aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/adapter/checkpoint_restore.go6
-rw-r--r--pkg/adapter/containers.go12
-rw-r--r--pkg/adapter/pods.go4
-rw-r--r--pkg/adapter/runtime.go18
-rw-r--r--pkg/adapter/runtime_remote.go19
-rw-r--r--pkg/adapter/sigproxy_linux.go2
-rw-r--r--pkg/adapter/terminal_linux.go2
-rw-r--r--pkg/apparmor/apparmor_linux.go16
-rw-r--r--pkg/cgroups/cgroups.go10
-rw-r--r--pkg/ctime/ctime_linux.go2
-rw-r--r--pkg/firewall/iptables.go1
-rw-r--r--pkg/hooks/exec/runtimeconfigfilter.go12
-rw-r--r--pkg/rootless/rootless_linux.go8
-rw-r--r--pkg/spec/config_linux.go2
-rw-r--r--pkg/spec/parse.go6
-rw-r--r--pkg/sysinfo/sysinfo_linux.go2
-rw-r--r--pkg/varlinkapi/images.go2
-rw-r--r--pkg/varlinkapi/virtwriter/virtwriter.go6
18 files changed, 75 insertions, 55 deletions
diff --git a/pkg/adapter/checkpoint_restore.go b/pkg/adapter/checkpoint_restore.go
index 533e9e3a2..1cac86d12 100644
--- a/pkg/adapter/checkpoint_restore.go
+++ b/pkg/adapter/checkpoint_restore.go
@@ -4,7 +4,6 @@ package adapter
import (
"context"
- "io"
"io/ioutil"
"os"
"path/filepath"
@@ -35,7 +34,7 @@ func crImportFromJSON(filePath string, v interface{}) error {
return errors.Wrapf(err, "Failed to read container definition %s for restore", filePath)
}
json := jsoniter.ConfigCompatibleWithStandardLibrary
- if err = json.Unmarshal([]byte(content), v); err != nil {
+ if err = json.Unmarshal(content, v); err != nil {
return errors.Wrapf(err, "Failed to unmarshal container definition %s for restore", filePath)
}
@@ -106,9 +105,8 @@ func crImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, input stri
ctrName := config.Name
// The code to load the images is copied from create.go
- var writer io.Writer
// In create.go this only set if '--quiet' does not exist.
- writer = os.Stderr
+ writer := os.Stderr
rtc, err := runtime.GetConfig()
if err != nil {
return nil, err
diff --git a/pkg/adapter/containers.go b/pkg/adapter/containers.go
index 7e2384e18..9726b237f 100644
--- a/pkg/adapter/containers.go
+++ b/pkg/adapter/containers.go
@@ -69,7 +69,7 @@ func (r *LocalRuntime) LookupContainer(idOrName string) (*Container, error) {
func (r *LocalRuntime) StopContainers(ctx context.Context, cli *cliconfig.StopValues) ([]string, map[string]error, error) {
var timeout *uint
if cli.Flags().Changed("timeout") || cli.Flags().Changed("time") {
- t := uint(cli.Timeout)
+ t := cli.Timeout
timeout = &t
}
@@ -342,7 +342,7 @@ func (r *LocalRuntime) Run(ctx context.Context, c *cliconfig.RunValues, exitCode
if err := ctr.Start(ctx, c.IsSet("pod")); err != nil {
// This means the command did not exist
exitCode = 127
- if strings.Index(err.Error(), "permission denied") > -1 {
+ if strings.Contains(err.Error(), "permission denied") {
exitCode = 126
}
return exitCode, err
@@ -405,7 +405,7 @@ func (r *LocalRuntime) Run(ctx context.Context, c *cliconfig.RunValues, exitCode
}
// This means the command did not exist
exitCode = 127
- if strings.Index(err.Error(), "permission denied") > -1 {
+ if strings.Contains(err.Error(), "permission denied") {
exitCode = 126
}
if c.IsSet("rm") {
@@ -1057,7 +1057,7 @@ func (r *LocalRuntime) GenerateSystemd(c *cliconfig.GenerateSystemdValues) (stri
}
timeout := int(ctr.StopTimeout())
if c.StopTimeout >= 0 {
- timeout = int(c.StopTimeout)
+ timeout = c.StopTimeout
}
name := ctr.ID()
if c.Name {
