diff options
Diffstat (limited to 'pkg/domain')
-rw-r--r-- | pkg/domain/entities/container_ps.go | 13 | ||||
-rw-r--r-- | pkg/domain/entities/engine.go | 219 | ||||
-rw-r--r-- | pkg/domain/entities/engine_container.go | 4 | ||||
-rw-r--r-- | pkg/domain/entities/engine_image.go | 2 | ||||
-rw-r--r-- | pkg/domain/entities/pods.go | 4 | ||||
-rw-r--r-- | pkg/domain/entities/types.go | 32 | ||||
-rw-r--r-- | pkg/domain/infra/abi/containers.go | 4 | ||||
-rw-r--r-- | pkg/domain/infra/abi/pods.go | 2 | ||||
-rw-r--r-- | pkg/domain/infra/abi/system.go | 39 | ||||
-rw-r--r-- | pkg/domain/infra/runtime_libpod.go | 2 | ||||
-rw-r--r-- | pkg/domain/infra/tunnel/system.go | 5 |
11 files changed, 51 insertions, 275 deletions
diff --git a/pkg/domain/entities/container_ps.go b/pkg/domain/entities/container_ps.go index 33f5d0500..709bb58d6 100644 --- a/pkg/domain/entities/container_ps.go +++ b/pkg/domain/entities/container_ps.go @@ -4,7 +4,6 @@ import ( "sort" "strings" - "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/ps/define" "github.com/cri-o/ocicni/pkg/ocicni" "github.com/pkg/errors" @@ -73,18 +72,6 @@ type ListContainerNamespaces struct { User string `json:"User,omitempty"` } -// SortContainers helps us set-up ability to sort by createTime -type SortContainers []*libpod.Container - -func (a SortContainers) Len() int { return len(a) } -func (a SortContainers) Swap(i, j int) { a[i], a[j] = a[j], a[i] } - -type SortCreateTime struct{ SortContainers } - -func (a SortCreateTime) Less(i, j int) bool { - return a.SortContainers[i].CreatedTime().Before(a.SortContainers[j].CreatedTime()) -} - type SortListContainers []ListContainer func (a SortListContainers) Len() int { return len(a) } diff --git a/pkg/domain/entities/engine.go b/pkg/domain/entities/engine.go index 3b971a1e8..f45218d14 100644 --- a/pkg/domain/entities/engine.go +++ b/pkg/domain/entities/engine.go @@ -2,17 +2,9 @@ package entities import ( "context" - "fmt" "io" - "os" - "github.com/containers/buildah/pkg/parse" "github.com/containers/common/pkg/config" - "github.com/containers/common/pkg/sysinfo" - "github.com/containers/libpod/pkg/apparmor" - "github.com/containers/libpod/pkg/cgroups" - "github.com/containers/libpod/pkg/rootless" - "github.com/opencontainers/selinux/go-selinux" "github.com/opentracing/opentracing-go" "github.com/spf13/pflag" ) @@ -54,214 +46,3 @@ type PodmanConfig struct { StorageDriver string StorageOpts []string } - -// DefaultSecurityOptions: getter for security options from configuration -func (c PodmanConfig) DefaultSecurityOptions() []string { - securityOpts := []string{} - if c.Containers.SeccompProfile != "" && c.Containers.SeccompProfile != parse.SeccompDefaultPath { - securityOpts = append(securityOpts, fmt.Sprintf("seccomp=%s", c.Containers.SeccompProfile)) - } - if apparmor.IsEnabled() && c.Containers.ApparmorProfile != "" { - securityOpts = append(securityOpts, fmt.Sprintf("apparmor=%s", c.Containers.ApparmorProfile)) - } - if selinux.GetEnabled() && !c.Containers.EnableLabeling { - securityOpts = append(securityOpts, fmt.Sprintf("label=%s", selinux.DisableSecOpt()[0])) - } - return securityOpts -} - -// DefaultSysctls -func (c PodmanConfig) DefaultSysctls() []string { - return c.Containers.DefaultSysctls -} - -func (c PodmanConfig) DefaultVolumes() []string { - return c.Containers.Volumes -} - -func (c PodmanConfig) DefaultDevices() []string { - return c.Containers.Devices -} - -func (c PodmanConfig) DefaultDNSServers() []string { - return c.Containers.DNSServers -} - -func (c