diff options
Diffstat (limited to 'pkg/specgen/generate')
-rw-r--r-- | pkg/specgen/generate/container.go | 10 | ||||
-rw-r--r-- | pkg/specgen/generate/container_create.go | 20 | ||||
-rw-r--r-- | pkg/specgen/generate/kube/kube.go | 13 | ||||
-rw-r--r-- | pkg/specgen/generate/kube/kube_test.go | 1 | ||||
-rw-r--r-- | pkg/specgen/generate/namespaces.go | 8 | ||||
-rw-r--r-- | pkg/specgen/generate/oci.go | 7 | ||||
-rw-r--r-- | pkg/specgen/generate/validate.go | 6 |
7 files changed, 30 insertions, 35 deletions
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go index 81286b962..831c1d7b9 100644 --- a/pkg/specgen/generate/container.go +++ b/pkg/specgen/generate/container.go @@ -395,7 +395,7 @@ func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, contaierID s } else { switch nameSpaces[i] { case "pid": - specg.PidNS = specgen.Namespace{NSMode: specgen.Default} //default + specg.PidNS = specgen.Namespace{NSMode: specgen.Default} // default case "net": switch { case conf.NetMode.IsBridge(): @@ -435,7 +435,7 @@ func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, contaierID s specg.NetNS = specgen.Namespace{NSMode: specgen.FromPod, Value: strings.Split(string(conf.NetMode), ":")[1]} } case "cgroup": - specg.CgroupNS = specgen.Namespace{NSMode: specgen.Default} //default + specg.CgroupNS = specgen.Namespace{NSMode: specgen.Default} // default case "ipc": switch conf.ShmDir { case "/dev/shm": @@ -443,15 +443,15 @@ func ConfigToSpec(rt *libpod.Runtime, specg *specgen.SpecGenerator, contaierID s case "": specg.IpcNS = specgen.Namespace{NSMode: specgen.None} default: - specg.IpcNS = specgen.Namespace{NSMode: specgen.Default} //default + specg.IpcNS = specgen.Namespace{NSMode: specgen.Default} // default } case "uts": - specg.UtsNS = specgen.Namespace{NSMode: specgen.Default} //default + specg.UtsNS = specgen.Namespace{NSMode: specgen.Default} // default case "user": if conf.AddCurrentUserPasswdEntry { specg.UserNS = specgen.Namespace{NSMode: specgen.KeepID} } else { - specg.UserNS = specgen.Namespace{NSMode: specgen.Default} //default + specg.UserNS = specgen.Namespace{NSMode: specgen.Default} // default } } } diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 50454cbab..8b9ed8ffe 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -434,20 +434,18 @@ func createContainerOptions(rt *libpod.Runtime, s *specgen.SpecGenerator, pod *l // Security options if len(s.SelinuxOpts) > 0 { options = append(options, libpod.WithSecLabels(s.SelinuxOpts)) - } else { - if pod != nil && len(compatibleOptions.SelinuxOpts) == 0 { - // duplicate the security options from the pod - processLabel, err := pod.ProcessLabel() + } else if pod != nil && len(compatibleOptions.SelinuxOpts) == 0 { + // duplicate the security options from the pod + processLabel, err := pod.ProcessLabel() + if err != nil { + return nil, err + } + if processLabel != "" { + selinuxOpts, err := label.DupSecOpt(processLabel) if err != nil { return nil, err } - if processLabel != "" { - selinuxOpts, err := label.DupSecOpt(processLabel) - if err != nil { - return nil, err - } - options = append(options, libpod.WithSecLabels(selinuxOpts)) - } + options = append(options, libpod.WithSecLabels(selinuxOpts)) } } options = append(options, libpod.WithPrivileged(s.Privileged)) diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 51f9fa535..4c11e4bff 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -449,12 +449,13 @@ func setupLivenessProbe(s *specgen.SpecGenerator, containerYAML v1.Container, re } // configure healthcheck on the basis of Handler Actions. - if probeHandler.Exec != nil { + switch { + case probeHandler.Exec != nil: execString := strings.Join(probeHandler.Exec.Command, " ") commandString = fmt.Sprintf("%s || %s", execString, failureCmd) - } else if probeHandler.HTTPGet != nil { + case probeHandler.HTTPGet != nil: commandString = fmt.Sprintf("curl %s://%s:%d/%s || %s", probeHandler.HTTPGet.Scheme, probeHandler.HTTPGet.Host, probeHandler.HTTPGet.Port.IntValue(), probeHandler.HTTPGet.Path, failureCmd) - } else if probeHandler.TCPSocket != nil { + case probeHandler.TCPSocket != nil: commandString = fmt.Sprintf("nc -z -v %s %d || %s", probeHandler.TCPSocket.Host, probeHandler.TCPSocket.Port.IntValue(), failureCmd) } s.HealthConfig, err = makeHealthCheck(commandString, probe.PeriodSeconds, probe.FailureThreshold, probe.TimeoutSeconds, probe.InitialDelaySeconds) @@ -490,17 +491,17 @@ func makeHealthCheck(inCmd string, interval int32, retries int32, timeout int32, } if interval < 1 { - //kubernetes interval defaults to 10 sec and cannot be less than 1 + // kubernetes interval defaults to 10 sec and cannot be less than 1 interval = 10 } hc.Interval = (time.Duration(interval) * time.Second) if retries < 1 { - //kubernetes retries defaults to 3 + // kubernetes retries defaults to 3 retries = 3 } hc.Retries = int(retries) if timeout < 1 { - //kubernetes timeout defaults to 1 + // kubernetes timeout defaults to 1 timeout = 1 } timeoutDuration := (time.Duration(timeout) * time.Second) diff --git a/pkg/specgen/generate/kube/kube_test.go b/pkg/specgen/generate/kube/kube_test.go index 0898d427d..9c52c03bb 100644 --- a/pkg/specgen/generate/kube/kube_test.go +++ b/pkg/specgen/generate/kube/kube_test.go @@ -5,7 +5,6 @@ import ( v1 "github.com/containers/podman/v4/pkg/k8s.io/api/core/v1" "github.com/stretchr/testify/assert" - //"github.com/stretchr/testify/require" ) func testPropagation(t *testing.T, propagation v1.MountPropagationMode, expected string) { diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go index 2362f61c4..37d561ec2 100644 --- a/pkg/specgen/generate/namespaces.go +++ b/pkg/specgen/generate/namespaces.go @@ -202,10 +202,8 @@ func namespaceOptions(s *specgen.SpecGenerator, rt *libpod.Runtime, pod *libpod. if s.IDMappings != nil { if pod == nil { toReturn = append(toReturn, libpod.WithIDMappings(*s.IDMappings)) - } else { - if pod.HasInfraContainer() && (len(s.IDMappings.UIDMap) > 0 || len(s.IDMappings.GIDMap) > 0) { - return nil, errors.Wrapf(define.ErrInvalidArg, "cannot specify a new uid/gid map when entering a pod with an infra container") - } + } else if pod.HasInfraContainer() && (len(s.IDMappings.UIDMap) > 0 || len(s.IDMappings.GIDMap) > 0) { + return nil, errors.Wrapf(define.ErrInvalidArg, "cannot specify a new uid/gid map when entering a pod with an infra container") } } if s.User != "" { @@ -482,7 +480,7 @@ func GetNamespaceOptions(ns []string, netnsIsHost bool) ([]libpod.PodCreateOptio var options []libpod.PodCreateOption var erroredOptions []libpod.PodCreateOption if ns == nil { - //set the default namespaces + // set the default namespaces ns = strings.Split(specgen.DefaultKernelNamespaces, ",") } for _, toShare := range ns { diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index 95bcea8f0..b77c00f50 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -298,7 +298,8 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt g.AddAnnotation(key, val) } - if compatibleOptions.InfraResources == nil && s.ResourceLimits != nil { + switch { + case compatibleOptions.InfraResources == nil && s.ResourceLimits != nil: out, err := json.Marshal(s.ResourceLimits) if err != nil { return nil, err @@ -307,7 +308,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt if err != nil { return nil, err } - } else if s.ResourceLimits != nil { // if we have predefined resource limits we need to make sure we keep the infra and container limits + case s.ResourceLimits != nil: // if we have predefined resource limits we need to make sure we keep the infra and container limits originalResources, err := json.Marshal(s.ResourceLimits) if err != nil { return nil, err @@ -325,7 +326,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt return nil, err } g.Config.Linux.Resources = s.ResourceLimits - } else { + default: g.Config.Linux.Resources = compatibleOptions.InfraResources } // Devices diff --git a/pkg/specgen/generate/validate.go b/pkg/specgen/generate/validate.go index 8da3f2936..44c7818e7 100644 --- a/pkg/specgen/generate/validate.go +++ b/pkg/specgen/generate/validate.go @@ -47,10 +47,8 @@ func verifyContainerResourcesCgroupV1(s *specgen.SpecGenerator) ([]string, error if !sysInfo.MemorySwappiness { warnings = append(warnings, "Your kernel does not support memory swappiness capabilities, or the cgroup is not mounted. Memory swappiness discarded.") memory.Swappiness = nil - } else { - if *memory.Swappiness > 100 { - return warnings, errors.Errorf("invalid value: %v, valid memory swappiness range is 0-100", *memory.Swappiness) - } + } else if *memory.Swappiness > 100 { + return warnings, errors.Errorf("invalid value: %v, valid memory swappiness range is 0-100", *memory.Swappiness) } } if memory.Reservation != nil && !sysInfo.MemoryReservation { |