@@ -1153,9 +1153,7 @@ func (r *LocalRuntime) Exec(c *cliconfig.ExecValues, cmd []string) error {
for _, e := range entries {
i, err := strconv.Atoi(e.Name())
if err != nil {
- if err != nil {
- return errors.Wrapf(err, "cannot parse %s in /proc/self/fd", e.Name())
- }
+ return errors.Wrapf(err, "cannot parse %s in /proc/self/fd", e.Name())
}
m[i] = true
}
diff --git a/pkg/adapter/pods.go b/pkg/adapter/pods.go
index 2ca4f228f..5960fac60 100644
--- a/pkg/adapter/pods.go
+++ b/pkg/adapter/pods.go
@@ -155,7 +155,7 @@ func (r *LocalRuntime) StopPods(ctx context.Context, cli *cliconfig.PodStopValue
for _, p := range pods {
stopped := true
- conErrs, stopErr := p.StopWithTimeout(ctx, true, int(timeout))
+ conErrs, stopErr := p.StopWithTimeout(ctx, true, timeout)
if stopErr != nil {
errs = append(errs, stopErr)
stopped = false
@@ -532,7 +532,6 @@ func (r *LocalRuntime) PlayKubeYAML(ctx context.Context, c *cliconfig.KubePlayVa
if err := libpod.LabelVolumePath(hostPath.Path, false); err != nil {
return nil, errors.Wrapf(err, "Error giving %s a label", hostPath.Path)
}
- break
case v1.HostPathFileOrCreate:
if _, err := os.Stat(hostPath.Path); os.IsNotExist(err) {
f, err := os.OpenFile(hostPath.Path, os.O_RDONLY|os.O_CREATE, createFilePermission)
@@ -547,7 +546,6 @@ func (r *LocalRuntime) PlayKubeYAML(ctx context.Context, c *cliconfig.KubePlayVa
if err := libpod.LabelVolumePath(hostPath.Path, false); err != nil {
return nil, errors.Wrapf(err, "Error giving %s a label", hostPath.Path)
}
- break
case v1.HostPathDirectory:
case v1.HostPathFile:
case v1.HostPathUnset:
diff --git a/pkg/adapter/runtime.go b/pkg/adapter/runtime.go
index e65f07898..ee6913cc0 100644
--- a/pkg/adapter/runtime.go
+++ b/pkg/adapter/runtime.go
@@ -85,16 +85,27 @@ func getRuntime(runtime *libpod.Runtime) (*LocalRuntime, error) {
// GetImages returns a slice of images in containerimages
func (r *LocalRuntime) GetImages() ([]*ContainerImage, error) {
+ return r.getImages(false)
+}
+
+// GetRWImages returns a slice of read/write images in containerimages
+func (r *LocalRuntime) GetRWImages() ([]*ContainerImage, error) {
+ return r.getImages(true)
+}
+
+func (r *LocalRuntime) getImages(rwOnly bool) ([]*ContainerImage, error) {
var containerImages []*ContainerImage
images, err := r.Runtime.ImageRuntime().GetImages()
if err != nil {
return nil, err
}
for _, i := range images {
+ if rwOnly && i.IsReadOnly() {
+ continue
+ }
containerImages = append(containerImages, &ContainerImage{i})
}
return containerImages, nil
-
}
// NewImageFromLocal returns a containerimage representation of a image from local storage
@@ -321,10 +332,7 @@ func (r *LocalRuntime) LoadImage(ctx context.Context, name string, cli *cliconfi
// IsImageNotFound checks if the error indicates that no image was found.
func IsImageNotFound(err error) bool {
- if errors.Cause(err) == image.ErrNoSuchImage {
- return true
- }
- return false
+ return errors.Cause(err) == image.ErrNoSuchImage
}
// HealthCheck is a wrapper to same named function in libpod
diff --git a/pkg/adapter/runtime_remote.go b/pkg/adapter/runtime_remote.go
index db3f23629..9fae39df0 100644
--- a/pkg/adapter/runtime_remote.go
+++ b/pkg/adapter/runtime_remote.go
@@ -129,6 +129,7 @@ type remoteImage struct {
isParent bool
Runtime *LocalRuntime
TopLayer string
+ ReadOnly bool
}
// Container ...