PodmanConfig) DefaultDNSSearches() []string { - return c.Containers.DNSSearches -} - -func (c PodmanConfig) DefaultDNSOptions() []string { - return c.Containers.DNSOptions -} - -func (c PodmanConfig) DefaultEnv() []string { - return c.Containers.Env -} - -func (c PodmanConfig) DefaultInitPath() string { - return c.Containers.InitPath -} - -func (c PodmanConfig) DefaultIPCNS() string { - return c.Containers.IPCNS -} - -func (c PodmanConfig) DefaultPidNS() string { - return c.Containers.PidNS -} - -func (c PodmanConfig) DefaultNetNS() string { - if c.Containers.NetNS == "private" && rootless.IsRootless() { - return "slirp4netns" - } - return c.Containers.NetNS -} - -func (c PodmanConfig) DefaultCgroupNS() string { - return c.Containers.CgroupNS -} - -func (c PodmanConfig) DefaultUTSNS() string { - return c.Containers.UTSNS -} - -func (c PodmanConfig) DefaultShmSize() string { - return c.Containers.ShmSize -} - -func (c PodmanConfig) DefaultUlimits() []string { - return c.Containers.DefaultUlimits -} - -func (c PodmanConfig) DefaultUserNS() string { - if v, found := os.LookupEnv("PODMAN_USERNS"); found { - return v - } - return c.Containers.UserNS -} - -func (c PodmanConfig) DefaultPidsLimit() int64 { - if rootless.IsRootless() { - cgroup2, _ := cgroups.IsCgroup2UnifiedMode() - if cgroup2 { - return c.Containers.PidsLimit - } - } - return sysinfo.GetDefaultPidsLimit() -} - -func (c PodmanConfig) DefaultPidsDescription() string { - return "Tune container pids limit (set 0 for unlimited)" -} - -func (c PodmanConfig) DefaultDetachKeys() string { - return c.Engine.DetachKeys -} - -// TODO: Remove in rootless support PR -// // EngineOptions holds the environment for running the engines -// type EngineOptions struct { -// // Introduced with V2 -// Uri string -// Identities []string -// FlagSet *pflag.FlagSet -// EngineMode EngineMode -// CGroupUsage string -// -// // Introduced with V1 -// CGroupManager string // config.EngineConfig -// CniConfigDir string // config.NetworkConfig.NetworkConfigDir -// ConmonPath string // config.EngineConfig -// DefaultMountsFile string // config.ContainersConfig -// EventsBackend string // config.EngineConfig.EventsLogger -// HooksDir []string // config.EngineConfig -// MaxWorks int -// Namespace string // config.EngineConfig -// Root string // -// Runroot string // config.EngineConfig.StorageConfigRunRootSet?? -// Runtime string // config.EngineConfig.OCIRuntime -// StorageDriver string // config.EngineConfig.StorageConfigGraphDriverNameSet?? -// StorageOpts []string -// Syslog bool -// Trace bool -// NetworkCmdPath string // config.EngineConfig -// -// Config string -// CpuProfile string -// LogLevel string -// TmpDir string // config.EngineConfig -// -// RemoteUserName string // deprecated -// RemoteHost string // deprecated -// VarlinkAddress string // deprecated -// ConnectionName string -// RemoteConfigFilePath string -// Port int // deprecated -// IdentityFile string // deprecated -// IgnoreHosts bool -// } -// -// func NewEngineOptions(opts EngineOptions) (EngineOptions, error) { -// ctnrCfg, err := config.Default() -// if err != nil { -// logrus.Error(err) -// os.Exit(1) -// } -// -// cgroupManager := ctnrCfg.Engine.CgroupManager -// cgroupUsage := `Cgroup manager to use ("cgroupfs"|"systemd")` -// cgroupv2, _ := cgroups.IsCgroup2UnifiedMode() -// cniPluginDir := ctnrCfg.Network.CNIPluginDirs[0] -// -// cfg, err := config.NewConfig("") -// if err != nil { -// logrus.Errorf("Error loading container config %v\n", err) -// os.Exit(1) -// } -// cfg.CheckCgroupsAndAdjustConfig() -// -// if rootless.IsRootless() { -// if !cgroupv2 { -// cgroupManager = "" -// cgroupUsage = "Cgroup manager is not supported in rootless mode" -// } -// cniPluginDir = "" -// } -// -// return EngineOptions{ -// CGroupManager: cgroupManager, -// CGroupUsage: cgroupUsage, -// CniConfigDir: cniPluginDir, -// Config: opts.Config, // TODO: deprecate -// ConmonPath: opts.ConmonPath, -// ConnectionName: opts.ConnectionName, -// CpuProfile: opts.CpuProfile, -// DefaultMountsFile: ctnrCfg.Containers.DefaultMountsFile, -// EngineMode: opts.EngineMode, -// EventsBackend: ctnrCfg.Engine.EventsLogger, -// FlagSet: opts.FlagSet, // TODO: deprecate -// HooksDir: append(ctnrCfg.Engine.HooksDir[:0:0], ctnrCfg.Engine.HooksDir...), -// Identities: append(opts.Identities[:0:0], opts.Identities...), -// IdentityFile: opts.IdentityFile, // TODO: deprecate -// IgnoreHosts: opts.IgnoreHosts, -// LogLevel: opts.LogLevel, -// MaxWorks: opts.MaxWorks, -// Namespace: ctnrCfg.Engine.Namespace, -// NetworkCmdPath: ctnrCfg.Engine.NetworkCmdPath, -// Port: opts.Port, -// RemoteConfigFilePath: opts.RemoteConfigFilePath, -// RemoteHost: opts.RemoteHost, // TODO: deprecate -// RemoteUserName: opts.RemoteUserName, // TODO: deprecate -// Root: opts.Root, -// Runroot: opts.Runroot, -// Runtime: opts.Runtime, -// StorageDriver: opts.StorageDriver, -// StorageOpts: append(opts.StorageOpts[:0:0], opts.StorageOpts...), -// Syslog: opts.Syslog, -// TmpDir: opts.TmpDir, -// Trace: opts.Trace, -// Uri: opts.Uri, -// VarlinkAddress: opts.VarlinkAddress, -// }, nil -// } diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go index c3092a98a..02938413a 100644 --- a/pkg/domain/entities/engine_container.go +++ b/pkg/domain/entities/engine_container.go @@ -6,6 +6,7 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/specgen" + "github.com/spf13/cobra" ) type ContainerEngine interface { @@ -24,9 +25,9 @@ type ContainerEngine interface { ContainerInspect(ctx context.Context, namesOrIds []string, options InspectOptions) ([]*ContainerInspectReport, error) ContainerKill(ctx context.Context, namesOrIds []string, options KillOptions) ([]*KillReport, error) ContainerList(ctx context.Context, options ContainerListOptions) ([]ListContainer, error) + ContainerLogs(ctx context.Context, containers []string, options ContainerLogsOptions) error ContainerMount(ctx context.Context, nameOrIds []string, options ContainerMountOptions) ([]*ContainerMountReport, error) ContainerPause(ctx context.Context, namesOrIds []string, options PauseUnPauseOptions) ([]*PauseUnpauseReport, error) - ContainerLogs(ctx context.Context, containers []string, options ContainerLogsOptions) error ContainerRestart(ctx context.Context, namesOrIds []string, options RestartOptions) ([]*RestartReport, error) ContainerRestore(ctx context.Context, namesOrIds []string, options RestoreOptions) ([]*RestoreReport, error) ContainerRm(ctx context.Context, namesOrIds []string, options RmOptions) ([]*RmReport, error) @@ -53,6 +54,7 @@ type ContainerEngine interface { PodTop(ctx context.Context, options PodTopOptions) (*StringSliceReport, error) PodUnpause(ctx context.Context, namesOrIds []string, options PodunpauseOptions) ([]*PodUnpauseReport, error) RestService(ctx context.Context, opts ServiceOptions) error + SetupRootless(ctx context.Context, cmd *cobra.Command) error VarlinkService(ctx context.Context, opts ServiceOptions) error VolumeCreate(ctx context.Context, opts VolumeCreateOptions) (*IdOrNameResponse, error) VolumeInspect(ctx