image: pulledImage, + Volumes: volumes, + PodID: pod.ID(), + PodName: podName, + PodInfraID: podInfraID, + ConfigMaps: configMaps, + SeccompPaths: seccompPaths, + RestartPolicy: ctrRestartPolicy, + NetNSIsHost: p.NetNS.IsHost(), + SecretsManager: secretsManager, + LogDriver: options.LogDriver, + LogOptions: options.LogOptions, + Labels: labels, + } + specGen, err := kube.ToSpecGen(ctx, &specgenOpts) + if err != nil { + return nil, err + } + specGen.RawImageName = container.Image + rtSpec, spec, opts, err := generate.MakeContainer(ctx, ic.Libpod, specGen, false, nil) + if err != nil { + return nil, err + } + ctr, err := generate.ExecuteCreate(ctx, ic.Libpod, rtSpec, spec, false, opts...) + if err != nil { + return nil, err } + containers = append(containers, ctr) } if options.Start != types.OptionalBoolFalse { @@ -770,7 +774,7 @@ func getBuildFile(imageName string, cwd string) (string, error) { logrus.Error(err.Error()) } - _, err = os.Stat(filepath.Join(dockerfilePath)) + _, err = os.Stat(dockerfilePath) if err == nil { logrus.Debugf("Building %s with %s", imageName, dockerfilePath) return dockerfilePath, nil diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 4361821d5..8e96e4154 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -150,7 +150,7 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys if err != nil { return nil, err } - reclaimedSpace = reclaimedSpace + reports.PruneReportsSize(containerPruneReports) + reclaimedSpace += reports.PruneReportsSize(containerPruneReports) systemPruneReport.ContainerPruneReports = append(systemPruneReport.ContainerPruneReports, containerPruneReports...) imagePruneOptions := entities.ImagePruneOptions{ All: options.All, @@ -158,7 +158,7 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys } imageEngine := ImageEngine{Libpod: ic.Libpod} imagePruneReports, err := imageEngine.Prune(ctx, imagePruneOptions) - reclaimedSpace = reclaimedSpace + reports.PruneReportsSize(imagePruneReports) + reclaimedSpace += reports.PruneReportsSize(imagePruneReports) if err != nil { return nil, err @@ -178,7 +178,7 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys if len(volumePruneReport) > 0 { found = true } - reclaimedSpace = reclaimedSpace + reports.PruneReportsSize(volumePruneReport) + reclaimedSpace += reports.PruneReportsSize(volumePruneReport) systemPruneReport.VolumePruneReports = append(systemPruneReport.VolumePruneReports, volumePruneReport...) } } diff --git a/pkg/domain/infra/abi/trust.go b/pkg/domain/infra/abi/trust.go index d53fe16d1..58f099bb6 100644 --- a/pkg/domain/infra/abi/trust.go +++ b/pkg/domain/infra/abi/trust.go @@ -142,15 +142,15 @@ func getPolicyShowOutput(policyContentStruct trust.PolicyContent, systemRegistri Type: trustTypeDescription(repoval[0].Type), } // TODO - keyarr is not used and I don't know its intent; commenting out for now for someone to fix later - //keyarr := []string{} + // keyarr := []string{} uids := []string{} for _, repoele := range repoval { if len(repoele.KeyPath) > 0 { - //keyarr = append(keyarr, repoele.KeyPath) + // keyarr = append(keyarr, repoele.KeyPath) uids = append(uids, trust.GetGPGIdFromKeyPath(repoele.KeyPath)...) } if len(repoele.KeyData) > 0 { - //keyarr = append(keyarr, string(repoele.KeyData)) + // keyarr = append(keyarr, string(repoele.KeyData)) uids = append(uids, trust.GetGPGIdFromKeyData(repoele.KeyData)...) } } |