@@ -169,12 +170,24 @@ type remoteVolume struct {
// GetImages returns a slice of containerimages over a varlink connection
func (r *LocalRuntime) GetImages() ([]*ContainerImage, error) {
+ return r.getImages(false)
+}
+
+// GetRWImages returns a slice of read/write containerimages over a varlink connection
+func (r *LocalRuntime) GetRWImages() ([]*ContainerImage, error) {
+ return r.getImages(true)
+}
+
+func (r *LocalRuntime) getImages(rwOnly bool) ([]*ContainerImage, error) {
var newImages []*ContainerImage
images, err := iopodman.ListImages().Call(r.Conn)
if err != nil {
return nil, err
}
for _, i := range images {
+ if rwOnly && i.ReadOnly {
+ continue
+ }
name := i.Id
if len(i.RepoTags) > 1 {
name = i.RepoTags[0]
@@ -207,6 +220,7 @@ func imageInListToContainerImage(i iopodman.Image, name string, runtime *LocalRu
isParent: i.IsParent,
Runtime: runtime,
TopLayer: i.TopLayer,
+ ReadOnly: i.ReadOnly,
}
return &ContainerImage{ri}, nil
}
@@ -302,6 +316,11 @@ func (ci *ContainerImage) Created() time.Time {
return ci.remoteImage.Created
}
+// IsReadOnly returns whether the image is ReadOnly
+func (ci *ContainerImage) IsReadOnly() bool {
+ return ci.remoteImage.ReadOnly
+}
+
// Size returns the size of the image
func (ci *ContainerImage) Size(ctx context.Context) (*uint64, error) {
usize := uint64(ci.remoteImage.Size)
diff --git a/pkg/adapter/sigproxy_linux.go b/pkg/adapter/sigproxy_linux.go
index efa6afa7b..ebfeab725 100644
--- a/pkg/adapter/sigproxy_linux.go
+++ b/pkg/adapter/sigproxy_linux.go
@@ -33,6 +33,4 @@ func ProxySignals(ctr *libpod.Container) {
}
}
}()
-
- return
}
diff --git a/pkg/adapter/terminal_linux.go b/pkg/adapter/terminal_linux.go
index e3255ecb6..9f6ddc2e6 100644
--- a/pkg/adapter/terminal_linux.go
+++ b/pkg/adapter/terminal_linux.go
@@ -14,6 +14,8 @@ import (
)
// StartAttachCtr starts and (if required) attaches to a container
+// if you change the signature of this function from os.File to io.Writer, it will trigger a downstream
+// error. we may need to just lint disable this one.
func StartAttachCtr(ctx context.Context, ctr *libpod.Container, stdout, stderr, stdin *os.File, detachKeys string, sigProxy bool, startContainer bool, recursive bool) error {
resize := make(chan remotecommand.TerminalSize)
diff --git a/pkg/apparmor/apparmor_linux.go b/pkg/apparmor/apparmor_linux.go
index 479600408..33710ff56 100644
--- a/pkg/apparmor/apparmor_linux.go
+++ b/pkg/apparmor/apparmor_linux.go
@@ -92,16 +92,24 @@ func InstallDefault(name string) error {
return err
}
if err := cmd.Start(); err != nil {
- pipe.Close()
+ if pipeErr := pipe.Close(); pipeErr != nil {
+ logrus.Errorf("unable to close apparmor pipe: %q", pipeErr)
+ }
return err
}
if err := p.generateDefault(pipe); err != nil {
- pipe.Close()
- cmd.Wait()
+ if pipeErr := pipe.Close(); pipeErr != nil {
+ logrus.Errorf("unable to close apparmor pipe: %q", pipeErr)
+ }
+ if cmdErr := cmd.Wait(); cmdErr != nil {
+ logrus.Errorf("unable to wait for apparmor command: %q", cmdErr)
+ }
return err
}
- pipe.Close()
+ if pipeErr := pipe.Close(); pipeErr != nil {
+ logrus.Errorf("unable to close apparmor pipe: %q", pipeErr)
+ }
return cmd.Wait()
}
diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go
index fda19bff8..f2c6b548e 100644
--- a/pkg/cgroups/cgroups.go
+++ b/pkg/cgroups/cgroups.go
@@ -155,7 +155,7 @@ func createCgroupv2Path(path string) (Err error) {
if err != nil {
return errors.Wrapf(err, "read /sys/fs/cgroup/cgroup.controllers")
}
- if !filepath.HasPrefix(path, "/sys/fs/cgroup") {
+ if !strings.HasPrefix(path, "/sys/fs/cgroup/") {
return fmt.Errorf("invalid cgroup path %s", path)
}
@@ -274,12 +274,6 @@ func readFileAsUint64(path string) (uint64, error) {
return ret, nil
}
-func (c *CgroupControl) writePidToTasks(pid int, name string) error {