context.Context, namesOrIds []string, opts VolumeInspectOptions) ([]*VolumeInspectReport, error) diff --git a/pkg/domain/entities/engine_image.go b/pkg/domain/entities/engine_image.go index 3a051ab9b..e3b606550 100644 --- a/pkg/domain/entities/engine_image.go +++ b/pkg/domain/entities/engine_image.go @@ -20,7 +20,7 @@ type ImageEngine interface { Pull(ctx context.Context, rawImage string, opts ImagePullOptions) (*ImagePullReport, error) Push(ctx context.Context, source string, destination string, opts ImagePushOptions) error Save(ctx context.Context, nameOrId string, tags []string, options ImageSaveOptions) error + Search(ctx context.Context, term string, opts ImageSearchOptions) ([]ImageSearchReport, error) Tag(ctx context.Context, nameOrId string, tags []string, options ImageTagOptions) error Untag(ctx context.Context, nameOrId string, tags []string, options ImageUntagOptions) error - Search(ctx context.Context, term string, opts ImageSearchOptions) ([]ImageSearchReport, error) } diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 9ca8ff43c..b280203de 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -4,7 +4,7 @@ import ( "strings" "time" - "github.com/containers/libpod/libpod" + "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/specgen" ) @@ -177,5 +177,5 @@ type PodInspectOptions struct { } type PodInspectReport struct { - *libpod.PodInspect + *define.InspectPodData } diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go index 91ae00764..31a05f5d3 100644 --- a/pkg/domain/entities/types.go +++ b/pkg/domain/entities/types.go @@ -1,6 +1,7 @@ package entities import ( + "errors" "net" "github.com/containers/libpod/libpod/events" @@ -72,3 +73,34 @@ type EventsOptions struct { Since string Until string } + +// ContainerCreateResponse is the response struct for creating a container +type ContainerCreateResponse struct { + // ID of the container created + ID string `json:"Id"` + // Warnings during container creation + Warnings []string `json:"Warnings"` +} + +type ErrorModel struct { + // API root cause formatted for automated parsing + // example: API root cause + Because string `json:"cause"` + // human error message, formatted for a human to read + // example: human error message + Message string `json:"message"` + // http response code + ResponseCode int `json:"response"` +} + +func (e ErrorModel) Error() string { + return e.Message +} + +func (e ErrorModel) Cause() error { + return errors.New(e.Because) +} + +func (e ErrorModel) Code() int { + return e.ResponseCode +} diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index 4279fb756..c9df72f2d 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -668,9 +668,6 @@ func (ic *ContainerEngine) ContainerDiff(ctx context.Context, nameOrId string, o } func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.ContainerRunOptions) (*entities.ContainerRunReport, error) { - var ( - joinPod bool - ) if err := generate.CompleteSpec(ctx, ic.Libpod, opts.Spec); err != nil { return nil, err } @@ -679,6 +676,7 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta return nil, err } + var joinPod bool if len(ctr.PodID()) > 0 { joinPod = true } diff --git a/pkg/domain/infra/abi/pods.go b/pkg/domain/infra/abi/pods.go index bb637de3e..59bf0f636 100644 --- a/pkg/domain/infra/abi/pods.go +++ b/pkg/domain/infra/abi/pods.go @@ -351,5 +351,5 @@ func (ic *ContainerEngine) PodInspect(ctx context.Context, options entities.PodI if err != nil { return nil, err } - return &entities.PodInspectReport{PodInspect: inspect}, nil + return &entities.PodInspectReport{InspectPodData: inspect}, nil } diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 10872144b..67593b2dd 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -100,7 +100,7 @@ func (ic *ContainerEngine) VarlinkService(_ context.Context, opts entities.Servi return nil } -func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error { +func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error { // do it only after podman has already re-execed and running with uid==0. if os.Geteuid() == 0 { ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup() @@ -123,10 +123,6 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error { } } - if !executeCommandInUserNS(cmd) { - return nil - } - pausePidPath, err := util.GetRootlessPauseProcessPidPath() if err != nil { return errors.Wrapf(err, "could not get pause process pid file path") @@ -143,7 +139,8 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error { // if there is no pid file, try to join existing containers, and create a pause process. ctrs, err := ic.Libpod.GetRunningContainers() if err != nil { - logrus.WithError(err).Fatal("") + logrus.Error(err.Error()) + os.Exit(1) } paths := []string{} @@ -164,7 +161,8 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error { } } if err != nil { - logrus.WithError(err).Fatal("") + logrus.Error(err) + os.Exit(1) } if became { os.Exit(ret) @@ -172,25 +170,6 @@ func (ic *ContainerEngine) SetupRootless(cmd *cobra.Command) error { return nil } -// Most podman commands when run in rootless mode, need to be executed in the -// users usernamespace. This function is updated with a list of commands that -// should NOT be run within the user namespace. -func executeCommandInUserNS(cmd *cobra.Command) bool { - return os.Geteuid() == 0 - // if os.Geteuid() == 0 { - // return false - // } - // switch cmd { - // case _migrateCommand, - // _mountCommand, - // _renumberCommand, - // _searchCommand, - // _versionCommand: - // return false - // } - // return true -} - func movePauseProcessToScope() error { pausePidPath, err := util.GetRootlessPauseProcessPidPath() if err != nil { @@ -234,11 +213,3 @@ func setUMask() { // nolint:deadcode,unused func checkInput() error { // nolint:deadcode,unused return nil } - -// func getCNIPluginsDir() string { -// if rootless.IsRootless() { -// return "" -// } -// -// return registry.PodmanOptions.Network.CNIPluginDirs[0] -// } diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go index 6b0ac4852..e335dd560 100644 --- a/pkg/domain/infra/runtime_libpod.go +++ b/pkg/domain/infra/runtime_libpod.go @@ -1,4 +1,4 @@ -// build: ABISupport +// +build ABISupport package infra diff --git a/pkg/domain/infra/tunnel/system.go b/pkg/domain/infra/tunnel/system.go index 7c7a55c05..f373525c5 100644 --- a/pkg/domain/infra/tunnel/system.go +++ b/pkg/domain/infra/tunnel/system.go @@ -7,6 +7,7 @@ import ( "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/bindings/system" "github.com/containers/libpod/pkg/domain/entities" + "github.com/spf13/cobra" ) func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { @@ -20,3 +21,7 @@ func (ic *ContainerEngine) RestService(_ context.Context, _ entities.ServiceOpti func (ic *ContainerEngine) VarlinkService(_ context.Context, _ entities.ServiceOptions) error { panic(errors.New("varlink service is not supported when tunneling")) } + +func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) error { + panic(errors.New("rootless engine mode is not supported when tunneling")) +} |