- path := filepath.Join(c.getCgroupv1Path(name), "tasks")
- payload := []byte(fmt.Sprintf("%d", pid))
- return ioutil.WriteFile(path, payload, 0644)
-}
-
// New creates a new cgroup control
func New(path string, resources *spec.LinuxResources) (*CgroupControl, error) {
cgroup2, err := IsCgroup2UnifiedMode()
@@ -384,7 +378,7 @@ func rmDirRecursively(path string) error {
}
}
}
- if os.Remove(path); err != nil {
+ if err := os.Remove(path); err != nil {
if !os.IsNotExist(err) {
return errors.Wrapf(err, "remove %s", path)
}
diff --git a/pkg/ctime/ctime_linux.go b/pkg/ctime/ctime_linux.go
index e83269d49..28ad959cf 100644
--- a/pkg/ctime/ctime_linux.go
+++ b/pkg/ctime/ctime_linux.go
@@ -10,5 +10,5 @@ import (
func created(fi os.FileInfo) time.Time {
st := fi.Sys().(*syscall.Stat_t)
- return time.Unix(int64(st.Ctim.Sec), int64(st.Ctim.Nsec))
+ return time.Unix(st.Ctim.Sec, st.Ctim.Nsec)
}
diff --git a/pkg/firewall/iptables.go b/pkg/firewall/iptables.go
index 92d249f7b..169ddc1d7 100644
--- a/pkg/firewall/iptables.go
+++ b/pkg/firewall/iptables.go
@@ -151,7 +151,6 @@ type iptablesBackend struct {
protos map[iptables.Protocol]*iptables.IPTables
privChainName string
adminChainName string
- ifName string
}
// iptablesBackend implements the FirewallBackend interface
diff --git a/pkg/hooks/exec/runtimeconfigfilter.go b/pkg/hooks/exec/runtimeconfigfilter.go
index c6971f680..10b8fedc2 100644
--- a/pkg/hooks/exec/runtimeconfigfilter.go
+++ b/pkg/hooks/exec/runtimeconfigfilter.go
@@ -27,7 +27,11 @@ var spewConfig = spew.ConfigState{
// reads back a possibly-altered form from their standard output).
func RuntimeConfigFilter(ctx context.Context, hooks []spec.Hook, config *spec.Spec, postKillTimeout time.Duration) (hookErr, err error) {
data, err := json.Marshal(config)
+ if err != nil {
+ return nil, err
+ }
for i, hook := range hooks {
+ hook := hook
var stdout bytes.Buffer
hookErr, err = Run(ctx, &hook, data, &stdout, nil, postKillTimeout)
if err != nil {
@@ -43,11 +47,11 @@ func RuntimeConfigFilter(ctx context.Context, hooks []spec.Hook, config *spec.Sp
}
if !reflect.DeepEqual(config, &newConfig) {
- old := spewConfig.Sdump(config)
- new := spewConfig.Sdump(&newConfig)
+ oldConfig := spewConfig.Sdump(config)
+ newConfig := spewConfig.Sdump(&newConfig)
diff, err := difflib.GetUnifiedDiffString(difflib.UnifiedDiff{
- A: difflib.SplitLines(old),
- B: difflib.SplitLines(new),
+ A: difflib.SplitLines(oldConfig),
+ B: difflib.SplitLines(newConfig),
FromFile: "Old",
FromDate: "",
ToFile: "New",
diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go
index 99a0eb729..6e48988c5 100644
--- a/pkg/rootless/rootless_linux.go
+++ b/pkg/rootless/rootless_linux.go
@@ -111,10 +111,8 @@ func tryMappingTool(tool string, pid int, hostID int, mappings []idtools.IDMap)
args := []string{path, fmt.Sprintf("%d", pid)}
args = appendTriplet(args, 0, hostID, 1)
- if mappings != nil {
- for _, i := range mappings {
- args = appendTriplet(args, i.ContainerID+1, i.HostID, i.Size)
- }
+ for _, i := range mappings {
+ args = appendTriplet(args, i.ContainerID+1, i.HostID, i.Size)
}
cmd := exec.Cmd{
Path: path,
@@ -442,7 +440,7 @@ func becomeRootInUserNS(pausePid, fileToRead string, fileOutput *os.File) (bool,
return false, -1, errors.Wrapf(err, "write to sync pipe")
}
- b := make([]byte, 1, 1)
+ b := make([]byte, 1)
_, err = w.Read(b)
if err != nil {
return false, -1, errors.Wrapf(err, "read from sync pipe")
diff --git a/pkg/spec/config_linux.go b/pkg/spec/config_linux.go
index a84e9a72f..60d31d78e 100644
--- a/pkg/spec/config_linux.go
+++ b/pkg/spec/config_linux.go
@@ -160,7 +160,7 @@ func (c *CreateConfig) addPrivilegedDevices(g *generate.Generator) error {
}
// Add resources device - need to clear the existing one first.
- g.Spec().Linux.Resources.Devices = nil
+ g.Config.Linux.Resources.Devices = nil
g.AddLinuxResourcesDevice(true, "", nil, nil, "rwm")
return nil
}
diff --git a/pkg/spec/parse.go b/pkg/spec/parse.go
index d688b8d1b..c2572a033 100644
--- a/pkg/spec/parse.go
+++ b/pkg/spec/parse.go
@@ -126,13 +126,9 @@ func validateIOpsDevice(val string) (*throttleDevice, error) { //nolint
if err != nil {
return nil, fmt.Errorf("invalid rate for device: %s. The correct format is <device-path>:<number>. Number must be a positive integer", val)
}
- if rate < 0 {
- return nil, fmt.Errorf("invalid rate for device: %s. The correct format is <device-path>:<number>. Number must be a positive integer", val)
- }
-
return &throttleDevice{
path: split[0],
- rate: uint64(rate),
+ rate: rate,
}, nil
}
diff --git a/pkg/sysinfo/sysinfo_linux.go b/pkg/sysinfo/sysinfo_linux.go
index f4047b63c..9e675c655 100644
--- a/pkg/sysinfo/sysinfo_linux.go
+++ b/pkg/sysinfo/sysinfo_linux.go
@@ -15,7 +15,7 @@ import (
func findCgroupMountpoints() (map[string]string, error) {
cgMounts, err := cgroups.GetCgroupMounts(false)
if err != nil {
- return nil, fmt.Errorf("Failed to parse cgroup information: %v", err)
+ return nil, fmt.Errorf("failed to parse cgroup information: %v", err)
}
mps := make(map[string]string)
for _, m := range cgMounts {
diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go
index 2bebfd406..739a3e582 100644
--- a/pkg/varlinkapi/images.go
+++ b/pkg/varlinkapi/images.go
@@ -69,6 +69,7 @@ func (i *LibpodAPI) ListImages(call iopodman.VarlinkCall) error {
Containers: int64(len(containers)),
Labels: labels,
IsParent: isParent,
+ ReadOnly: image.IsReadOnly(),
}
imageList = append(imageList, i)
}
@@ -109,6 +110,7 @@ func (i *LibpodAPI) GetImage(call iopodman.VarlinkCall, id string) error {
Containers: int64(len(containers)),
Labels: labels,
TopLayer: newImage.TopLayer(),
+ ReadOnly: newImage.IsReadOnly(),
}
return call.ReplyGetImage(il)
}
diff --git a/pkg/varlinkapi/virtwriter/virtwriter.go b/pkg/varlinkapi/virtwriter/virtwriter.go
index e747984c7..5e88914b2 100644
--- a/pkg/varlinkapi/virtwriter/virtwriter.go
+++ b/pkg/varlinkapi/virtwriter/virtwriter.go
@@ -6,8 +6,6 @@ import (
"encoding/json"
"errors"
"io"
- "os"
-
"k8s.io/client-go/tools/remotecommand"
)
@@ -90,7 +88,7 @@ func (v VirtWriteCloser) Write(input []byte) (int, error) {
}
// Reader decodes the content that comes over the wire and directs it to the proper destination.
-func Reader(r *bufio.Reader, output, errput *os.File, input *io.PipeWriter, resize chan remotecommand.TerminalSize) error {
+func Reader(r *bufio.Reader, output io.Writer, errput io.Writer, input io.Writer, resize chan remotecommand.TerminalSize) error {
var messageSize int64
headerBytes := make([]byte, 8)
@@ -149,7 +147,7 @@ func Reader(r *bufio.Reader, output, errput *os.File, input *io.PipeWriter, resi
default:
// Something really went wrong
- return errors.New("Unknown multiplex destination")
+ return errors.New("unknown multiplex destination")
}
}
}